Skip to main content
SpringerLink
Log in

Practical chosen-ciphertext secure Hierarchical Identity-Based Broadcast Encryption

  • Special Issue Paper
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

We focus on practical Hierarchical Identity-Based Broadcast Encryption (HIBBE) with semantic security against adaptively chosen-ciphertext attacks (CCA2) in the standard model. We achieve this goal in two steps. First, we propose a new HIBBE scheme that is secure against chosen-plaintext attacks (CPA). Compared with the existing HIBBE scheme that is built from composite-order bilinear groups, our construction is based on prime-order bilinear groups. The much better efficiency of group operations in prime-order bilinear groups makes our proposed HIBBE scheme more practical. Then, we convert it into a CCA2-secure scheme at the cost of a one-time signature. Instead of extending one user hierarchy in the Canetti–Halevi–Katz approach from CPA-secure (\(l+1\))-Hierarchical Identity-Based Encryption [(\(l+1\))-HIBE] to CCA2-secure \(l\)-HIBE, our construction merely adds one on-the-fly dummy user in the basic scheme. We formally prove the security of these two schemes in the standard model. Comprehensive theoretical analyses and experimental results demonstrate that the proposed HIBBE schemes achieve desirable performance.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

References

  1. Boneh, D., Boyen, X.: Efficient selective-id secure identity-based encryption without random oracles. In: EUROCRYPT’04, LNCS, vol. 3494, pp. 223–238. Springer (2004)

  2. Boneh, D., Boyen, X.: Secure identity based encryption without random oracles. In: CRYPTO’04, LNCS, vol. 3152, pp. 443–459. Springer (2004)

  3. Boneh, D., Boyen, X.: Short signatures without random oracles. In: EUROCRYPT’04, LNCS, vol. 3027, pp. 56–73. Springer (2004)

  4. Boneh, D., Boyen, X., Goh, E.J.: Hierarchical identity based encryption with constant size ciphertext. In: EUROCRYPT’05, LNCS, vol. 3494, pp. 440–456. Springer (2005)

  5. Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: CRYPTO’01, LNCS, vol. 2139, pp. 213–229. Springer (2001). doi:10.1007/3-540-44647-8_13

  6. Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)

    Article  MathSciNet  MATH  Google Scholar 

  7. Boneh, D., Gentry, C., Waters, B.: Collusion resistant broadcast encryption with short ciphertexts and private keys. In: CRYPTO’05, LNCS, vol. 3621, pp. 258–275. Springer (2005)

  8. Boneh, D., Hamburg, M.: Generalized identity based and broadcast encryption schemes. In: ASIACRYPT’08, LNCS, vol. 5350, pp. 455–470. Springer (2008)

  9. Boneh, D., Katz, J.: Improved efficiency for cca-secure cryptosystems built using identity-based encryption. In: CT-RSA’05, LNCS, vol. 3376, pp. 87–103. Springer (2005)

  10. Boyen, X., Mei, Q., Waters, B.: Direct chosen ciphertext security from identity-based techniques. In: ACM CCS’05, pp. 320–329. ACM Press, New York (2005)

  11. Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. In: EUROCRYPT’03, LNCS, vol. 2656, pp. 255–271. Springer (2003)

  12. Canetti, R., Halevi, S., Katz, J.: Chosen-ciphertext security from identity-based encryption. In: EUROCRYPT’04, LNCS, vol. 3027, pp. 207–222. Springer (2004)

  13. Cramer, R., Shoup, V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: CRYPTO’98, LNCS, vol. 1462, pp. 13–25. Springer (1998)

  14. Delerablée, C.: Identity-based broadcast encryption with constant size ciphertexts and private keys. In: ASIACRYPT’07, LNCS, vol. 4833, pp. 200–215. Springer (2007)

  15. Deng, H., Wu, Q., Qin, B., Chow, S.S.M., Domingo-Ferrer, J., Shi, W.: Tracing and revoking leaked credentials: accountability in leaking sensitive outsourced data. In: ACM AISACCS’14, pp. 425–434. ACM Press, New York (2014)

  16. Deng, H., Wu, Q., Qin, B., Mao, J., Liu, X., Zhang, L., Shi, W.: Who is touching my cloud. In: ESORICS’14, LNCS, vol. 8712, pp. 362–379. Springer (2014)

  17. Freeman, D.M.: Converting pairing-based cryptosystems from composite-order groups to prime-order groups. In: EUROCRYPT’10, LNCS, vol. 6110, pp. 44–61. Springer (2010)

  18. Gentry, C.: Practical identity-based encryption without random oracles. In: EUROCRYPT’06, LNCS, vol. 4004, pp. 445–464. Springer (2006)

  19. Gentry, C., Silverberg, A.: Hierarchical id-based cryptography. In: ASIACRYPT’02, LNCS, vol. 2501, pp. 548–566. Springer (2002)

  20. Gentry, C., Waters, B.: Adaptive security in broadcast encryption systems (with short ciphertexts). In: EUROCRYPT’09, LNCS, vol. 5479, pp. 171–188. Springer (2009)

  21. Heinzelman, W.R., Chandrakasan, A., Balakrishnan, H.: Energy-efficient communication protocol for wireless microsensor networks. In: IEEE HICCS’00. IEEE Press (2000)

