nach oben

Designs, Codes and Cryptography

Erschienen in:

08.06.2018

Identity-based encryption with hierarchical key-insulation in the standard model

verfasst von: Junji Shikata, Yohei Watanabe

Erschienen in: Designs, Codes and Cryptography | Ausgabe 5/2019

Einloggen, um Zugang zu erhalten

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

A key exposure problem is unavoidable since it seems human error can never be eliminated completely, and key-insulated encryption is one of the cryptographic solutions to the problem. At Asiacrypt’05, Hanaoka et al. introduced hierarchical key-insulation functionality, which is attractive functionality that enhances key exposure resistance, and proposed an identity-based hierarchical key-insulated encryption (hierarchical IKE) scheme in the random oracle model. In this paper, we first propose the hierarchical IKE scheme in the standard model (i.e., without random oracles). Our hierarchical IKE scheme is secure under the symmetric external Diffie–Hellman (\(\mathsf{SXDH}\)) assumption, which is a static assumption. Particularly, in the non-hierarchical case, our construction is the first IKE scheme that achieves constant-size parameters including public parameters, secret keys, and ciphertexts. Furthermore, we also propose the first public-key-based key-insulated encryption (PK-KIE) in the hierarchical setting by using our technique.

Vorheriger Artikel On non-full-rank perfect codes over finite fields

Nächster Artikel Cryptanalysis of MORUS

Nur mit Berechtigung zugänglich

This fact was also mentioned in [20].

This means that initial helper keys \(hk^{(\ell -1)}_{\texttt {I},0},\ldots ,hk^{(2)}_{\texttt {I},0},hk^{(1)}_{\texttt {I},0}\) must be updated by \(hk^{(\ell )}_{\texttt {I},0}\) first and foremost since \(0\notin \mathcal {T}_i\) for every \(i\in \{0,1,\ldots ,\ell -1\}\).

In the case \(i=\ell \), \(R_i^{(y)}\) and \(R_i^{(x)}\) mean empty strings, namely we have \(hk^{(\ell )}_{\texttt {I},0}:=(D_{y},D'_{y},\)\(D_{x},D'_{x},D, \{(K^{(y)}_{j},K^{(x)}_{j})\}_{j=0}^{\ell -1})\).

In the case \(i=1\), \(\{(\hat{k}^{(y)}_{j},\hat{k}^{(x)}_{j})\}_{j=0}^{\ell -1}\) means an empty string, namely we have \(\delta ^{(0)}_{\texttt {I},t_{0}}:=(\hat{d}_{y},\)\( \hat{d}'_{y}, \hat{d}_{x}, \hat{d}'_{x}, \hat{d})\).

The formal definitions of the \(\mathsf{CBDH}\) and \(\mathsf{DBDH}\) assumptions are given in Appendix A.

The formal description of the OTS is given in Appendix A.

This means that initial helper keys \(hk^{(\ell -1)}_{0},\ldots ,hk^{(2)}_{0},hk^{(1)}_{0}\) must be updated by \(hk^{(\ell )}_{0}\) first and foremost since \(0\notin \mathcal {T}_i\) for every \(i\in \{0,1,\ldots ,\ell -1\}\).

In the case \(i=\ell \), \(R_{\ell }\), \(D_{y}\), \(D_{x}\), D, and \(\{(K^{(y)}_{j},K^{(x)}_{j})\}_{j=0}^{i-1}\) mean empty strings, and we consider these as identity elements in \(\mathbb {G}_2\) when these elements are used in operations.

In the case \(i=1\), \(\{(\hat{k}^{(y)}_{j},\hat{k}^{(x)}_{j})\}_{j=0}^{\ell -1}\) means an empty string, namely we have \(\delta ^{(0)}_{t_{0}}:=(\hat{d}_{y}, \ldots , \hat{d}_5, \hat{k}_{vk},\hat{k}'_{vk})\).

Bellare M., Miner S.: A forward-secure digital signature scheme. In: Wiener M. (ed.) Advances in Cryptology—CRYPTO’99. Lecture Notes in Computer Science, vol. 1666, pp. 431–448. Springer, Berlin (1999).

Bellare M., Palacio A.: Protecting against key-exposure: strongly key-insulated encryption with optimal threshold. Appl. Algebr. Eng. Commun. Comput. 16(6), 379–396 (2006).MathSciNetCrossRefMATH

Bethencourt J., Sahai A., Waters B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, S&P’07, pp. 321–334 (2007)

Blakley G.: Safeguarding cryptographic keys. In: Proceedings of the 1979 AFIPS National Computer Conference, pp. 313–317. AFIPS Press, Monval, NJ (1979)

Boneh D., Canetti R., Halevi S., Katz J.: Chosen ciphertext security from identity based encryption. SIAM J. Comput. 36(5), 1301–1328 (2007).MathSciNetCrossRefMATH

Boneh D., Sahai A., Waters B.: Functional encryption: definitions and challenges. In: Ishai Y. (ed.) Theory of Cryptography. Lecture Notes in Computer Science, vol. 6597, pp. 253–273. Springer, Berlin (2011).

