Abstract
We construct the first tightly secure hierarchical identity-based encryption (HIBE) scheme basedon standard assumptions, which solves an open problem from Blazy, Kiltz, and Pan (CRYPTO 2014).At the core of our constructions is a novel randomization technique that enables us to randomizeuser secret keys for identities with flexible length.The security reductions of previous HIBEs lose at least a factor of Q, which is the number ofuser secret key queries. Different to that, the security loss of our schemes is only dependent onthe security parameter. Our schemes are adaptively secure based on the Matrix Diffie-Hellmanassumption, which is a generalization of standard Diffie-Hellman assumptions such as k-Linear. Wehave two tightly secure constructions, one with constant ciphertext size, and the other with tightersecurity at the cost of linear ciphertext size. Among other things, our schemes imply the first tightlysecure identity-based signature scheme by a variant of the Naor transformation.
Highlights
To prove Theorem 3.3, we combine Lemmas 3.4–3.17 to change h1 from real to random and apply all Lemmas in reverse order to get to the HPR0-CMArand game
In MAC1[U3k,k] in a tag for m we add to the value u for the i-th level j fj m|i xj
The idea is to replace this by j fj H m|i xj for a collision resistant hash function H
Summary
Most famous ones are CCA-secure IBEs [CHK04] and identity-based signatures [KN09] from HIBE To achieve adaptive security in the standard model, the early IBE constructions require either non-tight reductions to the hardness of the underlying assumptions [Wat[05], CLL+13, Lew[12], JR13], or Q-type, non-static assumptions [Gen06]. The security loss of more recent HIBEs [Wat[09], Lew[12], CW13, BKP14, GCTC16] does not depend on the number of maximal levels L, they are still not tight and lose a factor of Q. The hope of achieving tight security for HIBEs lies in developing a novel method that enables randomization of user secret keys for identities with flexible level
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
