Efficient revocable identity-based encryption via subset difference methods

Abstract

Providing an efficient revocation mechanism for identity-based encryption (IBE) is very important since a user’s credential (or private key) can be expired or revealed. revocable IBE (RIBE) is an extension of IBE that provides an efficient revocation mechanism. Previous RIBE schemes essentially use the complete subtree (CS) scheme of Naor, Naor and Lotspiech (CRYPTO 2001) for key revocation. In this paper, we present a new technique for RIBE that uses the efficient subset difference (SD) scheme of Naor et al. instead of using the CS scheme to improve the size of update keys. Following our new technique, we first propose an efficient RIBE scheme in prime-order bilinear groups by combining the IBE scheme of Boneh and Boyen and the SD scheme and prove its selective security under the standard assumption. Our RIBE scheme is the first RIBE scheme in bilinear groups that has O(r) number of group elements in an update key where r is the number of revoked users. Next, we also propose another RIBE scheme in composite-order bilinear groups and prove its full security under static assumptions. Our RIBE schemes also can be integrated with the layered subset difference scheme of Halevy and Shamir (CRYPTO 2002) to reduce the size of a private key.

This is a preview of subscription content, log in to check access.

References

  1. 1.

    Aiello W., Lodha S., Ostrovsky R.: Fast digital identity revocation (extended abstract). In: Krawczyk H. (ed.) CRYPTO ’98. Lecture Notes in Computer Science, vol 1462, pp. 137–152. Springer, Heidelberg (1998).

  2. 2.

    Attrapadung N., Imai H.: Conjunctive broadcast and attribute-based encryption. In: Shacham H., Waters B. (eds.) Pairing 2009. Lecture Notes in Computer Science, vol. 5671, pp. 248–265. Springer, Heidelberg (2009).

  3. 3.

    Bethencourt J., Sahai A., Waters B.: Ciphertext-policy attribute-based encryption. In: IEEE Symposium on Security and Privacy, pp. 321–334. IEEE Computer Society, Washington, DC (2007).

  4. 4.

    Boldyreva A., Goyal V., Kumar V.: Identity-based encryption with efficient revocation. In: Ning P., Syverson P.F., Jha S. (eds.) ACM Conference on Computer and Communications Security, pp. 417–426. ACM, New York (2008).

  5. 5.

    Boneh D., Boyen X.: Efficient selective-id secure identity-based encryption without random oracles. In: Cachin C., Camenisch J. (eds.) EUROCRYPT 2004. Lecture Notes in Computer Science, vol. 3027, pp. 223–238. Springer, Heidelberg (2004).

  6. 6.

    Boneh D., Franklin M.K.: Identity-based encryption from the weil pairing. In: Kilian J. (ed.) CRYPTO 2001. Lecture Notes in Computer Science, vol. 2139, pp. 213–229. Springer, Heidelberg (2001).

  7. 7.

    Boneh D., Waters B.: Conjunctive, subset, and range queries on encrypted data. In: Vadhan S.P. (ed.) TCC 2007. Lecture Notes in Computer Science, vol. 4392, pp. 535–554. Springer, Heidelberg (2007).

  8. 8.

    Boneh D., Sahai A., Waters B.: Functional encryption: definitions and challenges. In: Ishai Y. (ed.) TCC 2011. Lecture Notes in Computer Science, vol. 6597, pp. 253–273. Springer, Heidelberg (2011).

  9. 9.

    Canetti R., Halevi S., Katz J.: Chosen-ciphertext security from identity-based encryption. In: Cachin C., Camenisch J. (eds.) EUROCRYPT 2004. Lecture Notes in Computer Science, vol. 3027, pp. 207–222. Springer, Heidelberg (2004).

  10. 10.

    Fiat A., Naor M.: Broadcast encryption. In: Stinson D.R. (ed.) CRYPTO ’93. Lecture Notes in Computer Science, vol. 773, pp. 480–491. Springer, Heidelberg (1993).

  11. 11.

    Gentry C.: Certificate-based encryption and the certificate revocation problem. In: Biham E. (ed.) EUROCRYPT 2003. Lecture Notes in Computer Science, vol. 2656, pp. 272–293. Springer, Heidelberg (2003).

  12. 12.

    Gentry C., Silverberg A.: Hierarchical id-based cryptography. In: Zheng Y. (ed.) ASIACRYPT 2002. Lecture Notes in Computer Science, vol. 2501, pp. 548–566. Springer, Heidelberg (2002).

  13. 13.

    Gorbunov S., Vaikuntanathan V., Wee H.: Functional encryption with bounded collusions via multi-party computation. In: Safavi-Naini R., Canetti R. (eds.) CRYPTO 2012. Lecture Notes in Computer Science, vol. 7417, pp. 162–179. Springer, Heidelberg (2012).

