Toward hierarchical identity-based encryption.

*(English)*Zbl 1056.94514
Knudsen, Lars (ed.), Advances in cryptology - EUROCRYPT 2002. 21st international conference on the theory and applications of cryptographic techniques, Amsterdam, the Netherlands, April 28 – May 2, 2002. Proceedings. Berlin: Springer (ISBN 3-540-43553-0). Lect. Notes Comput. Sci. 2332, 466-481 (2002).

Summary: We introduce the concept of hierarchical identity-based encryption (HIBE) schemes, give precise definitions of their security and mention some applications. A two-level HIBE (2-HIBE) scheme consists of a root private key generator (PKG), domain PKGs and users, all of which are associated with primitive IDs (PIDs) that are arbitrary strings. A user’s public key consists of their PID and their domain’s PID (in whole called an address). In a regular IBE (which corresponds to a 1-HIBE) scheme, there is only one PKG that distributes private keys to each user (whose public keys are their PID). In a 2-HIBE, users retrieve their private key from their domain PKG. Domain PKGs can compute the private key of any user in their domain, provided they have previously requested their domain secret key from the root PKG (who possesses a master secret). We can go beyond two levels by adding subdomains, subsubdomains, and so on. We present a two-level system with total collusion resistance at the upper (domain) level and partial collusion resistance at the lower (user) level, which has chosen-ciphertext security in the random-oracle model.

For the entire collection see [Zbl 0984.00084].

For the entire collection see [Zbl 0984.00084].