• Title/Summary/Keyword: hierarchical identity based encryption

Search Result 10, Processing Time 0.046 seconds

Hierarchical Identity-based Broadcast Encryption Scheme from LWE

  • Yang, Chunli;Zheng, Shihui;Wang, Licheng;Lu, Xiuhua;Yang, Yixian
    • Journal of Communications and Networks
    • /
    • v.16 no.3
    • /
    • pp.258-263
    • /
    • 2014
  • A hierarchical identity-based broadcast encryption (H-IBBE) scheme is an identity-based broadcast encryption (IBBE) scheme in a hierarchical environment. In order to obtain secure H-IBBE schemes in the quantum era, we propose an H-IBBE scheme based on the learning with errors problemassumption.Our scheme achieves indistinguishability from random under adaptive chosen-plaintext and chosen-identity attacks in the random oracle model.

Scalable Hierarchical Identity-based Signature Scheme from Lattices

  • Noh, Geontae;Jeong, Ik Rae
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.12
    • /
    • pp.3261-3273
    • /
    • 2013
  • In the paper, we propose a novel adaptively secure hierarchical identity-based signature scheme from lattices. The size of signatures in our scheme is shortest among the existing hierarchical identity-based signature schemes from lattices. Our scheme is motivated by Gentry et al.'s signature scheme and Agrawal et al.'s hierarchical identity-based encryption scheme.

Hierarchical Identity-Based Encryption with Constant-Size Private Keys

  • Zhang, Leyou;Wu, Qing;Hu, Yupu
    • ETRI Journal
    • /
    • v.34 no.1
    • /
    • pp.142-145
    • /
    • 2012
  • The main challenge at present in constructing hierarchical identity-based encryption (HIBE) is to solve the trade-off between private-key size and ciphertext size. At least one private-key size or ciphertext size in the existing schemes must rely on the hierarchy depth. In this letter, a new hierarchical computing technique is introduced to HIBE. Unlike others, the proposed scheme, which consists of only two group elements, achieves constant-size private keys. In addition, the ciphertext consists of just three group elements, regardless of the hierarchy depth. To the best of our knowledge, it is the first efficient scheme where both ciphertexts and private keys achieve O(1)-size, which is the best trade-off between private-key size and ciphertext size at present. We also give the security proof in the selective-identity model.

New Techniques for Anonymous HIBE with Short Ciphertexts in Prime Order Groups

  • Lee, Kwang-Su;Lee, Dong-Hoon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.4 no.5
    • /
    • pp.968-988
    • /
    • 2010
  • Anonymous hierarchical identity based encryption (HIBE) is an extension of identity based encryption (IBE) that can use an arbitrary string like an e-mail address for a public key, and it additionally provide the anonymity of identity in ciphertexts. Using the anonymous HIBE schemes, it is possible to construct anonymous communication systems and public key encryption with keyword search. This paper presents an anonymous HIBE scheme with constant size ciphertexts under prime order symmetric bilinear groups, and shows that it is secure under the selective security model. Previous anonymous HIBE schemes were constructed to have linear size ciphertexts, to use composite order bilinear groups, or to use asymmetric bilinear groups that is a special type of bilinear groups. Our construction is the first efficient anonymous HIBE scheme that has constant size ciphertexts and that uses prime order symmetric bilinear groups. Compared to the previous scheme of composite order bilinear groups, ours is ten times faster. To achieve our construction, we first devise a novel cancelable random blinding technique. The random blinding property of our technique provides the anonymity of our construction, and the cancellation property of our technique enables decryption.

New Constructions of Hierarchical Attribute-Based Encryption for Fine-Grained Access Control in Cloud Computing

  • Zhang, Leyou;Hu, Yupu
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.5
    • /
    • pp.1343-1356
    • /
    • 2013
  • Cloud computing has emerged as perhaps the hottest development in information technology at present. This new computing technology requires that the users ensure that their infrastructure is safety and that their data and applications are protected. In addition, the customer must ensure that the provider has taken the proper security measures to protect their information. In order to achieve fine-grained and flexible access control for cloud computing, a new construction of hierarchical attribute-based encryption(HABE) with Ciphertext-Policy is proposed in this paper. The proposed scheme inherits flexibility and delegation of hierarchical identity-based cryptography, and achieves scalability due to the hierarchical structure. The new scheme has constant size ciphertexts since it consists of two group elements. In addition, the security of the new construction is achieved in the standard model which avoids the potential defects in the existing works. Under the decision bilinear Diffie-Hellman exponent assumption, the proposed scheme is provable security against Chosen-plaintext Attack(CPA). Furthermore, we also show the proposed scheme can be transferred to a CCA(Chosen-ciphertext Attack) secure scheme.

Direct Chosen Ciphertext Secure Hierarchical ID-Based Encryption Schemes in the Selective-ID Security Model

  • Park, Jong-Hwan;Choi, Kyu-Young;Lee, Dong-Hoon
    • Proceedings of the Korean Society of Broadcast Engineers Conference
    • /
    • 2007.02a
    • /
    • pp.154-157
    • /
    • 2007
  • It has been widely believed that one can obtain $\iota$-Hierarchical Identity Based Encryption (HIBE) scheme secure against chosen ciphetext attacks from ($\iota$+1)-HIBE scheme secure against chosen plaintext attacks. In this paper, however, we show that when applying two concrete HIBE schemes that Boneh et al. [1, 2] proposed, chosen ciphertext secure $\iota$-HIBE schemes are directly derived from chosen plaintext secure $\iota$-HIBE schemes. Our constructions are based on a one-time signature-based transformation that Canetti et at.[3] proposed. The security of our schemes is proved in the selective-ID suity model without using random oracles.

