Abstract
In modern computer systems, leakage of private information may cause catastrophic consequences, especially those are related to the secret keys in cryptographic mechanisms. Therefore, it has been widely accepted both in academia and industry that cryptographic schemes should withstand various leakage attacks, including the continuous leakage attacks. Although a lot of researches have been conducted towards this issue and some progresses have been made, there are still many unsolved problems in this area. For example, in the majority of the existing identity-based encryption (IBE) schemes with (continuous) leakage resilience, the upper bound of leakage is required to be fixed. But in many real-world applications, such a requirement is inadequate to protect the schemes against the leakage attacks. Moreover, many previous efforts aiming to build IBE schemes that are secure against the chosen-ciphertext attacks (CCA) need to rely on the q-type assumptions. But these solutions are not desirable, because the q-type assumptions are non-static assumptions. In this paper, in order to address the above mentioned problems, we demonstrate how to construct a continuous leakage-resilient CCA-secure IBE scheme with leakage amplification, in which the leakage parameter has an arbitrary length. The benefit is that the length of permitted leakage in our scheme can be adjusted flexibly according to the leakage requirements. Moreover, the security of our proposed scheme can be proved with static assumptions in the standard model. Compared with the related works in the literature, our scheme enjoys a unique feature that it allows continuous leakage of multiple keys simultaneously, e.g. continuous leakage of the master secret key as well as the user’s private key.
Similar content being viewed by others
References
Agrawal S., Dodis Y., Vaikuntanathan V., Wichs D.: On continual leakage of discrete log representations. In: Advances in Cryptology—ASIACRYPT 2013—19th International Conference on the Theory and Application of Cryptology and Information Security, Bengaluru, India, 1–5 Dec 2013, pp. 401–420 (2013).
Akavia A., Goldwasser S., Hazay C.: Distributed public key schemes secure against continual leakage. In: ACM Symposium on Principles of Distributed Computing, PODC ’12, Funchal, Madeira, Portugal, 16–18 July 2012, pp. 155–164 (2012).
Alawatugoda J., Boyd C., Stebila D.: Continuous after-the-fact leakage-resilient key exchange. In: Information Security and Privacy—19th Australasian Conference, ACISP 2014, Wollongong, NSW, Australia, 7–9 July 2014. Proceedings, pp. 258–273 (2014).
Alwen J., Dodis Y., Wichs D.: Leakage-resilient public-key cryptography in the bounded-retrieval model. In: Advances in Cryptology—CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, 16–20 Aug 2009, pp. 36–54 (2009).
Alwen J., Dodis, Y., Naor, M., Segev, G., Walfish, S., Wichs, D.: Public-key encryption in the bounded-retrieval model. In: Advances in Cryptology—EUROCRYPT 2010, 29th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Monaco/French Riviera, 30 May–3 June, 2010, pp. 113–134 (2010).
Brakerski Z., Kalai Y.T., Katz J., Vaikuntanathan V.: Overcoming the hole in the bucket: Public-key cryptography resilient to continual memory leakage. In: 51th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2010, 23–26 Oct 2010, Las Vegas, Nevada, USA, pp. 501–510 (2010).
Cash D., Ding Y.Z., Dodis Y., Lee W., Lipton R.J., Walfish S.: Intrusion-resilient key exchange in the bounded retrieval model. In: Theory of Cryptography, 4th Theory of Cryptography Conference, TCC 2007, Amsterdam, The Netherlands, 21–24 Feb 2007, pp. 479–498 (2007).
Chen Y., Qin B., Xue H.: Regular lossy functions and their applications in leakage-resilient cryptography. Theor. Comput. Sci. 739, 13–38 (2018).
Chow S.S.M., Dodis Y., Rouselakis Y., Waters B.: Practical leakage-resilient identity-based encryption from simple assumptions. In: Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, 4–8 Oct 2010, pp. 152–161 (2010).
Dodis Y., Reyzin L., Smith A.D.: Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. In: Advances in Cryptology—EUROCRYPT 2004, International Conference on the Theory and Applications of Cryptographic Techniques, Interlaken, Switzerland, 2–6 May 2004, pp. 523–540 (2004).
