Yanli Ren,Shuozhong Wang,Xinpeng Zhang

DOI: https://doi.org/10.6138/jit.2011.12.4.13

2011-01-01

Abstract:The problem of key-exposure is an important issue in modern society due to the growing use of mobile devices. Weng et al. proposed an identity-based parallel key-insulated encryption (IBPKIE) scheme to solve the key-exposure problem in an identity-based cryptosystem. The scheme has long public parameters and a loose security reduction. Ren et al. presented a new IBPKIE scheme which had constant size public parameters and a tight reduction, and then extended it to a hierarchical IBPKIE (HIBPKIE) scheme. However, Wang et al. analyzed two schemes of Ren et al. and showed that they are not secure against chosen-plaintext attack. In this paper, we propose an improved IBPKIE scheme which achieves IND-ID-KI-CPA security without random oracles. Moreover, our scheme has short public parameters and a tight reduction. We then present an HIBPKIE scheme which achieves IND-sID-KI-CPA security without random oracles. In this scheme, the ciphertext size is independent of the level of the hierarchy in the HIBPKIE scheme.

Yanli Ren,Shuozhong Wang,Xinpeng Zhang,Zhenxing Qian

DOI: https://doi.org/10.1007/978-3-642-25185-6_37

2011-01-01

Abstract:Parallel key-insulated encryption (PKIE) allows two independent long-term keys to be alternately used in short-term key update operations. At least half of short-term keys would be exposed and at least half of ciphertexts could be decrypted if one of the long-term keys is exposed. In this paper, we propose a new PKIE scheme with n long-term keys in the identity-based setting. If one of the long-term keys is exposed, only 1/n short-term keys would be exposed and 1/n ciphertexts could be decrypted, so the new PKIE scheme can greatly decrease loss due to key exposure. The scheme is adaptive-ID secure without random oracles, and it has a tight reduction. Moreover, its public key has a constant size, while sizes of ciphertexts and short-term keys depend on the number of long-term keys.

Yanli Ren,Shuozhong Wang,Xinpeng Zhang

DOI: https://doi.org/10.1016/j.camwa.2012.01.032

IF: 3.218

2013-01-01

Computers & Mathematics with Applications

Abstract:Parallel key-insulated encryption (PKIE) usually allows two independent helper keys to be alternately used in temporary secret key update operations. At least half of temporary secret keys would be exposed and at least half of ciphertexts could be decrypted if one of the helper keys is exposed. In this paper, we propose a new PKIE scheme with m helper keys, where m∈Z,m>2. If one of the helper keys is exposed, only 1/m temporary secret keys would be exposed and 1/m ciphertexts could be decrypted, so the new PKIE scheme can greatly decrease loss due to key-exposure. The scheme is provably secure without random oracles based on a bilinear group of composite order. Most important, the scheme is practical and much more efficient than the extended ones from the previous PKIE schemes.

Xianhui Lu,Jiang Zhang

DOI: https://doi.org/10.1093/nsr/nwab090

IF: 20.6

2021-05-24

National Science Review

Abstract:The invention of public-key cryptography (PKC) by Diffie and Hellman in 1976 is one of two milestones marking the beginning of modern cryptography. The security of a PKC system requires that it should be infeasible to compute the private key from a given public key, which in turn is typically guaranteed by the difficulty in solving some cryptographic-friendly mathematical problems. Among those problems, the integer factorization and discrete logarithm problems play pivotal roles in the development of public-key cryptography. In particular, the assumption that there is no polynomial time (classical) algorithm that solves the above two problems constitutes the basis for the security of almost all currently used public-key cryptosystems, such as RSA and ElGamal. However, Shor [1] found an efficient quantum solving algorithm for the integer factorization and discrete logarithm problems in 1994, which would destroy the security basis for most real deployed PKC systems if large-scale quantum computers become available. The rapid development of quantum technology in recent years suggests that we are getting closer to the quantum crisis of current PKC systems.

multidisciplinary sciences

Song Luo,Yu Chen,Jianbin Hu,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-21031-0_5

2011-01-01

Abstract:Hierarchical identity-based encryption (HIBE) is a generalization of identity-based encryption (IBE) which allows for a hierarchy of identities where any parent identities can derive secret keys for child identities. In this paper, we propose a new HIBE scheme with constant size ciphertexts and short parameters in prime order groups using symmetric pairing. We use a new technique called "hybrid identity vector" to make the key derivation feasible. Our scheme is proven fully secure under the DBDH and D-Linear assumptions by using dual system encryption. Based on our HIBE scheme, we propose a new WIBE (IBE with wildcards) scheme with constant size ciphertexts.

