Skip to main content

Attack and improvement of the recent identity-based encryption with authorized equivalence test in cluster computing

Abstract

Recently, Elhabob et al. proposed an identity-based encryption with authorized equivalence test (IBE-AET), which allows authorized testers to check whether messages in two ciphertexts are the same or not under the identity-based setting (Cluster Computing, 2020). This paper looks into the security and correctness of their IBE-AET construction. More specifically, contrary to the security claim in the original paper, we point out that their proposed scheme cannot achieve the indistinguishability under adaptively chosen identity and ciphertext attacks (IND-ID-CCA2) for adversaries who do not have authorization. In terms of the correctness of the scheme, we also identify that their type-4 authorization does not work correctly. Finally, we remedy their construction in order that it satisfies the IND-ID-CCA2 security with the rigorous security proof as well as the type-4 authorization works correctly.

This is a preview of subscription content, access via your institution.

Data Availability

Data sharing not applicable to this article as no datasets were generated or analysed during the current study.

References

  1. 1.

    The Pairing-Based Cryptography Library, Version 0.5.14. Available at https://crypto.stanford.edu/pbc/ (2013). Online; Accessed 12 Apr 2021

  2. 2.

    OpenSSL–Cryptography and SSL/TLS Toolkit, Version 1.1.1k. Available at https://www.openssl.org (2021). Online; Accessed 26 Apr 2021

  3. 3.

    Chatterjee, S., Menezes, A., Rodríguez-Henríquez, F.: On instantiating pairing-based protocols with elliptic curves of embedding degree one. IEEE Transactions on Computers 66(6), 1061–1070 (2017)

    MathSciNet  Article  Google Scholar 

  4. 4.

    Elhabob, R., Zhao, Y., Eltayieb, N., Abdelgader, A.M.S., Xiong, H.: Identity-based encryption with authorized equivalence test for cloud-assisted iot. Cluster Computing 23(2), 1085–1101 (2020)

    Article  Google Scholar 

  5. 5.

    Huang, K., Tso, R., Chen, Y., Rahman, S.M.M., Almogren, A., Alamri, A.: PKE-AET: public key encryption with authorized equality test. Computer Journal 58(10), 2686–2697 (2015)

    Article  Google Scholar 

  6. 6.

    Lee, H.T., Ling, S., Seo, J.H., Wang, H.: Semi-generic construction of public key encryption and identity-based encryption with equality test. Information Sciences 373, 419–440 (2016)

    Article  Google Scholar 

  7. 7.

    Lee, H.T., Ling, S., Seo, J.H., Wang, H., Youn, T.: Public key encryption with equality test in the standard model. Information Sciences 516, 89–108 (2020)

    MathSciNet  Article  Google Scholar 

  8. 8.

    Li, H., Huang, Q., Ma, S., Shen, J., Susilo, W.: Authorized equality test on identity-based ciphertexts for secret data sharing via cloud storage. IEEE Access 7, 25409–25421 (2019)

    Article  Google Scholar 

  9. 9.

    Ma, S.: Identity-based encryption with outsourced equality test in cloud computing. Information Sciences 328, 389–402 (2016)

    Article  Google Scholar 

  10. 10.

    Ma, S., Huang, Q., Zhang, M., Yang, B.: Efficient public key encryption with equality test supporting flexible authorization. IEEE Transactions on Information Forensics and Security 10(3), 458–470 (2015)

    Article  Google Scholar 

  11. 11.

    Tang, Q.: Public key encryption supporting plaintext equality test and user-specified authorization. Security and Communication Networks 5(12), 1351–1362 (2012)

    Article  Google Scholar 

  12. 12.

    Yang, G., Tan, C.H., Huang, Q., Wong, D.S.: Probabilistic public key encryption with equality test. In: J. Pieprzyk (ed.) Topics in Cryptology - CT-RSA 2010, LNCS, vol. 5985, pp. 119–131. Springer (2010)

  13. 13.

    Zhang, K., Chen, J., Lee, H.T., Qian, H., Wang, H.: Efficient public key encryption with equality test in the standard model. Theoretical Computer Science 755, 65–80 (2019)

    MathSciNet  Article  Google Scholar 

Download references

Acknowledgements

The authors would like to thank the anonymous reviewers for their helpful comments. This work was supported by the National Research Foundation of Korea (NRF) grant funded by the Korea government (MSIT) (No. NRF-2021R1A2C1007484).

Author information

Affiliations

Authors

Corresponding author

Correspondence to Hyung Tae Lee.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

This work was done while the authors were with Jeonbuk National University.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Choi, S., Lee, H.T. Attack and improvement of the recent identity-based encryption with authorized equivalence test in cluster computing. Cluster Comput (2021). https://doi.org/10.1007/s10586-021-03409-x

Download citation

Keywords

  • Identity-based encryption
  • Equivalence test
  • Adaptive chosen ciphertext attacks
  • Modification