International Journal of Information Security

, Volume 18, Issue 2, pp 141–162 | Cite as

Identifier discrimination: realizing selective-ID HIBE with authorized delegation and dedicated encryption privacy

  • Jian-Wu ZhengEmail author
  • Jing Zhao
  • Xin-Ping Guan
Regular Contribution


It has been almost one and a half decades since the introduction of the concept of hierarchical identity-based encryption (HIBE) systems, and many pairing-based HIBE systems have been proposed; however, how to achieve independent private key delegation in HIBE systems is still open. Independent private key delegation in HIBE systems requires that the following three conditions are satisfied: (1) private keys are not valid delegation credentials for deriving descendants’ private keys, (2) any entity intending to derive a private key for any one of its descendants should own a valid delegation credential distributed by the root private key generator (PKG), and (3) a credential is only valid for deriving private keys for a given descendant. We present a new technique for composing private keys for entities in HIBE systems that we call identifier discrimination, aiming at resolving the problem of independent private key delegation. With the technique, we construct a selective identity secure HIBE system under the decisional bilinear Diffie–Hellman (DBDH) assumption in the standard model with the following properties. (1) Every entity in the HIBE system is prevented from deriving private keys for its descendants with the only use of its private key and the public parameters. (2) The root PKG can delegate the privilege (if needed) of generating private keys for each individual entity to any of its ancestors through authorization that we call authorized delegation, by distributing a specifically crafted secret (delegation credential) to the ancestor. (3) The encryption privacy of each ciphertext for its intended recipient is achieved, that is, ciphertexts encrypted on identity of any entity cannot be decrypted by any of its ancestors that we call dedicated encryption privacy.


Hierarchical identity-based encryption Authorized delegation Encryption privacy Identifier discrimination 