  14. 14.

    Goyal V., Pandey O., Sahai A., Waters B.: Attribute-based encryption for fine-grained access control of encrypted data. In: Juels, A., Wright, R.N., di Vimercati, S.D.C. (eds.) ACM Conference on Computer and Communications Security, pp. 89–98. ACM, New York (2006).

  15. 15.

    Halevy D., Shamir A.: The lsd broadcast encryption scheme. In: Yung M. (ed.) CRYPTO 2002. Lecture Notes in Computer Science, vol. 2442, pp. 47–60. Springer, Heidelberg (2002).

  16. 16.

    Horwitz J., Lynn B.: Toward hierarchical identity-based encryption. In: Knudsen L.R. (ed.) EUROCRYPT 2002. Lecture Notes in Computer Science, vol. 2332, pp. 466–481. Springer, Heidelberg (2002).

  17. 17.

    Katz J., Sahai A., Waters B.: Predicate encryption supporting disjunctions, polynomial equations, and inner products. In: Smart N.P. (ed.) EUROCRYPT 2008. Lecture Notes in Computer Science, vol. 4965, pp. 146–162. Springer, Heidelberg (2008).

  18. 18.

    Lee K., Lee D.H.: Improved hidden vector encryption with short ciphertexts and tokens. Des. Codes Cryptogr. 58(3), 297–319 (2011).

    MathSciNet  Article  MATH  Google Scholar 

  19. 19.

    Lee K., Choi S.G., Lee D.H., Park J.H., Yung M.: Self-updatable encryption: time constrained access control with hidden attributes and better efficiency. In: Sako K., Sarkar P. (eds.) ASIACRYPT 2013. Lecture Notes in Computer Science, vol. 8269, pp. 235–254. Springer, Heidelberg (2013).

  20. 20.

    Lee K., Koo W.K., Lee D.H., Park J.H.: Public-key revocation and tracing schemes with subset difference methods revisited. In: Kutylowski M., Vaidya J. (eds.) ESORICS 2014. Lecture Notes in Computer Science, vol. 8713, pp. 1–18. Springer, Heidelberg (2014).

  21. 21.

    Lee K., Kim I., Hwang S.O.: Privacy preserving revocable predicate encryption revisited. Secur. Commun. Netw. 8(3), 471–485 (2015).

    Article  Google Scholar 

  22. 22.

    Lewko A.B.: Tools for simulating features of composite order bilinear groups in the prime order setting. In: Pointcheval D., Johansson T. (eds.) EUROCRYPT 2012. Lecture Notes in Computer Science, vol. 7237, pp. 318–335. Springer, Heidelberg (2012).

  23. 23.

    Lewko A.B., Waters B.: New techniques for dual system encryption and fully secure hibe with short ciphertexts. In: Micciancio D. (ed.) TCC 2010. Lecture Notes in Computer Science, vol. 5978, pp. 455–479. Springer, Heidelberg (2010).

  24. 24.

    Lewko A.B., Okamoto T., Sahai A., Takashima K., Waters B.: Fully secure functional encryption: attribute-based encryption and (hierarchical) inner product encryption. In: Gilbert H. (ed.) EUROCRYPT 2010. Lecture Notes in Computer Science, vol. 6110, pp. 62–91. Springer, Heidelberg (2010).

  25. 25.

    Lewko A.B., Sahai A., Waters, B.: Revocation systems with very small private keys. In: IEEE Symposium on Security and Privacy, pp. 273–285. IEEE Computer Society, Washington, DC (2010).

  26. 26.

    Libert B., Vergnaud D.: Adaptive-id secure revocable identity-based encryption. In: Fischlin M. (ed.) CT-RSA 2009. Lecture Notes in Computer Science, vol. 5473, pp. 1–15. Springer, Heidelberg (2009).

  27. 27.

    Martin T., Martin K.M., Wild P.R.: Establishing the broadcast efficiency of the subset difference revocation scheme. Des. Codes Cryptogr. 51(3), 315–334 (2009).

    MathSciNet  Article  MATH  Google Scholar 

  28. 28.

    Micali S.: Efficient certificate revocation. Technical Report TM-542b, MIT Laboratory for Computer Science (1996).

  29. 29.

    Naor M., Nissim K.: Certificate revocation and certificate update. IEEE J. Sel. Areas Commun. 18(4), 561–570 (2000).

    Article  Google Scholar 

  30. 30.

    Naor M., Pinkas B.: Efficient trace and revoke schemes. In: Frankel Y. (ed.) FC 2000. Lecture Notes in Computer Science, vol. 1962, pp. 1–20. Springer, Heidelberg (2000).

