Qianqian Xing,Baosheng Wang,Xiaofeng Wang,Jing Tao

DOI: https://doi.org/10.1371/journal.pone.0195204

IF: 3.7

2018-04-12

PLoS ONE

Abstract:Revocation functionality and hierarchy key delegation are two necessary and crucial requirements to identity-based cryptosystems. Revocable hierarchical identity-based encryption (RHIBE) has attracted a lot of attention in recent years, many RHIBE schemes have been proposed but shown to be either insecure or bounded where they have to fix the maximum hierarchical depth of RHIBE at setup. In this paper, we propose a new unbounded RHIBE scheme with decryption key exposure resilience and with short public system parameters, and prove our RHIBE scheme to be adaptively secure. Our system model is scalable inherently to accommodate more levels of user adaptively with no adding workload or restarting the system. By carefully designing the hybrid games, we overcome the subtle obstacle in applying the dual system encryption methodology for the unbounded and revocable HIBE. To the best of our knowledge, this is the first construction of adaptively secure unbounded RHIBE scheme.

Song Luo,Zhong Chen

DOI: https://doi.org/10.1504/ijguc.2014.060182

2014-01-01

International Journal of Grid and Utility Computing

Abstract:Hierarchical Identity-Based Encryption (HIBE) is a generalisation of Identity- Based Encryption (IBE) which mirrors an organisational hierarchy. However, when the user decrypts a ciphertext encrypted to a hierarchical identity, he/she should know the exact hierarchical identity in order to run the delegate algorithm to get the secret key corresponding to the target hierarchical identity if the hierarchical identity linked with his/her key is a prefix of the target hierarchical identity. In this paper, we consider a new concept called HIBE without key delegation in decryption. In such HIBE systems, the user can decrypt the ciphertext directly without running the delegate algorithm even if his hierarchical identity is only a prefix of the target hierarchical identity. We present two HIBE systems, which are proven secure in the standard model under the decision BDH and l-BDHE assumptions, respectively. Both systems have the same decryption efficiency in pairing, compared with BB1-HIBE system and BBG-HIBE system, respectively.

Jie Chen,Hoon Wei Lim,San Ling,Le Su,Huaxiong Wang

DOI: https://doi.org/10.48550/arXiv.1210.6441

2012-10-24

Abstract:In Identity-Based Encryption (IBE) systems, key revocation is non-trivial. This is because a user's identity is itself a public key. Moreover, the private key corresponding to the identity needs to be obtained from a trusted key authority through an authenticated and secrecy protected channel. So far, there exist only a very small number of revocable IBE (RIBE) schemes that support non-interactive key revocation, in the sense that the user is not required to interact with the key authority or some kind of trusted hardware to renew her private key without changing her public key (or identity). These schemes are either proven to be only selectively secure or have public parameters which grow linearly in a given security parameter. In this paper, we present two constructions of non-interactive RIBE that satisfy all the following three attractive properties: (i) proven to be adaptively secure under the Symmetric External Diffie-Hellman (SXDH) and the Decisional Linear (DLIN) assumptions; (ii) have constant-size public parameters; and (iii) preserve the anonymity of ciphertexts---a property that has not yet been achieved in all the current schemes.

Cryptography and Security

Song Luo,Yu Chen,Jianbin Hu,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-21031-0_5

2011-01-01

Abstract:Hierarchical identity-based encryption (HIBE) is a generalization of identity-based encryption (IBE) which allows for a hierarchy of identities where any parent identities can derive secret keys for child identities. In this paper, we propose a new HIBE scheme with constant size ciphertexts and short parameters in prime order groups using symmetric pairing. We use a new technique called "hybrid identity vector" to make the key derivation feasible. Our scheme is proven fully secure under the DBDH and D-Linear assumptions by using dual system encryption. Based on our HIBE scheme, we propose a new WIBE (IBE with wildcards) scheme with constant size ciphertexts.

