Attribute-Based Key-Insulated Encryption

Attribute-based encryption (ABE) is an exciting alternative to public-key encryption, as ABE develops encryption systems with high expressiveness, without the need for a public key infrastructure (PKI) that makes publicly available the mapping between identities (sets of attributes), public keys, and validity of the latter. Any setting, PKI or attribute-based, must provide a means to revoke users from the system. To mitigate the limitation of ABE with regard to revocation, we propose an attribute-based key-insulated encryption (ABKIE) scheme, which is a novel ABE scheme. In our ABKIE scheme, a private key can be renewed without having to make changes to its public key (a set of attributes). The scheme is secure against adaptive chosen ciphertext attacks. The formal proof of security is presented under the Selective-ID security model, i.e. without random oracles, assuming the decision Bilinear Diffie-Hellman problem is computationally hard. To the best of our knowledge, this is the first ABKIE scheme up to now. Further, this is also the first concrete ABE construction with regard to revocation.

[1]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[2]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[3]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[4]  Mihir Bellare,et al.  Protecting against key-exposure: strongly key-insulated encryption with optimal threshold , 2005, Applicable Algebra in Engineering, Communication and Computing.

[5]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[6]  Jian Weng,et al.  Identity-Based Threshold Key-Insulated Encryption without Random Oracles , 2008, CT-RSA.

[7]  Silvio Micali,et al.  On the Cryptographic Applications of Random Functions , 1984, CRYPTO.

[8]  Junji Shikata,et al.  Identity-Based Hierarchical Strongly Key-Insulated Encryption and Its Application , 2005, ASIACRYPT.

[9]  Jonathan Katz,et al.  Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption , 2005, CT-RSA.

[10]  Qixiang Mei,et al.  Direct chosen ciphertext security from identity-based techniques , 2005, CCS '05.

[11]  Jian Weng,et al.  Identity-Based Parallel Key-Insulated Encryption Without Random Oracles: Security Notions and Construction , 2006, INDOCRYPT.

[12]  Shouhuai Xu,et al.  Key-Insulated Public Key Cryptosystems , 2002, EUROCRYPT.

[13]  Silvio Micali,et al.  How to construct random functions , 1986, JACM.

[14]  Vipul Goyal,et al.  Identity-based encryption with efficient revocation , 2008, IACR Cryptol. ePrint Arch..

[15]  Hideki Imai,et al.  Parallel Key-Insulated Public Key Encryption , 2006, Public Key Cryptography.

[16]  Amit Sahai,et al.  Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security , 1999, 40th Annual Symposium on Foundations of Computer Science (Cat. No.99CB37039).

[17]  Brent Waters,et al.  Secure attribute-based systems , 2006, CCS '06.