Skip to main content
SpringerLink
Log in

Identifier discrimination: realizing selective-ID HIBE with authorized delegation and dedicated encryption privacy

  • Regular Contribution
  • Published:
International Journal of Information Security Aims and scope Submit manuscript

Abstract

It has been almost one and a half decades since the introduction of the concept of hierarchical identity-based encryption (HIBE) systems, and many pairing-based HIBE systems have been proposed; however, how to achieve independent private key delegation in HIBE systems is still open. Independent private key delegation in HIBE systems requires that the following three conditions are satisfied: (1) private keys are not valid delegation credentials for deriving descendants’ private keys, (2) any entity intending to derive a private key for any one of its descendants should own a valid delegation credential distributed by the root private key generator (PKG), and (3) a credential is only valid for deriving private keys for a given descendant. We present a new technique for composing private keys for entities in HIBE systems that we call identifier discrimination, aiming at resolving the problem of independent private key delegation. With the technique, we construct a selective identity secure HIBE system under the decisional bilinear Diffie–Hellman (DBDH) assumption in the standard model with the following properties. (1) Every entity in the HIBE system is prevented from deriving private keys for its descendants with the only use of its private key and the public parameters. (2) The root PKG can delegate the privilege (if needed) of generating private keys for each individual entity to any of its ancestors through authorization that we call authorized delegation, by distributing a specifically crafted secret (delegation credential) to the ancestor. (3) The encryption privacy of each ciphertext for its intended recipient is achieved, that is, ciphertexts encrypted on identity of any entity cannot be decrypted by any of its ancestors that we call dedicated encryption privacy.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Boneh, D., Franklin, M.K.: Identity-based encryption from the weil pairing. In: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, CRYPTO’01, London, UK, pp. 213–229, Springer-Verlag (2001)

  2. Cocks, C.: An identity based encryption scheme based on quadratic residues. In: Honary, B. (ed.) Proceedings of the 8th IMA International Conference on Cryptography and Coding, LNCS, vol. 2260, pp. 360–363, Springer, Berlin (2001)

  3. Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G., Chaum, D. (eds.) Advances in Cryptology, LNCS, vol. 196, pp. 47–53. Springer, Berlin (1985)

    Chapter  Google Scholar 

  4. Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)

    Article  MathSciNet  MATH  Google Scholar 

  5. Horwitz, J., Lynn, B.: Toward hierarchical identity-based encryption. In: Knudsen, L. (ed.) Advances in Cryptology–EUROCRYPT 2002, LNCS, vol. 2332, pp. 466–481. Springer, Berlin (2002)

    Chapter  Google Scholar 

  6. Gentry, C., Silverberg, A.: Hierarchical id-based cryptography. In: Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, ASIACRYPT’02, London, UK, pp. 548–566, Springer-Verlag, (2002)

  7. Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. In: Biham, E. (ed.) Advances in Cryptology–EUROCRYPT 2003, LNCS, vol. 2656, pp. 255–271. Springer, Berlin (2003)

    Chapter  Google Scholar 

  8. Boneh, D., Boyen, X.: Efficient selective-id secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J. (eds.) Advances in Cryptology–EUROCRYPT 2004, LNCS, vol. 3027, pp. 223–238. Springer, Berlin (2004)

    Chapter  Google Scholar 

  9. Boneh, D., Boyen, X.: Efficient selective identity-based encryption without random oracles. J. Cryptol. 24(4), 659–693 (2011)

    Article  MathSciNet  MATH  Google Scholar 

  10. Boneh, D., Boyen, X.: Secure identity based encryption without random oracles. In: Franklin, M. (ed.) Advances in Cryptology–CRYPTO 2004, LNCS, vol. 3152, pp. 443–459. Springer, Berlin (2004)

    Chapter  Google Scholar 

  11. Boneh, D., Boyen, X., Goh, E.J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) Advances in Cryptology–EUROCRYPT 2005, LNCS, vol. 3494, pp. 440–456. Springer, Berlin (2005)

