scholarly journals Tightly Secure Hierarchical Identity-Based Encryption

2020 ◽  
Vol 33 (4) ◽  
pp. 1787-1821
Author(s):  
Roman Langrehr ◽  
Jiaxin Pan
Keyword(s):  
Signature Scheme ◽  
Secret Key ◽  
The Core ◽  
Identity Based Encryption ◽  
Diffie Hellman ◽  
Security Parameter ◽  
The Matrix ◽  
Secret Keys ◽  
Identity Based ◽  
The Cost

Abstract We construct the first tightly secure hierarchical identity-based encryption (HIBE) scheme based on standard assumptions, which solves an open problem from Blazy, Kiltz, and Pan (CRYPTO 2014). At the core of our constructions is a novel randomization technique that enables us to randomize user secret keys for identities with flexible length. The security reductions of previous HIBEs lose at least a factor of Q, which is the number of user secret key queries. Different to that, the security loss of our schemes is only dependent on the security parameter. Our schemes are adaptively secure based on the Matrix Diffie-Hellman assumption, which is a generalization of standard Diffie-Hellman assumptions such as k-Linear. We have two tightly secure constructions, one with constant ciphertext size, and the other with tighter security at the cost of linear ciphertext size. Among other things, our schemes imply the first tightly secure identity-based signature scheme by a variant of the Naor transformation.

Server-aided Revocable IBE with Identity Reuse

2019 ◽  
Vol 63 (4) ◽  
pp. 620-632
Author(s):  
Xuecheng Ma ◽  
Dongdai Lin
Keyword(s):  
System Model ◽  
Secret Key ◽  
Critical Problem ◽  
Identity Based Encryption ◽  
The Standard Model ◽  
Secret Keys ◽  
Identity Based ◽  
Key Revocation ◽  
Key Exposure

Abstract Efficient key revocation in Identity-based Encryption (IBE) has been a both fundamental and critical problem when deploying an IBE system in practice. Boneh and Franklin proposed the first revocable IBE (RIBE) scheme where the size of key updates is linear in the number of users. Then, Boldyreva, Goyal and Kumar proposed the first scalable RIBE by using the tree-based approach where the size of key updates is $O(r\log (N/r))$ and the size of every user’s long-term secret key is $O(\log N)$ with $N$ being the number of users and $r$ the number of revoked users. Recently, Qin et al. presented the notion of server-aided RIBE where the size of every user’s long-term secret key is $O(1),$ and users do not need to communicate with Key Generator Center (KGC) during every key updates. However, users must change their identities once their secret keys are revoked as they cannot decrypt ciphertexts by using their revoked secret keys. To address the above problem, we formalize the notion of RIBE with identity reuse. In our system model, users can obtain a new secret key called the reuse secret key from KGC when their secret keys are revoked. The decryption key can be derived from the reuse secret key and new key updates while it cannot be derived from the revoked secret key and the new key updates. We present a concrete construction that is secure against adaptive-ID chosen plaintext attacks and decryption key exposure attacks under the $\mathsf{ADDH}1$ and $\mathsf{DDH}2$ assumptions in the standard model. Furthermore, we extend it to server-aided RIBE scheme with identity reuse property that is more suitable for lightweight devices.

Hiding Data in Plain Sight: Towards Provably Unbreakable Encryption with Short Secret Keys and One-Way Functions

2021 ◽  
Author(s):  
Mircea-Adrian Digulescu
Keyword(s):  
Encryption Scheme ◽  
Secret Key ◽  
Small Probability ◽  
Random Data ◽  
Computing Power ◽  
Plain Text ◽  
Secret Keys ◽  
The One ◽  
One Way Function ◽  
The Cost

It has long been known that cryptographic schemes offering provably unbreakable security exist, namely the One Time Pad (OTP). The OTP, however, comes at the cost of a very long secret key - as long as the plain-text itself. In this paper we propose an encryption scheme which we (boldly) claim offers the same level of security as the OTP, while allowing for much shorter keys, of size polylogarithmic in the computing power available to the adversary. The Scheme requires a large sequence of truly random words, of length polynomial in the both plain-text size and the logarithm of the computing power the adversary has. We claim that it ensures such an attacker cannot discern the cipher output from random data, except with small probability. We also show how it can be adapted to allow for several plain-texts to be encrypted in the same cipher output, with almost independent keys. Also, we describe how it can be used in lieu of a One Way Function.

Research on Identity-Based Encryption Scheme for Grid Computing System

2014 ◽  
Vol 543-547 ◽  
pp. 3156-3159
Author(s):  
Qing Hai Bai ◽  
Ying Zheng ◽  
Qing Hu Wang ◽  
Guo Li Wei ◽  
Hai Chun Zhao ◽  
...  
Keyword(s):  
Grid Computing ◽  
Data Transmission ◽  
Computing System ◽  
Grid Service ◽  
Encryption Scheme ◽  
Grid System ◽  
Identity Based Encryption ◽  
Diffie Hellman ◽  
Long Run ◽  
Identity Based

Grid system has secure requirements of confidential communication, data integrity and non-repudiation. According to the secure requirements for Grid service, the paper proposed an identity-based encryption scheme for Grid, which can solve a series of problem: the privacy of data transmission, validation of integrity of data, key update after long run time and non-repudiation. The scheme is constructed by bilinear paring on elliptic cures and its security can be reduced to the computational Bilinear Diffie-Hellman assumption. Finally, the authors analyses the security and efficiency of this scheme.

scholarly journals Provably Secure Identity-Based Encryption and Signature over Cyclotomic Fields

2019 ◽  
Vol 2019 ◽  
pp. 1-13
Author(s):  
Yang Wang ◽  
Mingqiang Wang ◽  
Jingdan Zou ◽  
Jin Xu ◽  
Jing Wang
Keyword(s):  
Key Management ◽  
Cyclotomic Field ◽  
Cyclotomic Fields ◽  
Secret Key ◽  
Worst Case ◽  
Identity Based Encryption ◽  
Management Procedures ◽  
Identity Based ◽  
Identity Based Cryptography ◽  
Provably Secure

Identity-based cryptography is a type of public key cryptography with simple key management procedures. To our knowledge, till now, the existing identity-based cryptography based on NTRU is all over power-of-2 cyclotomic rings. Whether there is provably secure identity-based cryptography over more general fields is still open. In this paper, with the help of the results of collision resistance preimage sampleable functions (CRPSF) over cyclotomic fields, we give concrete constructions of provably secure identity-based encryption schemes (IBE) and identity-based signature schemes (IBS) based on NTRU over any cyclotomic field. Our IBE schemes are provably secure under adaptive chosen-plaintext and adaptive chosen-identity attacks, meanwhile, our IBS schemes are existentially unforgeable against adaptively chosen message and adaptively chosen identity attacks for any probabilistic polynomial time (PPT) adversary in the random oracle model. The securities of both schemes are based on the worst-case approximate shortest independent vectors problem (SIVPγ) over corresponding ideal lattices. The secret key size of our IBE (IBS) scheme is short—only one (two) ring element(s). The ciphertext (signature) is also short—only two (three) ring elements. Meanwhile, as the case of NTRUEncrypt, our IBE scheme could encrypt n bits in each encryption process. These properties may make our schemes have more advantages for some IoT applications over postquantum world in theory.

scholarly journals Identity-Based Key Exchange on In-Vehicle Networks: CAN-FD & FlexRay

Sensors ◽  
2019 ◽  
Vol 19 (22) ◽  
pp. 4919
Author(s):  
Bogdan Groza ◽  
Pal-Stefan Murvay
Keyword(s):  
Bilinear Pairings ◽  
Group Extension ◽  
Key Exchange ◽  
Area Network ◽  
Secret Key ◽  
Cryptographic Primitives ◽  
Diffie Hellman ◽  
Vehicle Networks ◽  
Identity Based ◽  
Diffie Hellman Key Exchange

Security has become critical for in-vehicle networks as they carry safety-critical data from various components, e.g., sensors or actuators, and current research proposals were quick to react with cryptographic protocols designed for in-vehicle buses, e.g., CAN (Controller Area Network). Obviously, the majority of existing proposals are built on cryptographic primitives that rely on a secret shared key. However, how to share such a secret key is less obvious due to numerous practical constraints. In this work, we explore in a comparative manner several approaches based on a group extension of the Diffie–Hellman key-exchange protocol and identity-based authenticated key agreements. We discuss approaches based on conventional signatures and identity-based signatures, garnering advantages from bilinear pairings that open road to several well-known cryptographic constructions: short signatures, the tripartite Diffie–Hellman key exchange and identity-based signatures or key exchanges. Pairing-based cryptographic primitives do not come computationally cheap, but they offer more flexibility that leads to constructive advantages. To further improve on performance, we also account for pairing-free identity-based key exchange protocols that do not require expensive pairing operations nor explicit signing of the key material. We present both computational results on automotive-grade controllers as well as bandwidth simulations with industry-standard tools, i.e., CANoe, on modern in-vehicle buses CAN-FD and FlexRay.

Leakage-Resilient Hierarchical Identity-Based Encryption with Recipient Anonymity

2019 ◽  
Vol 30 (04) ◽  
pp. 665-681
Author(s):  
Yinghui Zhang ◽  
Menglei Yang ◽  
Dong Zheng ◽  
Tiantian Zhang ◽  
Rui Guo ◽  
...  
Keyword(s):  
Data Security ◽  
Secret Key ◽  
Leakage Resilience ◽  
Identity Based Encryption ◽  
Cryptographic Primitive ◽  
Dual System Encryption ◽  
The Standard Model ◽  
Leakage Resilient ◽  
Key Leakage ◽  
Identity Based

As a promising public key cryptographic primitive, hierarchical identity-based encryption (HIBE) introduces key delegation mechanisms into identity-based encryption. However, key leakage and recipient anonymity issues have not been adequately addressed in HIBE. Hence, direct applications of traditional HIBE schemes will violate data security and abuse users’ privacy in practice. In this paper, we propose an anonymous unbounded hierarchical identity-based encryption scheme, which achieves bounded leakage resilience and the hierarchy depth is not limited. Our security proofs based on the dual system encryption technique show that the proposed scheme is capable of resisting key leakage and it realizes recipient anonymity in the standard model. In addition, leakage resilience analysis indicates that our scheme allows the leakage rate of approximate 1/3 no matter the hierarchy depth of identities. Finally, performance comparisons show the practicability of our scheme. In particular, the secret key of our construction is of a fixed-length.

Secure and Efficient Certificateless Signature and Blind Signature Scheme from Pairings

2013 ◽  
Vol 457-458 ◽  
pp. 1262-1265
Author(s):  
Min Qin Chen ◽  
Qiao Yan Wen ◽  
Zheng Ping Jin ◽  
Hua Zhang
Keyword(s):  
Random Oracle Model ◽  
Public Key Cryptography ◽  
Random Oracle ◽  
Blind Signature ◽  
Public Key ◽  
Signature Scheme ◽  
Signature Schemes ◽  
Diffie Hellman ◽  
Identity Based ◽  
Certificateless Signature

Based an identity-based signature scheme, we givea certificateless signature scheme. And then we propose a certificateless blind signature (CLBS) scheme in this paper. This schemeis more efficient than those of previous schemes by pre-computing the pairing e (P, P)=g. Based on CL-PKC, it eliminates theusing of certificates in the signature scheme with respect to thetraditional public key cryptography (PKC) and solves key escrowproblems in ID-based signature schemes. Meanwhile it retains themerits of BS schemes. The proposed CLBS scheme is existentialunforgeable in the random oracle model under the intractabilityof the q-Strong Diffie-Hellman problem.

scholarly journals Identity-based threshold group signature scheme based on multiple hard number theoretic problems

2020 ◽  
Vol 10 (4) ◽  
pp. 3695
Author(s):  
Nedal Tahat ◽  
Ashraf A. Tahat
Keyword(s):  
Discrete Logarithm ◽  
Minimum Cost ◽  
Difficult Problem ◽  
Group Signature ◽  
Signature Scheme ◽  
Signature Schemes ◽  
Private Data ◽  
Intractable Problems ◽  
Secret Keys ◽  
Identity Based

We introduce in this paper a new identity-based threshold signature (IBTHS) technique, which is based on a pair of intractable problems, residuosity and discrete logarithm. This technique relies on two difficult problems and offers an improved level of security relative to an individual hard problem. The majority of the denoted IBTHS techniques are established on an individual difficult problem. Despite the fact that these methods are secure, however, a prospective solution of this sole problem by an adversary will enable him/her to recover the entire private data together with secret keys and configuration values of the associated scheme. Our technique is immune to the four most familiar attack types in relation to the signature schemes. Enhanced performance of our proposed technique is verified in terms of minimum cost of computations required by both of the signing algorithm and the verifying algorithm in addition to immunity to attacks.

scholarly journals Identity Based Encryption and Identity Based Signature Scheme: A Research on Security Schemes

2019 ◽  
Vol 8 (6S4) ◽  
pp. 1330-1337
Keyword(s):  
Key Management ◽  
Public Key Cryptography ◽  
Public Key Infrastructure ◽  
Public Key ◽  
Signature Scheme ◽  
Certificate Authority ◽  
Identity Based Encryption ◽  
Computer Based ◽  
Identity Based ◽  
To Receive

In computer based system, key for the problem of identification, authentication and secrecy can be found in the field of cryptography. Dependence on public key infrastructure and to receive certificates signed by Certificate Authority (CA) to authenticate oneself for exchange of encrypted messages is one of the most significant limitation for the widespread adoption of Public Key Cryptography (PKC) as this process is time engrossing and error prone. Identity based cryptography (IBC) aspires to reduce the certificate and key management overhead of PKC. IBC’s important primordial is Identity-based Encryption (IBE). IBE provided emergent for perception of Identity based signature (IBS) schemes. In this paper, overview of IBE and IBS schemes has been given. Also, a survey on various IBE and IBS schemes has been performed to review different problems related to them. Finally, feasibility and applicability of IBC in current and future environments has been discussed.

Sign in / Sign up

Export Citation Format

Share Document