Skip to main content
SpringerLink
Log in

Revocable hierarchical identity-based encryption with shorter private keys and update keys

  • Published:
Designs, Codes and Cryptography Aims and scope Submit manuscript

Abstract

Revocable hierarchical identity-based encryption (RHIBE) is an extension of HIBE that supports the revocation of user’s private keys to manage the dynamic credentials of users in a system. Many different RHIBE schemes were proposed previously, but they are not efficient in terms of the private key size and the update key size since the depth of a hierarchical identity is included as a multiplicative factor. In this paper, we propose efficient RHIBE schemes with shorter private keys and update keys and small public parameters by removing this multiplicative factor. To achieve our goals, we first present a new HIBE scheme with the different generation of private keys such that a private key can be simply derived from a short intermediate private key. Next, we show that two efficient RHIBE schemes can be built by combining our HIBE scheme, an IBE scheme, and a tree based broadcast encryption scheme in a modular way.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Similar content being viewed by others

References

  1. Boldyreva A., Goyal V., Kumar V.: Identity-based encryption with efficient revocation. In: Ning P., Syverson P.F., Jha S. (eds.) ACM Conference on Computer and Communications Security, pp. 417–426. ACM, New York (2008).

    Google Scholar 

  2. Boneh D., Boyen X.: Efficient selective-id secure identity-based encryption without random oracles. In: Cachin C., Camenisch J. (eds.) Advances in Cryptology—EUROCRYPT 2004, LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004).

    Chapter  Google Scholar 

  3. Boneh D., Boyen X.: Efficient selective identity-based encryption without random oracles. J. Cryptol. 24(4), 659–693 (2011).

    Article  MathSciNet  MATH  Google Scholar 

  4. Boneh D., Franklin M.K.: Identity-based encryption from the weil pairing. In: Kilian J. (ed.) Advances in Cryptology—CRYPTO 2001, LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001).

    Chapter  Google Scholar 

  5. Boneh D., Boyen X., Goh E.J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer R. (ed.) Advances in Cryptology—EUROCRYPT 2005, LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005).

    Chapter  Google Scholar 

  6. Boyen X.: General Ad Hoc encryption from exponent inversion IBE. In: Naor M. (ed.) Advances in Cryptology—EUROCRYPT 2007, LNCS, vol. 4515, pp. 394–411. Springer, Heidelberg (2007).

    Chapter  Google Scholar 

  7. Boyen X., Waters B.: Anonymous hierarchical identity-based encryption (without random oracles). In: Dwork C. (ed.) Advances in Cryptology—CRYPTO 2006, LNCS, vol. 4117, pp. 290–307. Springer, Heidelberg (2006).

    Chapter  Google Scholar 

  8. Canetti R., Halevi S., Katz J.: A forward-secure public-key encryption scheme. In: Biham E. (ed.) Advances in Cryptology—EUROCRYPT 2003, LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003).

    Chapter  Google Scholar 

  9. Canetti R., Halevi S., Katz J.: Chosen-ciphertext security from identity-based encryption. In: Cachin C., Camenisch J. (eds.) Advances in Cryptology—EUROCRYPT 2004, LNCS, vol. 3027, pp. 207–222. Springer, Heidelberg (2004).

    Chapter  Google Scholar 

  10. Diffie W., Hellman M.E.: New directions in cryptography. IEEE Trans. Inf. Theory 22(6), 644–654 (1976).

    Article  MathSciNet  MATH  Google Scholar 

  11. Emura K., Seo J.H., Youn T.: Semi-generic transformation of revocable hierarchical identity-based encryption and its DBDH instantiation. IEICE Trans. 99(A(1)), 83–91 (2016).

    Article  Google Scholar 

  12. Gentry C., Halevi S.: Hierarchical identity based encryption with polynomially many levels. In: Reingold O. (ed.) Theory of Cryptography—TCC 2009, LNCS, vol. 5444, pp. 437–456. Springer, Heidelberg (2009).