    Chapter  Google Scholar 

  12. Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) Advances in Cryptology–EUROCRYPT 2005, LNCS, vol. 3494, pp. 114–127. Springer, Berlin (2005)

    Chapter  Google Scholar 

  13. Waters, B.: Dual system encryption: Realizing fully secure ibe and hibe under simple assumptions. In: Halevi, S. (ed.) Advances in Cryptology–CRYPTO 2009, LNCS, vol. 5677, pp. 619–636. Springer, Berlin (2009)

    Chapter  Google Scholar 

  14. Lewko, A., Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Micciancio, D. (ed.) Theory of Cryptography, LNCS, vol. 5978, pp. 455–479. Springer, Berlin (2010)

    Chapter  Google Scholar 

  15. Chow, S.S.M.: Removing escrow from identity-based encryption. In: Jarecki, S., Tsudik, G. (eds.) Public Key Cryptography—PKC 2009: 12th International Conference on Practice and Theory in Public Key Cryptography, Irvine, CA, USA, March 18-20, 2009. Proceedings, Berlin, Heidelberg, pp. 256–276, Springer Berlin Heidelberg, (2009)

  16. Boyen, X., Waters, B.: Anonymous hierarchical identity-based encryption (without random oracles). Advances in Cryptology-CRYPTO 2006, pp. 290–307 (2006)

  17. Boyen, x: Multipurpose Identity-Based Signcryption. Crypto, LNCS, vol. 3, pp. 383–399. Springer, New York (2003)

    MATH  Google Scholar 

  18. Gentry, C.: Practical Identity-Based Encryption Without Random Oracles. Eurocrypt, LNCS, vol. 4004, pp. 445–464. Springer, New York (2006)

    MATH  Google Scholar 

  19. Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.:: Public key encryption with keyword search. Eurocrypt, LNCS, vol. 3077, pp. 506–522. Springer, New York (2004)

    MATH  Google Scholar 

  20. Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions, Crypto, LNCS, vol. 3621, pp. 205–222. Springer, New York (2005)

    MATH  Google Scholar 

  21. Seo, J.H., Kobayashi, T., Ohkubo, M., Suzuki, K.: Anonymous Hierarchical Identity-Based Encryption with Constant Size Ciphertexts. Public Key Cryptography, LNCS, vol. 5443, pp. 215–234. Springer, New York (2009)

    MATH  Google Scholar 

  22. Sui, A., Chow, S.S.M., Hui, L.C.K., Yiu, S.M., Chow, K.P., Tsang, W.W., Chong, C.F., Pun, K.H., Chan, H.W.: Separable and anonymous identity-based key issuing. In: 11th International Conference on Parallel and Distributed Systems (ICPADS’05), pp. 275–279, (2005)

  23. Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing, STOC ’08, New York, NY, USA, pp. 197–206, ACM, (2008)

  24. Agrawal, S., Boneh, D., Boyen, X.: Efficient lattice (h)ibe in the standard model. In: Gilbert, H. (ed.) Advances in Cryptology–EUROCRYPT 2010: 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30 – June 3, 2010. Proceedings, Berlin, Heidelberg, pp. 553–572, Springer Berlin Heidelberg, (2010)

  25. Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai trees, or how to delegate a lattice basis. J. Cryptol. 25(4), 601–639 (2012)

    Article  MathSciNet  MATH  Google Scholar 

  26. Boneh, D., Gentry, C., Hamburg, M.: Space-efficient identity based encryption without pairings. In: 48th Annual IEEE Symposium on Foundations of Computer Science, 2007. FOCS ’07. pp. 647–657, (2007)

  27. Ateniese, G., Gasti, P.: Universally anonymous IBE based on the quadratic residuosity assumption. In: Fischlin, M. (ed.) Topics in Cryptology–CT-RSA 2009: The Cryptographers’ Track at the RSA Conference 2009, San Francisco, CA, USA, April 20-24, 2009. Proceedings, Berlin, Heidelberg, pp. 32–47, Springer Berlin Heidelberg, (2009)

