Skip to main content
SpringerLink
Log in

Practical continuous leakage-resilient CCA secure identity-based encryption

  • Research Article
  • Published:
Frontiers of Computer Science Aims and scope Submit manuscript

Abstract

Leakage of private information including private keys of user has become a threat to the security of computing systems. It has become a common security requirement that a cryptographic scheme should withstand various leakage attacks. In the real life, an adversary can break the security of cryptography primitive by performing continuous leakage attacks. Although, some research on the leakage-resilient cryptography had been made, there are still some remaining issued in previous attempts. The identity-based encryption (IBE) constructions were designed in the bounded-leakage model, and might not be able to meet their claimed security under the continuous-leakage attacks. In the real applications, the leakage is unbounded. That is, a practical cryptography scheme should keep its original security in the continuous leakage setting. The previous continuous leakage-resilient IBE schemes either only achieve chosen-plaintext attacks security or the chosen-ciphertext attacks (CCA) security is proved in the selective identity model. Aiming to solve these problems, in this paper, we show how to construct the continuous leakage-resilient IBE scheme, and the scheme’s adaptive CCA security is proved in the standard model based on the hardness of decisional bilinear Diffie-Hellman exponent assumption. For any adversary, all elements in the ciphertext are random, and an adversary cannot obtain any leakage on the private key of user from the corresponding given ciphertext. Moreover, the leakage parameter of our proposal is independent of the plaintext space and has a constant size.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Zhang X S, Tan Y A, Liang C, Li Y Z, Li J. A covert channel over volte via adjusting silence periods. IEEE Access, 2018, 6(1): 9292–9302

    Article  Google Scholar 

  2. Huang Z G, Liu S L, Mao X P, Chen K F, Li J. Insight of the protection for data security under selective opening attacks. Information Sciences, 2017, 412: 223–241

    Article  Google Scholar 

  3. Jhaveri R H, Patel N M, Zhong Y B, Sangaiah A K. Sensitivity analysis of an attack-pattern discovery based trusted routing scheme for mobile ad-hoc networks in industrial IoT. IEEE Access, 2018, 6: 20085–20103

    Article  Google Scholar 

  4. Liu S L, Weng J, Zhao Y L. Efficient public key cryptosystem resilient to key leakage chosen ciphertext attacks. In: Proceedings of the Cryptographers’ Track at the RSA Conference. 2013, 84–100

  5. Sun S F, Gu D W, Liu S L. Efficient leakage-resilient identity-based encryption with CCA security. In: Proceedings of the 6th International Conference on Pairing-Based Cryptography. 2013, 149–167

  6. Sun S F, Gu D W, Huang Z G. Fully secure wicked identity-based encryption against key leakage attacks. The Computer Journal, 2015, 58(10): 2520–2536

    Article  Google Scholar 

  7. Sun S F, Gu D W, Liu S L. Efficient chosen ciphertext secure identity-based encryption against key leakage attacks. Security and Communication Networks, 2016, 9(11): 1417–1434

    Article  Google Scholar 

  8. Li J G, Guo Y Y, Yu Q H, Lu Y, Zhang Y C. Provably secure identity-based encryption resilient to post-challenge continuous auxiliary input leakage. Security and Communication Networks, 2016, 9(10): 1016–1024

    Article  Google Scholar 

  9. Yu Q H, Li J G, Zhang Y C. Leakage-resilient certificate-based encryption. Security and Communication Networks, 2015, 8(18): 3346–3355

    Article  Google Scholar 

  10. Yu Q H, Li J G, Zhang Y C, Wu W, Huang X Y, Xiang Y. Certificate-based encryption resilient to key leakage. Journal of Systems and Software, 2016, 116: 101–112

    Article  Google Scholar 

  11. Zhang M W, Wang C Z, Morozov K. LR-FEAD: leakage-tolerating and attribute-hiding functional encryption mechanism with delegation in affine subspaces. The Journal of Supercomputing, 2014, 70(3): 1405–1432

    Article  Google Scholar 

  12. Qin B D, Liu S L. Leakage-resilient chosen-ciphertext secure public-key encryption from hash proof system and one-time lossy filter. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security. 2013, 381–400

