Skip to main content
SpringerLink
Log in

An efficient IBE scheme with tight security reduction in the random oracle model

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

We present a new practical identity-based encryption (IBE) system that can be another candidate for standard IBE techniques. Our construction is based on a new framework for realizing an IBE trapdoor from pairing-based groups, which is motivated from the ‘two equation’ revocation technique suggested by Lewko et al. (IEEE Symposium on Security and Privacy, 2010). The new framework enables our IBE system to achieve a tight security reduction to the Decisional Bilinear Diffie–Hellman assumption in the random oracle model. Due to its the tightness, our system can take as input the shorter size of security parameters than the previous practical BF, SK, and \(\hbox {BB}_{1}\) systems, which provides better efficiency to our system in terms of computational cost.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

Notes

  1. The square-DBDH assumption is defined from the following problem: given \((g, g^{a}, g^{b}, T)\) as input, determine \(T=e(g,g)^{a^{2}b}\) or random.

  2. After the Challenge phase, we do not need to consider the event \(\mathsf {abort1}\) in the case of \(\mathsf {ID} (\ne \mathsf {ID}^*)\), since the distribution of tag values regarding \(\mathsf {ID} (\ne \mathsf {ID}^*)\) is statistically identical to that in the real attack.

  3. This is the asymmetric version of the Hash-BDH assumption [10].

  4. This is the asymmetric version of the BDH assumption [13].

  5. Notice that \(\mathcal {B}\) can handle this ciphertext if the one-time symmetric-key encryption scheme \(\mathcal {SKE}\) is CCA-secure. However, we simply consider \(\mathcal {SKE}\) as being secure against passive attacks by adding \(q_{D}/p\) into the probability that \(\mathcal {B}_{2}\) aborts.

  6. We are not sure that the CCA security proof about the variant is correct because we cannot find any security proof for the variant. Boyen [16] stated that the proof of CCA security was adapted by [10], but in any part of [10] there exists no security proof related to the variant.

  7. The variant was proven to be chosen-plaintext secure under the DBDH assumption, but we consider the CCA-secure version by applying the Fujisaki–Okamoto transform [27].

  8. Those are \(\gamma _{i}\) values that appear in the \(H_{1}^{list}\) in the proof of Theorems 1 and 2.

References

  1. Abdalla M., Bellare M., Catalano D., Kiltz E., Kohno T., Lange T., Malone-Lee J., Neven G., Paillier P., Shi H.: Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. In: CRYPTO‘05, vol. 3621, pp. 205–222 (2005)

  2. Agrawal S., Boneh D., Boyen X.: Efficient lattice (H)IBE in the standard model. In: EUROCRYPT‘10, vol. 6110, pp. 553–572 (2010)

  3. Agrawal S., Boneh D., Boyen X.: Lattice basis delegation in fixed dimension and shorter-ciphertext hierarchical IBE. In: CRYPTO‘10, vol. 6223, pp. 98–115 (2010)

  4. Agrawal S., Freeman D.F., Vaikuntanathan V.: Functional encryption for inner product predicates from learning with errors. In: ASIACRYPT‘11, vol. 7073, pp. 21–40 (2011)

  5. Attrapadung N., Furukawa J., Gomi T., Hanaoka G., Imai H., Zhang R.: Efficient identity-based encryption with tight security reduction. In: CANS‘06, vol. 4301, pp. 19–36 (2006)

  6. Bellare M., Rogaway P.: The exact security of digital signatures—how to sign with RSA and Rabin. In: EUROCRYPT‘96, vol. 1070, pp. 399–416 (1996)

  7. Bellare M., Rogaway P.: Introduction to Modern Cryptography. University of California at San Diego (2005)

  8. Bentahar K., Farshim P., Malone-Lee J., Smart N.P.: Generic constructions of identity-based and certificateless KEMs. J. Cryptol. 21(2), 178–199 (2008)

  9. Bethencourt J., Sahai A., Waters B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy 2007, pp. 321–334 (2007)

  10. Boneh D., Boyen X.: Efficient selective-id secure identity-based encryption without random oracles. In: EUROCRYPT‘04, vol. 3027, pp. 223–238 (2004)

  11. Boneh D., Boyen X., Goh E.J.: Hierarchical identity based encryption with constant size ciphertext. In: EUROCRYPT‘05, vol. 3494, pp. 440–456 (2005)

  12. Boneh D, Crescenzo G.D., Ostrovsky R., Persiano G.: Public key encryption with keyword search. In: EUROCRYPT‘04, vol. 3027, pp. 506–522 (2004)

  13. Boneh D., Franklin M.K.: Identity-based encryption from the weil pairing. In: CRYPTO‘01, vol. 2139, pp. 213–229 (2001)

  14. Boneh D., Gentry C., Hamburg M.: Space-efficient identity based encryption without pairings. In: FOCS‘07, pp. 647–657 (2007)

  15. Boneh D., Sahai A., Waters B.: Functional encryption: definitions and challenges. In: TCC‘11, vol. 6597, pp. 253–273 (2011)

  16. Boyen X.: A tapestry of identity-based encryption: practical frameworks compared. Int. J. Appl. Cryptogr. 1(1), 3–21 (2008)

  17. Boyen X., Waters B.: Anonymous hierarchical identity-based encryption (without random oracles). In: CRYPTO‘06, vol. 4117, pp. 290–307 (2006)

  18. Canetti R., Halevi S., Katz J.: A forward-secure public-key encryption scheme. In: EUROCRYPT03, vol. 2656, pp. 255–271 (2003)