  28. Clear, M., Tewari, H., McGoldrick, C.: Anonymous ibe from quadratic residuosity with improved performance. In: Pointcheval, D., Vergnaud, D. (eds.) Progress in Cryptology–AFRICACRYPT 2014: 7th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 28–30, 2014. Proceedings, Cham, pp. 377–397, Springer International Publishing, (2014)

  29. Döttling, N., Garg, S.: Identity-based encryption from the diffie-hellman assumption. In: Katz, J., Shacham, H. (eds.) Advances in Cryptology–CRYPTO 2017: 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20–24, 2017, Proceedings, Part I, Cham, pp. 537–569, Springer International Publishing, (2017)

  30. Brakerski, Z., Lombardi, A., Segev, G., Vaikuntanathan, V.: Anonymous IBE, leakage resilience and circular security from new assumptions. Cryptology ePrint Archive, Report 2017/967, (2017). https://eprint.iacr.org/2017/967

  31. Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.S. (ed.) Advances in Cryptology–ASIACRYPT 2003: 9th International Conference on the Theory and Application of Cryptology and Information Security, Taipei, Taiwan, November 30–December 4, 2003. Proceedings, Berlin, Heidelberg, pp. 452–473, Springer Berlin Heidelberg, (2003)

  32. Dent, A.W.: A survey of certificateless encryption schemes and security models. Int. J. Inf. Secur. 7(5), 349–377 (2008)

    Article  Google Scholar 

  33. Chow, S.S.M.: Certificateless Encryption, Identity-Based Cryptography. IOS Press, Amsterdam (2008)

    Google Scholar 

  34. Liu, J.K., Au, M.H., Susilo, W.: Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model. In: Proceedings of the 2nd ACM symposium on Information, computer and communications security, pp. 273–283, ACM, (2007)

  35. Chow, S.S.M., Boyd, C., Nieto, J.M.G.: Security-mediated certificateless cryptography. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) Public Key Cryptography–PKC 2006: 9th International Conference on Theory and Practice in Public-Key Cryptography, New York, NY, USA, April 24-26, 2006. Proceedings, Berlin, Heidelberg, pp. 508–524, Springer Berlin Heidelberg, (2006)

  36. Boneh, D., Ding, X., Tsudik, G.: Fine-grained control of security capabilities. ACM Trans. Inter. Technol. (TOIT) 4(1), 60–82 (2004)

    Article  Google Scholar 

  37. Chow, S.S.M., Roth, V., Rieffel, E.G.: General certificateless encryption and timed-release encryption. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) Security and Cryptography for Networks: 6th International Conference, SCN 2008, Amalfi, Italy, September 10-12, 2008. Proceedings, Berlin, Heidelberg, pp. 126–143, Springer Berlin Heidelberg, (2008)

  38. Shacham, H.: The BBG HIBE has limited delegation. Cryptology ePrint Archive, Report 2007/201, 2007. http://eprint.iacr.org/2007/201

  39. Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. J. Cryptol. 20(3), 265–294 (2007)

    Article  MathSciNet  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Shijiazhuang Tiedao University, Shijiazhuang, 050043, China

    Jian-Wu Zheng & Jing Zhao

  2. Shanghai Jiao Tong University, Shanghai, 200240, China

    Xin-Ping Guan

Authors
  1. Jian-Wu Zheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jing Zhao
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Xin-Ping Guan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jian-Wu Zheng.

Additional information

This work was supported in part by the NSF of Hebei of the first author and the NSF of China under Grant U1405251.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zheng, JW., Zhao, J. & Guan, XP. Identifier discrimination: realizing selective-ID HIBE with authorized delegation and dedicated encryption privacy. Int. J. Inf. Secur. 18, 141–162 (2019). https://doi.org/10.1007/s10207-018-0402-8

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10207-018-0402-8

Keywords

Search

Navigation