  1. 1.
    Boneh, D., Franklin, M.K.: Identity-based encryption from the weil pairing. In: Proceedings of the 21st Annual International Cryptology Conference on Advances in Cryptology, CRYPTO’01, London, UK, pp. 213–229, Springer-Verlag (2001)Google Scholar
  2. 2.
    Cocks, C.: An identity based encryption scheme based on quadratic residues. In: Honary, B. (ed.) Proceedings of the 8th IMA International Conference on Cryptography and Coding, LNCS, vol. 2260, pp. 360–363, Springer, Berlin (2001)Google Scholar
  3. 3.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G., Chaum, D. (eds.) Advances in Cryptology, LNCS, vol. 196, pp. 47–53. Springer, Berlin (1985)CrossRefGoogle Scholar
  4. 4.
    Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)MathSciNetCrossRefzbMATHGoogle Scholar
  5. 5.
    Horwitz, J., Lynn, B.: Toward hierarchical identity-based encryption. In: Knudsen, L. (ed.) Advances in Cryptology–EUROCRYPT 2002, LNCS, vol. 2332, pp. 466–481. Springer, Berlin (2002)CrossRefGoogle Scholar
  6. 6.
    Gentry, C., Silverberg, A.: Hierarchical id-based cryptography. In: Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology, ASIACRYPT’02, London, UK, pp. 548–566, Springer-Verlag, (2002)Google Scholar
  7. 7.
    Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. In: Biham, E. (ed.) Advances in Cryptology–EUROCRYPT 2003, LNCS, vol. 2656, pp. 255–271. Springer, Berlin (2003)CrossRefGoogle Scholar
  8. 8.
    Boneh, D., Boyen, X.: Efficient selective-id secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J. (eds.) Advances in Cryptology–EUROCRYPT 2004, LNCS, vol. 3027, pp. 223–238. Springer, Berlin (2004)CrossRefGoogle Scholar
  9. 9.
    Boneh, D., Boyen, X.: Efficient selective identity-based encryption without random oracles. J. Cryptol. 24(4), 659–693 (2011)MathSciNetCrossRefzbMATHGoogle Scholar
  10. 10.
    Boneh, D., Boyen, X.: Secure identity based encryption without random oracles. In: Franklin, M. (ed.) Advances in Cryptology–CRYPTO 2004, LNCS, vol. 3152, pp. 443–459. Springer, Berlin (2004)CrossRefGoogle Scholar
  11. 11.
    Boneh, D., Boyen, X., Goh, E.J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) Advances in Cryptology–EUROCRYPT 2005, LNCS, vol. 3494, pp. 440–456. Springer, Berlin (2005)CrossRefGoogle Scholar
  12. 12.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) Advances in Cryptology–EUROCRYPT 2005, LNCS, vol. 3494, pp. 114–127. Springer, Berlin (2005)CrossRefGoogle Scholar
  13. 13.
    Waters, B.: Dual system encryption: Realizing fully secure ibe and hibe under simple assumptions. In: Halevi, S. (ed.) Advances in Cryptology–CRYPTO 2009, LNCS, vol. 5677, pp. 619–636. Springer, Berlin (2009)CrossRefGoogle Scholar
  14. 14.
    Lewko, A., Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Micciancio, D. (ed.) Theory of Cryptography, LNCS, vol. 5978, pp. 455–479. Springer, Berlin (2010)CrossRefGoogle Scholar
  15. 15.
    Chow, S.S.M.: Removing escrow from identity-based encryption. In: Jarecki, S., Tsudik, G. (eds.) Public Key Cryptography—PKC 2009: 12th International Conference on Practice and Theory in Public Key Cryptography, Irvine, CA, USA, March 18-20, 2009. Proceedings, Berlin, Heidelberg, pp. 256–276, Springer Berlin Heidelberg, (2009)Google Scholar
  16. 16.
    Boyen, X., Waters, B.: Anonymous hierarchical identity-based encryption (without random oracles). Advances in Cryptology-CRYPTO 2006, pp. 290–307 (2006)Google Scholar
  17. 17.
    Boyen, x: Multipurpose Identity-Based Signcryption. Crypto, LNCS, vol. 3, pp. 383–399. Springer, New York (2003)zbMATHGoogle Scholar
  18. 18.
    Gentry, C.: Practical Identity-Based Encryption Without Random Oracles. Eurocrypt, LNCS, vol. 4004, pp. 445–464. Springer, New York (2006)zbMATHGoogle Scholar
  19. 19.
    Boneh, D., Di Crescenzo, G., Ostrovsky, R., Persiano, G.:: Public key encryption with keyword search. Eurocrypt, LNCS, vol. 3077, pp. 506–522. Springer, New York (2004)zbMATHGoogle Scholar
  20. 20.
    Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions, Crypto, LNCS, vol. 3621, pp. 205–222. Springer, New York (2005)zbMATHGoogle Scholar
  21. 21.
    Seo, J.H., Kobayashi, T., Ohkubo, M., Suzuki, K.: Anonymous Hierarchical Identity-Based Encryption with Constant Size Ciphertexts. Public Key Cryptography, LNCS, vol. 5443, pp. 215–234. Springer, New York (2009)zbMATHGoogle Scholar
  22. 22.
    Sui, A., Chow, S.S.M., Hui, L.C.K., Yiu, S.M., Chow, K.P., Tsang, W.W., Chong, C.F., Pun, K.H., Chan, H.W.: Separable and anonymous identity-based key issuing. In: 11th International Conference on Parallel and Distributed Systems (ICPADS’05), pp. 275–279, (2005)Google Scholar