Song Luo,Zhong Chen

DOI: https://doi.org/10.1504/ijguc.2014.060182

2014-01-01

International Journal of Grid and Utility Computing

Abstract:Hierarchical Identity-Based Encryption (HIBE) is a generalisation of Identity- Based Encryption (IBE) which mirrors an organisational hierarchy. However, when the user decrypts a ciphertext encrypted to a hierarchical identity, he/she should know the exact hierarchical identity in order to run the delegate algorithm to get the secret key corresponding to the target hierarchical identity if the hierarchical identity linked with his/her key is a prefix of the target hierarchical identity. In this paper, we consider a new concept called HIBE without key delegation in decryption. In such HIBE systems, the user can decrypt the ciphertext directly without running the delegate algorithm even if his hierarchical identity is only a prefix of the target hierarchical identity. We present two HIBE systems, which are proven secure in the standard model under the decision BDH and l-BDHE assumptions, respectively. Both systems have the same decryption efficiency in pairing, compared with BB1-HIBE system and BBG-HIBE system, respectively.

REN Yanli,GU Dawu,WANG Shuozhong,ZHANG Xinpeng

DOI: https://doi.org/10.3969/j.issn.0253-2778.2012.04.006

2012-01-01

Abstract:The anonymous identity-based encryption(IBE) schemes are currently only selective-ID secure without random oracles or provably secure under a complex assumption.An anonymous IBE scheme based on decisional bilinear Diffie-Hellman(BDH) assumption in a group of composite order was proposed,which is ANON-IND-ID-CPA secure without random oracles and only needs two bilinear pairing computations.This scheme is more secure and efficient than the existing ones.

Yu Chen,Manuel Charlemagne,Zhi Guan,Jian-bin Hu,Zhong Chen

DOI: https://doi.org/10.1145/1755688.1755699

2010-01-01

Abstract:ABSTRACTMost traditional public key cryptosystems are constructed upon algebraically rich structures, which makes their key pairs combinable, i.e., the combination of some private keys and their corresponding public keys could form a new key pair. Exploring such combinable property, this paper proposes a novel Identity-Based Encryption (IBE) scheme based on the Diffie-Hellman Integrated Encryption Scheme (DHIES) with quadratic key combination structure from bilinear maps. The new scheme has a number of advantages over other IBE schemes. First, it uses DHIES to fulfill encryption, thus naturally obtains the security against adaptive chosen ciphertext attack from DHIES. Second, it is interoperable with existing security systems based on DHIES. Third, compared to many pairing-based IBE schemes, it only requires pairing computation during public key generation and there is no need for special hash function. We prove that our scheme is selective identity chosen ciphertext secure in the random oracle model assuming DHIES is chosen ciphertext secure. Additionally, the extract algorithm of our scheme also implies an identity-based short signature scheme.

Qianqian Xing,Baosheng Wang,Xiaofeng Wang,Jing Tao

DOI: https://doi.org/10.1371/journal.pone.0195204

IF: 3.7

2018-04-12

PLoS ONE

Abstract:Revocation functionality and hierarchy key delegation are two necessary and crucial requirements to identity-based cryptosystems. Revocable hierarchical identity-based encryption (RHIBE) has attracted a lot of attention in recent years, many RHIBE schemes have been proposed but shown to be either insecure or bounded where they have to fix the maximum hierarchical depth of RHIBE at setup. In this paper, we propose a new unbounded RHIBE scheme with decryption key exposure resilience and with short public system parameters, and prove our RHIBE scheme to be adaptively secure. Our system model is scalable inherently to accommodate more levels of user adaptively with no adding workload or restarting the system. By carefully designing the hybrid games, we overcome the subtle obstacle in applying the dual system encryption methodology for the unbounded and revocable HIBE. To the best of our knowledge, this is the first construction of adaptively secure unbounded RHIBE scheme.

Yanli Ren,Shuozhong Wang,Xinpeng Zhang,Zhenxing Qian

DOI: https://doi.org/10.1109/mines.2010.96

2010-01-01

Abstract:Anonymous identity-based encryption systems can be used to protect users’ privacy and construct Public key Encryption with Keyword Search (PEKS) schemes where the ciphertext does not leak the identity of the recipient. Currently, there is no anonymous IBE scheme that is fully secure under simple assumptions without random oracles. In this paper, we propose an anonymous IBE scheme using the approach of Dual System Encryption. The scheme is fully secure without random oracles based on decisional bilinear Diffie-Hellman (BDH) and linear assumptions, and the security reduction is tight. These two assumptions are simple and our scheme is more secure than the previous anonymous IBE schemes.

Zhaohui Cheng,Liqun Chen,Li Ling,Richard Comley

DOI: https://doi.org/10.1007/978-3-540-73489-5_6

2007-01-01

Abstract:In 2003, Al-Riyami and Paterson introduced a new public key encryption paradigm called Certificateless Public Key Encryption (CL-PKE), which like Identity-Based Encryption (IBE) is certificatefree, and meanwhile which unlike IBE but similar to certificate-based encryption is key-escrow-free. In this paper, based on a heuristic observation on some existing IBE schemes and PKE schemes, we propose a general approach to build a CL-PKE solution, which makes use of a simple combination of an IBE scheme, a Diffie-Hellman type key establishment algorithm and a secure hash-function. Following this approach we construct two efficient concrete CL-PKE schemes and formally analyse their security in the random oracle model.

Siyue Dong,Zhen Zhao,Baocang Wang,Wen Gao,Shanshan Zhang

DOI: https://doi.org/10.3390/electronics13071256

IF: 2.9

2024-03-29

Electronics

Abstract:Public key encryption with equality test (PKEET) is a cryptographic primitive that enables a tester to determine whether two ciphertexts encrypted with same or different public keys have been generated from the same message without decryption. Previous studies extended PKEET to public key encryption with designated-position fuzzy equality test (PKE-DFET), enabling testers to verify whether plaintexts corresponding to two ciphertexts are equal while ignoring specific bits at designated positions. In this work, we have filled the research gap in the identity-based encryption (IBE) cryptosystems for this primitive. Furthermore, although our authorization method is the all-or-nothing (AoN) type, it overcomes the shortcomings present in the majority of AoN-type authorization schemes. In our scheme, equality tests can only be performed between a ciphertext and a given plaintext. Specifically, even if a tester acquires multiple AoN-type authorizations, it cannot conduct unpermitted equality tests between users. This significantly reduces the risk of user privacy leaks when handling sensitive information in certain scenarios, while still retaining the flexible and simple characteristics of AoN-type authorizations. We use the Chinese national cryptography standard SM9-IBE algorithm to provide the concrete construction of our scheme, enhancing the usability and security of our scheme, while making deployment more convenient. Finally, we prove that our scheme achieves F-OW-ID-CCA security when the adversary has the trapdoor of the challenge ciphertext, and achieves IND-ID-CCA security when the adversary does not have the trapdoor of the challenge ciphertext.

engineering, electrical & electronic,computer science, information systems,physics, applied

Yutaka Kawai,Katsuyuki Takashima

DOI: https://doi.org/10.1007/978-3-319-04873-4_7

2014-01-01

Abstract:In this paper, we propose a reasonable definition of predicate-hiding inner product encryption (IPE) in a public key setting, which we call inner product encryption with ciphertext conversion (IPE-CC), where original ciphertexts are converted to predicate-searchable ones by an helper in possession of a conversion key. We then define a notion of full security for IPE-CC, which comprises three security properties of being adaptively predicate- and attribute-hiding in the public key setting, adaptively (fully-)attribute-hiding against the helper, and usefully secure even against the private-key generator (PKG). We then present the first fully secure IPE-CC scheme, and convert it into the first fully secure symmetric-key IPE (SIPE) scheme, where the security is defined in the sense of Shen, Shi, Waters. All the security properties are proven under the decisional linear assumption in the standard model. The IPE-CC scheme is comparably as efficient as existing attribute-hiding (not predicate-hiding) IPE schemes. We also present a variant of the proposed IPE-CC scheme with the same security that achieves shorter public and secret keys. We employ two key techniques, trapdoor basis setup, in which a new trapdoor is embedded in a public key, and multi-system proof technique, which further generalizes an extended dual system approach given by Okamoto and Takashima recently.