  13. Qin B D, Liu S L. Leakage-flexible cca-secure publickey encryption: Simple construction and free of pairing. In: Proceedings of International Conference on Practice and Theory in Public-Key Cryptography. 2014, 19–36

  14. Qin B D, Liu S L, Chen K F. Efficient chosen-ciphertext secure public-key encryption scheme with high leakage-resilience. IET Information Security, 2015, 9(1): 32–42

    Article  Google Scholar 

  15. Wang B. Leakage-resilient message authentication code scheme based on hidden identity weak hash proof system. IET Information Security, 2016, 10(4): 173–179

    Article  Google Scholar 

  16. Zhou Y W, Yang B, Zhang W Z. Provably secure and efficient leakage-resilient certificateless signcryption scheme without bilinear pairing. Discrete Applied Mathematics, 2016, 204: 185–202

    Article  MathSciNet  Google Scholar 

  17. Zhou Y W, Yang B, Cheng H, Wang Q L. A leakage resilient certificateless public key encryption scheme with CCA2 security. Frontiers of Information Technology and Electronic Engineering, 2018, 19(4): 481–493

    Article  Google Scholar 

  18. Zhou Y W, Yang B. Leakage-resilient CCA2-secure certificateless public-key encryption scheme without bilinear pairing. Information Processing Letters, 2018, 130: 16–24

    Article  MathSciNet  Google Scholar 

  19. Fujisaki E, Xagawa K. Public-key cryptosystems resilient to continuous tampering and leakage of arbitrary functions. In: Proceedings of International Conference on the Theory and Application of Cryptology and Information Security. 2016, 908–938

  20. Zhou Y W, Yang B, Zhang W Z, Mu Y. CCA2 secure public-key encryption scheme tolerating continual leakage attacks. Security and Communication Networks, 2016, 9(17): 4505–4519

    Article  Google Scholar 

  21. Zhou Y W, Yang B. Continuous leakage-resilient publickey encryption scheme with CCA security. The Computer Journal, 2017, 60(8): 1161–1172

    Article  MathSciNet  Google Scholar 

  22. Toorani M. On continuous after-the-fact leakage-resilient key exchange. In: Proceedings of the 2nd Workshop on Cryptography and Security in Computing Systems. 2015, 31–34

  23. Malkin T, Teranishi I, Vahlis Y, Yung M. Signatures resilient to continual leakage on memory and computation. In: Proceedings of Theory of Cryptography Conference. 2011, 89–106

  24. Li J G, Guo Y Y, Yu Q H, Lu Y, Zhang Y C, Zhang F T. Continuous leakage-resilient certificate-based encryption. Information Sciences, 2016, 355: 1–14

    MATH  Google Scholar 

  25. Wang C, Shen J, Liu Q, Ren Y J, Li T. A novel security scheme based on instant encrypted transmission for internet of things. Security and Communication Networks, 2018, (Article ID 3680851): 1–7

  26. Xu J, Wei L W, Zhang Y, Wang A D, Zhou F C, Gao C Z. Dynamic fully homomorphic encryption-based merkle tree for lightweight streaming authenticated data structures. Journal of Network and Computer Applications, 2018, 107: 113–124

    Article  Google Scholar 

  27. Zhou Y W, Yang B. Continuous leakage-resilient certificateless public key encryption with CCA security. Knowledge Based Systems, 2017, 136: 27–36

    Article  Google Scholar 

  28. Li J, Huang X Y, Li J W, Chen X F, Xiang Y. Securely outsourcing attribute-based encryption with checkability. IEEE Transactions on Parallel and Distributed Systems, 2014, 25(8): 2201–2210

    Article  Google Scholar 

  29. Wang H, Zheng Z H, Wu L, Li P. New directly revocable attribute-based encryption scheme and its application in cloud storage environment. Cluster Computing, 2017, 20(3): 2385–2392

    Article  Google Scholar 

  30. Li J, Li J W, Chen X F, Jia C F, Lou W J. Identity-based encryption with outsourced revocation in cloud computing. IEEE Transactions on Computers, 2015, 64(2): 425–437

    Article  MathSciNet  Google Scholar 

  31. Lin Q, Yan H Y, Huang Z G, Chen W B, Shen J, Tang Y. An id-based linearly homomorphic signature scheme and its application in blockchain. IEEE Access, 2018, 6(1): 20632–20640

