Song Luo,Yu Chen,Jianbin Hu,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-21031-0_5

2011-01-01

Abstract:Hierarchical identity-based encryption (HIBE) is a generalization of identity-based encryption (IBE) which allows for a hierarchy of identities where any parent identities can derive secret keys for child identities. In this paper, we propose a new HIBE scheme with constant size ciphertexts and short parameters in prime order groups using symmetric pairing. We use a new technique called "hybrid identity vector" to make the key derivation feasible. Our scheme is proven fully secure under the DBDH and D-Linear assumptions by using dual system encryption. Based on our HIBE scheme, we propose a new WIBE (IBE with wildcards) scheme with constant size ciphertexts.

Yanli Ren,Shuozhong Wang,Xinpeng Zhang

DOI: https://doi.org/10.6138/jit.2011.12.4.13

2011-01-01

Abstract:The problem of key-exposure is an important issue in modern society due to the growing use of mobile devices. Weng et al. proposed an identity-based parallel key-insulated encryption (IBPKIE) scheme to solve the key-exposure problem in an identity-based cryptosystem. The scheme has long public parameters and a loose security reduction. Ren et al. presented a new IBPKIE scheme which had constant size public parameters and a tight reduction, and then extended it to a hierarchical IBPKIE (HIBPKIE) scheme. However, Wang et al. analyzed two schemes of Ren et al. and showed that they are not secure against chosen-plaintext attack. In this paper, we propose an improved IBPKIE scheme which achieves IND-ID-KI-CPA security without random oracles. Moreover, our scheme has short public parameters and a tight reduction. We then present an HIBPKIE scheme which achieves IND-sID-KI-CPA security without random oracles. In this scheme, the ciphertext size is independent of the level of the hierarchy in the HIBPKIE scheme.

Yanli Ren,Shuozhong Wang,Xinpeng Zhang

DOI: https://doi.org/10.1007/978-3-642-34679-8_21

2012-01-01

Abstract:A hierarchical identity-based encryption (HIBE) scheme is called anonymous if the ciphertext does not leak the identity of the recipient. Currently, anonymous HIBE schemes are constructed in composite order groups or achieve selective-ID security in prime order groups and the ciphertext size is linear in the maximum depth of hierarchy. We propose an anonymous HIBE scheme with constant size ciphertext, which is adaptive-ID secure without random oracles in prime order groups. Our scheme improves security and efficiency of the anonymous HIBE schemes simultaneously compare with the previous work.

Cong Li,Yuejian Fang,Xing Zhang,Cancan Jin,Qingni Shen,Zhonghai Wu

DOI: https://doi.org/10.1002/cpe.3957

2016-01-01

Abstract:SummaryWe present a practical large universe hierarchical attribute‐based encryption (LU‐HABE) scheme, which supports monotone access structures. In our system, key generation centers (KGCs), any one in which is labeled by a unique identity, are organized as a hierarchical structure. Thus, all secret keys issued by the KGC contain 2 parts: the identity‐related one and the attribute‐related one. Once the data owner wants to encrypt his/her data, he/she needs to specify certain numbers of pairs according to his/her demand. The pair consists of an identity of a KGC and a policy of attributes managed by the corresponding KGC, eg, IDi and (Mi, ρi). If and only if an identity associated with user's secret key is equal to or is an ancestor of one of the identities appearing in ciphertext, and simultaneously a set of attributes belonging to the user satisfies the policy, the user can decrypt it successfully. Our scheme is proved to be selectively secure in the standard model under the modified “q‐type” assumption similar to the ones used in former works and is extended to support online/offline encryption. To show the efficiency of our construction, we implement our original scheme and the extended one in Charm. Analyses show that both of them are very practical.

Junqing Gong,Zhenfu Cao,Shaohua Tang,Jie Chen

DOI: https://doi.org/10.1007/s10623-015-0117-z

2015-01-01

Abstract:This paper continued the research line of dual system groups (DSG) opened by Chen and Wee (CRYPTO, 2013 and IACR Cryptology ePrint Archive, 2014 ). Motivated by Lewko’s unbounded hierarchical identity based encryptions (HIBE) (EUROCRYPT, 2012 ), we extended Chen and Wee’s DSG and showed how to construct an unbounded HIBE from our extended DSG. Furthermore, an instantiation of our extended DSG was given using prime-order bilinear groups under the d -Lin assumption. These two results imply an adaptively secure unbounded HIBE in the standard model with not only shorter ciphertexts and user’s secret keys but also faster algorithms than Lewko’s construction.

Yu Chen,Manuel Charlemagne,Zhi Guan,Jian-bin Hu,Zhong Chen

DOI: https://doi.org/10.1145/1755688.1755699

2010-01-01

Abstract:ABSTRACTMost traditional public key cryptosystems are constructed upon algebraically rich structures, which makes their key pairs combinable, i.e., the combination of some private keys and their corresponding public keys could form a new key pair. Exploring such combinable property, this paper proposes a novel Identity-Based Encryption (IBE) scheme based on the Diffie-Hellman Integrated Encryption Scheme (DHIES) with quadratic key combination structure from bilinear maps. The new scheme has a number of advantages over other IBE schemes. First, it uses DHIES to fulfill encryption, thus naturally obtains the security against adaptive chosen ciphertext attack from DHIES. Second, it is interoperable with existing security systems based on DHIES. Third, compared to many pairing-based IBE schemes, it only requires pairing computation during public key generation and there is no need for special hash function. We prove that our scheme is selective identity chosen ciphertext secure in the random oracle model assuming DHIES is chosen ciphertext secure. Additionally, the extract algorithm of our scheme also implies an identity-based short signature scheme.

Song Luo,Zhong Chen

DOI: https://doi.org/10.1504/ijguc.2014.060182

2014-01-01

International Journal of Grid and Utility Computing

Abstract:Hierarchical Identity-Based Encryption (HIBE) is a generalisation of Identity- Based Encryption (IBE) which mirrors an organisational hierarchy. However, when the user decrypts a ciphertext encrypted to a hierarchical identity, he/she should know the exact hierarchical identity in order to run the delegate algorithm to get the secret key corresponding to the target hierarchical identity if the hierarchical identity linked with his/her key is a prefix of the target hierarchical identity. In this paper, we consider a new concept called HIBE without key delegation in decryption. In such HIBE systems, the user can decrypt the ciphertext directly without running the delegate algorithm even if his hierarchical identity is only a prefix of the target hierarchical identity. We present two HIBE systems, which are proven secure in the standard model under the decision BDH and l-BDHE assumptions, respectively. Both systems have the same decryption efficiency in pairing, compared with BB1-HIBE system and BBG-HIBE system, respectively.

Jian-Wu Zheng,Jing Zhao,Xin-Ping Guan

DOI: https://doi.org/10.14257/ijsia.2016.10.8.20

2016-01-01

International Journal of Security and Its Applications

Abstract:As Hierarchical Identity Based Encryption (HIBE) system usually maps the true institutional structure of an organization or entity relationship between objects in real world, It is important that computation & communication complexity of private key, ciphertext, cryptographic computations and so on related to an entity in the hierarchy is independent to the hierarchy depth of the entity. Moreover, key escrow problem that any non-leaf entity in a hierarchical identity based cryptosystem can derive private keys for its descendants with use of its private key should be resolved, in order to prevent any entity from behaving on behalf of its descendants. In this paper, a new technique is introduced for composing a private key for each individual entity in HIBE system by differentiating between non-local identifiers and local identifiers of the identity of the entity. That we call Identifier Discrimination. With the technique, A selective identity secure HIBE system is constructed under Decisional Bilinear Diffie-Hellman (DBDH) assumption without using random oracles, where the private key and the ciphertext consist of constant number of group elements, and decryption requires only three bilinear map computations, regardless of the identity hierarchy depth. Moreover, in contrast to previous HIBE constructions, where private key for an entity can be derived by its ancestors with direct use of their private keys, key escrow problem inherent in identity based cryptosystems is resolved in our HIBE construction. Privilege of deriving private keys for an entity can be delegated to any of its ancestors through authorization by distributing specifically crafted values to the ancestor in our HIBE system, that we call Authorized Delegation.