  22. Horwitz, J., Lynn, B.: Toward hierarchical identity-based encryption. In: EUROCRYPT’02, LNCS, vol. 2332, pp. 466–481. Springer (2002)

  23. Lewko, A., Waters, B.: New techniques for dual system encryption and fully secure hibe with short ciphertexts. In: TCC’10, LNCS, vol. 5978, pp. 455–479. Springer (2010)

  24. Lewko, A., Waters, B.: Unbounded hibe and attribute-based encryption. In: EUROCRYPT’11, LNCS, vol. 6632, pp. 547–567. Springer (2011)

  25. Lewko, A., Waters, B.: New proof methods for attribute-based encryption: achieving full security through selective techniques. In: CRYPTO’12, LNCS, vol. 7417, pp. 180–198. Springer (2012)

  26. Lewko, A., Waters, B.: Why proving hibe systems secure is difficult. In: EUROCRYPT’14, LNCS, vol. 8441, pp. 58–76. Springer (2014)

  27. Liu, W., Liu, J., Wu, Q., Qin, B.: Hierarchical identity-based broadcast encryption. In: ACISP’14, LNCS, vol. 8544, pp. 242–257. Springer (2014)

  28. Liu, W., Liu, J., Wu, Q., Qin, B., Zhou, Y.: Practical direct chosen ciphertext secure key-policy attribute-based encryption with public ciphertext test. In: ESORICS’14, LNCS, vol. 8713, pp. 91–108. Springer (2014)

  29. Liu, W., Liu, X., Wu, Q., Qin, B.: Experimental performance comparisons between (h)ibe schemes over composite-order and prime-order bilinear groups. In: IBCAST’14, pp. 203–209. IEEE Press (2014)

  30. Qin, B., Deng, H., Wu, Q., Domingo-Ferrer, J., Naccache, D., Zhou, Y.: Flexible attribute-based encryption applicable to secure e-healthcare records. Int. J. Inf. Secur. 14(1) (2015). doi:10.1007/s10207-014-0272-7

  31. Shamir, A.: Identity-based cryptosystems and signature schemes. In: CRYPTO’84, LNCS, vol. 196, pp. 47–53. Springer (1985)

  32. Wang, X., Mu, Y.: A secure mobility support scheme for 6loWPAN wireless sensor networks. Secur. Comm. Netw. 7(3), 641–652 (2014)

    Article  Google Scholar 

  33. Wang, Y., Wu, Q., Wong, D.S., Qin, B., Chow, S.S.M., Liu, Z., Tan, X.: Securely outsourcing exponentiations with single untrusted program for cloud storage. In: ESORICS’14, LNCS, vol. 8712, pp. 326–343. Springer (2014)

  34. Waters, B.: Efficient identity-based encryption without random oracles. In: EUROCRYPT’05, LNCS, vol. 3494, pp. 114–127. Springer (2005)

  35. Waters, B.: Dual system encryption: realizing fully secure ibe and hibe under simple assumptions. In: CRYPTO’09, LNCS, vol. 5677, pp. 619–636. Springer (2009)

  36. Wiangsripanawan, R., Susilo, W., Safavi-Naini, R.: Achieving mobility and anonymity in ip-based networks. In: CANS’07, LNCS, vol. 4856, pp. 60–79. Springer (2007)

Download references

Acknowledgments

This paper is supported by the National Key Basic Research Program (973 program) through project 2012CB315905, by the Natural Science Foundation through projects 61370190, 61272501, 61173154, 61472429, 61402029, and 61003214, and by the Beijing Natural Science Foundation through project 4132056, the Fundamental Research Funds for the Central Universities, and the Research Funds (No. 14XNLF02) of Renmin University of China, Innovation Fund of China Aerospace Science and Technology Corporation Satellite Application Research Institute through project 2014-CXJJ-TX-10 and the Open Research Fund of Beijing Key Laboratory of Trusted Computing.

Author information

Authors and Affiliations

  1. School of Electronic and Information Engineering, Beihang University, XueYuan Road No.37, Haidian District, Beijing, China

    Weiran Liu, Jianwei Liu & Qianhong Wu

  2. The State Key Laboratory of Integrated Services Networks, Xidian University, Xi’an, China

    Weiran Liu

  3. The State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing, 100093, China

    Qianhong Wu

  4. The Key Laboratory of Data Engineering and Knowledge Engineering (Renmin University of China) Ministry of Education, School of Information, Renmin University of China, ZhongGuanCun Street No.59, Haidian District, Beijing, China

    Bo Qin

  5. Aerospace Hengxing Science and Technology co. LTD, Beijing, China

    Jianwei Liu & Yan Li

Authors
  1. Weiran Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jianwei Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Qianhong Wu
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bo Qin
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Yan Li
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Qianhong Wu.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Liu, W., Liu, J., Wu, Q. et al. Practical chosen-ciphertext secure Hierarchical Identity-Based Broadcast Encryption. Int. J. Inf. Secur. 15, 35–50 (2016). https://doi.org/10.1007/s10207-015-0287-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-015-0287-8

Keywords

Search

Navigation