New identity-based key-encapsulation mechanism and its applications in cloud computing

Identity-based encryption IBE is an important primitive of identity-based cryptography. As such, it is a type of public-key encryption in which the public key of a user is some unique information about the identity of the user e.g., a user's e-mail address. As a special form of IBE, identity-based key encapsulation mechanism IB-KEM can be used to create a random session key for encrypting messages. Any IB-KEM can be updated to a full IBE scheme by adding a symmetric encryption scheme with appropriate security properties. Currently, IB-KEM is a fundamental primitive of cryptography, and can be used to protect information system security, network security, cloud security, etc. In this paper, we construct a new IB-KEM in a generic levelled multilinear map setting and prove its security under multilinear decisional Diffie-Hellman assumption in the selective-ID model. Then, we make our IB-KEM translated to the GGH framework, which is proposed by Garg et al. 2013a. This framework defines an approximate version of a multilinear group family from ideal lattices. Finally, as an application of our new scheme, we introduce how to achieve secure transmission in the hierarchical architecture for cloud computing HACC.

[1]  Farookh Khadeer Hussain,et al.  A hybrid approach for the personalisation of cloud-based e-governance services , 2013, Int. J. High Perform. Comput. Netw..

[2]  Jin Li,et al.  Identity-based chameleon hashing and signatures without key exposure , 2014, Inf. Sci..

[3]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[4]  Markus Rückert,et al.  Aggregate and Verifiably Encrypted Signatures from Multilinear Maps Without Random Oracles , 2009, IACR Cryptol. ePrint Arch..

[5]  Brent Waters,et al.  Collusion Resistant Broadcast Encryption with Short Ciphertexts and Private Keys , 2005, CRYPTO.

[6]  Duncan S. Wong,et al.  Secure Outsourced Attribute-Based Signatures , 2014, IEEE Transactions on Parallel and Distributed Systems.

[7]  Craig Gentry,et al.  Fully Key-Homomorphic Encryption, Arithmetic Circuit ABE and Compact Garbled Circuits , 2014, EUROCRYPT.

[8]  Ron Rothblum,et al.  On the Circular Security of Bit-Encryption , 2013, TCC.

[9]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[10]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[11]  Silvio Pardi,et al.  A grid monitoring model over network-aware IaaS cloud infrastructure , 2013, Int. J. High Perform. Comput. Netw..

[12]  Kwangjo Kim,et al.  Identity-Based Chameleon Hash Scheme without Key Exposure , 2010, ACISP.

[13]  Brent Waters,et al.  Witness encryption and its applications , 2013, STOC '13.

[14]  Brent Waters,et al.  Attribute-based encryption for fine-grained access control of encrypted data , 2006, CCS '06.

[15]  Craig Gentry,et al.  Candidate Multilinear Maps from Ideal Lattices , 2013, EUROCRYPT.

[16]  Antoine Joux,et al.  A One Round Protocol for Tripartite Diffie–Hellman , 2000, Journal of Cryptology.

[17]  Brent Waters,et al.  Full Domain Hash from (Leveled) Multilinear Maps and Identity-Based Aggregate Signatures , 2013, CRYPTO.

[18]  Jean-Sébastien Coron,et al.  Practical Multilinear Maps over the Integers , 2013, CRYPTO.

[19]  Jonathan Katz,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[20]  Liang Yan,et al.  Strengthen Cloud Computing Security with Federal Identity Management Using Hierarchical Identity-Based Cryptography , 2009, CloudCom.

[21]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[22]  Dan Boneh,et al.  Applications of Multilinear Forms to Cryptography , 2002, IACR Cryptol. ePrint Arch..

[23]  Brent Waters,et al.  Attribute-Based Encryption for Circuits from Multilinear Maps , 2012, CRYPTO.

[24]  Mark Zhandry,et al.  Multiparty Key Exchange, Efficient Traitor Tracing, and More from Indistinguishability Obfuscation , 2014, CRYPTO.

[25]  A. Shamm Identity-based cryptosystems and signature schemes , 1985 .

[26]  Liqiong Ma A new construction of identity-based group signature , 2014, Int. J. Embed. Syst..

[27]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[28]  Bo Yang,et al.  Identity-Based Cryptography for Cloud Security , 2011, IACR Cryptol. ePrint Arch..

[29]  Ran Canetti,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[30]  Roberto Tamassia,et al.  Optimal Authenticated Data Structures with Multilinear Forms , 2010, Pairing.

[31]  Mark Zhandry,et al.  Multiparty Key Exchange, Efficient Traitor Tracing, and More from Indistinguishability Obfuscation , 2014, Algorithmica.

[32]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[33]  Bernd Freisleben,et al.  An identity-based security infrastructure for Cloud environments , 2010, 2010 IEEE International Conference on Wireless Communications, Networking and Information Security.

[34]  G. Lakpathi,et al.  Identity-Based Encryption with Outsourced Revocation in Cloud Computing , 2016 .

[35]  Massimo Ficco Security event correlation approach for cloud computing , 2013, Int. J. High Perform. Comput. Netw..

[36]  Pooya Farshim,et al.  Generic Constructions of Identity-Based and Certificateless KEMs , 2008, Journal of Cryptology.

[37]  Lilian Bossuet,et al.  Dynamically Configurable Security for SRAM FPGA Bitstreams , 2004, IPDPS.

[38]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.