Jian-Wu Zheng,Jing Zhao,Xin-Ping Guan

DOI: https://doi.org/10.14257/astl.2016.134.22

2016-01-01

Abstract:In this paper, a new technique - Identifier Discrimination is proposed for composing private keys in hierarchical identity based systems, With the technique, we construct a selective identity secure HIBE system under Decisional Bilinear Diffie-Hellman (DBDH) assumption in standard security model, where the ciphertext and the private key consist of constant number of group elements, and decryption requires only three bilinear map computations, regardless of the identity hierarchy depth. Moreover, different from previous HIBE constructions, key escrow problem inherent in identity based cryptosystems is resolved in our HIBE construction. An entity in hierarchy can be authorized by the root PKG to be capable of deriving private keys for its descendants. That we call Authorized Delegation.

Niu Liu,Shaohua Tang,Lingling Xu

DOI: https://doi.org/10.1002/sec.837

IF: 1.968

2013-01-01

Security and Communication Networks

Abstract:The hierarchical access control scheme based on Chinese Reminder Theorem CRTHACS was supposed to be capable of hiding the hierarchical structure of a group, but Geiselmann et al. showed practical attacks on CRTHACS to reveal the hierarchies it hides. Then, Zou et al. modified it and gave a new CRTHACS to resist those attacks. Nevertheless, we find that the modified version is still defective if it permits changes of structure, that is, the scheme works in a dynamic scenario. In this paper, we describe our attack on the modified version of CRTHACS. We extend the description of the CRTHACS in a more proper form to make it easier for us to look into the problem it has. We find out the key character of the vulnerability, which we name as double-invariance. We generalize our attack in an algebraic form and apply it to a series of hierarchical cryptographic access control schemes that share the same vulnerability with CRTHACS. We also give the countermeasure to fix this vulnerability. Copyright © 2013 John Wiley & Sons, Ltd.

Yanli Ren,Dawu Gu

DOI: https://doi.org/10.1016/j.jss.2009.07.046

IF: 3.5

2009-01-01

Journal of Systems and Software

Abstract:In order to mitigate the damages of key-exposure, key-insulated encryption introduces a helper key used to periodically update the decryption key. Under the usual circumstances, frequent updating increases the risk of helper key-exposure. Parallel key-insulated encryption (PKIE) supports frequent key updates without increasing the risk of helper key-exposure. In an identity-based cryptosystem, a private key generator (PKG) uses a master secret key to issue private keys to users based on their identities. In this paper, we propose a new identity-based parallel key-insulated encryption (IBPKIE) scheme which achieves IND-ID-KI-CCA2 security without random oracles. Our IBPKIE scheme has short public parameters and a tight reduction with an additive factor. Hierarchical identity-based cryptography was first proposed in 2002. It allows a root PKG to distribute workload by delegating private key generation and entity authentication tasks to lower-level PKGs. In this paper, we formalize the syntax and security model for a hierarchical identity-based parallel key-insulated encryption (HIBPKIE) scheme. We then propose an HIBPKIE scheme with constant size ciphertext, and prove that it achieves IND-ID-KI-CCA2 security without random oracles. To the best of our knowledge, this is the first HIBPKIE scheme up to now.

Xu An Wang,Xiaoyuan Yang,Minqing Zhang,Yong Yu

DOI: https://doi.org/10.15388/informatica.2012.361

2012-01-01

Informatica

Abstract:Fuzzy identity based encryption (FIBE), proposed by Sahai and Waters, is a new kind of identity based encryption. It allows users with identity w can decrypt ciphertext for w' if and only if w is close enough to w'. Recently, Ren et al. proposed a new FIBE scheme and claimed it is fully CCA2 secure in the standard model with a tight reduction. However, in this paper we will show that their scheme is not correct. Furthermore, the key generation process of their scheme cannot resist the collusion attack, which is a basic security requirement for FIBE. At last, we propose a new fully secure FIBE scheme based on the Sahai Waters FIBE scheme and prove its security by using the "dual system encryption" technique.

Miaomiao Tian,Liusheng Huang,Wei Yang

2012-01-01

Abstract:Hierarchical identity-based signature (HIBS), which plays an important role in large communities, is a generalization of identity-based signature (IBS). In this paper, we present a new HIBS scheme from lattices without random oracles. The new scheme is proven to be strongly unforgeable against selective identity attacks under the standard hardness assumption of the short integer solution (SIS) problem. Furthermore, the secret key size and the signature length of our scheme are both invariant and much shorter than those of the previous lattice-based HIBS schemes. To the best of our knowledge, our construction is the flrst short lattice-based HIBS scheme in the standard model.

Zahid Mehmood,Gongliang Chen,Jianhua Li,Aiiad Albeshri

DOI: https://doi.org/10.3837/tiis.2017.03.027

2017-01-01

Abstract:Recent evolution in the open access internet technology demands that the identifying information of a user must be protected. Authentication is a prerequisite to ensure the protection of user identification. To improve Qu et al.' s scheme for remote user authentication, a recent proposal has been published by Huang et al., which presents a key agreement protocol in combination with ECC. It has been claimed that Huang et al. proposal is more robust and provides improved security. However, in the light of our experiment, it has been observed that Huang et al.' s proposal is breakable in case of user impersonation. Moreover, this paper presents an improved scheme to overcome the limitations of Huang et al.' s scheme. Security of the proposed scheme is evaluated using the well-known random oracle model. In comparison with Huang et al.' s protocol, the proposed scheme is lightweight with improved security.

Mohammad Ali,Javad Mohajeri,Mohammad-Reza Sadeghi

DOI: https://doi.org/10.48550/arXiv.1810.05864

2018-10-13

Abstract:Ciphertext-policy hierarchical attribute-based encryption (CP-HABE) is a promising cryptographic primitive for enforcing the fine-grained access control with scalable key delegation and user revocation mechanisms on the outsourced encrypted data in a cloud. Wang et al. (2011) proposed the first CP-HABE scheme and showed that the scheme is semantically secure in the random oracle model [4, 5]. Due to some weakness in its key delegation mechanism, by presenting two attacks, we demonstrate the scheme does not offer any confidentiality and fine-grained access control. In this way, anyone who has just one attribute can recover any outsourced encrypted data in the cloud.

Cryptography and Security

Yanli Ren,Shuozhong Wang,Xinpeng Zhang,Zhenxing Qian

DOI: https://doi.org/10.1109/mines.2010.96

2010-01-01

Abstract:Anonymous identity-based encryption systems can be used to protect users’ privacy and construct Public key Encryption with Keyword Search (PEKS) schemes where the ciphertext does not leak the identity of the recipient. Currently, there is no anonymous IBE scheme that is fully secure under simple assumptions without random oracles. In this paper, we propose an anonymous IBE scheme using the approach of Dual System Encryption. The scheme is fully secure without random oracles based on decisional bilinear Diffie-Hellman (BDH) and linear assumptions, and the security reduction is tight. These two assumptions are simple and our scheme is more secure than the previous anonymous IBE schemes.

Miaomiao Tian,Liusheng Huang,Wei Yang

DOI: https://doi.org/10.1142/S0218126614500339

2014-01-01

Journal of Circuits Systems and Computers

Abstract:Fuzzy identity-based encryption (FIBE) scheme is a kind of identity-based encryption (IBE) scheme, in which any user's identity is composed by a set of attributes and any ciphertext encrypted under identity ID can be decrypted by using a private key corresponding to identity ID' if ID' is close to ID as measured by some metric. Due to the error-tolerance property, FIBE scheme is very useful in real-world applications. However, most FIBE schemes are provable secure only in a weaker security model. In order to eliminate this problem, Ren et al. recently proposed a new FIBE scheme and proved that it is fully chosen-ciphertext secure in the standard model. Unfortunately, in this paper, we will show that their FIBE scheme is even not chosen-plaintext secure.