Yanli Ren,Ning Ding,Xinpeng Zhang,Haining Lu,Dawu Gu

DOI: https://doi.org/10.1093/comjnl/bxw029

2016-01-01

The Computer Journal

Abstract:In an identity-based encryption (IBE) scheme, how to revoke users from the system is a difficult problem when their private keys are compromised. The private key generator (PKG) updates the private keys for all unrevoked users and has high computation load when a large number of users are included. We propose an IBE scheme with verifiable outsourced revocation based on the one-malicious model of two servers. In the proposed scheme, PKG delegates the key update operations to the two servers for all unrevoked users. The PKG can detect the failure with probability 1 if one of the servers misbehaves. Our scheme is proven fully secure and verifiable against chosenplaintext attack (CPA) without random oracles. The servers cannot execute the key update operations for any revoked user even if they collude. The experiment shows the time cost for PKG in the outsourcing algorithm is much smaller than that for directly updating the private keys for all unrevoked users.

Yanli Ren,Shuozhong Wang,Xinpeng Zhang

DOI: https://doi.org/10.6138/jit.2011.12.4.13

2011-01-01

Abstract:The problem of key-exposure is an important issue in modern society due to the growing use of mobile devices. Weng et al. proposed an identity-based parallel key-insulated encryption (IBPKIE) scheme to solve the key-exposure problem in an identity-based cryptosystem. The scheme has long public parameters and a loose security reduction. Ren et al. presented a new IBPKIE scheme which had constant size public parameters and a tight reduction, and then extended it to a hierarchical IBPKIE (HIBPKIE) scheme. However, Wang et al. analyzed two schemes of Ren et al. and showed that they are not secure against chosen-plaintext attack. In this paper, we propose an improved IBPKIE scheme which achieves IND-ID-KI-CPA security without random oracles. Moreover, our scheme has short public parameters and a tight reduction. We then present an HIBPKIE scheme which achieves IND-sID-KI-CPA security without random oracles. In this scheme, the ciphertext size is independent of the level of the hierarchy in the HIBPKIE scheme.

Yu Chen,Manuel Charlemagne,Zhi Guan,Jian-bin Hu,Zhong Chen

DOI: https://doi.org/10.1145/1755688.1755699

2010-01-01

Abstract:ABSTRACTMost traditional public key cryptosystems are constructed upon algebraically rich structures, which makes their key pairs combinable, i.e., the combination of some private keys and their corresponding public keys could form a new key pair. Exploring such combinable property, this paper proposes a novel Identity-Based Encryption (IBE) scheme based on the Diffie-Hellman Integrated Encryption Scheme (DHIES) with quadratic key combination structure from bilinear maps. The new scheme has a number of advantages over other IBE schemes. First, it uses DHIES to fulfill encryption, thus naturally obtains the security against adaptive chosen ciphertext attack from DHIES. Second, it is interoperable with existing security systems based on DHIES. Third, compared to many pairing-based IBE schemes, it only requires pairing computation during public key generation and there is no need for special hash function. We prove that our scheme is selective identity chosen ciphertext secure in the random oracle model assuming DHIES is chosen ciphertext secure. Additionally, the extract algorithm of our scheme also implies an identity-based short signature scheme.

Yanli Ren,Shuozhong Wang,Xinpeng Zhang

DOI: https://doi.org/10.1007/978-3-642-34679-8_21

2012-01-01

Abstract:A hierarchical identity-based encryption (HIBE) scheme is called anonymous if the ciphertext does not leak the identity of the recipient. Currently, anonymous HIBE schemes are constructed in composite order groups or achieve selective-ID security in prime order groups and the ciphertext size is linear in the maximum depth of hierarchy. We propose an anonymous HIBE scheme with constant size ciphertext, which is adaptive-ID secure without random oracles in prime order groups. Our scheme improves security and efficiency of the anonymous HIBE schemes simultaneously compare with the previous work.

Congge Xie,Jian Weng,Dehua Zhou

DOI: https://doi.org/10.1016/j.ins.2022.02.027

IF: 8.1

2022-05-01

Information Sciences

Abstract:Fully homomorphic signature schemes in identity-based settings can provide authenticity, homomorphism, and non-repudiation as do traditional digital signatures, while simplifying the public key infrastructure (PKI) requirements, in which each user in the system can use his or her identity as a public key. As identity-based systems (IBS) have a natural link between unique identity information and the user, allowing user revocation is usually more difficult in IBS than in PKI settings. Although several revocable identity-based fully homomorphic signature (RIBFHS) schemes have been proposed, these schemes are vulnerable to signing key exposure. With this study, we are the first to consider a realistic threat signing key exposure in RIBFHS systems. In addition, we introduce a new security definition of RIBFHS with signing key exposure resistance. Then, we employ Agrawal’s left–right lattices and delegation technology in fixed dimensions to construct a new RIBFHS scheme over the lattice with regularly broadcasted update keys, which not only resists signing key exposure, but also meets scalability and context hiding properties. Finally, we prove that our construction is existentially unforgeable against chosen message attacks under the standard short integer solution (SIS) assumption in the random oracle model.

