Attribute-Based Signcryption: Signer Privacy, Strong Unforgeability and IND-CCA Security in Adaptive-Predicates Model (Extended Version)

Attribute-Based Signcryption (ABSC) is a natural extension of Attribute-Based Encryption (ABE) and Attribute-Based Signature (ABS), where one can have the message confidentiality and authenticity together. Since the signer privacy is captured in security of ABS, it is quite natural to expect that the signer privacy will also be preserved in ABSC. In this paper, first we propose an ABSC scheme which is weak existential unforgeable and IND-CCA secure in adaptive-predicates models and, achieves signer privacy. Then, by applying strongly unforgeable one-time signature (OTS), the above scheme is lifted to an ABSC scheme to attain strong existential unforgeability in adaptive-predicates model. Both the ABSC schemes are constructed on common setup, i.e the public parameters and key are same for both the encryption and signature modules. Our first construction is in the flavor of C tE &S paradigm, except one extra component that will be computed using both signature components and ciphertext components. The second proposed construction follows a new paradigm (extension of C tE &S ), we call it “Commit then Encrypt and Sign then Sign” (C tE &S tS ). The last signature is generated using a strong OTS scheme. Since, the non-repudiation is achieved by C tE &S paradigm, our systems also achieve the same.

[1]  Rafail Ostrovsky,et al.  Attribute-based encryption with non-monotonic access structures , 2007, CCS '07.

[2]  Wenbo Mao,et al.  Two Birds One Stone: Signcryption Using RSA , 2003, CT-RSA.

[3]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[4]  Tatsuaki Okamoto,et al.  Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption , 2010, IACR Cryptol. ePrint Arch..

[5]  Nuttapong Attrapadung,et al.  Expressive Key-Policy Attribute-Based Encryption with Constant-Size Ciphertexts , 2011, Public Key Cryptography.

[6]  Qiong Huang,et al.  Generic Transformation to Strongly Unforgeable Signatures , 2007, ACNS.

[7]  Joonsang Baek,et al.  Formal Proofs for the Security of Signcryption , 2002, Journal of Cryptology.

[8]  María Isabel González Vasco,et al.  Combined (identity-based) public key schemes , 2008, IACR Cryptol. ePrint Arch..

[9]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[10]  Torben P. Pedersen Non-Interactive and Information-Theoretic Secure Verifiable Secret Sharing , 1991, CRYPTO.

[11]  Dongqing Xie,et al.  Attribute-based signature and its applications , 2010, ASIACCS '10.

[12]  Kenneth G. Paterson,et al.  On the Joint Security of Encryption and Signature, Revisited , 2011, IACR Cryptol. ePrint Arch..

[13]  Tapas Pandit,et al.  Generic Conversions from CPA to CCA secure Functional Encryption , 2015, IACR Cryptol. ePrint Arch..

[14]  Cheng Chen,et al.  Combined Public-Key Schemes: The Case of ABE and ABS , 2012, ProvSec.

[15]  Manoj Prabhakaran,et al.  Attribute-Based Signatures: Achieving Attribute-Privacy and Collusion-Resistance , 2008, IACR Cryptol. ePrint Arch..

[16]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[17]  Reihaneh Safavi-Naini,et al.  Threshold Attribute-Based Signatures and Their Application to Anonymous Credential Systems , 2009, AFRICACRYPT.

[18]  Jacob C. N. Schuldt,et al.  Efficient Constructions of Signcryption Schemes and Signcryption Composability , 2009, INDOCRYPT.

[19]  Silvio Micali,et al.  Practical and Provably-Secure Commitment Schemes from Collision-Free Hashing , 1996, CRYPTO.

[20]  Dan Boneh,et al.  Evaluating 2-DNF Formulas on Ciphertexts , 2005, TCC.

[21]  Ivan Damgård,et al.  A Statistically-Hiding Integer Commitment Scheme Based on Groups with Hidden Order , 2002, ASIACRYPT.

[22]  Tatsuaki Okamoto,et al.  Fully Secure Unbounded Inner-Product and Attribute-Based Encryption , 2012, ASIACRYPT.

[23]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[24]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[25]  Florian Hess,et al.  Efficient Identity Based Signature Schemes Based on Pairings , 2002, Selected Areas in Cryptography.

[26]  Jonathan Katz,et al.  Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption , 2005, CT-RSA.

[27]  Atsuko Miyaji,et al.  Dynamic attribute-based signcryption without random oracles , 2012, Int. J. Appl. Cryptogr..

[28]  Yuliang Zheng,et al.  Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(Encryption) , 1997, CRYPTO.

[29]  Changji Wang,et al.  Attribute-based Signcryption with Ciphertext-policy and Claim-predicate Mechanism , 2011, 2011 Seventh International Conference on Computational Intelligence and Security.

[30]  Tapas Pandit,et al.  Attribute-Based Signcryption : Signer Privacy, Strong Unforgeability and IND-CCA2 Security in Adaptive-Predicates Attack , 2014, ProvSec.

[31]  Reihaneh Safavi-Naini,et al.  Threshold Attribute-Based Signcryption , 2010, SCN.

[32]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[33]  Manoj Prabhakaran,et al.  Attribute-Based Signatures , 2011, CT-RSA.

[34]  Marc Fischlin,et al.  Confidential Signatures and Deterministic Signcryption , 2010, IACR Cryptol. ePrint Arch..

[35]  Allison Bishop,et al.  New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques , 2012, CRYPTO.

[36]  Benny Pinkas,et al.  Securely combining public-key cryptosystems , 2001, CCS '01.

[37]  Brent Waters,et al.  Ciphertext-Policy Attribute-Based Encryption: An Expressive, Efficient, and Provably Secure Realization , 2011, Public Key Cryptography.

[38]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[39]  Tatsuaki Okamoto,et al.  Efficient Attribute-Based Signatures for Non-Monotone Predicates in the Standard Model , 2014, IEEE Transactions on Cloud Computing.

[40]  P. MuraliKrishna,et al.  SECURE SCHEMES FOR SECRET SHARING AND KEY DISTRIBUTION USING PELL'S EQUATION , 2013 .

[41]  Tal Rabin,et al.  On the Security of Joint Signature and Encryption , 2002, EUROCRYPT.

[42]  Ratna Dutta,et al.  Expressive Bandwidth-Efficient Attribute Based Signature and Signcryption in Standard Model , 2014, ACISP.

[43]  Jean-Jacques Quisquater,et al.  Improved Signcryption from q-Diffie-Hellman Problems , 2004, SCN.

[44]  Liqun Chen,et al.  Improved Identity-Based Signcryption , 2005, Public Key Cryptography.

[45]  Allison Bishop,et al.  New Techniques for Dual System Encryption and Fully Secure HIBE with Short Ciphertexts , 2010, IACR Cryptol. ePrint Arch..

[46]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[47]  Jean-Jacques Quisquater,et al.  Efficient Signcryption with Key Privacy from Gap Diffie-Hellman Groups , 2004, Public Key Cryptography.

[48]  Goichiro Hanaoka,et al.  Generic Constructions for Chosen-Ciphertext Secure Attribute Based Encryption , 2011, Public Key Cryptography.