Article

ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption

Authors:

Yevgeniy Dodis,

Anna LysyanskayaAuthors Info & Claims

CCS '04: Proceedings of the 11th ACM conference on Computer and communications security

Pages 354 - 363

https://doi.org/10.1145/1030083.1030130

Published: 25 October 2004 Publication History

Abstract

A forward-secure encryption scheme protects secret keys from exposure by evolving the keys with time. Forward security has several unique requirements in hierarchical identity-based encryption (HIBE) scheme: (1) users join dynamically; (2) encryption is joining-time-oblivious; (3) users evolve secret keys autonomously.

We present a scalable forward-secure HIBE (fs-HIBE) scheme satisfying the above properties. We also show how our fs-HIBE scheme can be used to construct a forward-secure public-key broadcast encryption scheme, which protects the secrecy of prior transmissions in the broadcast encryption setting. We further generalize fs-HIBE into a collusion-resistant multiple hierarchical ID-based encryption scheme, which can be used for secure communications with entities having multiple roles in role-based access control. The security of our schemes is based on the bilinear Diffie-Hellman assumption in the random oracle model.

References

[1]

M. Abdalla, S. K. Miner, and C. Namprempre. Forward-secure threshold signature schemes. In Topics in Cryptography -- CT-RSA '01, volume 2020 of LNCS, pages 441--456.]]

Digital Library

[2]

R. Anderson. Two remarks on public-key cryptology. Invited lecture, 4th ACM Conference on Computer and Communications Security, 1997.]]

[3]

M. Bellare and S. K. Miner. A forward-secure digital signature scheme. In Advances in Cryptology -- Crypto '99, volume 1666 of LNCS, pages 431--448.]]

Digital Library

[4]

M. Bellare and P. Rogaway. Random oracles are practical: a paradigm for designing efficient protocols. In Proceedings of the 1st ACM Conference on Computer and Communications Security, pages 62--73. ACM, 1993.]]

Digital Library

[5]

M. Bellare and B. Yee. Forward security in private-key cryptography. In CT-RSA, volume 2612 of LNCS, pages 1--18.]]

Digital Library

[6]

D. Boneh and X. Boyen. Efficient selective-ID secure identity-based encryption without random oracles. In Advances in Cryptology -- Eurocrypt '04, volume 3027 of LNCS, pages 223--238.]]

[7]

D. Boneh and X. Boyen. Secure identity based encryption without random oracles. Crypto '04.]]

[8]

D. Boneh and M. K. Franklin. Identity-based encryption from the Weil pairing. In Advances in Cryptology -- Crypto '01, volume 2139 of LNCS, pages 213--229.]]

Digital Library

[9]

D. Boneh and A. Silverberg. Applications of multilinear forms to cryptography. Contemporary Mathematics, 324:71--90, 2003.]]

[10]

R. Canetti, S. Halevi, and J. Katz. A forward-secure public-key encryption scheme. In Advances in Cryptology -- Eurocrypt '03, volume 2656 of LNCS, pages 255--271.]]

Digital Library

[11]

W. Diffie, P. van Oorschot, and W. Wiener. Authentication and authenticated key exchanges. In Designs, Codes and Cryptography, volume 2, pages 107--125, 1992.]]

Digital Library

[12]

Y. Dodis and N. Fazio. Public-key broadcast encryption for stateless receivers. In Digital Rights Management -- DRM '02, volume 2696 of LNCS, pages 61--80.]]

[13]

Y. Dodis and N. Fazio. Public-key trace and revoke scheme secure against adaptive chosen ciphertext attack. In Public Key Cryptography -- PKC '03, volume 2567 of LNCS, pages 100--115.]]

Digital Library

[14]

A. Fiat and M. Naor. Broadcast encryption. In Advances in Cryptology -- Crypto '93, volume 773 of LNCS, pages 480--491.]]

Digital Library

[15]

E. Fujisaki and T. Okamoto. Secure integration of asymmetric and symmetric encryption schemes. In Advances in Cryptology -- Crypto '99, volume 1666 of LNCS, pages 537--554.]]

Digital Library

[16]

A. Garay, J. Staddon, and A. Wool. Long-lived broadcast encryption. In Advances in Cryptology -- Crypto 2000, volume 1880 of LNCS, pages 333--352.]]

Digital Library

[17]

C. Günther. An identity-based key exchange protocol. In Advances in Cryptology -- Eurocrypt '89, volume 434 of LNCS, pages 29--37.]]

Digital Library

[18]

C. Gentry and A. Silverberg. Hierarchical ID-based cryptography. In Advances in Cryptology -- Asiacrypt '02, volume 2501 of LNCS, pages 548--566.]]

