ARTICLE DOWNLOAD

IBE with tight security against selective opening and chosen-ciphertext attacks

10$
ARTICLE DOWNLOAD

IBE with tight security against selective opening and chosen-ciphertext attacks

10$

Dingding Jia, Yamin Liu & Bao Li 

Abstract

The simulation-based, selective opening and chosen-ciphertext (\mathsf {SIM}\text{- }\mathsf {SO}\text{- }\mathsf {CCA}) adversary runs in the multi-sender scenario, it may access to the decryption and user-secret key oracles, in addition to corrupt senders adaptively after seeing the ciphertext (hence it can obtain the encrypted messages together with the randomness). An \mathsf {SIM}\text{- }\mathsf {SO}\text{- }\mathsf {CCA} secure \mathsf {IBE} scheme aims to provide privacy for uncorrupted senders against such adversaries. In this work we present the first tightly \mathsf {SIM}\text{- }\mathsf {SO}\text{- }\mathsf {CCA} secure identity-based encryption (\mathsf {IBE}). Our \mathsf {SIM}\text{- }\mathsf {SO}\text{- }\mathsf {CCA} secure \mathsf {IBE} employs an identity-based key encapsulation mechanism (\mathsf {IBKEM}) as a building block, concretely,

  • Firstly, we define proper security requirements in the multi-challenge setting for an \mathsf {IBKEM}.
  • Then we transform an \mathsf {IBKEM} with such properties to a \mathsf {SIM}\text{- }\mathsf {SO}\text{- }\mathsf {CCA} secure \mathsf {IBE} in a tight way. The security definitions and transformation can be seen as an extension of the framework in the public encryption (PKE) setting (given by Lyu et al. in PKC 2018).
  • Finally, we propose an \mathsf {IBKEM} in prime order groups satisfying our requirements. The security of our \mathsf {IBKEM} can be tightly reduced to the standard matrix Diffie–Hellman assumption. Our \mathsf {IBKEM} leads to a tightly \mathsf {SIM}\text{- }\mathsf {SO}\text{- }\mathsf {CCA} secure \mathsf {IBE} and of independent interest.
Only units of this product remain
Year 2020
Language English
Format PDF
DOI 10.1007/s10623-020-00755-6