Abstract
Revocable identity-based encryption (RIBE) with server-aided ciphertext evolution (RIBE-CE), recently proposed by Sun et al. at TCS 2020, offers significant advantages over previous identity (or key) revocation mechanisms when considering the scenario of a secure data sharing in the cloud setting. In this new system model, the user (i.e., a recipient) can utilize the current short-term decryption key to decrypt all ciphertexts sent to him, meanwhile, the ciphertexts in the cloud evolve to new ones with the aided of the cloud server and the old ones are completely deleted, and thus, the revoked users cannot access to both the previously and subsequently shared data.
In this paper, inspired by Sun et al.’s work, we propose the first lattice-based RIBE-CE. Our scheme is more efficient and secure than the existing constructions of lattice-based RIBE. Simultaneously, the private key generator (PKG) maintains a binary tree (BT) to handle key revocation only with a logarithmic complexity workload in time key update, not growing linearly in the numbers of system users N, which serves as one solution to the challenge proposed by Sun et al. and based on the hardness of the learning with errors (LWE) problem, we prove that our first scheme is selectively secure in the standard model. Subsequently, based on the main techniques for lattice basis delegation with hierarchical IBE (HIBE), we construct our second lattice-based RIBE-CE scheme with decryption key exposure resistance (DKER), a default security requirement for RIBE, which has not been considered by Sun et al.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Set an identifier of the root node (root) as 0, and an identifier of other node is assigned as follows: each edge in BT is assigned with 0 or 1 depending on whether it is connected to a left or right child node, thus an identifier of each node is defined as all labels of edges in the path from root to this node. Obviously, each user \(\textsf {id}=(0,id_{1},id_{2},\cdots ,id_{\log N})\in 0||\{0,1\}^{\log N}\) is with a path \(\textsf {path}(\textsf {id})\), where N is the maximal number of system users. Additionally, the detailed description of KUNodes(BT,RL,t) algorithm is omitted in this paper and any interested readers please refer to [4, 7, 9, 20, 21, 24].
References
Agrawal, S., Boneh, D., Boyen, X.: Efficient Lattice (H)IBE in the standard model. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 553–572. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_28
Ajtai, M.: Generating Hard Instances of Lattice Problems (Extended Abstract). In: STOC, pp. 99–108. ACM (1996). https://doi.org/10.1145/237814.237838
Alwen, J., Peikert, C.: Generating shorter bases for hard random lattices. Theor. Comput. Sys. 48(3), 535–553 (2011). https://doi.org/10.1007/s00224-010-9278-3
Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: CCS, pp. 417–426. ACM (2008). https://doi.org/10.1145/1455770.1455823
Boneh, D., Farnklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13
Cash, D., Hofheinzy, D., Kiltz, E., et al.: Bonsai trees, or how to delegate a lattice basis. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 523–552. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-13190-5_27
Chen, J., Lim, H.W., Ling, S., Wang, H., Nguyen, K.: Revocable identity-based encryption from lattices. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 390–403. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31448-3_29
Cocks, C.: An identity based encryption scheme based on quadratic residues. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 360–363. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-45325-3_32
Dong, C., Yang, K., Qiu, J., et al.: Outsouraced revocable identity-based encryption from lattices. Trans. Emerging Tel. Tech. e3529 (2018). https://doi.org/10.1002/ett.3529
Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoor for hard lattices and new cryptographic constructions. In: STOC, pp. 197–206. ACM (2008). https://doi.org/10.1145/1374376.1374407
Katsumata, S., Matsuda, T., Takayasu, A.: Lattice-based revocable (Hierarchical) IBE with decryption key exposure resistance. In: Lin, D., Sako, K. (eds.) PKC 2019. LNCS, vol. 11443, pp. 441–471. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-17259-6_15
Lee, K.: A generic construction for revocable identity-based encryption with subset difference methods. PLOS ONE 15(9), e0239053 (2020). https://doi.org/10.1371/journal.pone.o239053
Li, J., Li, J., Chen, X., et al.: Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans. Comput. 64(2), 426–437 (2015). https://doi.org/10.1109/TC.2013.208
Liang, K., Liu, J.K., Wong, D.S., Susilo, W.: An efficient cloud-based revocable identity-based proxy re-encryption scheme for public clouds data sharing. In: Kutyłowski, M., Vaidya, J. (eds.) ESORICS 2014. LNCS, vol. 8712, pp. 257–272. Springer, Cham (2014). https://doi.org/10.1007/978-3-319-11203-9_15
Libert, B., Vergnaud, D.: Adaptive-ID secure revocable identity-based encryption. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 1–15. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00862-7_1
Ma, X., Lin, D.: Generic constructions of revocable identity-based encryption. In: Liu, Z., Yung, M. (eds.) Inscrypt 2019. LNCS, vol. 12020, pp. 381–396. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-42921-8_22
Micciancio, D., Peikert, C.: Hardness of SIS and LWE with small parameters. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013. LNCS, vol. 8042, pp. 21–39. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-40041-4_2
Micciancio, D., Peikert, C.: Trapdoors for lattices: simpler, tighter, faster, smaller. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 700–718. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-29011-4_41
Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_3
Nguyen, K., Wang, H., Zhang, J.: Server-aided revocable identity-based encryption from lattices. In: Foresti, S., Persiano, G. (eds.) CANS 2016. LNCS, vol. 10052, pp. 107–123. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-48965-0_7
Qin, B., Deng, R.H., Li, Y., Liu, S.: Server-aided revocable identity-based encryption. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9326, pp. 286–304. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-24174-6_15
Regev, O.: On lattices, learning with errors, random linear codes, and cryptography. In: STOC, pp. 84–93. ACM (2005). https://doi.org/10.1145/1060590.1060603
Sahai, A., Waters, B.: Fuzzy identity-based encryption. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 457–473. Springer, Heidelberg (2005). https://doi.org/10.1007/11426639_27
Seo, J.H., Emura, K.: Revocable identity-based encryption revisited: security model and construction. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 216–234. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36362-7_14
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 98–115. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-14623-7_6
Shor, P.: Polynomial-time algorithms for prime factorization and dislogarithms on a quantum computer. SIAN J. Comput. 26(5), 1485–1509 (1997). https://doi.org/10.1016/j.tcs.2020.02.03
Sun, Y., Mu, Y., Susilo, W., et al.: Revocable identity-based encryption with server-aided ciphertext evolution. Theor. Comput. Sci. 2020(815), 11–24 (2020). https://doi.org/10.1016/j.tcs.2020.02.03
Takayasu, A.: Adaptively secure lattice-based revocable IBE in the QROM: compact parameters, tight security, and anonymity. Des. Codes Cryptogr. (2021). https://doi.org/10.1007/s10623-021-00895-3
Takayasu, A., Watanabe, Y.: Lattice-based revocable identity-based encryption with bouned decryption key exposure resistance. In: Pieprzyk, J., Suriadi, S. (eds.) ACISP 2017. LNCS, vol. 10342, pp. 184–204. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-60055-0_10
Wang, C., Fang, J., Li, Y.: An improved cloud-based revocable identity-based proxy re-rncryption scheme. In: Niu, W., Li, G., Liu, J., et al. (eds.) ATIS 2015. LNCS, vol. 557, pp. 14–26. Springer, Heidelberg (2015). https://doi.org/10.1007/978-3-662-48683-2_2
Acknowledgments
The authors would like to thank the anonymous reviewers of Inscrypt 2021 for their helpful comments and this research was supported by National Natural Science Foundation of China (Grant No. 61802075), Guangxi key Laboratory of Cryptography and Information Security (Grant No. GCIS201907) and Natural Science Foundation of Henan Province (Grant No. 202300410508.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Zhang, Y., Liu, X., Hu, Y., Jia, H. (2021). Revocable Identity-Based Encryption with Server-Aided Ciphertext Evolution from Lattices. In: Yu, Y., Yung, M. (eds) Information Security and Cryptology. Inscrypt 2021. Lecture Notes in Computer Science(), vol 13007. Springer, Cham. https://doi.org/10.1007/978-3-030-88323-2_24
Download citation
DOI: https://doi.org/10.1007/978-3-030-88323-2_24
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-88322-5
Online ISBN: 978-3-030-88323-2
eBook Packages: Computer ScienceComputer Science (R0)