Skip to main content
SpringerLink
Log in

Making the Identity-Based Diffie–Hellman Key Exchange Efficiently Revocable

  • Conference paper
  • First Online:
Progress in Cryptology – LATINCRYPT 2023 (LATINCRYPT 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14168))

  • 190 Accesses

Abstract

We propose an efficient identity-based authenticated-key exchange (IB-AKE) protocol that is equipped with scalable key revocation. Our protocol builds upon the most efficient identity-based Diffie–Hellman key exchange (without revocation mechanisms) presented by Fiore and Gennaro at CT-RSA 2010, which can be constructed from pairing-free groups. The key revocation is essential for IB-AKE protocols in long-term practical operation. Our key revocation mechanism allows the key exchange protocol to remain comparable to the original Fiore–Gennaro identity-based key exchange, unlike other revocable schemes that require major (inefficient) modifications to their original IB-AKE protocols. Moreover, our revocation mechanism is scalable, in the sense that its computational cost is logarithmic, rather than linear, to the number of users. We provide a security proof in the identity-based extended Canetti–Krawczyk security model that is further extended in order to incorporate key revocation. The security of our scheme reduces to the well-established strong Diffie–Hellman assumption. For this proof, we devise a multi-forking lemma, an extended version of the general forking lemma.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 74.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Anggorojati, B., Prasad, R.: Securing communication in inter domains internet of things using identity-based cryptography. In: IWBIS 2017, pp. 137–142 (2017)

    Google Scholar 

  2. The Apache Software Foundation. The Apache Milagro Cryptographic Library (AMCL) (2022). https://github.com/apache/incubator-milagro-crypto. Accessed 26 Dec 2022

  3. Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004). https://doi.org/10.1007/978-3-540-24676-3_14

    Chapter  Google Scholar 

  4. Baek, J., Safavi-Naini, R., Susilo, W.: Efficient multi-receiver identity-based encryption and its application to broadcast encryption. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 380–397. Springer, Heidelberg (2005). https://doi.org/10.1007/978-3-540-30580-4_26

    Chapter  Google Scholar 

  5. Barbulescu, R., Duquesne, S.: Updating key size estimations for pairings. J. Cryptol. 32, 1298–1336 (2019)

    Article  MathSciNet  Google Scholar 

  6. Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006). https://doi.org/10.1007/11693383_22

    Chapter  Google Scholar 

  7. Bellare, M., Neven, G.: Multi-signatures in the plain public-key model and a general forking lemma. In: ACM CCS 2006, pp. 390–399 (2006)

    Google Scholar 

  8. Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: ACM CCS 2008, pp. 417–426 (2008)

    Google Scholar 

  9. Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_13

    Chapter  Google Scholar 

  10. Broustis, I., Cakulev, V., Sundaram, G.: IBAKE: identity-based authenticated key exchange. In: RFC 6539 (2012). https://rfc-editor.org/rfc/rfc6539.txt

  11. Chakraborty, S., Raghuraman, S., Pandu Rangan, C.: A pairing-free, one round identity based authenticated key exchange protocol secure against memory-scrapers. J. Wirel. Mob. Netw. Ubiq. Comput. Depend. Appl. 7(1), 1–22 (2016)

    Google Scholar 

  12. Chen, J., Wee, H.: Dual system groups and its applications – compact HIBE and more. IACR Cryptology ePrint Archive: Report 2014/265 (2014)

    Google Scholar 

  13. Cheng, Q., Ma, C.: Ephemeral key compromise attack on the IB-KA protocol. IACR Cryptology ePrint Archive: Report 2009/568 (2009)

    Google Scholar 

  14. Cloudflare Inc: Geo key manager: How it works (2017). https://blog.cloudflare.com/geo-key-manager-how-it-works/

  15. Dearlove, C.: Identity-Based Signatures for Mobile Ad Hoc Network (MANET) Routing Protocols. RFC 7859 (2016). https://rfc-editor.org/rfc/rfc7859.txt