Dodis Y., Haralambiev K., López-Alt A., Wichs D.: Cryptography against continuous memory attacks. In: 51th Annual IEEE Symposium on Foundations of Computer Science, FOCS 2010, 23–26 Oct 2010, Las Vegas, Nevada, USA, pp. 511–520 (2010).
Faonio A., Venturi D.: Efficient public-key cryptography with bounded leakage and tamper resilience. In: Advances in Cryptology—ASIACRYPT 2016—22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, 4–8 Dec 2016, pp. 877–907 (2016).
Faust S., Kiltz E., Pietrzak K., Rothblum G.N.: Leakage-resilient signatures. In: Theory of Cryptography, 7th Theory of Cryptography Conference, TCC 2010, Zurich, Switzerland, 9–11 Feb 2010, pp. 343–360 (2010).
Fujisaki E., Xagawa K.: Public-key cryptosystems resilient to continuous tampering and leakage of arbitrary functions. In: Advances in Cryptology—ASIACRYPT 2016—22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, 4–8 Dec 2016, pp. 908–938 (2016).
Gentry C.: Practical identity-based encryption without random oracles. In: Advances in Cryptology—EUROCRYPT 2006, 25th Annual International Conference on the Theory and Applications of Cryptographic Techniques, St. Petersburg, Russia, 28 May-1 June, 2006, pp. 445–464 (2006).
Goldwasser S., Rothblum G.N.: Securing computation against continuous leakage. In: Advances in Cryptology - CRYPTO 2010, 30th Annual Cryptology Conference, Santa Barbara, CA, USA, 15–19 Aug 2010, pp. 59–79 (2010).
Guo Y., Li J., Lu Y., Zhang Y., Zhang F.: Provably secure certificate-based encryption with leakage resilience. Theor. Comput. Sci. 711, 1–10 (2018).
Hazay C., López-Alt A., Wee H., Wichs D.: Leakage-resilient cryptography from minimal assumptions. In: Advances in Cryptology—EUROCRYPT 2013, 32nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Athens, Greece, 26–30 May 2013, pp. 160–176 (2013).
Lewko A.B., Rouselakis Y., Waters B.: Achieving leakage resilience through dual system encryption. In: Theory of Cryptography—8th Theory of Cryptography Conference, TCC 2011, Providence, RI, USA, 28–30 March 2011, pp. 70–88 (2011).
Li J., Teng M., Zhang Y., Yu Q.: A leakage-resilient cca-secure identity-based encryption scheme. Comput. J. 59(7), 1066–1075 (2016).
Li J., Guo Y., Yu Q., Lu Y., Zhang Y., Zhang F.: Continuous leakage-resilient certificate-based encryption. Inf. Sci. 355–356, 1–14 (2016).
Li J., Guo Y., Yu Q., Lu Y., Zhang Y.: Provably secure identity-based encryption resilient to post-challenge continuous auxiliary input leakage. Secur. Commun. Netw. 9(10), 1016–1024 (2016).
Li J., Yu Q., Zhang Y.: Identity-based broadcast encryption with continuous leakage resilience. Inf. Sci. 429, 177–193 (2018).
Liu S., Weng J., Zhao Y.: Efficient public key cryptosystem resilient to key leakage chosen ciphertext attacks. In: Topics in Cryptology—CT-RSA 2013—The Cryptographers’ Track at the RSA Conference 2013, San Francisco,CA, USA, 25 Feb–1 March 2013, pp. 84–100 (2013).
Naor M., Segev G: Public-key cryptosystems resilient to key leakage. In: Advances in Cryptology—CRYPTO 2009, 29th Annual International Cryptology Conference, Santa Barbara, CA, USA, 16–20 Aug 2009, pp. 18–35 (2009).
Nielsen J.B., Venturi D., Zottarel A.: Leakage-resilient signatures with graceful degradation. In: Public-Key Cryptography—PKC 2014—17th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, Argentina, 26–28 March 2014, pp. 362–379 (2014).
Qin B., Liu S.: Leakage-resilient chosen-ciphertext secure public-key encryption from hash proof system and one-time lossy filter. In: Advances in Cryptology—ASIACRYPT 2013—19th International Conference on the Theory and Application of Cryptology and Information Security, Bengaluru, India, 1–5 Dec 2013, pp. 381–400 (2013).