  • PDF

Public key broadcast encryption scheme using new converting method

  • Jho, Nam-Su;Yoo, Eun-Sun;Rhee, Man-Young
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.6B
    • /
    • pp.199-206
    • /
    • 2008
  • Broadcast encryption is a cryptographical primitive which is designed for a content provider to distribute contents to only privileged qualifying users through an insecure channel. Anyone who knows public keys can distribute contents by means of public key broadcast encryption whose technique can also be applicable to many other applications. In order to design public key broadcast encryption scheme, it should devise some methods that convert a broadcast encryption scheme based on symmetric key cryptosystem to a public key broadcast encryption. Up to this point, broadcast encryption scheme on trial for converting from symmetric key setting to asymmetric public key setting has been attempted by employing the Hierarchical Identity Based Encryption (HIBE) technique. However, this converting method is not optimal because some of the properties of HIBE are not quite fitting for public key broadcast schemes. In this paper, we proposed new converting method and an efficient public key broadcast encryption scheme Pub-PI which is obtained by adapting the new converting method to the PI scheme [10]. The transmission overhead of the Pub-PI is approximately 3r, where r is the number of revoked users. The storage size of Pub-PI is O($c^2$), where c is a system parameter of PI and the computation cost is 2 pairing computations.

A Secure Data Processing Using ID-Based Key Cryptography in Mobile Cloud Computing (모바일 클라우드 컴퓨팅 환경에서 ID-기반 키 암호화를 이용한 안전한 데이터 처리 기술)

  • Cheon, EunHong;Lee, YonSik
    • Convergence Security Journal
    • /
    • v.15 no.5
    • /
    • pp.3-8
    • /
    • 2015
  • Most mobile cloud computing system use public key cryptography to provide data security and mutual authentication. A variant of traditional public key technologies called Identity-Based Cryptography(IBC) has recently received considerable attention. The certificate-free approach of IBC may well match the dynamic qualities of cloud environment. But, there is a need for a lightweight secure framework that provides security with minimum processing overhead on mobile devices. In this paper, we propose to use hierarchical ID-Based Encryption in mobile cloud computing. It is suitable for a mobile network since it can reduce the workload of root Public Key Generators by delegating the privilege of user authentication and private key generation. The Identity-Based Encryption and Identity-Based Signature are also proposed and an ID-Based Authentication scheme is presented to secure data processing. The proposed scheme is designed by one-way hash functions and XOR operations, thus has low computation costs for mobile users.

On the HIDE based Group Signature for Secure Personal Healthcare Record Service (안전한 개인의료정보 서비스를 위한 HIDE 기반의 그룹서명)

  • Cho, Young-bok;Woo, Sung-hee;Lee, Sang-ho;Park, Jong-bae
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.19 no.10
    • /
    • pp.2481-2490
    • /
    • 2015
  • The issue of PHR is maintained on the server will be in the hospital. PHR information stored on the server, such as a patient's illness and treatment is very sensitive information. Therefore, patients should be guaranteed the protection of privacy. In addition, the PHR should be allowed to group access of it's approach. Therefore, in this paper the proposed group signature using hierarchical identity-based encryption schemes into can guarantee the PHR data privacy. The session key generated by group signature, it is use a tiered approach. The generated session keys safe PHR data transmission is possible. The proposed method is average 80% than the PKI encryption and ID-based encryption rather than average 50% the algorithm processing is more efficient

Forward-Secure Public Key Broadcast Encryption (전방향 안전성을 보장하는 공개키 브로드캐스트 암호 기법)

  • Park, Jong-Hwan;Yoon, Seok-Koo
    • Journal of Broadcast Engineering
    • /
    • v.13 no.1
    • /
    • pp.53-61
    • /
    • 2008
  • Public Key Broadcast Encryption (PKBE) allows a sender to distribute a message to a changing set of users over an insecure channel. PKBE schemes should be able to dynamically exclude (i.e., revoke) a certain subset of users from decrypting a ciphertext, so that only remaining users can decrypt the ciphertext. Another important requirement is for the scheme to be forward-secrecy. A forward-secure PKBE (fs-PKBE) enables each user to update his private key periodically. This updated private key prevents an adversary from obtain the private key for certain past period, which property is particularly needed for pay-TV systems. In this paper, we present a fs-PKBE scheme where both ciphertexts and private keys are of $O(\sqrt{n})$ size. Our PKBE construction is based on Boneh-Boyen-Goh's hierarchical identity-based encryption scheme. To provide the forward-secrecy with our PKBE scheme, we again use the delegation mechanism for lower level identities, introduced in the BBG scheme. We prove chosen ciphertext security of the proposed scheme under the Bilinear Diffie-Hellman Exponent assumption without random oracles.