Abstract
Revocable hierarchical identity-based encryption (RHIBE) is an extension of HIBE that supports the revocation of user’s private keys to manage the dynamic credentials of users in a system. Many different RHIBE schemes were proposed previously, but they are not efficient in terms of the private key size and the update key size since the depth of a hierarchical identity is included as a multiplicative factor. In this paper, we propose efficient RHIBE schemes with shorter private keys and update keys and small public parameters by removing this multiplicative factor. To achieve our goals, we first present a new HIBE scheme with the different generation of private keys such that a private key can be simply derived from a short intermediate private key. Next, we show that two efficient RHIBE schemes can be built by combining our HIBE scheme, an IBE scheme, and a tree based broadcast encryption scheme in a modular way.
Similar content being viewed by others
References
Boldyreva A., Goyal V., Kumar V.: Identity-based encryption with efficient revocation. In: Ning P., Syverson P.F., Jha S. (eds.) ACM Conference on Computer and Communications Security, pp. 417–426. ACM, New York (2008).
Boneh D., Boyen X.: Efficient selective-id secure identity-based encryption without random oracles. In: Cachin C., Camenisch J. (eds.) Advances in Cryptology—EUROCRYPT 2004, LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004).
Boneh D., Boyen X.: Efficient selective identity-based encryption without random oracles. J. Cryptol. 24(4), 659–693 (2011).
Boneh D., Franklin M.K.: Identity-based encryption from the weil pairing. In: Kilian J. (ed.) Advances in Cryptology—CRYPTO 2001, LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001).
Boneh D., Boyen X., Goh E.J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer R. (ed.) Advances in Cryptology—EUROCRYPT 2005, LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005).
Boyen X.: General Ad Hoc encryption from exponent inversion IBE. In: Naor M. (ed.) Advances in Cryptology—EUROCRYPT 2007, LNCS, vol. 4515, pp. 394–411. Springer, Heidelberg (2007).
Boyen X., Waters B.: Anonymous hierarchical identity-based encryption (without random oracles). In: Dwork C. (ed.) Advances in Cryptology—CRYPTO 2006, LNCS, vol. 4117, pp. 290–307. Springer, Heidelberg (2006).
Canetti R., Halevi S., Katz J.: A forward-secure public-key encryption scheme. In: Biham E. (ed.) Advances in Cryptology—EUROCRYPT 2003, LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003).
Canetti R., Halevi S., Katz J.: Chosen-ciphertext security from identity-based encryption. In: Cachin C., Camenisch J. (eds.) Advances in Cryptology—EUROCRYPT 2004, LNCS, vol. 3027, pp. 207–222. Springer, Heidelberg (2004).
Diffie W., Hellman M.E.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976).
Emura K., Seo J.H., Youn T.: Semi-generic transformation of revocable hierarchical identity-based encryption and its DBDH instantiation. IEICE Trans. 99(A(1)), 83–91 (2016).
Gentry C., Halevi S.: Hierarchical identity based encryption with polynomially many levels. In: Reingold O. (ed.) Theory of Cryptography—TCC 2009, LNCS, vol. 5444, pp. 437–456. Springer, Heidelberg (2009).
Gentry C., Silverberg A.: Hierarchical id-based cryptography. In: Zheng Y. (ed.) Advances in Cryptology—ASIACRYPT 2002, LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002).
Goldreich O., Goldwasser S., Micali S.: How to construct random functions. J. ACM 33(4), 792–807 (1986).
Goyal V., Pandey O., Sahai A., Waters B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Juels A., Wright R.N., di Vimercati S.D.C. (eds.) ACM Conference on Computer and Communications Security, pp. 89–98. ACM, New York (2006).
Halevy D., Shamir A.: The LSD broadcast encryption scheme. In: Yung M. (ed.) Advances in Cryptology—CRYPTO 2002, LNCS, vol. 2442, pp. 47–60. Springer, Heidelberg (2002).
Horwitz J., Lynn B.: Toward hierarchical identity-based encryption. In: Knudsen L.R. (ed.) Advances in Cryptology—EUROCRYPT 2002, LNCS, vol. 2332, pp. 466–481. Springer, Heidelberg (2002).
Lee K.: Revocable hierarchical identity-based encryption with adaptive security. Cryptology ePrint Archive, Report 2016/749 (2016). http://eprint.iacr.org/2016/749.
Lee K., Choi S.G., Lee D.H., Park J.H., Yung M.: Self-updatable encryption: time constrained access control with hidden attributes and better efficiency. In: Sako K., Sarkar P. (eds.) Advances in Cryptology—ASIACRYPT 2013, LNCS, vol. 8269, pp. 235–254. Springer, Heidelberg (2013).
Lee K., Lee D.H., Park J.H.: Efficient revocable identity-based encryption via subset difference methods. Des. Codes Cryptogr. 85(1), 39–76 (2017).
Lee K., Park J.H., Lee D.H.: Anonymous HIBE with short ciphertexts: full security in prime order groups. Des. Codes Cryptogr. 74(2), 395–425 (2015).
