Abstract
As the only approved Identity-Based Encryption scheme in China that is also standardized by ISO, SM9-IBE has been widely adopted in many real-world applications. However, similar to other IBE standard algorithms, SM9-IBE currently lacks revocation mechanism, which is vital for a real system. Worse still, we find that existing revocable techniques may not be suitable and efficient when applying to SM9-IBE. Given the widespread use of SM9-IBE, an efficient and robust user revocation mechanism becomes an urgent issue.In this work, we propose a dedicated server-aided revocation mechanism, which for the first time achieves the secure, immediate and robust user revocation for SM9-IBE. Provided with a compact system model, the proposed method leverages an existing server to perform all heavy workloads during user revocation, thus leaving no communication and computation costs for the key generation center and users. Moreover, the mechanism supports key-exposure resistance, meaning the user revocation mechanism is robust even if the revocation key leaks. We then formally define and prove the security. At last, we present theoretical comparisons and an implementation in terms of computational latency and throughput. The results indicate the efficiency and practicability of the proposed mechanism.
Highlights
Identity-Based Encryption (IBE) is a special kind of public key encryption, where a user utilizes a unique string as the public key
Though SM9-IBE is proposed as a standard algorithm, it does not specify any user revocation mechanisms in the standards (Iso/iec 2015) and (Gm/t 2016a)
Since SM9-IBE is practice-oriented, it is desirable to deal with the realistic problem of user revocation
Summary
On input a master public key MPKSM9, an identity IDi and a message m, the algorithm runs as follows: 1 Select a random z ∈ Z∗p. On input a security parameter λ, the algorithm (run by KGC) outputs a master public key MPK, a master secret key MSK, an initial server secret key SSKctr and a revocation list L. On input a master public key MPK, an identity IDi and a message m, the algorithm (run by a data owner) outputs a ciphertext CTIDi .
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
