Designs, Codes and Cryptography

, Volume 79, Issue 1, pp 63–85 | Cite as

An efficient IBE scheme with tight security reduction in the random oracle model

  • Jong Hwan Park
  • Dong Hoon Lee


We present a new practical identity-based encryption (IBE) system that can be another candidate for standard IBE techniques. Our construction is based on a new framework for realizing an IBE trapdoor from pairing-based groups, which is motivated from the ‘two equation’ revocation technique suggested by Lewko et al. (IEEE Symposium on Security and Privacy, 2010). The new framework enables our IBE system to achieve a tight security reduction to the Decisional Bilinear Diffie–Hellman assumption in the random oracle model. Due to its the tightness, our system can take as input the shorter size of security parameters than the previous practical BF, SK, and \(\hbox {BB}_{1}\) systems, which provides better efficiency to our system in terms of computational cost.


Identity based encryption Bilinear maps Tight reduction 

Mathematics Subject Classification

68P25 94A60 



The authors would like to thank the reviewers for their helpful comments and suggestions for this paper. Jong Hwan Park was supported by Basic Science Research Program through the National Research Foundation of Korea (NRF) funded by the Ministry of Education, Science and Technology (NRF-2013R1A1A2009524). Dong Hoon Lee was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MEST) (No. 2010-0029121).


