Efficient revocable ID‐based encryption with cloud revocation server

The capability to efficiently revoke compromised/misbehaving users is important in identity‐based encryption (IBE) applications, as it is not a matter of if but of when that one or more users are compromised. Existing solutions generally require a trusted third party to update the private keys of nonrevoked users periodically, which impact on scalability and result in high computation and communication overheads at the key generation center. Li et al proposed a revocable IBE scheme, which outsources most of the computation and communication overheads to a Key Update Cloud Service Provider (KU‐CSP). However, their scheme is lack of scalability since the KU‐CSP must maintain a secret value for each user. Tseng et al proposed another revocable IBE scheme with a cloud revocation authority, seeking to provide scalability and improve both performance and security level. In this paper, we present a new revocable IBE scheme with a cloud revocation server (CRS). The CRS holds only one secret time update key for all users, which provides the capability to scale our scheme. We demonstrate that our scheme is secure against adaptive‐ID and chosen ciphertext attacks under the k‐CAA assumption and outperforms both schemes mentioned above, in terms of having lower computation and communication overheads.

[1]  Sherali Zeadally,et al.  Anonymous Authentication for Wireless Body Area Networks With Provable Security , 2017, IEEE Systems Journal.

[2]  Xinpeng Zhang,et al.  Identity-Based Encryption with Verifiable Outsourced Revocation , 2016, Comput. J..

[3]  Keita Emura,et al.  Revocable hierarchical identity-based encryption via history-free approach , 2016, Theor. Comput. Sci..

[4]  Sachin K. Korde,et al.  Identity-Based Encryption with Cloud Revocation Authority and its Applications , 2016 .

[5]  Robert H. Deng,et al.  Server-Aided Revocable Identity-Based Encryption , 2015, ESORICS.

[6]  Shantian Cheng,et al.  Adaptive-ID Secure Revocable Identity-Based Encryption from Lattices via Subset Difference Method , 2015, ISPEC.

[7]  Keita Emura,et al.  Revocable Hierarchical Identity-Based Encryption: History-Free Update, Security Against Insiders, and Short Ciphertexts , 2015, CT-RSA.

[8]  Jin Li,et al.  Identity-Based Encryption with Outsourced Revocation in Cloud Computing , 2015, IEEE Transactions on Computers.

[9]  Emad Abd-Elrahman,et al.  A Novel Virtual Identity Implementation for Anonymous Communication in Cloud Environments , 2015, EUSPN/ICTH.

[10]  Jin Li,et al.  Identity-based chameleon hashing and signatures without key exposure , 2014, Inf. Sci..

[11]  Keita Emura,et al.  Revocable Identity-Based Encryption Revisited: Security Model and Construction , 2013, Public Key Cryptography.

[12]  Keita Emura,et al.  Efficient Delegation of Key Generation and Revocation Functionalities in Identity-Based Encryption , 2013, CT-RSA.

[13]  Huaxiong Wang,et al.  Revocable Identity-Based Encryption from Lattices , 2012, ACISP.

[14]  Vinod Vaikuntanathan,et al.  Functional Encryption for Threshold Functions (or Fuzzy IBE) from Lattices , 2012, Public Key Cryptography.

[15]  Yuh-Min Tseng,et al.  Efficient Revocable ID-Based Encryption with a Public Channel , 2012, Comput. J..

[16]  Vipul Goyal,et al.  Identity-based encryption with efficient revocation , 2008, IACR Cryptol. ePrint Arch..

[17]  Jin Li,et al.  Identity-based trapdoor mercurial commitments and applications , 2011, Theor. Comput. Sci..

[18]  Yuh-Min Tseng,et al.  An efficient user authentication and key exchange protocol for mobile client-server environment , 2010, Comput. Networks.

[19]  Dan Boneh,et al.  Efficient Lattice (H)IBE in the Standard Model , 2010, EUROCRYPT.

[20]  Benoît Libert,et al.  Adaptive-ID Secure Revocable Identity-Based Encryption , 2009, CT-RSA.

[21]  Sherman S. M. Chow,et al.  Certificateless Ring Signatures , 2007, IACR Cryptol. ePrint Arch..

[22]  Hideki Imai,et al.  Generic Transforms to Acquire CCA-Security for Identity Based Encryption: The Cases of FOpkc and REACT , 2006, ACISP.

[23]  Jung Hee Cheon,et al.  Security Analysis of the Strong Diffie-Hellman Problem , 2006, EUROCRYPT.

[24]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[25]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[26]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[27]  Reihaneh Safavi-Naini,et al.  An Efficient Signature Scheme from Bilinear Pairings and Its Applications , 2004, Public Key Cryptography.

[28]  Joonsang Baek,et al.  Identity-Based Threshold Decryption , 2004, Public Key Cryptography.

[29]  Jean-Jacques Quisquater,et al.  Efficient revocation and threshold pairing based cryptosystems , 2003, PODC '03.

[30]  Gene Tsudik,et al.  Simple Identity-Based Cryptography with Mediated RSA , 2003, CT-RSA.

[31]  M. Kasahara,et al.  A New Traitor Tracing , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[32]  Moni Naor,et al.  Revocation and Tracing Schemes for Stateless Receivers , 2001, CRYPTO.

[33]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[34]  Dan Boneh,et al.  A Method for Fast Revocation of Public Key Certificates and Security Capabilities , 2001, USENIX Security Symposium.

[35]  Tatsuaki Okamoto,et al.  How to Enhance the Security of Public-Key Encryption at Minimum Cost , 1999, Public Key Cryptography.

[36]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.