New Revocable IBE in Prime-Order Groups: Adaptively Secure, Decryption Key Exposure Resistant, and with Short Public Parameters

  • Yohei Watanabe
  • Keita Emura
  • Jae Hong Seo
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10159)


Revoking corrupted users is a desirable functionality for cryptosystems. Since Boldyreva, Goyal, and Kumar (ACM CCS 2008) proposed a notable result for scalable revocation method in identity-based encryption (IBE), several works have improved either the security or the efficiency of revocable IBE (RIBE). Currently, all existing scalable RIBE schemes that achieve adaptively security against decryption key exposure resistance (DKER) can be categorized into two groups; either with long public parameters or over composite-order bilinear groups. From both practical and theoretical points of views, it would be interesting to construct adaptively secure RIBE scheme with DKER and short public parameters in prime-order bilinear groups.

In this paper, we address this goal by using Seo and Emura’s technique (PKC 2013), which transforms the Waters IBE to the corresponding RIBE. First, we identify necessary requirements for the input IBE of their transforming technique. Next, we propose a new IBE scheme having several desirable properties; satisfying all the requirements for the Seo-Emura technique, constant-size public parameters, and using prime-order bilinear groups. Finally, by applying the Seo-Emura technique, we obtain the first adaptively secure RIBE scheme with DKER and constant-size public parameters in prime-order bilinear groups.


Revocable identity-based encryption Static assumptions Asymmetric pairings 



We would like to thank anonymous reviewers for valuable comments. Yohei Watanabe was supported by Grant-in-Aid for JSPS Fellows Grant Number JP16J10532. Keita Emura was supported by JSPS KAKENHI Grant Number JP16K00198.


