Exposure-resilience for free: the hierarchical ID-based encryption case

Dodis, Yevgeniy; Yung, Moti

doi:10.1109/sisw.2002.1183509

Cited by 6 publications

(7 citation statements)

References 29 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To our knowledge, other papers that have treated "threshold decryption" in the context of ID-based cryptography are [8] and [13]. Dodis and Yung [8] observed how threshold de-cryption can be realized in Gentry and Silverberg [12]'s "hierarchical ID-based encryption" setting. Interestingly, their approach is to share a private key (not the master key of the PKG) obtained from a user at a higher level.…”

Section: Related Work and Discussionmentioning

confidence: 99%

“…Interestingly, their approach is to share a private key (not the master key of the PKG) obtained from a user at a higher level. Although this was inevitable in the hierarchical ID-based encryption setting and its advantage in general ID-based cryptography was not mentioned in [8], it is more sound approach than sharing the master key of the PKG as we discussed above. However, their threshold decryption scheme is very-sketched and chosen-ciphertext security for the scheme was not considered in [8].…”

Section: Related Work and Discussionmentioning

confidence: 99%

See 1 more Smart Citation

Identity-Based Threshold Decryption

Baek

Zheng

2004

Public Key Cryptography – PKC 2004

124

122

View full text Add to dashboard Cite

In this paper, we examine issues related to the construction of identity-based threshold decryption schemes and argue that it is important in practice to design an identity-based threshold decryption scheme in which a private key associated with an identity is shared. A major contribution of this paper is to construct the first identity-based threshold decryption scheme secure against chosen-ciphertext attack. A formal proof of security of the scheme is provided in the random oracle model, assuming the Bilinear Diffie-Hellman problem is computationally hard. Another contribution of this paper is, by extending the proposed identity-based threshold decryption scheme, to construct a mediated identity-based encryption scheme secure against more powerful attacks than those considered previously.

show abstract

Section: Related Work and Discussionmentioning

confidence: 99%

Section: Related Work and Discussionmentioning

confidence: 99%

Identity-Based Threshold Decryption

Baek

Zheng

2004

Public Key Cryptography – PKC 2004

124

122

View full text Add to dashboard Cite

show abstract

“…In 2002, Dodis and Yung introduced an identity-based threshold decryption [5], but it is a very sketchy scheme. In [6], Libert and Quisquater suggested a first realized identity-based threshold encryption scheme, which is based on the scheme of Beneh and Frainklin [7].…”

Section: Related Workmentioning

confidence: 99%

“…The first chosen ciphertext secure identity‐based threshold decryption was designed by Baek and Zheng, but this system fixed a threshold value t when private keys for users are generated. We note that all threshold encryption schemes provided in are provably secure in the random oracle model and this could not imply the security in the real world (see ). Further researchers proposed other following works.…”

Section: Introductionmentioning

confidence: 99%

Selectively chosen ciphertext security in threshold public‐key encryption

Kim

Park

Lee

2012

Security Comm Networks

View full text Add to dashboard Cite

Threshold public‐key encryption can control decryption abilities of an authorized user group in such a way that each user of the group can produce only a decryption share and at least t of them should collect decryption shares to recover a message. We present a new threshold public‐key encryption that is secure against selectively chosen ciphertext attacks. Semantic security against chosen ciphertext adversaries is the de facto level of security for public‐key encryption deployed in practice because many encryption systems are broken in a model of chosen ciphertext security. The security of the proposed system is formally proved without random oracles under a new assumption. We also provide proof of the intractability of our assumption in the generic group model. Copyright © 2012 John Wiley & Sons, Ltd.

show abstract

“…It does decrease the possibility of getting the keys to be exposed in the first place, however, it does not deal with what it can do after key exposure has actually occured. In [16], Dodis and Yung proposed an interesting idea that refreshes the private keys in HIBE. Their scheme provides a solution to the problem of gradual key exposure in which the private key is assumed to slowly compromise over time.…”

Section: Introductionmentioning

confidence: 99%

Identity-Based Hierarchical Strongly Key-Insulated Encryption and Its Application

Hanaoka

Shikata

et al. 2005

Lecture Notes in Computer Science

View full text Add to dashboard Cite

In this paper, we discuss non-interactive updating of decryption keys in identity-based encryption (IBE). In practice, key revocation is a necessary and inevitable process and IBE is no exception when it comes to having to manage revocation of decryption keys without losing its merits in efficiency. Our main contribution of this paper is to propose novel constructions of IBE where a decryption key can be renewed without having to make changes to its public key, i.e. user's identity. We achieve this by extending the hierarchical IBE (HIBE). Regarding security, we address semantic security against adaptive chosen ciphertext attacks for a very strong attack environment that models all possible types of key exposures in the random oracle model. In addition to this, we show method of constructing a partially collusion resistant HIBE from arbitrary IBE in the random oracle model. By combining both results, we can construct an IBE with non-interactive key update from only an arbitrary IBE.

show abstract

Exposure-resilience for free: the hierarchical ID-based encryption case

Abstract: In the problem of gradual key exposure [7]

Cited by 6 publications

References 29 publications

Identity-Based Threshold Decryption

Identity-Based Threshold Decryption

Selectively chosen ciphertext security in threshold public‐key encryption

Identity-Based Hierarchical Strongly Key-Insulated Encryption and Its Application

Contact Info

Product

Resources

About