Abstract
We construct the first tightly secure hierarchical identity-based encryption (HIBE) scheme based on standard assumptions, which solves an open problem from Blazy, Kiltz, and Pan (CRYPTO 2014). At the core of our constructions is a novel randomization technique that enables us to randomize user secret keys for identities with flexible length.
The security reductions of previous HIBEs lose at least a factor of Q, which is the number of user secret key queries. Different to that, the security loss of our schemes is only dependent on the security parameter. Our schemes are adaptively secure based on the Matrix Diffie-Hellman assumption, which is a generalization of standard Diffie-Hellman assumptions such as k-Linear. We have two tightly secure constructions, one with constant ciphertext size, and the other with tighter security at the cost of linear ciphertext size. Among other things, our schemes imply the first tightly secure identity-based signature scheme by a variant of the Naor transformation.
Article PDF
Similar content being viewed by others
References
Abe, Masayuki, Hofheinz, Dennis, Nishimaki, Ryo, Ohkubo, Miyako, Pan, Jiaxin: Compact structure-preserving signatures with almost tight security. In: Katz, Jonathan, Shacham, Hovav (eds.) CRYPTO 2017. Part II, volume 10402 of LNCS, pp. 548–580. Springer, Heidelberg (August 2017)
Boneh, Dan, Franklin, Matthew K.: Identity-based encryption from the Weil pairing. In: Kilian, Joe (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (August 2001)
Christoph Bader, Dennis Hofheinz, Tibor Jager, Eike Kiltz, and Yong Li. Tightly-secure authenticated key exchange. In Yevgeniy Dodis and Jesper Buus Nielsen, editors, TCC 2015, Part I, volume 9014 of LNCS, pages 629–658. Springer, Heidelberg, March 2015
Blazy, Olivier, Kiltz, Eike, Pan, Jiaxin: (Hierarchical) identity-based encryption from affine message authentication. In: Garay, Juan A., Gennaro, Rosario (eds.) CRYPTO 2014. Part I, volume 8616 of LNCS, pp. 408–425. Springer, Heidelberg (August 2014)
Chen, Jie, Gay, Romain, Wee, Hoeteck: Improved dual system ABE in prime-order groups via predicate encodings. In: Oswald, Elisabeth, Fischlin, Marc (eds.) EUROCRYPT 2015. Part II, volume 9057 of LNCS, pp. 595–624. Springer, Heidelberg (April 2015)
Canetti, Ran, Halevi, Shai, Katz, Jonathan: Chosen-ciphertext security from identity-based encryption. In: Cachin, Christian, Camenisch, Jan (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 207–222. Springer, Heidelberg (May 2004)
Chen, Jie: Hoon Wei Lim, San Ling, Huaxiong Wang, and Hoeteck Wee. Shorter IBE and signatures via asymmetric pairings. In: Abdalla, Michel, Lange, Tanja (eds.) PAIRING 2012. LNCS, vol. 7708, pp. 122–140. Springer, Heidelberg (May 2013)
Cocks, Clifford: An identity based encryption scheme based on quadratic residues. In: Honary, Bahram (ed.) 8th IMA International Conference on Cryptography and Coding. LNCS, vol. 2260, pp. 360–363. Springer, Heidelberg (December 2001)
Chen, Jie, Wee, Hoeteck: Fully, (almost) tightly secure IBE and dual system groups. In: Canetti, Ran, Garay, Juan A. (eds.) CRYPTO 2013. Part II, volume 8043 of LNCS, pp. 435–460. Springer, Heidelberg (August 2013)
Escala, Alex, Herold, Gottfried, Kiltz, Eike, Ràfols, Carla, Villar, Jorge: An algebraic framework for Diffie-Hellman assumptions. In: Canetti, Ran, Garay, Juan A. (eds.) CRYPTO 2013. Part II, volume 8043 of LNCS, pp. 129–147. Springer, Heidelberg (August 2013)
Gong, Junqing, Cao, Zhenfu, Tang, Shaohua, Chen, Jie: Extended dual system group and shorter unbounded hierarchical identity based encryption. Designs, Codes and Cryptography 80(3), 525–559 (Sep 2016)
Junqing Gong, Xiaolei Dong, Jie Chen, and Zhenfu Cao. Efficient IBE with tight reduction to standard assumption in the multi-challenge setting. In Jung Hee Cheon and Tsuyoshi Takagi, editors, ASIACRYPT 2016, Part II, volume 10032 of LNCS, pages 624–654. Springer, Heidelberg, December 2016
Craig Gentry. Practical identity-based encryption without random oracles. In Serge Vaudenay, editor, EUROCRYPT 2006, volume 4004 of LNCS, pages 445–464. Springer, Heidelberg, May / June 2006
Romain Gay, Dennis Hofheinz, Lisa Kohl, and Jiaxin Pan. More efficient (almost) tightly secure structure-preserving signatures. In Jesper Buus Nielsen and Vincent Rijmen, editors, EUROCRYPT 2018, Part II, volume 10821 of LNCS, pages 230–258. Springer, Heidelberg, April / May 2018
Gay, Romain, Hofheinz, Dennis, Kiltz, Eike, Wee, Hoeteck: Tightly CCA-secure encryption without pairings. In: Fischlin, Marc, Coron, Jean-Sébastien (eds.) EUROCRYPT 2016. Part I, volume 9665 of LNCS, pp. 1–27. Springer, Heidelberg (May 2016)
Gentry, Craig, Silverberg, Alice: Hierarchical ID-based cryptography. In: Zheng, Yuliang (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (December 2002)
Hesse, Julia, Hofheinz, Dennis, Kohl, Lisa: On tightly secure non-interactive key exchange. In: Shacham, Hovav, Boldyreva, Alexandra (eds.) CRYPTO 2018. Part II, volume 10992 of LNCS, pp. 65–94. Springer, Heidelberg (August 2018)