  1. 1.
    Barreto, P.S.L.M., Naehrig, M.: Pairing-friendly elliptic curves of prime order. In: Preneel, B., Tavares, S. (eds.) SAC 2005. LNCS, vol. 3897, pp. 319–331. Springer, Heidelberg (2006). doi: 10.1007/11693383_22 CrossRefGoogle Scholar
  2. 2.
    Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, CCS 2008, pp. 417–426. ACM, New York (2008)Google Scholar
  3. 3.
    Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004). doi: 10.1007/978-3-540-24676-3_14 CrossRefGoogle Scholar
  4. 4.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). doi: 10.1007/3-540-44647-8_13 CrossRefGoogle Scholar
  5. 5.
    Chen, J., Lim, H.W., Ling, S., Su, L., Wang, H.: Anonymous and adaptively secure revocable IBE with constant size public parameters (2012).
  6. 6.
    Chen, J., Lim, H.W., Ling, S., Wang, H., Wee, H.: Shorter identity-based encryption via asymmetric pairings. Des. Codes Crypt. 73(3), 911–947 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  7. 7.
    Chen, J., Lim, H.W., Ling, S., Wang, H., Nguyen, K.: Revocable identity-based encryption from lattices. In: Susilo, W., Mu, Y., Seberry, J. (eds.) ACISP 2012. LNCS, vol. 7372, pp. 390–403. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-31448-3_29. CrossRefGoogle Scholar
  8. 8.
    Cheng, S., Zhang, J.: Adaptive-ID secure revocable identity-based encryption from lattices via subset difference method. In: Lopez, J., Wu, Y. (eds.) ISPEC 2015. LNCS, vol. 9065, pp. 283–297. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-17533-1_20 CrossRefGoogle Scholar
  9. 9.
    Emura, K., Seo, J.H., Youn, T.: Semi-generic transformation of revocable hierarchical identity-based encryption and its DBDH instantiation. IEICE Trans. 99-A(1), 83–91 (2016)Google Scholar
  10. 10.
    Galbraith, S.D., Paterson, K.G., Smart, N.P.: Pairings for cryptographers. Discrete Appl. Math. 156(16), 3113–3121 (2008)MathSciNetCrossRefzbMATHGoogle Scholar
  11. 11.
    Gentry, C.: Practical identity-based encryption without random oracles. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 445–464. Springer, Heidelberg (2006). doi: 10.1007/11761679_27 CrossRefGoogle Scholar
  12. 12.
    Ishida, Y., Watanabe, Y., Shikata, J.: Constructions of CCA-secure revocable identity-based encryption. In: Foo, E., Stebila, D. (eds.) ACISP 2015. LNCS, vol. 9144, pp. 174–191. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-19962-7_11 CrossRefGoogle Scholar
  13. 13.
    Jutla, C.S., Roy, A.: Shorter quasi-adaptive NIZK proofs for linear subspaces. In: Sako, K., Sarkar, P. (eds.) ASIACRYPT 2013. LNCS, vol. 8269, pp. 1–20. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-42033-7_1 CrossRefGoogle Scholar
  14. 14.
    Kiltz, E., Galindo, D.: Direct chosen-ciphertext secure identity-based key encapsulation without random oracles. Theor. Comput. Sci. 410(47–49), 5093–5111 (2009)MathSciNetCrossRefzbMATHGoogle Scholar
  15. 15.
    Lee, K.: Revocable hierarchical identity-based encryption with adaptive security. Cryptology ePrint Archive, Report 2016/749 (2016)Google Scholar
  16. 16.
    Lee, K., Lee, D.H., Park, J.H.: Efficient revocable identity-based encryption via subset difference methods. Cryptology ePrint Archive, Report 2014/132 (2014).
  17. 17.
    Lee, K., Park, S.: Revocable hierarchical identity-based encryption with shorter private keys and update keys. Cryptology ePrint Archive, Report 2016/460 (2016).
  18. 18.
    Lewko, A., Waters, B.: New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In: Micciancio, D. (ed.) TCC 2010. LNCS, vol. 5978, pp. 455–479. Springer, Heidelberg (2010). doi: 10.1007/978-3-642-11799-2_27 CrossRefGoogle Scholar
  19. 19.
    Lewko, A.: Tools for simulating features of composite order bilinear groups in the prime order setting. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 318–335. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-29011-4_20 CrossRefGoogle Scholar
  20. 20.
    Libert, B., Vergnaud, D.: Adaptive-ID secure revocable identity-based encryption. In: Fischlin, M. (ed.) CT-RSA 2009. LNCS, vol. 5473, pp. 1–15. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-00862-7_1 CrossRefGoogle Scholar
  21. 21.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Heidelberg (2001). doi: 10.1007/3-540-44647-8_3 CrossRefGoogle Scholar
  22. 22.
    Park, S., Lee, K., Lee, D.H.: New constructions of revocable identity-based encryption from multilinear maps. IEEE Trans. Inf. Forensics Secur. 10(8), 1564–1577 (2015)CrossRefGoogle Scholar
  23. 23.
    Qin, B., Deng, R.H., Li, Y., Liu, S.: Server-aided revocable identity-based encryption. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9326, pp. 286–304. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-24174-6_15 CrossRefGoogle Scholar
  24. 24.
    Ramanna, S.C., Chatterjee, S., Sarkar, P.: Variants of Waters’ dual system primitives using asymmetric pairings. In: Fischlin, M., Buchmann, J., Manulis, M. (eds.) PKC 2012. LNCS, vol. 7293, pp. 298–315. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-30057-8_18 CrossRefGoogle Scholar
  25. 25.
    Ramanna, S.C., Sarkar, P.: Efficient (Anonymous) compact HIBE from standard assumptions. In: Chow, S.S.M., Liu, J.K., Hui, L.C.K., Yiu, S.M. (eds.) ProvSec 2014. LNCS, vol. 8782, pp. 243–258. Springer, Heidelberg (2014). doi: 10.1007/978-3-319-12475-9_17 Google Scholar
  26. 26.
    Ryu, G., Lee, K., Park, S., Lee, D.H.: Unbounded hierarchical identity-based encryption with efficient revocation. In: Kim, H., Choi, D. (eds.) WISA 2015. LNCS, vol. 9503, pp. 122–133. Springer, Heidelberg (2016). doi: 10.1007/978-3-319-31875-2_11 Google Scholar
  27. 27.
    Seo, J.H., Emura, K.: Efficient delegation of key generation and revocation functionalities in identity-based encryption. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 343–358. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36095-4_22 CrossRefGoogle Scholar
  28. 28.
    Seo, J.H., Emura, K.: Revocable identity-based encryption revisited: security model and construction. In: Kurosawa, K., Hanaoka, G. (eds.) PKC 2013. LNCS, vol. 7778, pp. 216–234. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36362-7_14 CrossRefGoogle Scholar
  29. 29.
    Seo, J.H., Emura, K.: Revocable hierarchical identity-based encryption. Theor. Comput. Sci. 542, 44–62 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  30. 30.
    Seo, J.H., Emura, K.: Revocable identity-based cryptosystem revisited: security models and constructions. IEEE Trans. Inf. Forensics Secur. 9(7), 1193–1205 (2014)CrossRefGoogle Scholar
  31. 31.
    Seo, J.H., Emura, K.: Adaptive-ID secure revocable hierarchical identity-based encryption. In: Tanaka, K., Suga, Y. (eds.) IWSEC 2015. LNCS, vol. 9241, pp. 21–38. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-22425-1_2 CrossRefGoogle Scholar
  32. 32.
    Seo, J.H., Emura, K.: Revocable hierarchical identity-based encryption: history-free update, security against insiders, and short ciphertexts. In: Nyberg, K. (ed.) CT-RSA 2015. LNCS, vol. 9048, pp. 106–123. Springer, Heidelberg (2015). doi: 10.1007/978-3-319-16715-2_6 Google Scholar
  33. 33.
    Seo, J.H., Emura, K.: Revocable hierarchical identity-based encryption via history-free approach. Theor. Comput. Sci. 615, 45–60 (2016)MathSciNetCrossRefzbMATHGoogle Scholar
  34. 34.
    Su, L., Lim, H.W., Ling, S., Wang, H.: Revocable IBE systems with almost constant-size key update. In: Cao, Z., Zhang, F. (eds.) Pairing 2013. LNCS, vol. 8365, pp. 168–185. Springer, Heidelberg (2014). doi: 10.1007/978-3-319-04873-4_10 CrossRefGoogle Scholar
  35. 35.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005). doi: 10.1007/11426639_7 CrossRefGoogle Scholar
  36. 36.
    Waters, B.: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (2009). doi: 10.1007/978-3-642-03356-8_36 CrossRefGoogle Scholar
  37. 37.
    Wee, H.: Déjà Q: Encore! un petit IBE. In: Kushilevitz, E., Malkin, T. (eds.) TCC 2016. LNCS, vol. 9563, pp. 237–258. Springer, Heidelberg (2016). doi: 10.1007/978-3-662-49099-0_9 CrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  1. 1.The University of Electro-CommunicationsTokyoJapan
  2. 2.National Institute of Advanced Industrial Science and Technology (AIST)TokyoJapan
  3. 3.National Institute of Information and Communications Technology (NICT)TokyoJapan
  4. 4.Myongji UniversityYonginKorea

Personalised recommendations