computer science, information systems

Chao Jiang,Minqing Zhang,Yongjun Kong,Zongbao Jiang,Fuqiang Di

DOI: https://doi.org/10.3390/math12142262

IF: 2.4

2024-07-20

Mathematics

Abstract:In the current distributed environment, reversible data hiding in encrypted domain (RDH-ED) cannot grant corresponding privileges according to users' identity classes. To address this issue, this paper proposes a hierarchical authorization structure embedding scheme based on secret image sharing (SIS) and users' hierarchical identities. In the first embedding, the polynomial coefficient redundancy generated in the encryption process of the SIS is utilized by the image owner. For the second, the participants are categorized into two parts. One is core users with adaptive difference reservation embedding, and the other is ordinary users with pixel bit replacement embedding. At the time of reconstruction, more than one core user must provide pixel differences, which grants more privileges to core users. The experimental results demonstrate that the average embedding rate (ER) of the test images is 4.3333 bits per pixel (bpp) in the (3, 4) threshold scheme. Additionally, the reconstructed image achieves a PSNR of +∞ and an SSIM of 1. Compared to existing high-performance RDH-ED schemes based on secret sharing, the proposed scheme with a larger ER maintains strong security and reversibility. Moreover, it is also suitable for multiple embeddings involving multilevel participant identities. In conclusion, the results underscore the efficacy of our technique in achieving both security and performance objectives within a complex distributed setting.

mathematics

XiaoFang Huang,Qi Tao,BaoDong Qin,ZhiQin Liu

DOI: https://doi.org/10.1109/icccn.2015.7288431

2015-01-01

Abstract:Attribute Based Encryption (ABE) scheme can achieve information sharing of one-to-many users, without considering the number of users and the users identity. But, the traditional single Attribute Authority (AA) ABE scheme can hardly meet requirements of different agencies in distributed application environment and it is easy to form the system performance bottlenecks. Based on ciphertext-policy ABE scheme, this paper proposes a multi-authority revocable ABE scheme, where the classification manages user attributes, effectively relieving the management burden of single organization. In addition, it can achieve fine grained access control of shared information by adopting tree access strategy and secret sharing scheme, and support system attribute revocation. Finally, we show that the scheme is secure against chosen plaintext attack under the Decisional Bilinear Diffie-Hellman (DBDH) assumption.

Qiang Li,Dengguo Feng,Liwu Zhang

DOI: https://doi.org/10.1109/GLOCOM.2012.6503225

2012-01-01

Abstract:As a new public key primitive, attribute-based encryption (ABE) is envisioned to be a promising tool for implementing fine-grained access control. When applying ABE schemes to practical applications, revocation mechanism is very necessary for any ABE schemes involving many users. Revocation for ABE schemes is a challenge issue since each attribute is conceivably shared by multiple users. Revocation of any single user would affect others who share his attributes. In this paper, we propose a KP-ABE scheme with fine-grained attribute revocation under the direct revocation model. In our scheme, we can revoke one attribute of a user instead of all attributes issued to him and the user can complete decryption as long as the unrevoked attributes of the user satisfy the access structure. The revocation does not affect any other user's private key. Moreover, our scheme supports an important property for achieving the user accountability to prevent illegal key sharing among colluding users. We show how to construct such a KP-ABE scheme with fine-grained attribute revocation and prove its security under the q-BDHE assumption in the standard model.

Jaiberth Porras,John Baena,Jintai Ding

DOI: https://doi.org/10.1007/978-3-319-11659-4_14

2014-01-01

Abstract:In this paper we propose a new multivariate public key encryption scheme named ZHFE. The public key is constructed using as core map two high rank HFE polynomials. The inversion of the public key is performed using a low degree polynomial of Hamming weight three. This low degree polynomial is obtained from the two high rank HFE polynomials, by means of a special reduction method that uses Hamming weight three polynomials produced from the two high rank HFE polynomials. We show that ZHFE is relatively efficient and that it is secure against the main attacks that have threatened the security of HFE. We also propose parameters for a practical implementation of ZHFE.

