×

zbMATH — the first resource for mathematics

Revocable hierarchical identity-based encryption via history-free approach. (English) Zbl 1338.94082
Summary: In the context of Identity-Based Encryption (IBE), both revocation and delegation of key generation are important functionalities. Although a number of IBE schemes with either efficient revocation or efficient delegation of key generation functionality have been proposed, an important open problem is efficiently delegating both the key generation and revocation functionalities in IBE systems. The authors [Theor. Comput. Sci. 542, 44–62 (2014; Zbl 1338.94081)] proposed the first realization of Revocable Hierarchical IBE (RHIBE), a sole IBE scheme that achieves both functionalities simultaneously. However, their approach implements history-preserving updates, wherein a low-level user must know the history of key updates performed by ancestors in the current time period, and it renders the scheme very complex.
In this paper, we present a new method to construct RHIBE that implements history-free updates. Our history-free approach renders the scheme simple and efficient. As a second contribution, we redefine the security model for RHIBE to ensure security against insiders, where adversaries are allowed to obtain all internal system information, e.g., state information. In addition, we also consider the decryption key exposure attack, which was considered by the authors [CT-RSA 2013, Lect. Notes Comput. Sci. 7779, 343–358 (2013; Zbl 1312.94091)]. Further, we propose two RHIBE schemes with shorter secret keys and constant size ciphertexts that implement the aforementioned history-free updates approach and security model. For revocation, our constructions use the Complete Subtree (CS) method and the Subset Difference (SD) method. Both schemes are selectively secure in the standard model under the \(q\)-weak Bilinear Diffie-Hellman Inversion assumption.

MSC:
94A60 Cryptography
PDF BibTeX XML Cite
Full Text: DOI
References:
[1] Boldyreva, A.; Goyal, V.; Kumar, V., Identity-based encryption with efficient revocation, (Ning, P.; Syverson, P. F.; Jha, S., ACM CCS, (2008)), 417-426
[2] Boneh, D.; Boyen, X., Efficient selective-ID identity based encryption without random oracles, (Cachin, C.; Camenisch, J., EUROCRYPT 2004, LNCS, vol. 3027, (2004), Springer), 223-238 · Zbl 1122.94355
[3] Boneh, D.; Boyen, X.; Goh, E., Hierarchical identity based encryption with constant size ciphertexts, (Cramer, R., EUROCRYPT 2005, LNCS, vol. 3494, (2005), Springer), 440-456 · Zbl 1137.94340
[4] Boneh, D.; Boyen, X.; Goh, E., Hierarchical identity based encryption with constant size ciphertexts, (2005), (full version of [3]) · Zbl 1137.94340
[5] Boneh, D.; Franklin, M. K., Identity-based encryption from the Weil pairing, SIAM J. Comput., 32, 586-615, (2003) · Zbl 1046.94008
[6] Boneh, D.; Sahai, A.; Waters, B., Functional encryption: definitions and challenges, (Ishai, Y., TCC 2011, LNCS, (2011), Springer), 253-273 · Zbl 1295.94027
[7] Boyen, X.; Waters, B., Anonymous hierarchical identity-based encryption (without random oracles), (CRYPTO 2006, LNCS, vol. 4117, (2006), Springer), 290-307 · Zbl 1161.94390
[8] Canetti, R.; Halevi, S.; Katz, J., A forward-secure public-key encryption scheme, (Biham, E., EUROCRYPT 2003, LNCS, vol. 2656, (2003), Springer) · Zbl 1037.68532
[9] Chen, J.; Lim, H. W.; Ling, S.; Wang, H.; Nguyen, K., Revocable identity-based encryption from lattices, (Susilo, W.; Mu, Y.; Seberry, J., ACISP 2012, LNCS, vol. 7372, (2012), Springer), 390-403 · Zbl 1308.94064
[10] Dodis, Y.; Fazio, N., Public key broadcast encryption for stateless receivers, (Feigenbaum, J., The Digital Rights Management Workshop 2002, LNCS, vol. 2696, (2002), Springer), 61-80 · Zbl 1327.94041
[11] Ducas, L., Anonymity from asymmetry: new constructions for anonymous hibe, (CT-RSA, LNCS, vol. 5985, (2010), Springer), 148-164 · Zbl 1272.94027
[12] Goyal, V.; Pandey, O.; Sahai, A.; Waters, B., Attribute-based encryption for fine-grained access control of encrypted data, (ACM Conference on Computer and Communications Security 2006, ACM CCS 2006, (2006), ACM), 89-98
[13] Horwitz, J.; Lynn, B., Towards hierarchical identity-based encryption, (Knudsen, L. R., EUROCRYPT 2002, LNCS, vol. 2332, (2002), Springer), 466-481 · Zbl 1056.94514
[14] Katz, J.; Sahai, A.; Waters, B., Predicate encryption supporting disjunctions, polynomial equations, and inner products, (Smart, N. P., EUROCRYPT 2008, LNCS, vol. 4965, (2008), Springer) · Zbl 1149.94323
[15] K. Lee, D.H. Lee, J.H. Park, Efficient revocable identity-based encryption via subset difference methods, eprint.iacr.org/2014/132 (2014). · Zbl 1381.94076
[16] Lewko, A. B.; Waters, B., Unbounded HIBE and attribute-based encryption, (Paterson, K. G., EUROCRYPT 2011, LNCS, vol. 6632, (2011), Springer), 547-567 · Zbl 1290.94105
[17] Libert, B.; Vergnaud, D., Adaptive-ID secure revocable identity-based encryption, (Fischlin, M., CT-RSA, LNCS, vol. 5473, (2009), Springer), 1-15 · Zbl 1237.94070
[18] Libert, B.; Vergnaud, D., Towards black-box accountable authority IBE with short ciphertexts and private keys, (Jarecki, S.; Tsudik, G., PKC, LNCS, vol. 5443, (2009), Springer), 235-255 · Zbl 1227.94053
[19] Naor, D.; Naor, M.; Lotspiech, J., Revocation and tracing schemes for stateless receivers, (Kilian, J., CRYPTO 2001, LNCS, vol. 2139, (2001), Springer), 41-62 · Zbl 1002.94522
[20] Okamoto, T.; Takashima, K., Hierarchical predicate encryption for inner-products, (Matsui, M., ASIACRYPT, LNCS, vol. 5912, (2009), Springer), 214-231 · Zbl 1267.94089
[21] Rouselakis, Y.; Waters, B., Practical constructions and new proof methods for large universe attribute-based encryption, (Sadeghi, A.; Gligor, V. D.; Yung, M., ACM CCS 2013, (2013), ACM), 463-474
[22] Sahai, A.; Waters, B., Fuzzy identity-based encryption, (Cramer, R., EUROCRYPT 2005, LNCS, vol. 3494, (2005), Springer), 457-473 · Zbl 1137.94355
[23] Seo, J. H.; Emura, K., Efficient delegation of key generation and revocation functionalities in identity-based encryption, (Dawson, E., CT-RSA 2013, LNCS, vol. 7779, (2013), Springer), 343-358 · Zbl 1312.94091
[24] Seo, J. H.; Emura, K., Revocable identity-based encryption revisited: security model and construction, (Kurosawa, K.; Hanaoka, G., PKC 2013, LNCS, vol. 7778, (2013), Springer), 216-234 · Zbl 1314.94092
[25] Seo, J. H.; Emura, K., Revocable hierarchical identity-based encryption, Theoret. Comput. Sci., 542, 44-62, (2014) · Zbl 1338.94081
[26] Seo, J. H.; Emura, K., Revocable identity-based cryptosystem revisited: security models and constructions, IEEE Trans. Inform. Forensics Secur., 9, 1193-1205, (2014)
[27] Seo, J. H.; Emura, K., Revocable identity-based encryption with rejoin functionality, IEICE Trans., 97-A, 1806-1809, (2014)
[28] Seo, J. H.; Emura, K., Revocable hierarchical identity-based encryption: history-free update, security against insiders, and short ciphertexts, (Nyberg, K., CT-RSA 2015, LNCS, vol. 9048, (2015), Springer), 106-123 · Zbl 1382.94159
[29] Seo, J. H.; Kobayashi, T.; Ohkubo, M.; Suzuki, K., Anonymous hierarchical identity-based encryption with constant size ciphertexts, (Tsudik, G.; Jarecki, S., PKC, LNCS, vol. 5443, (2009), Springer), 215-234 · Zbl 1227.94064
[30] Seo, J. H.; Kobayashi, T.; Ohkubo, M.; Suzuki, K., Anonymous hierarchical identity-based encryption with short ciphertexts, vol. 94-A(1), 45-56, (2011), IEICE Transactions
[31] Shamir, A., Identity-based cryptosystems and signature schemes, (Blakley, G. R.; Chaum, D., CRYPTO 1984, LNCS, (1984), Springer), 47-53 · Zbl 1359.94626
[32] Tsai, T.; Tseng, Y.; Wu, T., RHIBE: constructing revocable hierarchical ID-based encryption from HIBE, Informatica (Vilnius), 25, 299-326, (2014) · Zbl 1316.94095
[33] Waters, B., Efficient identity-based encryption without random oracles, (Cramer, R., EUROCRYPT 2005, LNCS, vol. 3494, (2005), Springer), 114-127 · Zbl 1137.94360
[34] Waters, B., Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions, (Halevi, S., CRYPTO, LNCS, vol. 5677, (2009), Springer), 619-636 · Zbl 1252.94101
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. It attempts to reflect the references listed in the original paper as accurately as possible without claiming the completeness or perfect precision of the matching.