Paper 2015/123

Identity-based encryption with (almost) tight security in the multi-instance, multi-ciphertext setting

Dennis Hofheinz, Jessica Koch, and Christoph Striecks


We construct an identity-based encryption (IBE) scheme that is tightly secure in a very strong sense. Specifically, we consider a setting with many instances of the scheme and many encryptions per instance. In this setting, we reduce the security of our scheme to a variant of a simple assumption used for a similar purpose by Chen and Wee (Crypto 2013). The security loss of our reduction is O(k) (where k is the security parameter). Our scheme is the first IBE scheme to achieve this strong flavor of tightness under a simple assumption. Technically, our scheme is a variation of the IBE scheme by Chen and Wee. However, in order to “lift” their results to the multi-instance, multi-ciphertext case, we need to develop new ideas. In particular, while we build on (and extend) their high-level proof strategy, we deviate significantly in the low-level proof steps.

Available format(s)
Public-key cryptography
Publication info
A minor revision of an IACR publication in PKC 2015
identity-based encryptiontight securitybilinear maps
Contact author(s)
Christoph Striecks @ kit edu
2015-02-26: received
Short URL
Creative Commons Attribution


      author = {Dennis Hofheinz and Jessica Koch and Christoph Striecks},
      title = {Identity-based encryption with (almost) tight security in the multi-instance, multi-ciphertext setting},
      howpublished = {Cryptology ePrint Archive, Paper 2015/123},
      year = {2015},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.