    Google Scholar 

  13. Gentry C., Silverberg A.: Hierarchical id-based cryptography. In: Zheng Y. (ed.) Advances in Cryptology—ASIACRYPT 2002, LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002).

    Chapter  Google Scholar 

  14. Goldreich O., Goldwasser S., Micali S.: How to construct random functions. J. ACM 33(4), 792–807 (1986).

    Article  MathSciNet  MATH  Google Scholar 

  15. Goyal V., Pandey O., Sahai A., Waters B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Juels A., Wright R.N., di Vimercati S.D.C. (eds.) ACM Conference on Computer and Communications Security, pp. 89–98. ACM, New York (2006).

    Google Scholar 

  16. Halevy D., Shamir A.: The LSD broadcast encryption scheme. In: Yung M. (ed.) Advances in Cryptology—CRYPTO 2002, LNCS, vol. 2442, pp. 47–60. Springer, Heidelberg (2002).

    Chapter  Google Scholar 

  17. Horwitz J., Lynn B.: Toward hierarchical identity-based encryption. In: Knudsen L.R. (ed.) Advances in Cryptology—EUROCRYPT 2002, LNCS, vol. 2332, pp. 466–481. Springer, Heidelberg (2002).

    Chapter  Google Scholar 

  18. Lee K.: Revocable hierarchical identity-based encryption with adaptive security. Cryptology ePrint Archive, Report 2016/749 (2016). http://eprint.iacr.org/2016/749.

  19. Lee K., Choi S.G., Lee D.H., Park J.H., Yung M.: Self-updatable encryption: time constrained access control with hidden attributes and better efficiency. In: Sako K., Sarkar P. (eds.) Advances in Cryptology—ASIACRYPT 2013, LNCS, vol. 8269, pp. 235–254. Springer, Heidelberg (2013).

    Chapter  Google Scholar 

  20. Lee K., Lee D.H., Park J.H.: Efficient revocable identity-based encryption via subset difference methods. Des. Codes Cryptogr. 85(1), 39–76 (2017).

    Article  MathSciNet  MATH  Google Scholar 

  21. Lee K., Park J.H., Lee D.H.: Anonymous HIBE with short ciphertexts: full security in prime order groups. Des. Codes Cryptogr. 74(2), 395–425 (2015).

    Article  MathSciNet  MATH  Google Scholar 

  22. Lewko A.B.: Tools for simulating features of composite order bilinear groups in the prime order setting. In: Pointcheval D., Johansson T. (eds.) Advances in Cryptology—EUROCRYPT 2012, LNCS, vol. 7237, pp. 318–335. Springer, Heidelberg (2012).

    Chapter  Google Scholar 

  23. Lewko A.B., Waters B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Micciancio D. (ed.) Theory of Cryptography—TCC 2010, LNCS, vol. 5978, pp. 455–479. Springer, Heidelberg (2010).

    Google Scholar 

  24. Lewko A.B., Waters B.: Unbounded HIBE and attribute-based encryption. In: Paterson K.G. (ed.) Advances in Cryptology—EUROCRYPT 2011, LNCS, vol. 6632, pp. 547–567. Springer, Heidelberg (2011).

    Chapter  Google Scholar 

  25. Libert B., Vergnaud D.: Adaptive-id secure revocable identity-based encryption. In: Fischlin M. (ed.) Topics in Cryptology—CT-RSA 2009, LNCS, vol. 5473, pp. 1–15. Springer, Heidelberg (2009).

    Chapter  Google Scholar 

  26. Naor D., Naor M., Lotspiech J.: Revocation and tracing schemes for stateless receivers. In: Kilian J. (ed.) Advances in Cryptology—CRYPTO 2001, LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001).

    Chapter  Google Scholar 

  27. Park S., Lee K., Lee D.H.: New constructions of revocable identity-based encryption from multilinear maps. IEEE Trans. Inf. Forensic Secur. 10(8), 1564–1577 (2015).

    Article  Google Scholar 

  28. Rouselakis Y., Waters B.: Practical constructions and new proof methods for large universe attribute-based encryption. In: Sadeghi A.R., Gligor V.D., Yung M. (eds.) ACM Conference on Computer and Communications Security—CCS 2013, pp. 463–474. ACM, New York (2013).

