Identity-Based Threshold Key-Insulated Encryption without Random Oracles

With more and more cryptosystems being deployed on insecure environments such as mobile devices, key exposures appear to be unavoidable. This is perhaps the most devastating attack on a cryptosystem, since it typically means that security is entirely lost. This problem is especially hard to tackle in identity-based encryption (IBE) settings, where the public key is determined as a user's identity and is not desirable to be changed. In this paper, we extend Dodis et al.'s key-insulation idea and present a new paradigm named threshold key-insulation. The new paradigm not only greatly enhances the security of the system, but also provides flexibility and efficiency. To deal with the key-exposure problem in IBE settings, we further propose an identity-based threshold key-insulated encryption (IBTKIE) scheme. The proposed scheme is proved to be semantically secure without random oracles.

[1]  Rafail Ostrovsky,et al.  How to withstand mobile virus attacks (extended abstract) , 1991, PODC '91.

[2]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[3]  Yvo Desmedt Public Key Cryptography — PKC 2003 , 2002, Lecture Notes in Computer Science.

[4]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[5]  Joonsang Baek,et al.  Identity-Based Threshold Decryption , 2004, Public Key Cryptography.

[6]  Alfred Menezes,et al.  Topics in Cryptology – CT-RSA 2005 , 2005 .

[7]  Eike Kiltz,et al.  Chosen-Ciphertext Secure Identity-Based Encryption in the Standard Model with short Ciphertexts , 2006, IACR Cryptol. ePrint Arch..

[8]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[9]  Moti Yung,et al.  Exposure-resilience for free: the hierarchical ID-based encryption case , 2002, First International IEEE Security in Storage Workshop, 2002. Proceedings..

[10]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[11]  Kefei Chen,et al.  Advances in Cryptology - ASIACRYPT 2006, 12th International Conference on the Theory and Application of Cryptology and Information Security, Shanghai, China, December 3-7, 2006, Proceedings , 2006, ASIACRYPT.

[12]  Junji Shikata,et al.  Unconditionally Secure Key Insulated Cryptosystems: Models, Bounds and Constructions , 2002, ICICS.

[13]  Gene Itkis,et al.  Intrusion-Resilient Signatures: Generic Constructions, or Defeating Strong Adversary with Minimal Assumptions , 2002, SCN.

[14]  Kaoru Kurosawa,et al.  Advances in Cryptology - ASIACRYPT 2007, 13th International Conference on the Theory and Application of Cryptology and Information Security, Kuching, Malaysia, December 2-6, 2007, Proceedings , 2007, International Conference on the Theory and Application of Cryptology and Information Security.

[15]  Ross J. Anderson,et al.  Two remarks on public key cryptology , 2002 .

[16]  Colin Boyd,et al.  Cryptography and Coding , 1995, Lecture Notes in Computer Science.

[17]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[18]  Eike Kiltz,et al.  Generalized Key Delegation for Hierarchical Identity-Based Encryption , 2007, ESORICS.

[19]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[20]  Aggelos Kiayias,et al.  Public Key Cryptography - PKC 2006 , 2006, Lecture Notes in Computer Science.

[21]  Moti Yung,et al.  Parallel Key-Insulated Public Key Encryption Without Random Oracles , 2007, Public Key Cryptography.

[22]  Matthew K. Franklin,et al.  A Generic Construction for Intrusion-Resilient Public-Key Encryption , 2004, CT-RSA.

[23]  Mihir Bellare,et al.  Protecting against key-exposure: strongly key-insulated encryption with optimal threshold , 2005, Applicable Algebra in Engineering, Communication and Computing.

[24]  Matthew K. Franklin,et al.  Intrusion-Resilient Public-Key Encryption , 2003, CT-RSA.

[25]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[26]  Eike Kiltz,et al.  Chosen-Ciphertext Secure Threshold Identity-Based Key Encapsulation Without Random Oracles , 2006, SCN.

[27]  Jonathan Katz,et al.  Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption , 2005, CT-RSA.