Shuaiqi Hu

DOI: https://doi.org/10.48550/arXiv.1511.01808

2015-12-15

Abstract:Limited resources (such as energy, computing power, storage, and so on) make it impractical for wireless sensor networks (WSNs) to deploy traditional security schemes. In this paper, a hierarchical key management scheme is proposed on the basis of identity-based encryption (IBE).This proposed scheme not only converts the distributed flat architecture of the WSNs to a hierarchical architecture for better network management but also ensures the independence and security of the sub-networks. This paper firstly reviews the identity-based encryption, particularly, the Boneh-Franklin algorithm. Then a novel hierarchical key management scheme based on the basic Boneh-Franklin and Diffie-Hellman (DH) algorithms is proposed. At last, the security and efficiency of our scheme is discussed by comparing with other identity-based schemes for flat architecture of WSNs.

Cryptography and Security

Guangsheng Tu,Wenchao Liu,Tanping Zhou,Xiaoyuan Yang,Fan Zhang

DOI: https://doi.org/10.1109/access.2024.3384247

IF: 3.9

2024-04-12

IEEE Access

Abstract:Combining multi-key fully homomorphic encryption (MKFHE) and identity-based encryption (IBE) to construct multi-identity based fully homomorphic encryption (MIBFHE) scheme can not only realize homomorphic operations and flexible access control on identity ciphertexts but also reduce the burden of public key certification management. However, MKFHE schemes used to construct MIBFHE usually have complex construction and large computational complexity, which also causes the same problem for MIBFHE schemes. To solve this problem, we construct a concise and efficient MIBFHE scheme based on the learning with errors (LWE) problem. Firstly, we construct an MKFHE scheme using a new method called "the decomposition method". Secondly, we make a suitable deformation of the current IBE scheme. Finally, we combine the above MKFHE scheme with IBE scheme to construct our MIBFHE scheme and prove its IND-sID-CPA security under the LWE assumption in the random oracle model. The analysis results show that our MIBFHE scheme can generate the extended ciphertext directly from the encryption algorithm, without generating fresh ciphertext in advance. In addition, the noise expansion rate is reduced from the polynomial of lattice dimension n and modulus q to the constant K of the maximum number of users. The scale of introduced auxiliary ciphertexts is reduced from to when generating the extended ciphertext.

computer science, information systems,telecommunications,engineering, electrical & electronic

Beini Zhou,Hui Li,Li Xu

DOI: https://doi.org/10.1109/iscc.2018.8538446

2018-01-01

Abstract:Identity-based encryption is a key distribution system in which the public key of a user is derived directly from his identity information. Compared with PKI, Identity-based encryption simplifies key management issue, but it still suffers from drawbacks inkey escrow and private key delivering. Motivated by this, we propose an improved key distribution solution called BIBE by integrating the technique of blockchain into the identity-based encryption. Specifically, we split the nodes in the chain to complete user authentication and private key protection, respectively. Furthermore, the two sides complete the mutual identity authentication with the identity information key pairs obtained from BIBE. Additionally, to prevent network attack, we employ timestamps, random numbers and hash algorithm in the process of identification. Through the rigorous and mathematical analysis, the proposed scheme demonstratesa far better performance on correctness, safety and efficiency.

Zhiguo Wan,Kui Ren,Bart Preneel

DOI: https://doi.org/10.1145/1352533.1352544

2008-01-01

Abstract:Roaming services in wireless networks provide people with preferable flexibility and convenience. However, such advantages should be offered with both security and privacy in mind. With consideration on privacy protection during roaming in wireless networks, we proposed a hierarchical ID-based roaming protocol in this paper. In our scheme, we use a 2-layer hierarchical ID-based cryptosystem in which a trusted party acts as the root authority, each domain server acts as the second-layer authority, and the roaming user is the end user. With the hierarchical ID-based cryptosystem, we can avoid involvement with home network, and keep the roaming the user's identity private. Furthermore, not only the root authority is relieved from management of a large amount of private/public key pairs, but the domain servers are free to generate key pairs for their registered users. At the same time, we use hash chains together with ID-based signatures to achieve non-repudiation for service payment.

