Cryptology ePrint Archive: Report 2013/068

Why Proving HIBE Systems Secure is Difficult

Allison Lewko and Brent Waters

Abstract: Proving security of Hierarchical Identity-Based Encryption (HIBE) and Attribution Based Encryption scheme is a challenging problem. There are multiple well-known schemes in the literature where the best known (adaptive) security proofs degrade exponentially in the maximum hierarchy depth. However, we do not have a rigorous understanding of why better proofs are not known. (For ABE, the analog of hierarchy depth is the maximum number of attributes used in a ciphertext.)

In this work, we define a certain commonly found checkability property on ciphertexts and private keys. Roughly the property states that any two different private keys that are both ``supposed to'' decrypt a ciphertext will decrypt it to the same message. We show that any simple black box reduction to a non-interactive assumption for a HIBE or ABE system that contains this property will suffer an exponential degradation of security.

Category / Keywords:

Date: received 12 Feb 2013, last revised 17 Oct 2013

Contact author: allibishop at gmail com

Available format(s): PDF | BibTeX Citation

Version: 20131017:180059 (All versions of this report)

Short URL: ia.cr/2013/068

Discussion forum: Show discussion | Start new discussion