Efficient IBE with Tight Reduction to Standard Assumption in the Multi-challenge Setting

In 2015, Hofheinz et al. [PKC, 2015] extended Chen and Wee's almost-tight reduction technique for identity based encryptions IBE [CRYPTO, 2013] to the multi-instance, multi-ciphertext MIMC, or multi-challenge setting, where the adversary is allowed to obtain multiple challenge ciphertexts from multiple IBE instances, and gave the first almost-tightly secure IBE in this setting using composite-order bilinear groups. Several prime-order realizations were proposed lately. However there seems to be a dilemma of high system performance involving ciphertext/key size and encryption/decryption cost or weak/standard security assumptions. A natural question is: can we achieve high performance without relying on stronger/non-standard assumptions? In this paper, we answer the question in the affirmative by describing a prime-order IBE scheme with the same performance as the most efficient solutions so far but whose security still relies on the standardk-linear k-Lin assumption. Our technical start point is Blazy et al.'s almost-tightly secure IBE [CRYPTO, 2014]. We revisit their concrete IBE scheme and associate it with the framework of nested dual system group. This allows us to extend Blazy et al.'s almost-tightly secure IBE to the MIMC setting using Gong et al.'s method [PKC, 2016]. We emphasize that, when instantiating our construction by the Symmetric eXternal Diffie-Hellman assumption SXDH = 1-Lin, we obtain the most efficient concrete IBE scheme with almost-tight reduction in the MIMC setting, whose performance is even comparable to the most efficient IBE in the classical model i.e., the single-instance, single-ciphertext setting. Besides pursuing high performance, our IBE scheme also achieves a weaker form of anonymity pointed out by Attrapadung et al. [AsiaCrypt, 2015].

[1]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[2]  Xiaolei Dong,et al.  Extended Nested Dual System Groups, Revisited , 2016, Public Key Cryptography.

[3]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[4]  NaorMoni,et al.  Number-theoretic constructions of efficient pseudo-random functions , 2004 .

[5]  Charanjit S. Jutla,et al.  Shorter Quasi-Adaptive NIZK Proofs for Linear Subspaces , 2013, ASIACRYPT.

[6]  Moti Yung,et al.  Concise Multi-challenge CCA-Secure Encryption and Signatures with Almost Tight Security , 2014, ASIACRYPT.

[7]  Dennis Hofheinz,et al.  Identity-Based Encryption with (Almost) Tight Security in the Multi-instance, Multi-ciphertext Setting , 2015, Public Key Cryptography.

[8]  Eike Kiltz,et al.  Quasi-Adaptive NIZK for Linear Subspaces Revisited , 2015, IACR Cryptol. ePrint Arch..

[9]  Tatsuaki Okamoto,et al.  Fully Secure Functional Encryption with General Relations from the Decisional Linear Assumption , 2010, IACR Cryptol. ePrint Arch..

[10]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[11]  Hoeteck Wee,et al.  Improved Dual System ABE in Prime-Order Groups via Predicate Encodings , 2015, EUROCRYPT.

[12]  Jorge Luis Villar,et al.  An Algebraic Framework for Diffie–Hellman Assumptions , 2015, Journal of Cryptology.

[13]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[14]  Allison Bishop,et al.  Fully Secure Functional Encryption: Attribute-Based Encryption and (Hierarchical) Inner Product Encryption , 2010, EUROCRYPT.

[15]  Eike Kiltz,et al.  (Hierarchical) Identity-Based Encryption from Affine Message Authentication , 2014, CRYPTO.

[16]  Nuttapong Attrapadung,et al.  Dual System Encryption Framework in Prime-Order Groups via Computational Pair Encodings , 2016, ASIACRYPT.

[17]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[18]  Nuttapong Attrapadung,et al.  Dual System Encryption via Doubly Selective Security: Framework, Fully-secure Functional Encryption for Regular Languages, and More , 2014, IACR Cryptol. ePrint Arch..

[19]  Amit Sahai,et al.  Efficient Noninteractive Proof Systems for Bilinear Groups , 2008, SIAM J. Comput..

[20]  Allison Bishop,et al.  New Proof Methods for Attribute-Based Encryption: Achieving Full Security through Selective Techniques , 2012, CRYPTO.

[21]  Goichiro Hanaoka,et al.  A Framework for Identity-Based Encryption with Almost Tight Security , 2015, ASIACRYPT.

[22]  Hoeteck Wee,et al.  Fully, (Almost) Tightly Secure IBE and Dual System Groups , 2013, CRYPTO.

[23]  Eike Kiltz,et al.  Tightly CCA-Secure Encryption Without Pairings , 2016, EUROCRYPT.

[24]  Palash Sarkar,et al.  Efficient Adaptively Secure IBBE from Standard Assumptions , 2014, IACR Cryptol. ePrint Arch..

[25]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[26]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[27]  Hoeteck Wee,et al.  Dual System Groups and its Applications - Compact HIBE and More , 2014, IACR Cryptol. ePrint Arch..

[28]  Hoeteck Wee,et al.  Dual System Encryption via Predicate Encodings , 2014, TCC.

[29]  Tatsuaki Okamoto,et al.  Fully Secure Unbounded Inner-Product and Attribute-Based Encryption , 2012, ASIACRYPT.

[30]  Somindu C. Ramanna More Efficient Constructions for Inner-Product Encryption , 2016, ACNS.

[31]  Palash Sarkar,et al.  Efficient (Anonymous) Compact HIBE from Standard Assumptions , 2014, ProvSec.

[32]  Dennis Hofheinz,et al.  Algebraic Partitioning: Fully Compact and (almost) Tightly Secure Cryptography , 2016, TCC.

[33]  Charanjit S. Jutla,et al.  Shorter Quasi-Adaptive NIZK Proofs for Linear Subspaces , 2013, Journal of Cryptology.

[34]  Dennis Hofheinz,et al.  Adaptive Partitioning , 2016, EUROCRYPT.