Digital Library

[19]

M. T. Goodrich, J. Z. Sun, and R. Tamassia. Efficient tree-based revocation in groups of low-state devices. In Advances in Cryptology - Crypto '04, LNCS.]]

[20]

D. Halevy and A. Shamir. The LSD broadcast encryption scheme. In Advances in Cryptology -- Crypto '02, volume 2442 of LNCS, pages 47--60.]]

Digital Library

[21]

J. Holt, R. Bradshaw, K. E. Seamons, and H. Orman. Hidden credentials. In Proceedings of the 2nd ACM Workshop on Privacy in the Electronic Society, pages 1--8, October 2003.]]

Digital Library

[22]

J. Horwitz and B. Lynn. Toward hierarchical identity-based encryption. In Advances in Cryptology -- Eurocrypt '02, volume 2332 of LNCS, pages 466--481.]]

Digital Library

[23]

J. Katz. A forward-secure public-key encryption scheme. Cryptology ePrint Archive, Report 2002/060.]]

[24]

C. Kim, Y. Hwang, and P. Lee. An efficient public key trace and revoke scheme secure against adaptive chosen ciphertext attack. In Advances in Cryptology -- Asiacrypt 2003, volume 2894 of LNCS, pages 359--373.]]

[25]

M. Luby and J. Staddon. Combinatorial bounds for broadcast encryption. In Advances in Cryptology -- Eurocrypt '98, volume 1403 of LNCS, pages 512--526.]]

[26]

T. Malkin, D. Micciancio, and S. K. Miner. Efficient generic forward-secure signatures with an unbounded number of time periods. In Advances in Cryptology -- Eurocrypt '02, volume 2332 of LNCS, pages 400--417.]]

Digital Library

[27]

D. Naor, M. Naor, and J. Lotspiech. Revocation and tracing schemes for stateless receivers. In Advances in Cryptology -- Crypto '01, volume 2139 of LNCS, pages 41--62.]]

Digital Library

[28]

R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29, Number 2:38--47, 1996.]]

Digital Library

[29]

R. Tamassia, D. Yao, and W. H. Winsborough. Role-based cascaded delegation. In Proceedings of the ACM Symposium on Access Control Models and Technologies (SACMAT '04), pages 146--155. ACM Press, June 2004.]]

Digital Library

[30]

B. R. Waters. Efficient identity-based encryption without random oracles. Cryptology ePrint Archive, Report 2004/180, 2004.]]

[31]

C. Wong, M. Gouda, and S. Lam. Secure group communications using key graphs. In Proceedings of the ACM SIGCOMM '98, pages 68--79.]]

Digital Library

[32]

D. Yao, N. Fazio, Y. Dodis, and A. Lysyanskaya. ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption. Cryptology ePrint Archive, Report 2004/212, 2004.]]

Cited By

Yang HPeng C(2024)CP-IPFE: Ciphertext-Policy Based Inner Product Functional EncryptionIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.339639519(5419-5433)Online publication date: 2-May-2024
https://dl.acm.org/doi/10.1109/TIFS.2024.3396395
Wu AZhang YZhu JZhao QZhang Y(2024)Hierarchal Bilateral Access Control With Constant Size Ciphertexts for Mobile Cloud ComputingIEEE Transactions on Cloud Computing10.1109/TCC.2024.338612612:2(659-670)Online publication date: Apr-2024
https://doi.org/10.1109/TCC.2024.3386126
Jin RQu LChen RYang ZWang Y(2024)A lattice-based forward secure IBE scheme for Internet of thingsInformation Sciences: an International Journal10.1016/j.ins.2023.120083660:COnline publication date: 1-Mar-2024
https://dl.acm.org/doi/10.1016/j.ins.2023.120083
Show More Cited By

Index Terms

ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption
1. Security and privacy
  1. Cryptography
    1. Public key (asymmetric) techniques
      1. Public key encryption

Recommendations

Breaking an ID-based encryption based on discrete logarithm and factorization problems

We cryptanalyse the new ID-based encryption scheme proposed by Meshram.We find a method to factorize N, where N is the parameter proposed by Meshram.We also give a method to recover the secret master key of Meshram's ID-based encryption scheme.We also ...
Public-Key encryption from ID-Based encryption without one-time signature
OTM'06: Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part I

Design a secure public key encryption scheme and its security proof are one of the main interests in cryptography In 2004, Canetti, Halevi and Katz [8] constructed a public key encryption (PKE) from a selective identity-based encryption scheme with a ...
Chosen-ciphertext secure bidirectional proxy broadcast re-encryption schemes