    Article  Google Scholar 

  32. Yuen T H, Chow S S, Zhang Y, Yiu S M. Identity-based encryption resilient to continual auxiliary leakage. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2012, 117–134

  33. Lewko A B, Rouselakis Y, Waters B. Achieving leakage resilience through dual system encryption. In: Proceedings of Theory of Cryptography Conference. 2011, 70–88

  34. Li J G, Yu Q H, Zhang Y C. Identity-based broadcast encryption with continuous leakage resilience. Information Sciences, 2018, 29(3): 177–193

    Article  MathSciNet  Google Scholar 

  35. Zhou Y W, Yang B, Mu Y. Continuous leakage-resilient identity-based encryption without random oracles. The Computer Journal, 2018, 61(4): 586–600

    Article  MathSciNet  Google Scholar 

  36. Alwen J, Dodis Y, Naor W, Segev G, Walfish S, Wichs D. Public-key encryption in the bounded-retrieval model. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2010, 113–134

  37. Chow S S, Dodis Y, Rouselakis Y, Waters B. Practical leakage-resilient identity-based encryption from simple assumptions. In: Proceedings of ACM Conference on Computer and Communications Security. 2010, 152–161

  38. Boneh D, Boyen X. Efficient selective-id secure identitybased encryption without random oracles. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2004, 123–238

  39. Waters B. Efficient identity-based encryption without random oracles. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2005, 114–127

  40. Lewko A, Waters B. New techniques for dual system encryption and fully secure hibe with short ciphertexts. In: Proceedings of Theory of Cryptography Conference. 2010, 455–479

  41. Li J G, Teng M L, Zhang Y C, Yu Q H. A leakageresilient CCA-secure identity-based encryption scheme. The Computer Journal, 2016, 59(7): 1066–1075

    Article  MathSciNet  Google Scholar 

  42. Gentry C. Practical identity-based encryption without random oracles. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2006, 445–464

  43. Naor M, Segev G. Public-key cryptosystems resilient to key leakage. In: Proceedings of Annual International Cryptology Conference. 2009, 18–35

  44. Dodis Y, Reyzin L. Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques. 2004, 523–540

  45. Shamir A. Identity-based cryptosystems and signature schemes. In: Proceedings of Annual International Conference on the Theory and Applications of Cryptographic Techniques. 1985, 47–53

  46. Dodis Y, Haralambiev K, López-Alt A, Wichs D. Cryptography against continuous memory attacks. In: Proceedings of the 51st Annual IEEE Symposium on Foundations of Computer Science. 2010, 511–520

Download references

Acknowledgements

The authors would like to thank the anonymous reviewer for your helpful comments. This work was supported by the National Key R&D Program of China (2017YFB0802000), the National Natural Science Foundation of China (Grant Nos. 61802242, 61572303, 61772326, 61802241, 61602290, 61702259), the Natural Science Basic Research Plan in Shaanxi Province of China (2018JQ6088, 2017JQ6038) and the Fundamental Research Funds for the Central Universities (GK201803064).

Author information

Authors and Affiliations

  1. School of Computer Science, Shaanxi Normal University, Xi’an, 710119, China

    Yanwei Zhou & Bo Yang

  2. State Key Laboratory of Cryptology, Beijing, 100878, China

    Yanwei Zhou & Bo Yang

Authors
  1. Yanwei Zhou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bo Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bo Yang.

Additional information

Yanwei Zhou received the PhD degree in computer software and theory from Shaanxi Normal University, China in 2018. He is currently a senior engineer with the School of Computer Science, Shaanxi Normal University, China. His research interests include leakage-resilient cryptography and anonymous communication.

Bo Yang received the PhD degree in cryptography from Xidian University, China in 1999. He is currently a professor with the School of Computer Science, Shaanxi Normal University, China. His research interests include information security and cryptography.

Electronic supplementary material

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Zhou, Y., Yang, B. Practical continuous leakage-resilient CCA secure identity-based encryption. Front. Comput. Sci. 14, 144804 (2020). https://doi.org/10.1007/s11704-019-8140-2

Download citation

  • Received:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s11704-019-8140-2

Keywords

Search

Navigation