  16. Dent, A.W.: ECIES-KEM vs. PSEC-KEM. Technical Report NES/DOC/RHU/WP5/028/2, NESSIE (2002)

    Google Scholar 

  17. Emura, K., Seo, J.H., Watanabe, Y.: Efficient revocable identity-based encryption with short public parameters. Theor. Comput. Sci. 863, 127–155 (2021)

    Article  MathSciNet  Google Scholar 

  18. Emura, K., Takayasu, A., Watanabe, Y.: Generic constructions of revocable hierarchical identity-based encryption. IACR Cryptology ePrint Archive: Report 2021/515 (2021)

    Google Scholar 

  19. Fiore, D., Gennaro, R.: Making the Diffie-Hellman protocol identity-based. In: Pieprzyk, J. (ed.) CT-RSA 2010. LNCS, vol. 5985, pp. 165–178. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-11925-5_12

    Chapter  Google Scholar 

  20. Fujioka, A., Suzuki, K., Ustaoğlu, B.: Ephemeral key leakage resilient and efficient ID-AKEs that can share identities, private and master keys. In: Joye, M., Miyaji, A., Otsuka, A. (eds.) Pairing 2010. LNCS, vol. 6487, pp. 187–205. Springer, Heidelberg (2010). https://doi.org/10.1007/978-3-642-17455-1_12

    Chapter  Google Scholar 

  21. Gallant, R.P., Lambert, R.J., Vanstone, S.A.: Faster point multiplication on elliptic curves with efficient endomorphisms. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 190–200. Springer, Heidelberg (2001). https://doi.org/10.1007/3-540-44647-8_11

    Chapter  Google Scholar 

  22. Galbraith, S.D., Lin, X., Scott, M.: Endomorphisms for faster elliptic curve cryptography on a large class of curves. J. Cryptol. 24, 446–469 (2011)

    Article  MathSciNet  Google Scholar 

  23. Groves, M.: Sakai-Kasahara Key Encryption (SAKKE). RFC 6508 (2012). https://rfc-editor.org/rfc/rfc6508.txt

  24. Hajny, J., Dzurenda, P., Ricci, S., Malina, L., Vrba, K.: Performance analysis of pairing-based elliptic curve cryptography on constrained devices. In: ICUMT 2018, pp. 1–5 (2018)

    Google Scholar 

  25. Hu, Z., Liu, S., Chen, K., Liu, J.K.: Revocable identity-based encryption from the computational Diffie-Hellman problem. In: Susilo, W., Yang, G. (eds.) ACISP 2018. LNCS, vol. 10946, pp. 265–283. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-93638-3_16

    Chapter  Google Scholar 

  26. Huang, H., Cao, Z.: An ID-based authenticated key exchange protocol based on bilinear Diffie-Hellman problem. In: ASIACCS 2009, pp. 333–342 (2009)

    Google Scholar 

  27. Ishida, Y., Watanabe, Y., Shikata, J.: Constructions of CCA-secure revocable identity-based encryption. In: Foo, E., Stebila, D. (eds.) ACISP 2015. LNCS, vol. 9144, pp. 174–191. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-19962-7_11

    Chapter  Google Scholar 

  28. ISO/IEC, ISO/IEC 15946–5:2022 Information security - Cryptographic techniques based on elliptic curves -Part 5: Elliptic curve generation (2022). https://www.iso.org/standard/80241.html

  29. Katsumata, S., Matsuda, T., Takayasu, A.: Lattice-based revocable (hierarchical) IBE with decryption key exposure resistance. Theor. Comput. Sci. 809, 103–136 (2020)

    Article  MathSciNet  Google Scholar 

  30. Kupwade Patil, H., Szygenda, S.A.: Security for Wireless Sensor Networks using Identity-Based Cryptography. Auerbach Publications, Boca Raton (2012)

