Paper 2014/560

Towards Forward Security Properties for PEKS and IBE

Qiang Tang

Abstract

In cryptography, forward secrecy is a well-known property for key agreement protocols. It ensures that a session key will remain private even if one of the long-term secret keys is compromised in the future. In this paper, we investigate some forward security properties for Public-key Encryption with Keyword Search (PEKS) schemes, which allow a client to store encrypted data and delegate search operations to a server. The proposed properties guarantee that the client's privacy is protected to the maximum extent even if his private key is compromised in the future. Motivated by the generic transformation from anonymous Identity-Based Encryption (IBE) to PEKS, we correspondingly propose some forward security properties for IBE, in which case we assume the attacker learns the master secret key. We then study several existing PEKS and IBE schemes, including a PEKS scheme by Nishioka, an IBE scheme by Boneh, Raghunathan and Segev, and an IBE scheme by Arriaga, Tang and Ryan. Our analysis indicates that the proposed forward security properties can be achieved by some of these schemes if the attacker is RO-non-adaptive (the attacker does not define its distributions based on the random oracle). Finally, we propose the concept of correlated-input indistinguishable hash function and show how to extend the Boyen-Waters anonymous IBE scheme to achieve the forward security properties against adaptive attackers.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Minor revision. ACISP 2015
Keywords
PEKSIBEForward SecrecyTrapdoor PrivacyFunction Privacy
Contact author(s)
qiang tang @ uni lu
History
2015-04-13: revised
2014-07-18: received
See all versions
Short URL
https://ia.cr/2014/560
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2014/560,
      author = {Qiang Tang},
      title = {Towards Forward Security Properties for {PEKS} and {IBE}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2014/560},
      year = {2014},
      url = {https://eprint.iacr.org/2014/560}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.