  1. 1.
    Abdalla M., Bellare M., Catalano D., Kiltz E., Kohno T., Lange T., Malone-Lee J., Neven G., Paillier P., Shi H.: Searchable encryption revisited: consistency properties, relation to anonymous IBE, and extensions. In: CRYPTO‘05, vol. 3621, pp. 205–222 (2005)Google Scholar
  2. 2.
    Agrawal S., Boneh D., Boyen X.: Efficient lattice (H)IBE in the standard model. In: EUROCRYPT‘10, vol. 6110, pp. 553–572 (2010)Google Scholar
  3. 3.
    Agrawal S., Boneh D., Boyen X.: Lattice basis delegation in fixed dimension and shorter-ciphertext hierarchical IBE. In: CRYPTO‘10, vol. 6223, pp. 98–115 (2010)Google Scholar
  4. 4.
    Agrawal S., Freeman D.F., Vaikuntanathan V.: Functional encryption for inner product predicates from learning with errors. In: ASIACRYPT‘11, vol. 7073, pp. 21–40 (2011)Google Scholar
  5. 5.
    Attrapadung N., Furukawa J., Gomi T., Hanaoka G., Imai H., Zhang R.: Efficient identity-based encryption with tight security reduction. In: CANS‘06, vol. 4301, pp. 19–36 (2006)Google Scholar
  6. 6.
    Bellare M., Rogaway P.: The exact security of digital signatures—how to sign with RSA and Rabin. In: EUROCRYPT‘96, vol. 1070, pp. 399–416 (1996)Google Scholar
  7. 7.
    Bellare M., Rogaway P.: Introduction to Modern Cryptography. University of California at San Diego (2005)Google Scholar
  8. 8.
    Bentahar K., Farshim P., Malone-Lee J., Smart N.P.: Generic constructions of identity-based and certificateless KEMs. J. Cryptol. 21(2), 178–199 (2008)Google Scholar
  9. 9.
    Bethencourt J., Sahai A., Waters B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy 2007, pp. 321–334 (2007)Google Scholar
  10. 10.
    Boneh D., Boyen X.: Efficient selective-id secure identity-based encryption without random oracles. In: EUROCRYPT‘04, vol. 3027, pp. 223–238 (2004)Google Scholar
  11. 11.
    Boneh D., Boyen X., Goh E.J.: Hierarchical identity based encryption with constant size ciphertext. In: EUROCRYPT‘05, vol. 3494, pp. 440–456 (2005)Google Scholar
  12. 12.
    Boneh D, Crescenzo G.D., Ostrovsky R., Persiano G.: Public key encryption with keyword search. In: EUROCRYPT‘04, vol. 3027, pp. 506–522 (2004)Google Scholar
  13. 13.
    Boneh D., Franklin M.K.: Identity-based encryption from the weil pairing. In: CRYPTO‘01, vol. 2139, pp. 213–229 (2001)Google Scholar
  14. 14.
    Boneh D., Gentry C., Hamburg M.: Space-efficient identity based encryption without pairings. In: FOCS‘07, pp. 647–657 (2007)Google Scholar
  15. 15.
    Boneh D., Sahai A., Waters B.: Functional encryption: definitions and challenges. In: TCC‘11, vol. 6597, pp. 253–273 (2011)Google Scholar
  16. 16.
    Boyen X.: A tapestry of identity-based encryption: practical frameworks compared. Int. J. Appl. Cryptogr. 1(1), 3–21 (2008)Google Scholar
  17. 17.
    Boyen X., Waters B.: Anonymous hierarchical identity-based encryption (without random oracles). In: CRYPTO‘06, vol. 4117, pp. 290–307 (2006)Google Scholar
  18. 18.
    Canetti R., Halevi S., Katz J.: A forward-secure public-key encryption scheme. In: EUROCRYPT03, vol. 2656, pp. 255–271 (2003)Google Scholar
  19. 19.
    Cash D, Hofheinz D, Kiltz E., Peikert C.: Bonsai trees, or how to delegate a lattice basis. In: EUROCRYPT10, vol. 6110, pp. 523–552 (2010)Google Scholar
  20. 20.
    Chen L., Cheng Z.: Security proof of Sakai-Kasahara’s identity-based encryption scheme. In: IMA‘05, vol. 3796, pp. 442–459 (2005)Google Scholar
  21. 21.
    Chen J., Wee H.: Fully, (almost) tightly secure ibe and dual system groups. In: CRYPTO‘13, vol. 8043, pp. 435–460 (2013)Google Scholar
  22. 22.
    Chen L., Cheng Z., Malone-Lee J., Smart N.P.: An efficient ID-kem based on the Sakai-Kasahara key construction. IEE Proc. Inf. Secur. 153(1), 19–26 (2006)Google Scholar
  23. 23.
    Cocks C.: An identity based encryption scheme based on quadratic residues. In: IMA‘01, vol. 2260, pp. 360–363 (2001)Google Scholar
  24. 24.
    Coron J.S.: A variant of Boneh-Franklin IBE with a tight reduction in the random oracle model. Des. Codes Cryptogr. 50(1), 115–133 (2009)Google Scholar
  25. 25.
    Cramer R., Shoup V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167–226 (2004)Google Scholar
  26. 26.
    Dodis Y., Fazio N.: Public key broadcast encryption for stateless receivers. In: DRM Workshop 2002, vol. 2696, pp. 61–80 (2002)Google Scholar
  27. 27.
    Fujisaki E., Okamoto T.: Secure integration of asymmetric and symmetric encryption schemes. In: CRYPTO‘99, vol. 1666, pp. 537–554 (1999)Google Scholar
  28. 28.
    Galindo D.: Boneh-Franklin identity based encryption revisited. In: ICALP‘05, vol. 3580, pp. 791–802 (2005)Google Scholar
  29. 29.
    Gentry C.: Practical identity-based encryption without random oracles. In: EUROCRYPT06, vol. 4004, pp. 445–464 (2006)Google Scholar
  30. 30.
    Gentry C., Halevi S.: Hierarchical identity based encryption with polynomially many levels. In: TCC‘09, vol. 5444, pp. 437–456 (2009)Google Scholar
  31. 31.
    Gentry C., Silverberg A.: Hierarchical id-based cryptography. In: ASIACRYPT‘02, vol. 2501, pp. 548–566 (2002)Google Scholar
  32. 32.
    Gentry C., Peikert C., Vaikuntanathan V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC‘08, pp. 197–206. ACM (2008)Google Scholar
  33. 33.
    Goh E.J., Jarecki S.: A signature scheme as secure as the diffie-hellman problem. In: EUROCRYPT‘03, vol. 2656, pp. 401–415 (2003)Google Scholar
  34. 34.
    Goyal V., Pandey O., Sahai A., Waters B.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM-CCS‘06, pp. 89–98. ACM (2006)Google Scholar
  35. 35.
    Horwitz J., Lynn B.: Toward hierarchical identity-based encryption. In: EUROCRYPT‘02, vol. 2332, pp. 466–481 (2002)Google Scholar
  36. 36.
    Katz J., Wang N.: Efficiency improvements for signature schemes with tight security reductions. In: ACM-CCS‘03, pp. 155–164. ACM (2003)Google Scholar
  37. 37.
    Kiltz E.: On the limitations of the spread of an IBE-to-PKE transformation. In: PKC‘06, vol. 3958, pp. 274–289 (2006)Google Scholar
  38. 38.
    Kiltz E., Galindo D.: Direct chosen-ciphertext secure identity-based key encapsulation without random oracles. In: ACISP‘06, vol. 4058, pp. 336–347 (2006)Google Scholar
  39. 39.
    Kiltz E., Vahlis Y.: CAA2 secure IBE: standard model efficiency through authenticated symmetric encryption. In: CT-RSA‘08, vol. 4964, pp. 221–238 (2008)Google Scholar
  40. 40.
    Lewko A., Sahai A., Waters B.: Revocation systems with very small private keys. In: IEEE Symposium on Security and Privacy 2010, pp. 273–285 (2010)Google Scholar
  41. 41.
    Lewko A., Waters B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: TCC‘10, vol. 5978, pp. 455–579 (2010)Google Scholar
  42. 42.
    Sahai A., Waters B.: Fuzzy identity-based encryption. In: EUROCRYPT‘05, vol. 3494, pp. 457–473 (2005)Google Scholar
  43. 43.
    Sakai R., Kasahara M.: Id based cryptosystems with pairing on elliptic curve. IACR Crypto. 54 (2003)Google Scholar
  44. 44.
    Seo J.H., Kobayashi T., Ohkubo M., Suzuki K.: Anonymous hierarchical identity-based encryption with constant size ciphertexts. In: PKC‘09, vol. 5443, pp. 215–234 (2009)Google Scholar
  45. 45.
    Shamir A.: Identity-based cryptosystems and signature schemes. In: CRYPTO‘84, vol. 196, pp. 47–53 (1984)Google Scholar
  46. 46.
    Waters B.: Efficient identity-based encryption without random oracles. In: EURO-CRYPT‘05, vol. 3494, pp. 114–127 (2005)Google Scholar
  47. 47.
    Waters B.: Dual system encryption: realizing fully secure ibe and hibe under simpleassumptions. In: CRYPTO‘09, vol. 5677, pp. 619–636 (2009)Google Scholar

Copyright information

© Springer Science+Business Media New York 2015

Authors and Affiliations

  1. 1.Department of Computer ScienceSangmyung UniversitySeoulKorea
  2. 2.Graduate School of Information SecurityKorea UniversitySeoulKorea

Personalised recommendations