    Book  Google Scholar 

  31. Lee, K., Lee, D.H., Park, J.H.: Efficient revocable identity-based encryption via subset difference methods. Des. Codes Cryptogr. 85(1), 39–76 (2017)

    Article  MathSciNet  Google Scholar 

  32. Libert, B., Vergnaud, D.: Adaptive-ID secure revocable identity-based encryption. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 1–15. Springer, Heidelberg (2009). https://doi.org/10.1007/978-3-642-00862-7_1

    Chapter  Google Scholar 

  33. Lu, H., Li, J., Kameda, H.: A secure routing protocol for cluster-based wireless sensor networks using ID-based digital signature. In: GLOBECOM 2010, pp. 1–5 (2010)

    Google Scholar 

  34. Ma, X., Lin, D.: A generic construction of revocable identity-based encryption. In: Inscrypt 2019, pp. 381–396 (2019)

    Google Scholar 

  35. S. Mitsunari: mcl - A Portable and Fast Pairing-Based Cryptography Library (2016). https://github.com/herumi/mcl

  36. Ni, L., Chen, G., Li, J., Hao, Y.: Strongly secure identity-based authenticated key agreement protocols without bilinear pairings. Inf. Sci. 367, 176–193 (2016)

    Article  Google Scholar 

  37. Okano, Y., Tomida, J., Nagai, A., Yoneyama, K., Fujioka, A., Suzuki, K.: Revocable hierarchical identity-based authenticated key exchange. In: ICISC 2021, pp. 17–40 (2021)

    Google Scholar 

  38. Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. J. Cryptol. 13(3), 361–396 (2000)

    Article  Google Scholar 

  39. Boyen, X., Martin, L.: Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems. RFC5091 (2007). https://rfc-editor.org/rfc/rfc5091.txt

  40. Sakemi, Y., Kobayashi, T., Saito, T., Wahby, R.: Pairing-friendly curves. draft-irtf-cfrg-pairing-friendly-curves-10. https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-pairing-friendly-curves-10

  41. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). https://doi.org/10.1007/3-540-39568-7_5

    Chapter  Google Scholar 

  42. Schnorr, C.-P.: Efficient Signature Generation by Smart Cards. J. Cryptol. 4(3), 161–174 (1991)

    Article  MathSciNet  Google Scholar 

  43. Seo, J.H., Emura, K.: Revocable identity-based encryption revisited: security model and construction. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 216–234. Springer, Heidelberg (2013). https://doi.org/10.1007/978-3-642-36362-7_14

    Chapter  Google Scholar 

  44. Sankaran, S.: Lightweight security framework for IoTs using identity based cryptography. In: ICACCI 2016, pp. 880–886 (2016)

    Google Scholar 

  45. Sun, H., Wen, Q., Zhang, H., Jin, Z.: A strongly secure identity-based authenticated key agreement protocol without pairings under the GDH assumption. Secur. Commun. Netw. 8(17), 3167–3179 (2015)

    Article  Google Scholar 

  46. Sun, H., Wen, Q., Li, W.: A strongly secure pairing-free certificateless authenticated key agreement protocol under the CDH assumption. Sci. China Inf. Sci. 59(3), 1–16 (2016)

    Article  Google Scholar 

  47. Takayasu, A.: Adaptively secure lattice-based revocable IBE in the QROM: compact parameters, tight security, and anonymity. Des. Codes Cryptogr. 89(8), 1965–1992 (2021)

    Article  MathSciNet  Google Scholar 

  48. TechTarget: Comparing the Best Email Encryption Software Products (2015). https://searchsecurity.techtarget.com/feature/Comparing-the-best-email-encryption-software-product

  49. Tomida, J., Fujioka, A., Nagai, A., Suzuki, K.: Strongly secure identity-based key exchange with single pairing operation. In: Sako, K., Schneider, S., Ryan, P.Y.A. (eds.) ESORICS 2019. LNCS, vol. 11736, pp. 484–503. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-29962-0_23

