Advertisement

Continuous leakage-resilient identity-based encryption with leakage amplification

  • Yanwei Zhou
  • Bo YangEmail author
  • Yi Mu
Article
  • 19 Downloads

Abstract

In modern computer systems, leakage of private information may cause catastrophic consequences, especially those are related to the secret keys in cryptographic mechanisms. Therefore, it has been widely accepted both in academia and industry that cryptographic schemes should withstand various leakage attacks, including the continuous leakage attacks. Although a lot of researches have been conducted towards this issue and some progresses have been made, there are still many unsolved problems in this area. For example, in the majority of the existing identity-based encryption (IBE) schemes with (continuous) leakage resilience, the upper bound of leakage is required to be fixed. But in many real-world applications, such a requirement is inadequate to protect the schemes against the leakage attacks. Moreover, many previous efforts aiming to build IBE schemes that are secure against the chosen-ciphertext attacks (CCA) need to rely on the q-type assumptions. But these solutions are not desirable, because the q-type assumptions are non-static assumptions. In this paper, in order to address the above mentioned problems, we demonstrate how to construct a continuous leakage-resilient CCA-secure IBE scheme with leakage amplification, in which the leakage parameter has an arbitrary length. The benefit is that the length of permitted leakage in our scheme can be adjusted flexibly according to the leakage requirements. Moreover, the security of our proposed scheme can be proved with static assumptions in the standard model. Compared with the related works in the literature, our scheme enjoys a unique feature that it allows continuous leakage of multiple keys simultaneously, e.g. continuous leakage of the master secret key as well as the user’s private key.

Keywords

Identity-based encryption Continuous leakage-resilience leakage amplification Chosen ciphertext attacks 

Mathematics Subject Classification

68P25 68Q30 68W40 68Q10 

Notes

Acknowledgements

The authors would like to thank the anonymous reviewer for your helpful comments. This work is supported by the National Key R&D Program of China (No. 2017YFB0802000), the National Natural Science Foundation of China (61802242, 61572303, 61772326, 61802241), the Natural Science Basic Research Plan in Shaanxi Province of China (2018JQ6088), the National Cryptography Development Foundation during the 13th Five-year Plan Period (MMJJ20180217), the Foundation of State Key Laboratory of Information Security (2017-MS-03) and the Fundamental Research Funds for the Central Universities (GK201803064).