Qin B., Liu S.: Leakage-flexible cca-secure public-key encryption: Simple construction and free of pairing. In: Public-Key Cryptography—PKC 2014—17th International Conference on Practice and Theory in Public-Key Cryptography, Buenos Aires, Argentina, 26–28 March 2014, pp. 19–36 (2014).
Sun S., Gu D., Liu S.: Efficient leakage-resilient identity-based encryption with CCA security. In: Pairing-Based Cryptography—Pairing 2013—6th International Conference, Beijing, China, 22–24 Nov 2013, Revised Selected Papers, pp. 149–167 (2013).
Wang Y., Tanaka K.: Generic transformation to strongly existentially unforgeable signature schemes with continuous leakage resiliency. In: Australasian Conference on Information Security and Privacy—ACISP 2015, volume 9144 of LNCS, pp. 213–229. Springer (2015).
Waters B.: Efficient identity-based encryption without random oracles. In: Advances in Cryptology—EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, 22–26 May 2005, pp. 114–127 (2005).
Yang R., Xu Q., Zhou Y., Zhang R., Hu C., Yu Z.: Updatable hash proof system and its applications. In: Computer Security—ESORICS 2015—20th European Symposium on Research in Computer Security, Vienna, Austria, 21–25 Sept 2015, pp. 266–285 (2015).
Yu Q., Li J., Zhang Y.: Leakage-resilient certificate-based encryption. Secur. Commun. Netw. 8(18), 3346–3355 (2015).
Yu Q., Li J., Zhang Y., Wu W., Huang X., Xiang Y.: Certificate-based encryption resilient to key leakage. J. Syst. Softw. 116, 101–112 (2016).
Yuen T.H., Chow S.S.M., Zhang Y., Yiu S.-M.: Identity-based encryption resilient to continual auxiliary leakage. In: Advances in Cryptology—EUROCRYPT 2012—31st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cambridge, UK, 15–19 April 2012, pp. 117–134 (2012).
Zhou Y., Yang B.: Continuous leakage-resilient certificateless public key encryption with CCA security. Knowl. Syst. 136, 27–36 (2017).
Zhou Y., Yang B.: Continuous leakage-resilient public-key encryption scheme with CCA security. Comput. J. 60(8), 1161–1172 (2017).
Zhou Y., Yang B.: Leakage-resilient cca2-secure certificateless public-key encryption scheme without bilinear pairing. Inf. Process. Lett. 130, 16–24 (2018).
Zhou Y., Yang B., Zhang W., Mu Y.: CCA2 secure public-key encryption scheme tolerating continual leakage attacks. Secur. Commun. Netw. 9(17), 4505–4519 (2016).
Zhou Y., Yang B., Cheng H., Wang Q.: A leakage-resilient certificateless public key encryption scheme with CCA2 security. Front. Inf. Technol. Electron. Eng. 19(4), 481–493 (2018).
Zhou Y., Yang B., Mu Y.: Continuous leakage-resilient identity-based encryption without random oracles. Comput. J. 61(4), 586–600 (2018).
Acknowledgements
The authors would like to thank the anonymous reviewer for your helpful comments. This work is supported by the National Key R&D Program of China (No. 2017YFB0802000), the National Natural Science Foundation of China (61802242, 61572303, 61772326, 61802241), the Natural Science Basic Research Plan in Shaanxi Province of China (2018JQ6088), the National Cryptography Development Foundation during the 13th Five-year Plan Period (MMJJ20180217), the Foundation of State Key Laboratory of Information Security (2017-MS-03) and the Fundamental Research Funds for the Central Universities (GK201803064).
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by C. Mitchell.
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Zhou, Y., Yang, B. & Mu, Y. Continuous leakage-resilient identity-based encryption with leakage amplification. Des. Codes Cryptogr. 87, 2061–2090 (2019). https://doi.org/10.1007/s10623-019-00605-0
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10623-019-00605-0
Keywords
- Identity-based encryption
- Continuous leakage-resilience leakage amplification
- Chosen ciphertext attacks