Revocable hierarchical identity-based encryption via history-free approach

In the context of Identity-Based Encryption (IBE), both revocation and delegation of key generation are important functionalities. Although a number of IBE schemes with either efficient revocation or efficient delegation of key generation functionality have been proposed, an important open problem i...

Full description

Saved in:
Bibliographic Details
Published in:Theoretical computer science 2016-02, Vol.615, p.45-60
Main Authors: Seo, Jae Hong, Emura, Keita
Format: Article
Language:English
Subjects:
(Hierarchical) identity-based encryption
Computer information security
Computer simulation
Constants
Construction
Delegation
Encryption
Inversions
Mathematical models
Revocation
Sole
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In the context of Identity-Based Encryption (IBE), both revocation and delegation of key generation are important functionalities. Although a number of IBE schemes with either efficient revocation or efficient delegation of key generation functionality have been proposed, an important open problem is efficiently delegating both the key generation and revocation functionalities in IBE systems. Seo and Emura (2014) [25] proposed the first realization of Revocable Hierarchical IBE (RHIBE), a sole IBE scheme that achieves both functionalities simultaneously. However, their approach implements history-preserving updates, wherein a low-level user must know the history of key updates performed by ancestors in the current time period, and it renders the scheme very complex. In this paper, we present a new method to construct RHIBE that implements history-free updates. Our history-free approach renders the scheme simple and efficient. As a second contribution, we redefine the security model for RHIBE to ensure security against insiders, where adversaries are allowed to obtain all internal system information, e.g., state information. In addition, we also consider the decryption key exposure attack, which was considered by Seo and Emura (2013) [23]. Further, we propose two RHIBE schemes with shorter secret keys and constant size ciphertexts that implement the aforementioned history-free updates approach and security model. For revocation, our constructions use the Complete Subtree (CS) method and the Subset Difference (SD) method. Both schemes are selectively secure in the standard model under the q-weak Bilinear Diffie–Hellman Inversion assumption.
ISSN:0304-3975
1879-2294
DOI:10.1016/j.tcs.2015.11.047