References

  1. 1.
    Agrawal S., Dodis Y., Vaikuntanathan V., Wichs D.: On continual leakage of discrete log representations. In: Advances in Cryptology—ASIACRYPT 2013—19th International Conference on the Theory and Application of Cryptology and Information Security, Bengaluru, India, 1–5 Dec 2013, pp. 401–420 (2013).Google Scholar
  2. 2.
    Akavia A., Goldwasser S., Hazay C.: Distributed public key schemes secure against continual leakage. In: ACM Symposium on Principles of Distributed Computing, PODC ’12, Funchal, Madeira, Portugal, 16–18 July 2012, pp. 155–164 (2012).Google Scholar
  3. 3.
    Alawatugoda J., Boyd C., Stebila D.: Continuous after-the-fact leakage-resilient key exchange. In: Information Security and Privacy—19th Australasian Conference, ACISP 2014, Wollongong, NSW, Australia, 7–9 July 2014. Proceedings, pp. 258–273 (2014).Google Scholar
  4. 4.
    Alwen J., Dodis Y., Wichs D.: Leakage-resilient public-key cryptography in the bounded-retrieval model. In: Advances in Cryptology—CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, 16–20 Aug 2009, pp. 36–54 (2009).Google Scholar
  5. 5.
    Alwen J., Dodis, Y., Naor, M., Segev, G., Walfish, S., Wichs, D.: Public-key encryption in the bounded-retrieval model. In: Advances in Cryptology—EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco/French Riviera, 30 May–3 June, 2010, pp. 113–134 (2010).Google Scholar
  6. 6.
    Brakerski Z., Kalai Y.T., Katz J., Vaikuntanathan V.: Overcoming the hole in the bucket: Public-key cryptography resilient to continual memory leakage. In: 51th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2010, 23–26 Oct 2010, Las Vegas, Nevada, USA, pp. 501–510 (2010).Google Scholar
  7. 7.
    Cash D., Ding Y.Z., Dodis Y., Lee W., Lipton R.J., Walfish S.: Intrusion-resilient key exchange in the bounded retrieval model. In: Theory of Cryptography, 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, The Netherlands, 21–24 Feb 2007, pp. 479–498 (2007).Google Scholar
  8. 8.
    Chen Y., Qin B., Xue H.: Regular lossy functions and their applications in leakage-resilient cryptography. Theor. Comput. Sci. 739, 13–38 (2018).MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Chow S.S.M., Dodis Y., Rouselakis Y., Waters B.: Practical leakage-resilient identity-based encryption from simple assumptions. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, 4–8 Oct 2010, pp. 152–161 (2010).Google Scholar
  10. 10.
    Dodis Y., Reyzin L., Smith A.D.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Advances in Cryptology—EUROCRYPT 2004, International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, 2–6 May 2004, pp. 523–540 (2004).Google Scholar
  11. 11.
    Dodis Y., Haralambiev K., López-Alt A., Wichs D.: Cryptography against continuous memory attacks. In: 51th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2010, 23–26 Oct 2010, Las Vegas, Nevada, USA, pp. 511–520 (2010).Google Scholar
  12. 12.
    Faonio A., Venturi D.: Efficient public-key cryptography with bounded leakage and tamper resilience. In: Advances in Cryptology—ASIACRYPT 2016—22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, 4–8 Dec 2016, pp. 877–907 (2016).Google Scholar
  13. 13.
    Faust S., Kiltz E., Pietrzak K., Rothblum G.N.: Leakage-resilient signatures. In: Theory of Cryptography, 7th Theory of Cryptography Conference, TCC 2010, Zurich, Switzerland, 9–11 Feb 2010, pp. 343–360 (2010).Google Scholar
  14. 14.
    Fujisaki E., Xagawa K.: Public-key cryptosystems resilient to continuous tampering and leakage of arbitrary functions. In: Advances in Cryptology—ASIACRYPT 2016—22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, 4–8 Dec 2016, pp. 908–938 (2016).Google Scholar
  15. 15.
    Gentry C.: Practical identity-based encryption without random oracles. In: Advances in Cryptology—EUROCRYPT 2006, 25th Annual International Conference on the Theory and Applications of Cryptographic Techniques, St. Petersburg, Russia, 28 May-1 June, 2006, pp. 445–464 (2006).Google Scholar
  16. 16.
    Goldwasser S., Rothblum G.N.: Securing computation against continuous leakage. In: Advances in Cryptology - CRYPTO 2010, 30th Annual Cryptology Conference, Santa Barbara, CA, USA, 15–19 Aug 2010, pp. 59–79 (2010).Google Scholar
  17. 17.
    Guo Y., Li J., Lu Y., Zhang Y., Zhang F.: Provably secure certificate-based encryption with leakage resilience. Theor. Comput. Sci. 711, 1–10 (2018).MathSciNetCrossRefzbMATHGoogle Scholar
  18. 18.
    Hazay C., López-Alt A., Wee H., Wichs D.: Leakage-resilient cryptography from minimal assumptions. In: Advances in Cryptology—EUROCRYPT 2013, 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, Greece, 26–30 May 2013, pp. 160–176 (2013).Google Scholar
  19. 19.
    Lewko A.B., Rouselakis Y., Waters B.: Achieving leakage resilience through dual system encryption. In: Theory of Cryptography—8th Theory of Cryptography Conference, TCC 2011, Providence, RI, USA, 28–30 March 2011, pp. 70–88 (2011).Google Scholar
  20. 20.
    Li J., Teng M., Zhang Y., Yu Q.: A leakage-resilient cca-secure identity-based encryption scheme. Comput. J. 59(7), 1066–1075 (2016).MathSciNetCrossRefGoogle Scholar