Hofheinz, Dennis, Jager, Tibor: Tightly secure signatures and public-key encryption. In: Safavi-Naini, Reihaneh, Canetti, Ran (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 590–607. Springer, Heidelberg (August 2012)
Hofheinz, Dennis, Jia, Dingding, Pan, Jiaxin: Identity-based encryption tightly secure under chosen-ciphertext attacks. In: Peyrin, Thomas, Galbraith, Steven (eds.) ASIACRYPT 2018. Part II, volume 11273 of LNCS, pp. 190–220. Springer, Heidelberg (December 2018)
Hofheinz, Dennis, Kiltz, Eike: Secure hybrid encryption from weakened key encapsulation. In: Menezes, Alfred (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 553–571. Springer, Heidelberg (August 2007)
Dennis Hofheinz, Jessica Koch, and Christoph Striecks. Identity-based encryption with (almost) tight security in the multi-instance, multi-ciphertext setting. In Jonathan Katz, editor, PKC 2015, volume 9020 of LNCS, pages 799–822. Springer, Heidelberg, March / April 2015
Jeremy Horwitz and Ben Lynn. Toward hierarchical identity-based encryption. In Lars R. Knudsen, editor, EUROCRYPT 2002, volume 2332 of LNCS, pages 466–481. Springer, Heidelberg, April / May 2002
Charanjit, S.: Jutla and Arnab Roy. Shorter quasi-adaptive NIZK proofs for linear subspaces. In: Sako, Kazue, Sarkar, Palash (eds.) ASIACRYPT 2013. Part I, volume 8269 of LNCS, pp. 1–20. Springer, Heidelberg (December 2013)
Eike Kiltz and Gregory Neven. Identity-based signatures. In Marc Joye and Gregory Neven, editors, Identity-Based Cryptography. IOS Press, 2009
Eike Kiltz, Jiaxin Pan, and Hoeteck Wee. Structure-preserving signatures from standard assumptions, revisited. In Rosario Gennaro and Matthew J. B. Robshaw, editors, CRYPTO 2015, Part II, volume 9216 of LNCS, pages 275–295. Springer, Heidelberg, August 2015
Kiltz, Eike, Wee, Hoeteck: Quasi-adaptive NIZK for linear subspaces revisited. In: Oswald, Elisabeth, Fischlin, Marc (eds.) EUROCRYPT 2015. Part II, volume 9057 of LNCS, pp. 101–128. Springer, Heidelberg (April 2015)
Allison, B.: Lewko. Tools for simulating features of composite order bilinear groups in the prime order setting. In: Pointcheval, David, Johansson, Thomas (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 318–335. Springer, Heidelberg (April 2012)
Langrehr, Roman, Pan, Jiaxin: Tightly secure hierarchical identity-based encryption. In: Lin, Dongdai, Sako, Kazue (eds.) PKC 2019. Part I, volume 11442 of LNCS, pp. 436–465. Springer, Heidelberg (April 2019)
Allison, B.: Lewko and Brent Waters. Why proving HIBE systems secure is difficult. In: Nguyen, Phong Q., Oswald, Elisabeth (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 58–76. Springer, Heidelberg (May 2014)
Moni Naor and Omer Reingold. On the construction of pseudo-random permutations: Luby-Rackoff revisited (extended abstract). In 29th ACM STOC, pages 189–199. ACM Press, May 1997
Adi Shamir. Identity-based cryptosystems and signature schemes. In G. R. Blakley and David Chaum, editors, CRYPTO'84, volume 196 of LNCS, pages 47–53. Springer, Heidelberg, August 1984
Ryuichi Sakai, Kiyoshi Ohgishi, and Masao Kasahara. Cryptosystems based on pairing. In SCIS 2000, Okinawa, Japan, January 2000
Elaine Shi and Brent Waters. Delegating capabilities in predicate encryption systems. In Luca Aceto, Ivan Damgård, Leslie Ann Goldberg, Magnús M. Halldórsson, Anna Ingólfsdóttir, and Igor Walukiewicz, editors, ICALP 2008, Part II, volume 5126 of LNCS, pages 560–578. Springer, Heidelberg, July 2008
Brent, R.: Waters. Efficient identity-based encryption without random oracles. In: Cramer, Ronald (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (May 2005)
Waters, Brent: Dual system encryption: Realizing fully secure IBE and HIBE under simple assumptions. In: Halevi, Shai (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (August 2009)
Wee, Hoeteck: Dual system encryption via predicate encodings. In: Lindell, Yehuda (ed.) TCC 2014. LNCS, vol. 8349, pp. 616–637. Springer, Heidelberg (February 2014)
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by Masayuki Abe
Most of this work were done when both authors were at Karlsruhe Institute of Technology (KIT), Germany. In particular, J. Pan was employed at the group of Dennis Hofheinz and supported by DFG grant HO 4534/4-1.
Rights and permissions
Open Access This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons licence, and indicate if changes were made. The images or other third party material in this article are included in the article's Creative Commons licence, unless indicated otherwise in a credit line to the material. If material is not included in the article's Creative Commons licence and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this licence, visit http://creativecommons.org/licenses/by/4.0/.
About this article
Cite this article
Langrehr, R., Pan, J. Tightly Secure Hierarchical Identity-Based Encryption. J Cryptol 33, 1787–1821 (2020). https://doi.org/10.1007/s00145-020-09356-x
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00145-020-09356-x