The security reductions of previous HIBEs lose at least a factor of Q, which is the number of user secret key queries. Different to that, the security loss of our schemes is only dependent on the security parameter. Our schemes are adaptively secure based on the Matrix Diffie-Hellman assumption, which is a generalization of standard Diffie-Hellman assumptions such as k-Linear. We have two tightly secure constructions, one with constant ciphertext size, and the other with tighter security at the cost of linear ciphertext size. Among other things, our schemes imply the first tightly secure identity-based signature scheme by a variant of the Naor transformation.
Category / Keywords: public-key cryptography / hierarchical identity-based encryption, tight security, affine message authentication codes Original Publication (with major differences): IACR-PKC-2019 Date: received 18 Jan 2019, last revised 27 Feb 2020 Contact author: roman langrehr at inf ethz ch, jiaxin pan at ntnu no Available format(s): PDF | BibTeX Citation Version: 20200227:210621 (All versions of this report) Short URL: ia.cr/2019/058