  21. 21.
    Li J., Guo Y., Yu Q., Lu Y., Zhang Y., Zhang F.: Continuous leakage-resilient certificate-based encryption. Inf. Sci. 355–356, 1–14 (2016).Google Scholar
  22. 22.
    Li J., Guo Y., Yu Q., Lu Y., Zhang Y.: Provably secure identity-based encryption resilient to post-challenge continuous auxiliary input leakage. Secur. Commun. Netw. 9(10), 1016–1024 (2016).CrossRefGoogle Scholar
  23. 23.
    Li J., Yu Q., Zhang Y.: Identity-based broadcast encryption with continuous leakage resilience. Inf. Sci. 429, 177–193 (2018).MathSciNetCrossRefGoogle Scholar
  24. 24.
    Liu S., Weng J., Zhao Y.: Efficient public key cryptosystem resilient to key leakage chosen ciphertext attacks. In: Topics in Cryptology—CT-RSA 2013—The Cryptographers’ Track at the RSA Conference 2013, San Francisco,CA, USA, 25 Feb–1 March 2013, pp. 84–100 (2013).Google Scholar
  25. 25.
    Naor M., Segev G: Public-key cryptosystems resilient to key leakage. In: Advances in Cryptology—CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, 16–20 Aug 2009, pp. 18–35 (2009).Google Scholar
  26. 26.
    Nielsen J.B., Venturi D., Zottarel A.: Leakage-resilient signatures with graceful degradation. In: Public-Key Cryptography—PKC 2014—17th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, Argentina, 26–28 March 2014, pp. 362–379 (2014).Google Scholar
  27. 27.
    Qin B., Liu S.: Leakage-resilient chosen-ciphertext secure public-key encryption from hash proof system and one-time lossy filter. In: Advances in Cryptology—ASIACRYPT 2013—19th International Conference on the Theory and Application of Cryptology and Information Security, Bengaluru, India, 1–5 Dec 2013, pp. 381–400 (2013).Google Scholar
  28. 28.
    Qin B., Liu S.: Leakage-flexible cca-secure public-key encryption: Simple construction and free of pairing. In: Public-Key Cryptography—PKC 2014—17th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, Argentina, 26–28 March 2014, pp. 19–36 (2014).Google Scholar
  29. 29.
    Sun S., Gu D., Liu S.: Efficient leakage-resilient identity-based encryption with CCA security. In: Pairing-Based Cryptography—Pairing 2013—6th International Conference, Beijing, China, 22–24 Nov 2013, Revised Selected Papers, pp. 149–167 (2013).Google Scholar
  30. 30.
    Wang Y., Tanaka K.: Generic transformation to strongly existentially unforgeable signature schemes with continuous leakage resiliency. In: Australasian Conference on Information Security and Privacy—ACISP 2015, volume 9144 of LNCS, pp. 213–229. Springer (2015).Google Scholar
  31. 31.
    Waters B.: Efficient identity-based encryption without random oracles. In: Advances in Cryptology—EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, 22–26 May 2005, pp. 114–127 (2005).Google Scholar
  32. 32.
    Yang R., Xu Q., Zhou Y., Zhang R., Hu C., Yu Z.: Updatable hash proof system and its applications. In: Computer Security—ESORICS 2015—20th European Symposium on Research in Computer Security, Vienna, Austria, 21–25 Sept 2015, pp. 266–285 (2015).Google Scholar
  33. 33.
    Yu Q., Li J., Zhang Y.: Leakage-resilient certificate-based encryption. Secur. Commun. Netw. 8(18), 3346–3355 (2015).CrossRefGoogle Scholar
  34. 34.
    Yu Q., Li J., Zhang Y., Wu W., Huang X., Xiang Y.: Certificate-based encryption resilient to key leakage. J. Syst. Softw. 116, 101–112 (2016).CrossRefGoogle Scholar
  35. 35.
    Yuen T.H., Chow S.S.M., Zhang Y., Yiu S.-M.: Identity-based encryption resilient to continual auxiliary leakage. In: Advances in Cryptology—EUROCRYPT 2012—31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cambridge, UK, 15–19 April 2012, pp. 117–134 (2012).Google Scholar
  36. 36.
    Zhou Y., Yang B.: Continuous leakage-resilient certificateless public key encryption with CCA security. Knowl. Syst. 136, 27–36 (2017).CrossRefGoogle Scholar
  37. 37.
    Zhou Y., Yang B.: Continuous leakage-resilient public-key encryption scheme with CCA security. Comput. J. 60(8), 1161–1172 (2017).MathSciNetCrossRefGoogle Scholar
  38. 38.
    Zhou Y., Yang B.: Leakage-resilient cca2-secure certificateless public-key encryption scheme without bilinear pairing. Inf. Process. Lett. 130, 16–24 (2018).MathSciNetCrossRefzbMATHGoogle Scholar
  39. 39.
    Zhou Y., Yang B., Zhang W., Mu Y.: CCA2 secure public-key encryption scheme tolerating continual leakage attacks. Secur. Commun. Netw. 9(17), 4505–4519 (2016).CrossRefGoogle Scholar
  40. 40.
    Zhou Y., Yang B., Cheng H., Wang Q.: A leakage-resilient certificateless public key encryption scheme with CCA2 security. Front. Inf. Technol. Electron. Eng. 19(4), 481–493 (2018).CrossRefGoogle Scholar
  41. 41.
    Zhou Y., Yang B., Mu Y.: Continuous leakage-resilient identity-based encryption without random oracles. Comput. J. 61(4), 586–600 (2018).MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.School of Computer ScienceShaanxi Normal UniversityXi’anChina
  2. 2.State Key Laboratory of CryptologyBeijingChina
  3. 3.School of Mathematics and Computer ScienceFujian Normal UniversityFuzhouChina
  4. 4.State Key Laboratory of Information Security, Institute of Information EngineeringChinese Academy of SciencesBeijingChina

Personalised recommendations