    Google Scholar 

  29. Ryu G., Lee K., Park S., Lee D.H.: Unbounded hierarchical identity-based encryption with efficient revocation. In: Kim H., Choi D. (eds.) Information Security Applications—WISA 2015, LNCS, vol. 9503, pp. 122–133. Springer, Heidelberg (2016).

    Google Scholar 

  30. Seo J.H., Emura K.: Efficient delegation of key generation and revocation functionalities in identity-based encryption. In: Dawson E. (ed.) Topics in Cryptology—CT-RSA 2013, LNCS, vol. 7779, pp. 343–358. Springer, Heidelberg (2013).

    Chapter  Google Scholar 

  31. Seo J.H., Emura K.: Revocable identity-based encryption revisited: security model and construction. In: Kurosawa K., Hanaoka G. (eds.) Public-Key Cryptography—PKC 2013, LNCS, vol. 7778, pp. 216–234. Springer, Heidelberg (2013).

    Chapter  Google Scholar 

  32. Seo J.H., Emura K.: Revocable hierarchical identity-based encryption: History-free update, security against insiders, and short ciphertexts. In: Nyberg K. (ed.) Topics in Cryptology—CT-RSA 2015, LNCS, vol. 9048, pp. 106–123. Springer, Heidelberg (2015).

    Google Scholar 

  33. Seo J.H., Emura K.: Adaptive-id secure revocable hierarchical identity-based encryption. In: Tanaka K., Suga Y. (eds.) Advances in Information and Computer Security—IWSEC 2015, LNCS, vol. 9241, pp. 21–38. Springer, Heidelberg (2015).

    Google Scholar 

  34. Seo J.H., Kobayashi T., Ohkubo M., Suzuki K.: Anonymous hierarchical identity-based encryption with constant size ciphertexts. In: Jarecki S., Tsudik G. (eds.) Public-Key Cryptography—PKC 2009, LNCS, vol. 5443, pp. 215–234. Springer, Heidelberg (2009).

    Chapter  Google Scholar 

  35. Shamir A.: Identity-based cryptosystems and signature schemes. In: Blakley G.R., Chaum D. (eds.) Advances in Cryptology—CRYPTO ’84, LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1984).

    Chapter  Google Scholar 

  36. Shi E., Waters B.: Delegating capabilities in predicate encryption systems. In: Aceto L., Damgård I., Goldberg L.A., Halldórsson M.M., Ingólfsdóttir A., Walukiewicz I. (eds.) ICALP 2008, LNCS, vol. 5126, pp. 560–578. Springer, Heidelberg (2008).

    Google Scholar 

  37. Watanabe Y., Emura K., Seo J.H.: New revocable IBE in prime-order groups: adaptively secure, decryption key exposure resistant, and with short public parameters. In: Handschuh H. (ed.) Topics in Cryptology—CT-RSA 2017, LNCS, vol. 10159, pp. 432–449. Springer, Heidelberg (2017).

    Chapter  Google Scholar 

  38. Waters B.: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions. In: Halevi S. (ed.) Advances in Cryptology—CRYPTO 2009, LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (2009).

    Chapter  Google Scholar 

Download references

Acknowledgements

This work was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIT) (No. 2016-6-00600, A Study on Functional Encryption: Construction, Security Analysis, and Implementation).

Author information

Authors and Affiliations

  1. Sejong University, Seoul, Korea

    Kwangsu Lee

  2. Korea University, Seoul, Korea

    Seunghwan Park

Authors
  1. Kwangsu Lee
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Seunghwan Park
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kwangsu Lee.

Additional information

Communicated by K. Matsuura.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Lee, K., Park, S. Revocable hierarchical identity-based encryption with shorter private keys and update keys. Des. Codes Cryptogr. 86, 2407–2440 (2018). https://doi.org/10.1007/s10623-017-0453-2

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10623-017-0453-2

Keywords

Mathematics Subject Classification

Search

Navigation