Huanhuan Lian,Tianyu Pan,Huige Wang,Yunlei Zhao

DOI: https://doi.org/10.1007/978-3-030-88428-4_32

2021-01-01

Abstract:Identity-based authenticated key exchange (ID-AKE) allows two parties (whose identities are just their public keys) to agree on a shared session key over open channels. At ESORICS 2019, Tomida et al. proposed a highly efficient ID-AKE protocol, referred to as the TFNS19-protocol, under the motivation of providing authentication and secure communication for huge number of low-power IoT devices. The TFNS19-protocol currently stands for the most efficient ID-AKE based on bilinear pairings, where each user remarkably performs only a single pairing operation. But it does not consider users' identity privacy, and the security is based on relatively non-standard assumptions. In this work, we formulate and design identity-based identity-concealed AKE (IB-CAKE) protocols. Here, identity concealment means that the session transcript does not leak users' identity information. We present a simple and highly practical IB-CAKE protocol, which is computationally more efficient than the remarkable TFNS19-protocol in total. We present a new security model for IB-CAKE, and show it is stronger than the ID-eCK model used for the TFNS19-protocol. The security of our IB-CAKE protocol is proved under relatively standard assumptions in the random oracle model, assuming the security of the underlying authenticated encryption and the gap bilinear Diffie-Hellman (Gap-BDH) problem. Finally, we provide the implementation results for the proposed IB-CAKE scheme, and present performance benchmark.

J. Li,X. Chen,H. Tian,C. Gao

DOI: https://doi.org/10.1504/ijahuc.2014.065156

2014-01-01

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:Since the notion of attribute-based encryption (ABE) was proposed, it has been found a lot of important applications such as fine-grained access control. However, the issue of key exposure problem in ABE has been solved completely. This problem is formally addressed and formulated in this paper. More specifically, we propose a new key-insulated ABE (KI-ABE) scheme as a solution to the key exposure problem. The definition and security model of KI-ABE is proposed. Then, a KI-ABE scheme is presented, which is provably secure under the proposed model. The scheme is secure in the remaining time periods against an adversary who compromises the insecure device and obtains secret keys for the periods of its choice. Finally, we show that the scheme also supports user delegation, which is critical when one wants to delegate part of attributes (privileges) to others.

Jason Chia,Swee-Huay Heng,Ji-Jian Chin,Syh-Yuan Tan,Wei-Chuen Yau

DOI: https://doi.org/10.3390/sym13081535

2021-08-20

Symmetry

Abstract:Public key infrastructure (PKI) plays a fundamental role in securing the infrastructure of the Internet through the certification of public keys used in asymmetric encryption. It is an industry standard used by both public and private entities that costs a lot of resources to maintain and secure. On the other hand, identity-based cryptography removes the need for certificates, which in turn lowers the cost. In this work, we present a practical implementation of a hybrid PKI that can issue new identity-based cryptographic keys for authentication purposes while bootstrapping trust with existing certificate authorities. We provide a set of utilities to generate and use such keys within the context of an identity-based environment as well as an external environment (i.e., without root trust to the private key generator). Key revocation is solved through our custom naming design which currently supports a few scenarios (e.g., expire by date, expire by year and valid for year). Our implementation offers a high degree of interoperability by incorporating X.509 standards into identity-based cryptography (IBC) compared to existing works on hybrid PKI–IBC systems. The utilities provided are minimalist and can be integrated with existing tools such as the Enterprise Java Bean Certified Authority (EJBCA).