A proxy re-encryption PRE scheme supports the delegation of decryption rights via a proxy, who makes the ciphertexts decryptable by the delegatee. However, how to structure a chosen-ciphertext secure proxy re-encryption scheme without pair is still an ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CCS '04: Proceedings of the 11th ACM conference on Computer and communications security

October 2004

376 pages

ISBN:1581139616

DOI:10.1145/1030083

General Chair:
Vijay Atluri
Rutgers University
,
Program Chairs:
Birgit Pfitzmann
IBM Research, Switzerland
,
Patrick McDaniel
AT&T Labs

Copyright © 2004 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 25 October 2004

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

CCS04

Sponsor:

CCS04: 11th ACM Conference on Computer and Communications Security 2004

October 25 - 29, 2004

Washington DC, USA

Acceptance Rates

Overall Acceptance Rate 1,261 of 6,999 submissions, 18%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

93
Total Citations
View Citations
1,634
Total Downloads

Downloads (Last 12 months)35
Downloads (Last 6 weeks)3

Reflects downloads up to 10 Oct 2024

Other Metrics

View Author Metrics

Citations

Cited By

Yang HPeng C(2024)CP-IPFE: Ciphertext-Policy Based Inner Product Functional EncryptionIEEE Transactions on Information Forensics and Security10.1109/TIFS.2024.339639519(5419-5433)Online publication date: 2-May-2024
https://dl.acm.org/doi/10.1109/TIFS.2024.3396395
Wu AZhang YZhu JZhao QZhang Y(2024)Hierarchal Bilateral Access Control With Constant Size Ciphertexts for Mobile Cloud ComputingIEEE Transactions on Cloud Computing10.1109/TCC.2024.338612612:2(659-670)Online publication date: Apr-2024
https://doi.org/10.1109/TCC.2024.3386126
Jin RQu LChen RYang ZWang Y(2024)A lattice-based forward secure IBE scheme for Internet of thingsInformation Sciences: an International Journal10.1016/j.ins.2023.120083660:COnline publication date: 1-Mar-2024
https://dl.acm.org/doi/10.1016/j.ins.2023.120083
Wei JChen XWang JHuang XSusilo W(2023)Securing Fine-Grained Data Sharing and Erasure in Outsourced Storage SystemsIEEE Transactions on Parallel and Distributed Systems10.1109/TPDS.2022.322527434:2(552-566)Online publication date: 1-Feb-2023
https://doi.org/10.1109/TPDS.2022.3225274
Zhang RZhang LChoo KChen T(2023)Dynamic Authenticated Asymmetric Group Key Agreement With Sender Non-Repudiation and Privacy for Group-Oriented ApplicationsIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.313844520:1(492-505)Online publication date: 1-Jan-2023
https://doi.org/10.1109/TDSC.2021.3138445
Liu JBai LJiang CZhang WLiu JBai LJiang CZhang W(2023)Ground Network SecuritySpace-Air-Ground Integrated Network Security10.1007/978-981-99-1125-7_3(67-287)Online publication date: 1-Mar-2023
https://doi.org/10.1007/978-981-99-1125-7_3
Dutta PJiang MDuong DSusilo WFukushima KKiyomoto SSuga YSakurai KDing XSako K(2022)Hierarchical Identity-based Puncturable Encryption from Lattices with Application to Forward SecurityProceedings of the 2022 ACM on Asia Conference on Computer and Communications Security10.1145/3488932.3517400(408-422)Online publication date: 30-May-2022
https://doi.org/10.1145/3488932.3517400
Shen JMiao TLai JChen XLi JYu S(2022)IMS: An Identity-Based Many-to-Many Subscription Scheme With Efficient Key Management for Wireless Broadcast SystemsIEEE Transactions on Services Computing10.1109/TSC.2020.301054715:3(1707-1719)Online publication date: 1-May-2022
https://doi.org/10.1109/TSC.2020.3010547
Wei JChen XWang JHu XMa J(2022)Enabling (End-to-End) Encrypted Cloud Emails With Practical Forward SecrecyIEEE Transactions on Dependable and Secure Computing10.1109/TDSC.2021.305549519:4(2318-2332)Online publication date: 1-Jul-2022
https://doi.org/10.1109/TDSC.2021.3055495
Kalkar OSertkaya ITutdere S(2022)On The Batch Outsourcing Of Pairing ComputationsThe Computer Journal10.1093/comjnl/bxac09566:10(2437-2446)Online publication date: 24-Jul-2022
https://doi.org/10.1093/comjnl/bxac095
Show More Cited By

View Options

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents