Paper 2013/016

Revocable Identity-Based Encryption Revisited: Security Model and Construction

Jae Hong Seo and Keita Emura

Abstract

In ACM CCS 2008, Boldyreva et al. proposed an elegant way of achieving an Identity-based Encryption (IBE) with {\em efficient} revocation, which we call revocable IBE (RIBE). One of the significant benefit of their construction is scalability, where the overhead of the trusted authority is logarithmically increased in the number of users, whereas that in the Boneh-Franklin naive revocation way is linearly increased. All subsequent RIBE schemes follow the Boldyreva et al. security model and syntax. In this paper, we first revisit the Boldyreva et al. security model, and aim at capturing the exact notion for the security of the naive but non-scalable Boneh-Franklin RIBE scheme. To this end, we consider a realistic threat, which we call {\em decryption key exposure}. We also show that all prior RIBE constructions except for the Boneh-Franklin one are vulnerable to decryption key exposure. As the second contribution, we revisit approaches to achieve (efficient and adaptively secure) scalable RIBE schemes, and propose a simple RIBE scheme, which is the first scalable RIBE scheme with decryption key exposure resistance, and is more efficient than previous (adaptively secure) scalable RIBE schemes. In particular, our construction has the shortest ciphertext size and the fastest decryption algorithm even compared with all scalable RIBE schemes without decryption key exposure resistance.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. An extended abstract will appear at PKC 2013. This is the full version.
Keywords
identity-based encryptionrevocationdecryption key exposure
Contact author(s)
jhsbhs @ gmail com
History
2013-01-18: received
Short URL
https://ia.cr/2013/016
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2013/016,
      author = {Jae Hong Seo and Keita Emura},
      title = {Revocable Identity-Based Encryption Revisited: Security Model and Construction},
      howpublished = {Cryptology ePrint Archive, Paper 2013/016},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/016}},
      url = {https://eprint.iacr.org/2013/016}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.