Canetti R., Halevi S., Katz J.: A forward-secure public-key encryption scheme. In: Biham E. (ed.) Advances in Cryptology—EUROCRYPT 2003. Lecture Notes in Computer Science, vol. 2656, pp. 255–271. Springer, Berlin (2003).

Canetti R., Halevi S., Katz J.: Chosen-ciphertext security from identity-based encryption. In: Cachin C., Camenisch J. (eds.) Advances in Cryptology—EUROCRYPT 2004, vol. 3027, pp. 207–222. Springer, Berlin (2004).CrossRef

Chatterjee S., Menezes A.: On cryptographic protocols employing asymmetric pairings—the role of \({\varPsi }\) revisited. Discret. Appl. Math. 159(13), 1311–1322 (2011).MathSciNetCrossRefMATH

10.

Chen J., Gong J.: ABE with tag made easy: Concise framework and new instantiations in prime-order groups. In: Advances in Cryptology—ASIACRYPT 2017. Springer, Berlin (2017)

11.

Cheon J., Hopper N., Kim Y., Osipkov I.: Timed-release and key-insulated public key encryption. In: Crescenzo G., Rubin A. (eds.) Financial Cryptography and Data Security, vol. 4107, pp. 191–205. Springer, Berlin (2006).CrossRef

12.

Dodis Y., Katz J., Xu S., Yung M.: Key-insulated public key cryptosystems. In: Knudsen L. (ed.) Advances in Cryptology—EUROCRYPT 2002, vol. 2332, pp. 65–82. Springer, Berlin (2002).CrossRef

13.

Dodis Y., Katz J., Xu S., Yung M.: Strong key-insulated signature schemes. In: Desmedt Y. (ed.) Public Key Cryptography—PKC 2003. Lecture Notes in Computer Science, vol. 2567, pp. 130–144. Springer, Berlin (2002).CrossRef

14.

Dodis Y., Franklin M., Katz J., Miyaji A., Yung M.: Intrusion-resilient public-key encryption. In: Joye M. (ed.) Topics in Cryptology—CT-RSA 2003. Lecture Notes in Computer Science, vol. 2612, pp. 19–32. Springer, Berlin (2003).CrossRef

15.

Dodis Y., Franklin M., Katz J., Miyaji A., Yung M.: A generic construction for intrusion-resilient public-key encryption. In: Okamoto T. (ed.) Topics in Cryptology—CT-RSA 2004. Lecture Notes in Computer Science, vol. 2964, pp. 81–98. Springer, Berlin (2004).CrossRef

16.

Dodis Y., Luo W., Xu S., Yung M.: Key-insulated symmetric key cryptography and mitigating attacks against cryptographic cloud software. In: Proceedings of the 7th ACM Symposium on Information, Computer and Communications Security, ASIACCS ’12, pp. 57–58. ACM, New York (2012).

17.

Galbraith S.D., Paterson K.G., Smart N.P.: Pairings for cryptographers. Discret. Appl. Math. 156(16), 3113–3121 (2008).MathSciNetCrossRefMATH

18.

Gentry C., Silverberg A.: Hierarchical ID-based cryptography. In: Zheng Y. (ed.) Advances in Cryptology—ASIACRYPT 2002. Lecture Notes in Computer Science, vol. 2501, pp. 548–566. Springer, Berlin (2002).

19.

Hanaoka G., Weng J.: Generic constructions of parallel key-insulated encryption. In: Garay J., De Prisco R. (eds.) Security and Cryptography for Networks, vol. 6280, pp. 36–53. Springer, Berlin (2010).CrossRef

20.

Hanaoka Y., Hanaoka G., Shikata J., Imai H.: Identity-based hierarchical strongly key-insulated encryption and its application. In: Roy B. (ed.) Advances in Cryptology—ASIACRYPT 2005. Lecture Notes in Computer Science, vol. 3788, pp. 495–514. Springer, Berlin (2005).

21.

Hanaoka G., Hanaoka Y., Imai H.: Parallel key-insulated public key encryption. In: Yung M., Dodis Y., Kiayias A., Malkin T. (eds.) Public Key Cryptography—PKC 2006. Lecture Notes in Computer Science, vol. 3958, pp. 105–122. Springer, Berlin (2006).CrossRef

22.

Itkis G., Reyzin L.: SiBIR: Signer-base intrusion-resilient signatures. In: Yung M. (ed.) Advances in Cryptology—CRYPTO 2002. Lecture Notes in Computer Science, vol. 2442, pp. 499–514. Springer, Berlin (2002).CrossRef

23.

Jutla C., Roy A.: Shorter quasi-adaptive NIZK proofs for linear subspaces. In: Sako K., Sarkar P. (eds.) Advances in Cryptology—ASIACRYPT 2013. Lecture Notes in Computer Science, vol. 8269, pp. 1–20. Springer, Berlin (2013).

24.

Libert B., Quisquater J.J., Yung M.: Parallel key-insulated public key encryption without random oracles. In: Okamoto T., Wang X. (eds.) Public Key Cryptography—PKC 2007. Lecture Notes in Computer Science, vol. 4450, pp. 298–314. Springer, Berlin (2007).CrossRef

25.

Matsuda T., Nakai Y., Matsuura K.: Efficient generic constructions of timed-release encryption with pre-open capability. In: Joye M., Miyaji A., Otsuka A. (eds.) Pairing-Based Cryptography—Pairing 2010, vol. 6487, pp. 225–245. Springer, Berlin (2010).CrossRef

26.

Ramanna S., Sarkar P.: Efficient (anonymous) compact HIBE from standard assumptions. In: Chow S., Liu J., Hui L., Yiu S. (eds.) Provable Security. Lecture Notes in Computer Science, vol. 8782, pp. 243–258. Springer, Berlin (2014).

27.

Ramanna S., Chatterjee S., Sarkar P.: Variants of Waters’ dual system primitives using asymmetric pairings. In: Fischlin M., Buchmann J., Manulis M. (eds.) Public Key Cryptography—PKC 2012. Lecture Notes in Computer Science, vol. 7293, pp. 298–315. Springer, Berlin (2012).CrossRef

28.

Sahai A., Waters B.: Fuzzy identity-based encryption. In: Cramer R. (ed.) Advances in Cryptology—EUROCRYPT 2005. Lecture Notes in Computer Science, vol. 3494, pp. 457–473. Springer, Berlin (2005).

29.

Shamir A.: How to share a secret. Commun. ACM 22(11), 612–613 (1979).MathSciNetCrossRefMATH

30.

Watanabe Y., Shikata J.: Identity-based hierarchical key-insulated encryption without random oracles. In: Cheng C.M., Chung K.M., Persiano G., Yang B.Y. (eds.) Public-Key Cryptography—PKC 2016, Part I. Lecture Notes in Computer Science, vol. 9614, pp. 255–279. Springer, Berlin (2016).CrossRef

31.

Watanabe Y., Emura K., Seo J.H.: New revocable IBE in prime-order groups: adaptively secure, decryption key exposure resistant, and with short public parameters. In: Handschuh H. (ed.) Topics in Cryptology—CT-RSA 2017, vol. 10159, pp. 432–449. Springer, Berlin (2017).CrossRef

32.

Waters B.: Efficient identity-based encryption without random oracles. In: Cramer R. (ed.) Advances in Cryptology—EUROCRYPT 2005, vol. 3494, pp. 114–127. Springer, Berlin (2005).CrossRef

33.

Waters B.: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions. In: Halevi S. (ed.) Advances in Cryptology—CRYPTO 2009, vol. 5677, pp. 619–636. Springer, Berlin (2009).CrossRef

34.

Weng J., Liu S., Chen K., Ma C.: Identity-based parallel key-insulated encryption without random oracles: security notions and construction. In: Barua R., Lange T. (eds.) Progress in Cryptology—INDOCRYPT 2006, vol. 4329, pp. 409–423. Springer, Berlin (2006).CrossRef

35.

Weng J., Liu S., Chen K., Zheng D., Qiu W.: Identity-based threshold key-insulated encryption without random oracles. In: Malkin T. (ed.) Topics in Cryptology—CT-RSA 2008, vol. 4964, pp. 203–220. Springer, Berlin (2008).CrossRef

Titel: Identity-based encryption with hierarchical key-insulation in the standard model
verfasst von: Junji Shikata
Yohei Watanabe
Publikationsdatum: 08.06.2018
Verlag: Springer US
Erschienen in: Designs, Codes and Cryptography / Ausgabe 5/2019
Print ISSN: 0925-1022
Elektronische ISSN: 1573-7586
DOI: https://doi.org/10.1007/s10623-018-0503-4

Springer Professional

Identity-based encryption with hierarchical key-insulation in the standard model

Abstract

Premium Partner

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Weitere Artikel der Ausgabe 5/2019

Obituary of Jacques Wolfmann (1932–2018)

Cryptanalysis of MORUS

Orthogonal one-factorizations of complete multipartite graphs

On non-full-rank perfect codes over finite fields

A recursive construction for difference systems of sets

On binary de Bruijn sequences from LFSRs with arbitrary characteristic polynomials

Premium Partner