A Framework for Identity-Based Encryption with Almost Tight Security

We show a framework for constructing identity-based encryption IBE schemes that are almost tightly secure in the multi-challenge and multi-instance setting. In particular, we formalize a new notion called broadcast encoding, analogously to encoding notions by Attrapadung Eurocrypt 2014 and Wee TCC 2014. We then show that it can be converted into such an IBE. By instantiating the framework using several encoding schemes new or known ones, we obtain the following:We obtain almost tightly secure IBE in the multi-challenge, multi-instance setting, both in composite and prime-order groups. The latter resolves the open problem posed by Hofheinz et al. PKC 2015.We obtain the first almost tightly secure IBE with sub-linear size public parameters master public keys. In particular, we can set the size of the public parameters to constant at the cost of longer ciphertexts and private keys. This gives a partial solution to the open problem posed by Chen and Wee Crypto 2013. By applying a variant of the Canetti-Halevi-Katz transformation to our schemes, we obtain several CCA-secure PKE schemes with tight security in the multi-challenge, multi-instance setting. One of our schemes achieves very small ciphertext overhead, consisting of less than 12 group elements. This significantly improves the state-of-the-art construction by Libert et al.i¾?in ePrint Archive which requires 47 group elements. Furthermore, by modifying one of our IBE schemes obtained above, we can make it anonymous. This gives the first anonymous IBE whose security is almost tightly shown in the multi-challenge setting.

[1]  Hoeteck Wee,et al.  Fully, (Almost) Tightly Secure IBE from Standard Assumptions , 2013, IACR Cryptol. ePrint Arch..

[2]  Moni Naor,et al.  Public-key cryptosystems provably secure against chosen ciphertext attacks , 1990, STOC '90.

[3]  Ryo Nishimaki,et al.  Tagged One-Time Signatures: Tight Security and Optimal Tag Size , 2013, Public Key Cryptography.

[4]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[5]  Moti Yung,et al.  Concise Multi-challenge CCA-Secure Encryption and Signatures with Almost Tight Security , 2014, ASIACRYPT.

[6]  Nuttapong Attrapadung,et al.  Dual System Encryption via Doubly Selective Security: Framework, Fully-secure Functional Encryption for Regular Languages, and More , 2014, IACR Cryptol. ePrint Arch..

[7]  Jonathan Katz,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[8]  Tibor Jager,et al.  Tightly secure signatures and public-key encryption , 2012, Designs, Codes and Cryptography.

[9]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[10]  Melissa Chase,et al.  A Study of Pair Encodings: Predicate Encryption in Prime Order Groups , 2016, TCC.

[11]  Allison Bishop,et al.  Unbounded HIBE and Attribute-Based Encryption , 2011, IACR Cryptol. ePrint Arch..

[12]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[13]  Eike Kiltz,et al.  Secure Hybrid Encryption from Weakened Key Encapsulation , 2007, CRYPTO.

[14]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[15]  Hovav Shacham,et al.  A Cramer-Shoup Encryption Scheme from the Linear Assumption and from Progressively Weaker Linear Variants , 2007, IACR Cryptol. ePrint Arch..

[16]  Hovav Shacham,et al.  Short Group Signatures , 2004, CRYPTO.

[17]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[18]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[19]  Dennis Hofheinz,et al.  Identity-Based Encryption with (Almost) Tight Security in the Multi-instance, Multi-ciphertext Setting , 2015, Public Key Cryptography.

[20]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[21]  Brent Waters,et al.  Adaptive Security in Broadcast Encryption Systems (with Short Ciphertexts) , 2009, EUROCRYPT.

[22]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[23]  Hoeteck Wee,et al.  Semi-adaptive Attribute-Based Encryption and Improved Delegation for Boolean Formula , 2014, SCN.

[24]  Charanjit S. Jutla,et al.  Shorter Quasi-Adaptive NIZK Proofs for Linear Subspaces , 2013, ASIACRYPT.

[25]  Mihir Bellare,et al.  Simulation without the Artificial Abort: Simplified Proof and Improved Concrete Security for Waters' IBE Scheme , 2009, EUROCRYPT.

[26]  A. Lewko,et al.  Fully Secure HIBE with Short Ciphertexts , 2009 .

[27]  Brent Waters,et al.  Anonymous Hierarchical Identity-Based Encryption (Without Random Oracles) , 2006, CRYPTO.

[28]  Allison Bishop,et al.  Tools for Simulating Features of Composite Order Bilinear Groups in the Prime Order Setting , 2012, EUROCRYPT.

[29]  Allison Bishop,et al.  New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques , 2012, CRYPTO.

[30]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[31]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[32]  Brent Waters,et al.  Practical constructions and new proof methods for large universe attribute-based encryption , 2013, CCS.

[33]  Tatsuaki Okamoto,et al.  Fully Secure Unbounded Inner-Product and Attribute-Based Encryption , 2012, ASIACRYPT.

[34]  David Mandell Freeman,et al.  Converting Pairing-Based Cryptosystems from Composite-Order Groups to Prime-Order Groups , 2010, EUROCRYPT.

[35]  Dennis Hofheinz,et al.  Algebraic Partitioning: Fully Compact and (almost) Tightly Secure Cryptography , 2016, TCC.

[36]  Dennis Hofheinz,et al.  Polynomial Spaces: A New Framework for Composite-to-Prime-Order Transformations , 2014, IACR Cryptol. ePrint Arch..

[37]  Hoeteck Wee,et al.  Improved Dual System ABE in Prime-Order Groups via Predicate Encodings , 2015, EUROCRYPT.

[38]  Eike Kiltz,et al.  Programmable Hash Functions and Their Applications , 2008, CRYPTO.

[39]  Eike Kiltz,et al.  (Hierarchical) Identity-Based Encryption from Affine Message Authentication , 2014, CRYPTO.

[40]  Nuttapong Attrapadung,et al.  Dual System Encryption Framework in Prime-Order Groups via Computational Pair Encodings , 2016, ASIACRYPT.

[41]  Allison Bishop,et al.  Efficient pseudorandom functions from the decisional linear assumption and weaker variants , 2009, CCS.

[42]  Moti Yung,et al.  Compactly Hiding Linear Spans - Tightly Secure Constant-Size Simulation-Sound QA-NIZK Proofs and Applications , 2015, ASIACRYPT.

[43]  Hoeteck Wee,et al.  Dual System Groups and its Applications - Compact HIBE and More , 2014, IACR Cryptol. ePrint Arch..

[44]  Hoeteck Wee,et al.  Dual System Encryption via Predicate Encodings , 2014, TCC.

[45]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[46]  Hideki Imai,et al.  Efficient Identity-Based Encryption with Tight Security Reduction , 2007, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[47]  Tatsuaki Okamoto,et al.  Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption , 2010, IACR Cryptol. ePrint Arch..

[48]  Silvio Micali,et al.  Public-Key Encryption in a Multi-user Setting: Security Proofs and Improvements , 2000, EUROCRYPT.

[49]  Moni Naor,et al.  Number-theoretic constructions of efficient pseudo-random functions , 1997, Proceedings 38th Annual Symposium on Foundations of Computer Science.

[50]  Ryo Nishimaki,et al.  How to Watermark Cryptographic Functions , 2013, IACR Cryptol. ePrint Arch..

[51]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[52]  Hoeteck Wee,et al.  Fully, (Almost) Tightly Secure IBE and Dual System Groups , 2013, CRYPTO.

[53]  Moni Naor,et al.  Public-Key Cryptosystems Resilient to Key Leakage , 2009, SIAM J. Comput..