Lewko A.B.: Tools for simulating features of composite order bilinear groups in the prime order setting. In: Pointcheval D., Johansson T. (eds.) Advances in Cryptology—EUROCRYPT 2012, LNCS, vol. 7237, pp. 318–335. Springer, Heidelberg (2012).
Lewko A.B., Waters B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Micciancio D. (ed.) Theory of Cryptography—TCC 2010, LNCS, vol. 5978, pp. 455–479. Springer, Heidelberg (2010).
Lewko A.B., Waters B.: Unbounded HIBE and attribute-based encryption. In: Paterson K.G. (ed.) Advances in Cryptology—EUROCRYPT 2011, LNCS, vol. 6632, pp. 547–567. Springer, Heidelberg (2011).
Libert B., Vergnaud D.: Adaptive-id secure revocable identity-based encryption. In: Fischlin M. (ed.) Topics in Cryptology—CT-RSA 2009, LNCS, vol. 5473, pp. 1–15. Springer, Heidelberg (2009).
Naor D., Naor M., Lotspiech J.: Revocation and tracing schemes for stateless receivers. In: Kilian J. (ed.) Advances in Cryptology—CRYPTO 2001, LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001).
Park S., Lee K., Lee D.H.: New constructions of revocable identity-based encryption from multilinear maps. IEEE Trans. Inf. Forensic Secur. 10(8), 1564–1577 (2015).
Rouselakis Y., Waters B.: Practical constructions and new proof methods for large universe attribute-based encryption. In: Sadeghi A.R., Gligor V.D., Yung M. (eds.) ACM Conference on Computer and Communications Security—CCS 2013, pp. 463–474. ACM, New York (2013).
Ryu G., Lee K., Park S., Lee D.H.: Unbounded hierarchical identity-based encryption with efficient revocation. In: Kim H., Choi D. (eds.) Information Security Applications—WISA 2015, LNCS, vol. 9503, pp. 122–133. Springer, Heidelberg (2016).
Seo J.H., Emura K.: Efficient delegation of key generation and revocation functionalities in identity-based encryption. In: Dawson E. (ed.) Topics in Cryptology—CT-RSA 2013, LNCS, vol. 7779, pp. 343–358. Springer, Heidelberg (2013).
Seo J.H., Emura K.: Revocable identity-based encryption revisited: security model and construction. In: Kurosawa K., Hanaoka G. (eds.) Public-Key Cryptography—PKC 2013, LNCS, vol. 7778, pp. 216–234. Springer, Heidelberg (2013).
Seo J.H., Emura K.: Revocable hierarchical identity-based encryption: History-free update, security against insiders, and short ciphertexts. In: Nyberg K. (ed.) Topics in Cryptology—CT-RSA 2015, LNCS, vol. 9048, pp. 106–123. Springer, Heidelberg (2015).
Seo J.H., Emura K.: Adaptive-id secure revocable hierarchical identity-based encryption. In: Tanaka K., Suga Y. (eds.) Advances in Information and Computer Security—IWSEC 2015, LNCS, vol. 9241, pp. 21–38. Springer, Heidelberg (2015).
Seo J.H., Kobayashi T., Ohkubo M., Suzuki K.: Anonymous hierarchical identity-based encryption with constant size ciphertexts. In: Jarecki S., Tsudik G. (eds.) Public-Key Cryptography—PKC 2009, LNCS, vol. 5443, pp. 215–234. Springer, Heidelberg (2009).
Shamir A.: Identity-based cryptosystems and signature schemes. In: Blakley G.R., Chaum D. (eds.) Advances in Cryptology—CRYPTO ’84, LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1984).
Shi E., Waters B.: Delegating capabilities in predicate encryption systems. In: Aceto L., Damgård I., Goldberg L.A., Halldórsson M.M., Ingólfsdóttir A., Walukiewicz I. (eds.) ICALP 2008, LNCS, vol. 5126, pp. 560–578. Springer, Heidelberg (2008).
Watanabe Y., Emura K., Seo J.H.: New revocable IBE in prime-order groups: adaptively secure, decryption key exposure resistant, and with short public parameters. In: Handschuh H. (ed.) Topics in Cryptology—CT-RSA 2017, LNCS, vol. 10159, pp. 432–449. Springer, Heidelberg (2017).
Waters B.: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions. In: Halevi S. (ed.) Advances in Cryptology—CRYPTO 2009, LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (2009).
Acknowledgements
This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) (No. 2016-6-00600, A Study on Functional Encryption: Construction, Security Analysis, and Implementation).
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by K. Matsuura.
Rights and permissions
About this article
Cite this article
Lee, K., Park, S. Revocable hierarchical identity-based encryption with shorter private keys and update keys. Des. Codes Cryptogr. 86, 2407–2440 (2018). https://doi.org/10.1007/s10623-017-0453-2
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10623-017-0453-2
Keywords
- Identity-based encryption
- Hierarchical identity-based encryption
- Key revocation
- Modular design
- Bilinear maps