    Chapter  Google Scholar 

  50. Tsai, T.-T., Chuang, Y.-H., Tseng, Y.-M., Huang, S.-S., Hung, Y.-H.: A leakage-resilient ID-based authenticated key exchange protocol with a revocation mechanism. IEEE Access 9, 128633–128647 (2021)

    Article  Google Scholar 

  51. Tseng, Y.-M., Huang, S.-S., Tsai, T.-T., Ke, J.-H.: List-free ID-based mutual authentication and key agreement protocol for multiserver architectures. IEEE Trans. Emerg. Topics Comput. 4(1), 102–112 (2015)

    Article  Google Scholar 

  52. Wang, C., Li, Y., Xia, X., Zheng, K.: An efficient and provable secure revocable identity-based encryption scheme. PLOS One 9(9), e106925 (2014)

    Article  Google Scholar 

  53. VIBE Cybersecurity International: Verifiable Identity-Based Encryption (VIBE) Eliminates Public-Key Certificates (2021). https://vibecyber.com/

  54. Watanabe, Y., Emura, K., Seo, J.H.: New revocable IBE in prime-order groups: adaptively secure, decryption key exposure resistant, and with short public parameters. In: Handschuh, H. (ed.) CT-RSA 2017. LNCS, vol. 10159, pp. 432–449. Springer, Cham (2017). https://doi.org/10.1007/978-3-319-52153-4_25

    Chapter  Google Scholar 

  55. Wu, T.-Y., Tseng, Y.-M., Tsai, T.-T.: A revocable ID-based authenticated group key exchange protocol with resistant to malicious participants. Comput. Netw. 56(12), 2994–3006 (2012)

    Article  Google Scholar 

  56. Wu, T.-Y., Tsai, T.-T., Tseng, Y.-M.: A provably secure revocable id-based authenticated group key exchange protocol with identifying malicious participants. Sci. World J. (2014). ID 367264

    Google Scholar 

  57. Yang, G., Tan, C.-H.: Strongly secure certificateless key exchange without pairing. In: ACM CCS 2011, pp. 71–79 (2011)

    Google Scholar 

  58. Zhang, R., Tao, Y.: Key dependent message security for revocable identity-based encryption and identity-based encryption. In: Naccache, D., et al. (eds.) ICICS 2018. LNCS, vol. 11149, pp. 426–441. Springer, Cham (2018). https://doi.org/10.1007/978-3-030-01950-1_25

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. NTT Corporation, Tokyo, Japan

    Kohei Nakagawa, Akira Nagai, Junichi Tomida & Kan Yasuda

  2. Kanagawa University, Yokohama, Japan

    Atsushi Fujioka

  3. Technology Innovation Institute, Abu Dhabi, UAE

    Keita Xagawa

Authors
  1. Kohei Nakagawa
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Atsushi Fujioka
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Akira Nagai
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Junichi Tomida
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Keita Xagawa
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Kan Yasuda
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kohei Nakagawa .

Editor information

Editors and Affiliations

  1. Technology Innovation Institute, Abu Dhabi, United Arab Emirates

    Abdelrahaman Aly

  2. NTT Social Informatics Laboratories, Tokyo, Japan

    Mehdi Tibouchi

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Nakagawa, K., Fujioka, A., Nagai, A., Tomida, J., Xagawa, K., Yasuda, K. (2023). Making the Identity-Based Diffie–Hellman Key Exchange Efficiently Revocable. In: Aly, A., Tibouchi, M. (eds) Progress in Cryptology – LATINCRYPT 2023. LATINCRYPT 2023. Lecture Notes in Computer Science, vol 14168. Springer, Cham. https://doi.org/10.1007/978-3-031-44469-2_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-44469-2_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-44468-5

  • Online ISBN: 978-3-031-44469-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation