nach oben

International Journal of Information Security

Erschienen in:

07.03.2018 | Regular Contribution

Identifier discrimination: realizing selective-ID HIBE with authorized delegation and dedicated encryption privacy

verfasst von: Jian-Wu Zheng, Jing Zhao, Xin-Ping Guan

Erschienen in: International Journal of Information Security | Ausgabe 2/2019

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

It has been almost one and a half decades since the introduction of the concept of hierarchical identity-based encryption (HIBE) systems, and many pairing-based HIBE systems have been proposed; however, how to achieve independent private key delegation in HIBE systems is still open. Independent private key delegation in HIBE systems requires that the following three conditions are satisfied: (1) private keys are not valid delegation credentials for deriving descendants’ private keys, (2) any entity intending to derive a private key for any one of its descendants should own a valid delegation credential distributed by the root private key generator (PKG), and (3) a credential is only valid for deriving private keys for a given descendant. We present a new technique for composing private keys for entities in HIBE systems that we call identifier discrimination, aiming at resolving the problem of independent private key delegation. With the technique, we construct a selective identity secure HIBE system under the decisional bilinear Diffie–Hellman (DBDH) assumption in the standard model with the following properties. (1) Every entity in the HIBE system is prevented from deriving private keys for its descendants with the only use of its private key and the public parameters. (2) The root PKG can delegate the privilege (if needed) of generating private keys for each individual entity to any of its ancestors through authorization that we call authorized delegation, by distributing a specifically crafted secret (delegation credential) to the ancestor. (3) The encryption privacy of each ciphertext for its intended recipient is achieved, that is, ciphertexts encrypted on identity of any entity cannot be decrypted by any of its ancestors that we call dedicated encryption privacy.

Vorheriger Artikel Hiding information against structural re-identification

Nächster Artikel Cryptanalytic time–memory trade-off for password hashing schemes

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Boneh, D., Franklin, M.K.: Identity-based encryption from the weil pairing. In: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, CRYPTO’01, London, UK, pp. 213–229, Springer-Verlag (2001)

Cocks, C.: An identity based encryption scheme based on quadratic residues. In: Honary, B. (ed.) Proceedings of the 8th IMA International Conference on Cryptography and Coding, LNCS, vol. 2260, pp. 360–363, Springer, Berlin (2001)

Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G., Chaum, D. (eds.) Advances in Cryptology, LNCS, vol. 196, pp. 47–53. Springer, Berlin (1985)CrossRef

Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)MathSciNetCrossRefMATH

Horwitz, J., Lynn, B.: Toward hierarchical identity-based encryption. In: Knudsen, L. (ed.) Advances in Cryptology–EUROCRYPT 2002, LNCS, vol. 2332, pp. 466–481. Springer, Berlin (2002)CrossRef

Gentry, C., Silverberg, A.: Hierarchical id-based cryptography. In: Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, ASIACRYPT’02, London, UK, pp. 548–566, Springer-Verlag, (2002)

Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. In: Biham, E. (ed.) Advances in Cryptology–EUROCRYPT 2003, LNCS, vol. 2656, pp. 255–271. Springer, Berlin (2003)CrossRef

Boneh, D., Boyen, X.: Efficient selective-id secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J. (eds.) Advances in Cryptology–EUROCRYPT 2004, LNCS, vol. 3027, pp. 223–238. Springer, Berlin (2004)CrossRef

Boneh, D., Boyen, X.: Efficient selective identity-based encryption without random oracles. J. Cryptol. 24(4), 659–693 (2011)MathSciNetCrossRefMATH

10.

Boneh, D., Boyen, X.: Secure identity based encryption without random oracles. In: Franklin, M. (ed.) Advances in Cryptology–CRYPTO 2004, LNCS, vol. 3152, pp. 443–459. Springer, Berlin (2004)CrossRef

11.

Boneh, D., Boyen, X., Goh, E.J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) Advances in Cryptology–EUROCRYPT 2005, LNCS, vol. 3494, pp. 440–456. Springer, Berlin (2005)CrossRef

12.

Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) Advances in Cryptology–EUROCRYPT 2005, LNCS, vol. 3494, pp. 114–127. Springer, Berlin (2005)CrossRef

13.

Waters, B.: Dual system encryption: Realizing fully secure ibe and hibe under simple assumptions. In: Halevi, S. (ed.) Advances in Cryptology–CRYPTO 2009, LNCS, vol. 5677, pp. 619–636. Springer, Berlin (2009)CrossRef

14.

Lewko, A., Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Micciancio, D. (ed.) Theory of Cryptography, LNCS, vol. 5978, pp. 455–479. Springer, Berlin (2010)CrossRef

15.

Chow, S.S.M.: Removing escrow from identity-based encryption. In: Jarecki, S., Tsudik, G. (eds.) Public Key Cryptography—PKC 2009: 12th International Conference on Practice and Theory in Public Key Cryptography, Irvine, CA, USA, March 18-20, 2009. Proceedings, Berlin, Heidelberg, pp. 256–276, Springer Berlin Heidelberg, (2009)

16.

Boyen, X., Waters, B.: Anonymous hierarchical identity-based encryption (without random oracles). Advances in Cryptology-CRYPTO 2006, pp. 290–307 (2006)

17.

Boyen, x: Multipurpose Identity-Based Signcryption. Crypto, LNCS, vol. 3, pp. 383–399. Springer, New York (2003)MATH

18.

Gentry, C.: Practical Identity-Based Encryption Without Random Oracles. Eurocrypt, LNCS, vol. 4004, pp. 445–464. Springer, New York (2006)MATH

19.

Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.:: Public key encryption with keyword search. Eurocrypt, LNCS, vol. 3077, pp. 506–522. Springer, New York (2004)MATH

20.

Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions, Crypto, LNCS, vol. 3621, pp. 205–222. Springer, New York (2005)MATH

21.

Seo, J.H., Kobayashi, T., Ohkubo, M., Suzuki, K.: Anonymous Hierarchical Identity-Based Encryption with Constant Size Ciphertexts. Public Key Cryptography, LNCS, vol. 5443, pp. 215–234. Springer, New York (2009)MATH

22.

Sui, A., Chow, S.S.M., Hui, L.C.K., Yiu, S.M., Chow, K.P., Tsang, W.W., Chong, C.F., Pun, K.H., Chan, H.W.: Separable and anonymous identity-based key issuing. In: 11th International Conference on Parallel and Distributed Systems (ICPADS’05), pp. 275–279, (2005)

23.

Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing, STOC ’08, New York, NY, USA, pp. 197–206, ACM, (2008)

24.

Agrawal, S., Boneh, D., Boyen, X.: Efficient lattice (h)ibe in the standard model. In: Gilbert, H. (ed.) Advances in Cryptology–EUROCRYPT 2010: 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30 – June 3, 2010. Proceedings, Berlin, Heidelberg, pp. 553–572, Springer Berlin Heidelberg, (2010)

25.

Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai trees, or how to delegate a lattice basis. J. Cryptol. 25(4), 601–639 (2012)MathSciNetCrossRefMATH

26.

Boneh, D., Gentry, C., Hamburg, M.: Space-efficient identity based encryption without pairings. In: 48th Annual IEEE Symposium on Foundations of Computer Science, 2007. FOCS ’07. pp. 647–657, (2007)

27.

Ateniese, G., Gasti, P.: Universally anonymous IBE based on the quadratic residuosity assumption. In: Fischlin, M. (ed.) Topics in Cryptology–CT-RSA 2009: The Cryptographers’ Track at the RSA Conference 2009, San Francisco, CA, USA, April 20-24, 2009. Proceedings, Berlin, Heidelberg, pp. 32–47, Springer Berlin Heidelberg, (2009)

28.

Clear, M., Tewari, H., McGoldrick, C.: Anonymous ibe from quadratic residuosity with improved performance. In: Pointcheval, D., Vergnaud, D. (eds.) Progress in Cryptology–AFRICACRYPT 2014: 7th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 28–30, 2014. Proceedings, Cham, pp. 377–397, Springer International Publishing, (2014)

29.

Döttling, N., Garg, S.: Identity-based encryption from the diffie-hellman assumption. In: Katz, J., Shacham, H. (eds.) Advances in Cryptology–CRYPTO 2017: 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20–24, 2017, Proceedings, Part I, Cham, pp. 537–569, Springer International Publishing, (2017)

30.

Brakerski, Z., Lombardi, A., Segev, G., Vaikuntanathan, V.: Anonymous IBE, leakage resilience and circular security from new assumptions. Cryptology ePrint Archive, Report 2017/967, (2017). https://eprint.iacr.org/2017/967

31.

Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.S. (ed.) Advances in Cryptology–ASIACRYPT 2003: 9th International Conference on the Theory and Application of Cryptology and Information Security, Taipei, Taiwan, November 30–December 4, 2003. Proceedings, Berlin, Heidelberg, pp. 452–473, Springer Berlin Heidelberg, (2003)

32.

Dent, A.W.: A survey of certificateless encryption schemes and security models. Int. J. Inf. Secur. 7(5), 349–377 (2008)CrossRef

33.

Chow, S.S.M.: Certificateless Encryption, Identity-Based Cryptography. IOS Press, Amsterdam (2008)

34.

Liu, J.K., Au, M.H., Susilo, W.: Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model. In: Proceedings of the 2nd ACM symposium on Information, computer and communications security, pp. 273–283, ACM, (2007)

35.

Chow, S.S.M., Boyd, C., Nieto, J.M.G.: Security-mediated certificateless cryptography. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) Public Key Cryptography–PKC 2006: 9th International Conference on Theory and Practice in Public-Key Cryptography, New York, NY, USA, April 24-26, 2006. Proceedings, Berlin, Heidelberg, pp. 508–524, Springer Berlin Heidelberg, (2006)

36.

Boneh, D., Ding, X., Tsudik, G.: Fine-grained control of security capabilities. ACM Trans. Inter. Technol. (TOIT) 4(1), 60–82 (2004)CrossRef

37.

Chow, S.S.M., Roth, V., Rieffel, E.G.: General certificateless encryption and timed-release encryption. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) Security and Cryptography for Networks: 6th International Conference, SCN 2008, Amalfi, Italy, September 10-12, 2008. Proceedings, Berlin, Heidelberg, pp. 126–143, Springer Berlin Heidelberg, (2008)

38.

Shacham, H.: The BBG HIBE has limited delegation. Cryptology ePrint Archive, Report 2007/201, 2007. http://eprint.iacr.org/2007/201

39.

Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. J. Cryptol. 20(3), 265–294 (2007)MathSciNetCrossRefMATH

Titel: Identifier discrimination: realizing selective-ID HIBE with authorized delegation and dedicated encryption privacy
verfasst von: Jian-Wu Zheng
Jing Zhao
Xin-Ping Guan
Publikationsdatum: 07.03.2018
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal of Information Security / Ausgabe 2/2019
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-018-0402-8

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2019

Scalable non-deterministic clustering-based k-anonymization for rich networks

Cryptanalytic time–memory trade-off for password hashing schemes

Multi-device anonymous authentication

Hiding information against structural re-identification

Enhanced Tacit Secrets: System-assigned passwords you can’t write down, but don’t need to

A methodology for ensuring fair allocation of CSOC effort for alert investigation

Premium Partner