  23. 23.
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: Proceedings of the Fortieth Annual ACM Symposium on Theory of Computing, STOC ’08, New York, NY, USA, pp. 197–206, ACM, (2008)Google Scholar
  24. 24.
    Agrawal, S., Boneh, D., Boyen, X.: Efficient lattice (h)ibe in the standard model. In: Gilbert, H. (ed.) Advances in Cryptology–EUROCRYPT 2010: 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, French Riviera, May 30 – June 3, 2010. Proceedings, Berlin, Heidelberg, pp. 553–572, Springer Berlin Heidelberg, (2010)Google Scholar
  25. 25.
    Cash, D., Hofheinz, D., Kiltz, E., Peikert, C.: Bonsai trees, or how to delegate a lattice basis. J. Cryptol. 25(4), 601–639 (2012)MathSciNetCrossRefzbMATHGoogle Scholar
  26. 26.
    Boneh, D., Gentry, C., Hamburg, M.: Space-efficient identity based encryption without pairings. In: 48th Annual IEEE Symposium on Foundations of Computer Science, 2007. FOCS ’07. pp. 647–657, (2007)Google Scholar
  27. 27.
    Ateniese, G., Gasti, P.: Universally anonymous IBE based on the quadratic residuosity assumption. In: Fischlin, M. (ed.) Topics in Cryptology–CT-RSA 2009: The Cryptographers’ Track at the RSA Conference 2009, San Francisco, CA, USA, April 20-24, 2009. Proceedings, Berlin, Heidelberg, pp. 32–47, Springer Berlin Heidelberg, (2009)Google Scholar
  28. 28.
    Clear, M., Tewari, H., McGoldrick, C.: Anonymous ibe from quadratic residuosity with improved performance. In: Pointcheval, D., Vergnaud, D. (eds.) Progress in Cryptology–AFRICACRYPT 2014: 7th International Conference on Cryptology in Africa, Marrakesh, Morocco, May 28–30, 2014. Proceedings, Cham, pp. 377–397, Springer International Publishing, (2014)Google Scholar
  29. 29.
    Döttling, N., Garg, S.: Identity-based encryption from the diffie-hellman assumption. In: Katz, J., Shacham, H. (eds.) Advances in Cryptology–CRYPTO 2017: 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20–24, 2017, Proceedings, Part I, Cham, pp. 537–569, Springer International Publishing, (2017)Google Scholar
  30. 30.
    Brakerski, Z., Lombardi, A., Segev, G., Vaikuntanathan, V.: Anonymous IBE, leakage resilience and circular security from new assumptions. Cryptology ePrint Archive, Report 2017/967, (2017).
  31. 31.
    Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.S. (ed.) Advances in Cryptology–ASIACRYPT 2003: 9th International Conference on the Theory and Application of Cryptology and Information Security, Taipei, Taiwan, November 30–December 4, 2003. Proceedings, Berlin, Heidelberg, pp. 452–473, Springer Berlin Heidelberg, (2003)Google Scholar
  32. 32.
    Dent, A.W.: A survey of certificateless encryption schemes and security models. Int. J. Inf. Secur. 7(5), 349–377 (2008)CrossRefGoogle Scholar
  33. 33.
    Chow, S.S.M.: Certificateless Encryption, Identity-Based Cryptography. IOS Press, Amsterdam (2008)Google Scholar
  34. 34.
    Liu, J.K., Au, M.H., Susilo, W.: Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model. In: Proceedings of the 2nd ACM symposium on Information, computer and communications security, pp. 273–283, ACM, (2007)Google Scholar
  35. 35.
    Chow, S.S.M., Boyd, C., Nieto, J.M.G.: Security-mediated certificateless cryptography. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) Public Key Cryptography–PKC 2006: 9th International Conference on Theory and Practice in Public-Key Cryptography, New York, NY, USA, April 24-26, 2006. Proceedings, Berlin, Heidelberg, pp. 508–524, Springer Berlin Heidelberg, (2006)Google Scholar
  36. 36.
    Boneh, D., Ding, X., Tsudik, G.: Fine-grained control of security capabilities. ACM Trans. Inter. Technol. (TOIT) 4(1), 60–82 (2004)CrossRefGoogle Scholar
  37. 37.
    Chow, S.S.M., Roth, V., Rieffel, E.G.: General certificateless encryption and timed-release encryption. In: Ostrovsky, R., De Prisco, R., Visconti, I. (eds.) Security and Cryptography for Networks: 6th International Conference, SCN 2008, Amalfi, Italy, September 10-12, 2008. Proceedings, Berlin, Heidelberg, pp. 126–143, Springer Berlin Heidelberg, (2008)Google Scholar
  38. 38.
    Shacham, H.: The BBG HIBE has limited delegation. Cryptology ePrint Archive, Report 2007/201, 2007.
  39. 39.
    Canetti, R., Halevi, S., Katz, J.: A forward-secure public-key encryption scheme. J. Cryptol. 20(3), 265–294 (2007)MathSciNetCrossRefzbMATHGoogle Scholar

Copyright information

© Springer-Verlag GmbH Germany, part of Springer Nature 2018

Authors and Affiliations

  1. 1.Shijiazhuang Tiedao UniversityShijiazhuangChina
  2. 2.Shanghai Jiao Tong UniversityShanghaiChina

Personalised recommendations