  19. Cash D, Hofheinz D, Kiltz E., Peikert C.: Bonsai trees, or how to delegate a lattice basis. In: EUROCRYPT10, vol. 6110, pp. 523–552 (2010)

  20. Chen L., Cheng Z.: Security proof of Sakai-Kasahara’s identity-based encryption scheme. In: IMA‘05, vol. 3796, pp. 442–459 (2005)

  21. Chen J., Wee H.: Fully, (almost) tightly secure ibe and dual system groups. In: CRYPTO‘13, vol. 8043, pp. 435–460 (2013)

  22. Chen L., Cheng Z., Malone-Lee J., Smart N.P.: An efficient ID-kem based on the Sakai-Kasahara key construction. IEE Proc. Inf. Secur. 153(1), 19–26 (2006)

  23. Cocks C.: An identity based encryption scheme based on quadratic residues. In: IMA‘01, vol. 2260, pp. 360–363 (2001)

  24. Coron J.S.: A variant of Boneh-Franklin IBE with a tight reduction in the random oracle model. Des. Codes Cryptogr. 50(1), 115–133 (2009)

  25. Cramer R., Shoup V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167–226 (2004)

  26. Dodis Y., Fazio N.: Public key broadcast encryption for stateless receivers. In: DRM Workshop 2002, vol. 2696, pp. 61–80 (2002)

  27. Fujisaki E., Okamoto T.: Secure integration of asymmetric and symmetric encryption schemes. In: CRYPTO‘99, vol. 1666, pp. 537–554 (1999)

  28. Galindo D.: Boneh-Franklin identity based encryption revisited. In: ICALP‘05, vol. 3580, pp. 791–802 (2005)

  29. Gentry C.: Practical identity-based encryption without random oracles. In: EUROCRYPT06, vol. 4004, pp. 445–464 (2006)

  30. Gentry C., Halevi S.: Hierarchical identity based encryption with polynomially many levels. In: TCC‘09, vol. 5444, pp. 437–456 (2009)

  31. Gentry C., Silverberg A.: Hierarchical id-based cryptography. In: ASIACRYPT‘02, vol. 2501, pp. 548–566 (2002)

  32. Gentry C., Peikert C., Vaikuntanathan V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC‘08, pp. 197–206. ACM (2008)

  33. Goh E.J., Jarecki S.: A signature scheme as secure as the diffie-hellman problem. In: EUROCRYPT‘03, vol. 2656, pp. 401–415 (2003)

  34. Goyal V., Pandey O., Sahai A., Waters B.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM-CCS‘06, pp. 89–98. ACM (2006)

  35. Horwitz J., Lynn B.: Toward hierarchical identity-based encryption. In: EUROCRYPT‘02, vol. 2332, pp. 466–481 (2002)

  36. Katz J., Wang N.: Efficiency improvements for signature schemes with tight security reductions. In: ACM-CCS‘03, pp. 155–164. ACM (2003)

  37. Kiltz E.: On the limitations of the spread of an IBE-to-PKE transformation. In: PKC‘06, vol. 3958, pp. 274–289 (2006)

  38. Kiltz E., Galindo D.: Direct chosen-ciphertext secure identity-based key encapsulation without random oracles. In: ACISP‘06, vol. 4058, pp. 336–347 (2006)

  39. Kiltz E., Vahlis Y.: CAA2 secure IBE: standard model efficiency through authenticated symmetric encryption. In: CT-RSA‘08, vol. 4964, pp. 221–238 (2008)

  40. Lewko A., Sahai A., Waters B.: Revocation systems with very small private keys. In: IEEE Symposium on Security and Privacy 2010, pp. 273–285 (2010)

  41. Lewko A., Waters B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: TCC‘10, vol. 5978, pp. 455–579 (2010)

  42. Sahai A., Waters B.: Fuzzy identity-based encryption. In: EUROCRYPT‘05, vol. 3494, pp. 457–473 (2005)

  43. Sakai R., Kasahara M.: Id based cryptosystems with pairing on elliptic curve. IACR Crypto. 54 (2003)

  44. Seo J.H., Kobayashi T., Ohkubo M., Suzuki K.: Anonymous hierarchical identity-based encryption with constant size ciphertexts. In: PKC‘09, vol. 5443, pp. 215–234 (2009)

  45. Shamir A.: Identity-based cryptosystems and signature schemes. In: CRYPTO‘84, vol. 196, pp. 47–53 (1984)

  46. Waters B.: Efficient identity-based encryption without random oracles. In: EURO-CRYPT‘05, vol. 3494, pp. 114–127 (2005)

  47. Waters B.: Dual system encryption: realizing fully secure ibe and hibe under simpleassumptions. In: CRYPTO‘09, vol. 5677, pp. 619–636 (2009)

Download references

Acknowledgments

The authors would like to thank the reviewers for their helpful comments and suggestions for this paper. Jong Hwan Park was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education, Science and Technology (NRF-2013R1A1A2009524). Dong Hoon Lee was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MEST) (No. 2010-0029121).

Author information

Authors and Affiliations

  1. Department of Computer Science, Sangmyung University, Seoul, Korea

    Jong Hwan Park

  2. Graduate School of Information Security, Korea University, Seoul, Korea

    Dong Hoon Lee

Authors
  1. Jong Hwan Park
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dong Hoon Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Dong Hoon Lee.

Additional information

Communicated by L. Perret.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Park, J.H., Lee, D.H. An efficient IBE scheme with tight security reduction in the random oracle model. Des. Codes Cryptogr. 79, 63–85 (2016). https://doi.org/10.1007/s10623-015-0035-0

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-015-0035-0

Keywords

Mathematics Subject Classification

Search

Navigation