Paper 2013/016
Revocable Identity-Based Encryption Revisited: Security Model and Construction
Jae Hong Seo and Keita Emura
Abstract
In ACM CCS 2008, Boldyreva et al. proposed an elegant way of achieving an Identity-based Encryption (IBE) with {\em efficient} revocation, which we call revocable IBE (RIBE). One of the significant benefit of their construction is scalability, where the overhead of the trusted authority is logarithmically increased in the number of users, whereas that in the Boneh-Franklin naive revocation way is linearly increased. All subsequent RIBE schemes follow the Boldyreva et al. security model and syntax. In this paper, we first revisit the Boldyreva et al. security model, and aim at capturing the exact notion for the security of the naive but non-scalable Boneh-Franklin RIBE scheme. To this end, we consider a realistic threat, which we call {\em decryption key exposure}. We also show that all prior RIBE constructions except for the Boneh-Franklin one are vulnerable to decryption key exposure. As the second contribution, we revisit approaches to achieve (efficient and adaptively secure) scalable RIBE schemes, and propose a simple RIBE scheme, which is the first scalable RIBE scheme with decryption key exposure resistance, and is more efficient than previous (adaptively secure) scalable RIBE schemes. In particular, our construction has the shortest ciphertext size and the fastest decryption algorithm even compared with all scalable RIBE schemes without decryption key exposure resistance.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. An extended abstract will appear at PKC 2013. This is the full version.
- Keywords
- identity-based encryptionrevocationdecryption key exposure
- Contact author(s)
- jhsbhs @ gmail com
- History
- 2013-01-18: received
- Short URL
- https://ia.cr/2013/016
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2013/016, author = {Jae Hong Seo and Keita Emura}, title = {Revocable Identity-Based Encryption Revisited: Security Model and Construction}, howpublished = {Cryptology {ePrint} Archive, Paper 2013/016}, year = {2013}, url = {https://eprint.iacr.org/2013/016} }