Qianqian Xing,Baosheng Wang,Xiaofeng Wang,Jing Tao

DOI: https://doi.org/10.1371/journal.pone.0195204

IF: 3.7

2018-04-12

PLoS ONE

Abstract:Revocation functionality and hierarchy key delegation are two necessary and crucial requirements to identity-based cryptosystems. Revocable hierarchical identity-based encryption (RHIBE) has attracted a lot of attention in recent years, many RHIBE schemes have been proposed but shown to be either insecure or bounded where they have to fix the maximum hierarchical depth of RHIBE at setup. In this paper, we propose a new unbounded RHIBE scheme with decryption key exposure resilience and with short public system parameters, and prove our RHIBE scheme to be adaptively secure. Our system model is scalable inherently to accommodate more levels of user adaptively with no adding workload or restarting the system. By carefully designing the hybrid games, we overcome the subtle obstacle in applying the dual system encryption methodology for the unbounded and revocable HIBE. To the best of our knowledge, this is the first construction of adaptively secure unbounded RHIBE scheme.

Jian-Wu Zheng,Jing Zhao,Xin-Ping Guan

DOI: https://doi.org/10.14257/ijsia.2016.10.6.21

2016-01-01

International Journal of Security and Its Applications

Abstract:In traditional hierarchical identity based cryptosystems (HIBC), non-leaf entities as level PKGs are usually capable of deriving private keys for their descendants with use of their private keys, non-leaf entities can therefore act (decrypt or sign) on the behalf of their arbitrary descendants. This is called key escrow problem of HIBC. In order to resolve key escrow problem, a new technique - Identifier Discrimination is proposed in this paper for composing private keys for entities in hierarchy. With the technique, an identity selective secure HIBE scheme is constructed under Decisional Bilinear Diffie-Helleman (DBDH) assumption in standard security model, in which any identity is incapable of deriving private keys for any of its descendants with use of its private key, and the privilege of generating private keys for each individual descendant is delegated by the root PKG through authorization, that we call Authorization Delegation. Moreover, a new hierarchical identity based signature (HIBS) scheme is constructed from our HIBE construction, by applying Naor transformation of an identity-based signature (IBS) out of an IBE. Because of the inability of deriving its descendants' private keys with use its private key, an entity therefore cannot sign messages on behalf of any of its descendants, thus guaranteeing that authenticity and non-repudiation properties are achieved in our HIBS system.

Yunlei Zhao

DOI: https://doi.org/10.1016/j.tcs.2021.11.014

IF: 1.002

2021-01-01

Theoretical Computer Science

Abstract:After two decades of research on signcryption, recently a new cryptographic primitive, named higncryption, was proposed at ACM CCS'16. Higncryption can be viewed as privacy-enhanced signcryption, which integrates public key encryption, digital signature and identity concealment (which is not achieved in signcryption) into a monolithic primitive. Here, identity concealment means that the transcript of protocol runs should not leak participants' identity information. In this work, we propose the first identity-based higncryption (IBHigncryption, for short). We present the formal security model for IBHigncryption, under which security proof of the proposed scheme is conducted. The most impressive feature of IBHigncryption, besides other desirable properties it offers, is its simplicity and efficiency, which might be somewhat surprising in retrospect. Our IBHigncryption has a much simpler setup stage with smaller public parameters and particularly no need of computing master public key. It is essentially as efficient as (if not more than) the fundamental CCA-secure Boneh-Franklin identity-based encryption scheme [14] , and has significant efficiency advantage over the IEEE 1363.3 standard of identity-based signcryption [8] .