Yanqing Yao,Zhoujun Li,Hua Guo

DOI: https://doi.org/10.1016/j.ins.2019.12.076

IF: 8.1

2020-04-01

Information Sciences

Abstract:Identity-based sequential aggregate signature (IBSAS for short) schemes, introduced by Boldyreva et al. [CCS 2007], allow a large quantity of signers to generate one signature sequentially, in which these messages as well as their order can be attested by employing their identities. In such a scheme, storage space and bandwidth overhead can be reduced. To our best knowledge, though many concrete IBSAS schemes have been constructed in literature, none of them is constructed under a standard computational hardness assumption and unforgeable under the standard model. The problem of how to construct such schemes is still open. Latterly, Gentry et al. [PKC 2018] proposed a unified construction of SAS (i.e., abbreviated form of sequential aggregate signature) schemes by employing trapdoor permutation and ideal ciphers. Motivated by the above problem and hints, here we study how to construct IBSAS schemes in a new unified perspective. By employing 2-level HIBE (i.e., abbreviated form of hierarchical identity-based encryption) schemes, we present unified construction of IBSAS schemes and give a rigorous proof of their unforgeability. The unified construction is then instantiated to get a concrete IBSAS scheme, which has existential unforgeability under the standard model using a standard computational hardness assumption (i.e., the CDH assumption). An extra fruit is that it can be used to construct an existentially unforgeable IBSAS scheme using the Learning with Errors problem, which is constructed under a lattice hardness assumption for the first time. In the end, we show a detailed performance comparison among our schemes and previous ones.

computer science, information systems

Xin Sun,Jiajia Han,Bang Lv,Changhua Sun,Cheng Zeng

DOI: https://doi.org/10.1371/journal.pone.0312690

IF: 3.7

2024-10-31

PLoS ONE

Abstract:With the rise of the Internet of things, the limitations of traditional PKI certificate authentication technology have progressively emerged. Hence, identity-based public key algorithms have been proposed. In this paper, we propose a new approach to generate an identity key, named identity public key (IPK). IPK identity key generation protocol is based on SM2 elliptic curve cryptography and random matrix theory. It builds upon the concept of combined public key (CPK) and resolves the linear collusion issue of CPK as well as the authenticity verification problem of the declared public key of the simplified TF-CPK by enhancing the identity mapping approach. Another main aim of this paper is to prove the security of the IPK identity key generation protocol. Roughly speaking, we verify the security of each part of the private key and the security of the composite private key. We also increase the function and performance comparison with other schemes, such as IBC(SM9) and TF-CPK. Our scheme has the lowest computation cost, which demonstrates its rationality.

multidisciplinary sciences

Cong Tang,Ruichuan Chen,Zhuhua Cai,Anming Me,Jianbin Hu,Liyong Tang,Zhong Chen

DOI: https://doi.org/10.1109/icns.2009.64

2009-01-01

Valencia

Abstract:Identity based cryptography (IBC) was introduced into peer-to-peer (P2P) networks recently for identity verification and authentication purposes. However current IBC-based solutions could not address the problem of secure private key issuing. In this paper we propose SKIP: a novel secure key issuing scheme for P2P networks using IBC. We present an IBC infrastructure setup phase, a peer registration solution using Shamir's (k, n) secret sharing scheme, and a secure key issuing scheme, which adopts key generate center (KGC) and key privacy authorities (KPAs) to issue private keys to peers securely in order to enable the IBC systems to be more acceptable and applicable in real-world P2P networks. Furthermore, to maintain the security of KPAs, we develop a scheme to authenticate KPAs using Byzantine fault tolerance protocol. The theoretical analysis and experimental results show that SKIP performs effectively and efficiently, and is able to support large scale networks.

Jingwei Lu,Hongbo Li,Jianye Huang,Sha Ma,Man Ho Allen Au,Qiong Huang

DOI: https://doi.org/10.1016/j.csi.2023.103759

IF: 3.721

2024-01-01

Computer Standards & Interfaces

Abstract:It is tricky to determine whether two ciphertexts contain the same message when the messages are encrypted with different public keys. public key encryption with equality test (PKEET) addresses this problem without decryption. By integrating PKEET with identity-based encryption, identity-based encryption with equality test (IBEET) simplifies the certificate management in PKEET. In this paper, we first propose an IBEET scheme that can resist offline message recovery attacks (OMRA) and requires neither the dual-tester setting nor the group mechanism. With the help of some mathematical assumptions, we demonstrate the security of our scheme. Experiment results reveal that our scheme is efficient. From the perspective of usability, we explain why our scheme is more appropriate to be applied in healthcare social Apps than other OMRA-resistant schemes.