Subhranil Dutta,Tapas Pal,Ratna Dutta

DOI: https://doi.org/10.1016/j.tcs.2024.114502

IF: 1.002

2024-03-17

Theoretical Computer Science

Abstract:Cloud computing serves as an advanced computing technology to support Internet services and has numerous applications, including medical fields, online data storage, social network, big data analysis, and e-learning platforms. Inner product encryption ( IPE ) is a promising cryptographic primitive that facilitates access control over outsourced encrypted data by restricting decryption capability via an inner product relation. Most of the existing IPE s are built assuming a priori bound on the length of attribute vectors associated with the plane data. A situation may occur when adding new attributes is essential due to upgradation. Thus it is desirable to construct IPE with variable length attribute vectors instead of fixing the length at the setup phase. Such IPE s are more flexible while encrypting data and consequently have more real-life applications. In the following, we make our contributions: – We design the first efficient adaptively payload-hiding secure unbounded non-zero IPE ( UNIPE ) scheme from the standard symmetric external Diffie-Hellman (SXDH) assumption and prove security in the standard model. – We propose a generic construction of an adaptively weak attribute-hiding UNIPE from an unbounded inner product functional encryption ( UIPFE ) scheme. We also instantiate UNIPE from the SXDH assumption and prove security in the standard model. – Finally, we present the first unbounded anonymous identity-based revocation ( UAnon-IBRV ) scheme using our generic UNIPE as the building block. The anonymity feature ensures that the ciphertext reveals no information about the revoking sets of the system.

computer science, theory & methods

Yanqing Yao,Zhoujun Li,Hua Guo

DOI: https://doi.org/10.1016/j.ins.2019.12.076

IF: 8.1

2020-04-01

Information Sciences

Abstract:Identity-based sequential aggregate signature (IBSAS for short) schemes, introduced by Boldyreva et al. [CCS 2007], allow a large quantity of signers to generate one signature sequentially, in which these messages as well as their order can be attested by employing their identities. In such a scheme, storage space and bandwidth overhead can be reduced. To our best knowledge, though many concrete IBSAS schemes have been constructed in literature, none of them is constructed under a standard computational hardness assumption and unforgeable under the standard model. The problem of how to construct such schemes is still open. Latterly, Gentry et al. [PKC 2018] proposed a unified construction of SAS (i.e., abbreviated form of sequential aggregate signature) schemes by employing trapdoor permutation and ideal ciphers. Motivated by the above problem and hints, here we study how to construct IBSAS schemes in a new unified perspective. By employing 2-level HIBE (i.e., abbreviated form of hierarchical identity-based encryption) schemes, we present unified construction of IBSAS schemes and give a rigorous proof of their unforgeability. The unified construction is then instantiated to get a concrete IBSAS scheme, which has existential unforgeability under the standard model using a standard computational hardness assumption (i.e., the CDH assumption). An extra fruit is that it can be used to construct an existentially unforgeable IBSAS scheme using the Learning with Errors problem, which is constructed under a lattice hardness assumption for the first time. In the end, we show a detailed performance comparison among our schemes and previous ones.

computer science, information systems

Daode Zhang,Fuyang Fang,Bao Li,Xin Wang

DOI: https://doi.org/10.1007/978-3-319-64200-0_13

2017-01-01

Abstract:Xie et al. (SCN 2012) proposed the first deterministic identity-based encryption (DIBE) scheme with an adaptive security in the auxiliary-input setting, under the learning with errors (LWE) assumption. However, the master public key consists of O(lambda) number of basic matrices. In this paper, we consider to construct adaptively secure DIBE schemes from partitioning functions (IACR'17). By instantiating the DIBE construction with two partitioning functions, we get two DIBE schemes in which the master public key consists of O(log(3) lambda) (respectively, O(log(2) lambda)) number of basic matrices in the first (respectively, the second) DIBE scheme. We also change the identity-based encryption (IBE) scheme of Yamada16 (Eurocrypt'16) to construct DIBE scheme with the same security from the LWE problem. And the master public key consists of O(lambda(1/d)) number of basic matrices, where d >= 2 is a flexible integer.