The generic construction of continuous leakage-resilient identity-based cryptosystems

Abstract

In the leakage setting, the adversary is allowed to access the internal secret states of a cryptosystem, such as the private key of user and the master secret key. In the continuous leakage model, there is no predetermined bound on the leakage of internal secret states; therefore, it is more challenging. In this paper, we present a new primitive called updatable identity-based hash proof system (U-IB-HPS), which can serve as a fundamental tool for constructing continuous leakage-resilient identity-based cryptosystems. With the U-IB-HPS, we obtain the generic constructions of identity-based cryptosystem with continuous leakage-resilience, such as the continuous leakage-resilient identity-based encryption with leakage amplification, the continuous leakage-resilient identity-based hybrid encryption with leakage amplification, etc. As a feature of our generic constructions, we allow the leakage of multiple keys, i.e., leakage of the master secret key and the private key of user. In addition, we present a generic framework of one-round identity-based authenticated key exchange (AKE) protocol with continuous leakage resilience, which ensures the session key security even if the adversary performs continuous leakage attacks during the execution of a session. We also present instantiations of U-IB-HPS from bilinear groups and composite order bilinear groups, respectively. The security of our instantiations is based on the standard static assumptions, such as the decisional bilinear Diffie–Hellman assumption, the corresponding complexity assumptions over composite order bilinear groups, etc. Our instantiations can be easily extended to construct the updatable hierarchical identity-based hash proof system.