We construct the first tightly secure hierarchical identity-based encryption (HIBE) scheme based on standard assumptions, which solves an open problem from Blazy, Kiltz, and Pan (CRYPTO 2014). At the core of our constructions is a novel randomization technique that enables us to randomize user secret keys for identities with flexible length. The security reductions of previous HIBEs lose at least a factor of Q, which is the number of user secret key queries. Different to that, the security loss of our schemes is only dependent on the security parameter. Our schemes are adaptively secure based on the Matrix Diffie-Hellman assumption, which is a generalization of standard Diffie-Hellman assumptions such as k-Linear. We have two tightly secure constructions, one with constant ciphertext size, and the other with tighter security at the cost of linear ciphertext size. Among other things, our schemes imply the first tightly secure identity-based signature scheme by a variant of the Naor transformation.

中文翻译：

---

高度安全的基于身份的分层加密

我们基于标准假设构建了第一个高度安全的基于身份的分层加密 (HIBE) 方案，该方案解决了 Blazy、Kiltz 和 Pan (CRYPTO 2014) 的一个开放问题。我们构建的核心是一种新颖的随机化技术，它使我们能够为具有灵活长度的身份随机化用户密钥。之前 HIBE 的安全性降低至少损失了一个因子 Q，即用户密钥查询的数量。与此不同的是，我们方案的安全损失仅取决于安全参数。我们的方案基于 Matrix Diffie-Hellman 假设是自适应安全的，这是标准 Diffie-Hellman 假设（例如 k-Linear）的推广。我们有两种紧密安全的结构，一种具有恒定的密文大小，另一个以线性密文大小为代价具有更严格的安全性。除此之外，我们的方案通过 Naor 转换的变体暗示了第一个严格安全的基于身份的签名方案。