Paper 2009/385

Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions

Brent Waters

Abstract

We present a new methodology for proving security of encryption systems using what we call Dual System Encryption. Our techniques result in fully secure Identity-Based Encryption (IBE) and Hierarchical Identity-Based Encryption (HIBE) systems under the simple and established decisional Bilinear Diffie-Hellman and decisional Linear assumptions. Our IBE system has ciphertexts, private keys, and public parameters each consisting of a constant number of group elements. These results are the first HIBE system and the first IBE system with short parameters under simple assumptions. In a Dual System Encryption system both ciphertexts and private keys can take on one of two indistinguishable forms. A private key or ciphertext will be normal if they are generated respectively from the system's key generation or encryption algorithm. These keys and ciphertexts will behave as one expects in an IBE system. In addition, we define semi-functional keys and ciphertexts. A semi-functional private key will be able to decrypt all normally generated ciphertexts; however, decryption will fail if one attempts to decrypt a semi-functional ciphertext with a semi-functional private key. Analogously, semi-functional ciphertexts will be decryptable only by normal private keys. Dual System Encryption opens up a new way to prove security of IBE and related encryption systems. We define a sequence of games where we change first the challenge ciphertext and then the private keys one by one to be semi-functional. We finally end up in a game where the challenge ciphertext and all private keys are semi-functional at which point proving security is straightforward.

Note: Full version of the paper.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Crypto 2009
Keywords
Identity-Based Encryption
Contact author(s)
bwaters @ cs utexas edu
History
2009-08-10: received
Short URL
https://ia.cr/2009/385
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2009/385,
      author = {Brent Waters},
      title = {Dual System Encryption: Realizing Fully Secure {IBE} and {HIBE} under Simple Assumptions},
      howpublished = {Cryptology {ePrint} Archive, Paper 2009/385},
      year = {2009},
      url = {https://eprint.iacr.org/2009/385}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.