  31. 31.

    Naor D., Naor M., Lotspiech J.: Revocation and tracing schemes for stateless receivers. In: Kilian J. (ed.) CRYPTO 2001. Lecture Notes in Computer Science, vol. 2139, pp. 41–62. Springer, Heidelberg (2001).

  32. 32.

    Nieto J.M.G., Manulis M., Sun D.: Fully private revocable predicate encryption. In: Susilo W., Mu Y., Seberry J. (eds.) ACISP 2012. Lecture Notes in Computer Science, vol. 7372, pp. 350–363. Springer, Heidelberg (2012).

  33. 33.

    Okamoto T., Takashima K.: Hierarchical predicate encryption for inner-products. In: Matsui M. (ed.) ASIACRYPT 2009. Lecture Notes in Computer Science, vol. 5912, pp. 214–231. Springer, Heidelberg (2009).

  34. 34.

    Okamoto T., Takashima K.: Adaptively attribute-hiding (hierarchical) inner product encryption. In: Pointcheval D., Johansson T. (eds.) EUROCRYPT 2012. Lecture Notes in Computer Science, vol. 7237, pp. 591–608. Springer, Heidelberg (2012).

  35. 35.

    Park S., Lee K., Lee D.H.: New constructions of revocable identity-based encryption from multilinear maps. IEEE Trans. Inf. Forensic Secur. 10(8), 1564–1577 (2015).

    Article  Google Scholar 

  36. 36.

    Sahai A., Waters B.: Fuzzy identity-based encryption. In: Cramer R. (ed.) EUROCRYPT 2005. Lecture Notes in Computer Science, vol. 3494, pp. 457–473. Springer, Heidelberg (2005).

  37. 37.

    Sahai A., Seyalioglu H., Waters B.: Dynamic credentials and ciphertext delegation for attribute-based encryption. In: Safavi-Naini R., Canetti R. (eds.) CRYPTO 2012. Lecture Notes in Computer Science, vol. 7417, pp. 199–217. Springer, Heidelberg (2012).

  38. 38.

    Seo J.H., Emura K.: Efficient delegation of key generation and revocation functionalities in identity-based encryption. In: Dawson E. (ed.) CT-RSA 2013. Lecture Notes in Computer Science, vol. 7779, pp. 343–358. Springer, Heidelberg (2013).

  39. 39.

    Seo J.H., Emura K.: Revocable identity-based encryption revisited: security model and construction. In: Kurosawa K., Hanaoka G. (eds.) PKC 2013. Lecture Notes in Computer Science, vol. 7778, pp. 216–234. Springer, Heidelberg (2013).

  40. 40.

    Shamir A.: Identity-based cryptosystems and signature schemes. In: Blakley G.R., Chaum D. (eds.) CRYPTO ’84. Lecture Notes in Computer Science, vol. 196, pp. 47–53. Springer, Heidelberg (1984).

  41. 41.

    Su L., Lim H.W., Ling S., Wang H.: Revocable ibe systems with almost constant-size key update. In: Cao Z., Zhang F. (eds.) Pairing 2013. Lecture Notes in Computer Science, vol. 8365, pp. 168–185. Springer, Heidelberg (2013).

  42. 42.

    Waters B.: Efficient identity-based encryption without random oracles. In: Cramer R. (ed.) EUROCRYPT 2005. Lecture Notes in Computer Science, vol. 3494, pp. 114–127. Springer, Heidelberg (2005).

  43. 43.

    Waters B.: Dual system encryption: realizing fully secure ibe and hibe under simple assumptions. In: Halevi S. (ed.) CRYPTO 2009. Lecture Notes in Computer Science, vol. 5677, pp. 619–636. Springer, Heidelberg (2009).

Download references

Acknowledgments

Kwangsu Lee was supported by the MSIP (Ministry of Science, ICT and Future Planning), Korea, under the ITRC (Information Technology Research Center) support program (IITP-2016-R0992-16-1006). Dong Hoon Lee was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (R0126-16-1090).

Author information

Affiliations

Authors

Corresponding authors

Correspondence to Kwangsu Lee or Jong Hwan Park.

Additional information

Kwangsu Lee—This work was partially done at Korea University.

Communicated by D. Jungnickel.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Lee, K., Lee, D.H. & Park, J.H. Efficient revocable identity-based encryption via subset difference methods. Des. Codes Cryptogr. 85, 39–76 (2017). https://doi.org/10.1007/s10623-016-0287-3

Download citation

Keywords

  • Identity-based encryption
  • Revocable identity-based encryption
  • Key revocation
  • Subset difference method
  • Bilinear maps

Mathematics Subject Classification

  • 94A60