Cryptology ePrint Archive: Report 2014/132

Efficient Revocable Identity-Based Encryption via Subset Difference Methods

Kwangsu Lee and Dong Hoon Lee and Jong Hwan Park

Abstract: Providing an efficient revocation mechanism for identity-based encryption (IBE) is very important since a user's credential (or private key) can be expired or revealed. Revocable IBE (RIBE) is an extension of IBE that provides an efficient revocation mechanism. Previous RIBE schemes essentially use the complete subtree (CS) scheme of Naor, Naor and Lotspiech (CRYPTO 2001) for key revocation. In this paper, we present a new technique for RIBE that uses the efficient subset difference (SD) scheme of Naor et al. instead of using the CS scheme to improve the size of update keys.

Following our new technique, we first propose an efficient RIBE scheme in prime-order bilinear groups by combining the IBE scheme of Boneh and Boyen and the SD scheme and prove its selective security under the standard assumption. Our RIBE scheme is the first RIBE scheme in bilinear groups that has $O(r)$ number of group elements in an update key where $r$ is the number of revoked users. Next, we also propose another RIBE scheme in composite-order bilinear groups and prove its full security under static assumptions. Our RIBE schemes also can be integrated with the layered subset difference (LSD) scheme of Halevy and Shamir (CRYPTO 2002) to reduce the size of a private key.

Category / Keywords: public-key cryptography / Identity-based encryption, Revocable identity-based encryption, Key revocation, Subset difference method, Bilinear maps

Original Publication (in the same form): Designs, Codes and Cryptography

Date: received 20 Feb 2014, last revised 29 Sep 2016

Contact author: kwangsu at sejong ac kr

Available format(s): PDF | BibTeX Citation

Version: 20160930:050354 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]