Paper 2013/068

Why Proving HIBE Systems Secure is Difficult

Allison Lewko and Brent Waters

Abstract

Proving security of Hierarchical Identity-Based Encryption (HIBE) and Attribution Based Encryption scheme is a challenging problem. There are multiple well-known schemes in the literature where the best known (adaptive) security proofs degrade exponentially in the maximum hierarchy depth. However, we do not have a rigorous understanding of why better proofs are not known. (For ABE, the analog of hierarchy depth is the maximum number of attributes used in a ciphertext.) In this work, we define a certain commonly found checkability property on ciphertexts and private keys. Roughly the property states that any two different private keys that are both ``supposed to'' decrypt a ciphertext will decrypt it to the same message. We show that any simple black box reduction to a non-interactive assumption for a HIBE or ABE system that contains this property will suffer an exponential degradation of security.

Metadata
Available format(s)
PDF
Publication info
Published elsewhere. Unknown status
Contact author(s)
allibishop @ gmail com
History
2013-10-17: last of 3 revisions
2013-02-20: received
See all versions
Short URL
https://ia.cr/2013/068
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2013/068,
      author = {Allison Lewko and Brent Waters},
      title = {Why Proving HIBE Systems Secure is Difficult},
      howpublished = {Cryptology ePrint Archive, Paper 2013/068},
      year = {2013},
      note = {\url{https://eprint.iacr.org/2013/068}},
      url = {https://eprint.iacr.org/2013/068}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.