[28]  Mihir Bellare,et al.  A Forward-Secure Digital Signature Scheme , 1999, CRYPTO.

[29]  Robert H. Deng,et al.  Public Key Cryptography – PKC 2004 , 2004, Lecture Notes in Computer Science.

[30]  Tatsuaki Okamoto Topics in Cryptology – CT-RSA 2004 , 2004, Lecture Notes in Computer Science.

[31]  Matthew Green,et al.  Blind Identity-Based Encryption and Simulatable Oblivious Transfer , 2007, ASIACRYPT.

[32]  Tanja Lange,et al.  Progress in Cryptology - INDOCRYPT 2006, 7th International Conference on Cryptology in India, Kolkata, India, December 11-13, 2006, Proceedings , 2006, INDOCRYPT.

[33]  Jian Weng,et al.  Identity-Based Parallel Key-Insulated Encryption Without Random Oracles: Security Notions and Construction , 2006, INDOCRYPT.

[34]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[35]  Marc Joye,et al.  Topics in Cryptology — CT-RSA 2003 , 2003 .

[36]  Jonathan Katz,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[37]  Jung Hee Cheon,et al.  Timed-Release and Key-Insulated Public Key Encryption , 2006, Financial Cryptography.

[38]  Information Security and Privacy , 1996, Lecture Notes in Computer Science.

[39]  Moti Yung,et al.  Efficient Intrusion-Resilient Signatures Without Random Oracles , 2006, Inscrypt.

[40]  Gene Itkis,et al.  SiBIR: Signer-Base Intrusion-Resilient Signatures , 2002, CRYPTO.

[41]  이필중,et al.  Efficient Key Updating Signature Schemes Based on IBS , 2003 .

[42]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[43]  Hideki Imai,et al.  Reducing the Spread of Damage of Key Exposures in Key-Insulated Encryption , 2006, VIETCRYPT.

[44]  Shouhuai Xu,et al.  Key-Insulated Public Key Cryptosystems , 2002, EUROCRYPT.

[45]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[46]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[47]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[48]  Tatsuaki Okamoto,et al.  Public Key Cryptography - PKC 2007, 10th International Conference on Practice and Theory in Public-Key Cryptography, Beijing, China, April 16-20, 2007, Proceedings , 2007, Public Key Cryptography.

[49]  Moti Yung,et al.  Advances in Cryptology — CRYPTO 2002 , 2002, Lecture Notes in Computer Science.

[50]  Eike Kiltz,et al.  Direct chosen-ciphertext secure identity-based key encapsulation without random oracles , 2009, Theor. Comput. Sci..

[51]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[52]  Joachim Biskup,et al.  Computer Security - ESORICS 2007, 12th European Symposium On Research In Computer Security, Dresden, Germany, September 24-26, 2007, Proceedings , 2007, ESORICS.

[53]  Nicolás González-Deleito,et al.  A New Key-Insulated Signature Scheme , 2004, ICICS.

[54]  Patricia L. V. Ribeiro,et al.  SPACE-EFFICIENT IDENTITY-BASED ENCRYPTION , 2009 .

[55]  Rafail Ostrovsky,et al.  How To Withstand Mobile Virus Attacks , 1991, PODC 1991.

[56]  Dániel Marx,et al.  On the Optimality of Planar and Geometric Approximation Schemes , 2007, 48th Annual IEEE Symposium on Foundations of Computer Science (FOCS'07).

[57]  Phong Q. Nguyen Progress in Cryptology - VIETCRYPT 2006 , 2007 .

[58]  Sanjit Chatterjee,et al.  HIBE With Short Public Parameters Without Random Oracle , 2006, ASIACRYPT.

[59]  Shouhuai Xu,et al.  Strong Key-Insulated Signature Schemes , 2003, Public Key Cryptography.

[60]  Hideki Imai,et al.  Parallel Key-Insulated Public Key Encryption , 2006, Public Key Cryptography.

[61]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.