8 research outputs found
Efficient identity-based key encapsulation to multiple parties
We introduce the concept of identity based key encapsulation
to multiple parties (mID-KEM), and define a security model for it. This
concept is the identity based analogue of public key KEM to multiple
parties. We also analyse possible mID-KEM constructions, and propose
an efficient scheme based on bilinear pairings. We prove our scheme secure
in the random oracle model under the Gap Bilinear Diffie-Hellman
assumption.Fundação para a Ciência e a Tecnologia - SFRH/BPD/20528/2004
Exclusion-intersection encryption
Identity-based encryption (IBE) has shown to be a useful cryptographic scheme enabling secure yet flexible role-based access control. We propose a new variant of IBE named as exclusion-intersection encryption: during encryption, the sender can specify the targeted groups that are legitimate and interested in reading the documents; there exists a trusted key generation centre generating the intersection private decryption keys on request. This special private key can only be used to decrypt the ciphertext which is of all the specified groups' interests, its holders are excluded from decrypting when the documents are not targeted to all these groups (e.g., the ciphertext of only a single group's interest). While recent advances in cryptographic techniques (e.g., attribute-based encryption or wicked IBE) can support a more general access control policy, the private key size may be as long as the number of attributes or identifiers that can be specified in a ciphertext, which is undesirable, especially when each user may receive a number of such keys for different decryption power. One of the applications of our notion is to support an ad-hoc joint project of two or more groups which needs extra helpers that are not from any particular group. © 2011 IEEE.published_or_final_versionThe 1st IEEE International Workshop on Security in Computers, Networking and Communications (SCNC 2011) in conjuntion with IEEE INFOCOM 2011, Shanghai, China, 10-15 April 2011. In Conference Proceedings of INFOCOM WKSHPS, 2011, p. 1048-1053The 1st IEEE International Workshop on Security in Computers, Networking and Communications (SCNC 2011) in conjuntion with IEEE INFOCOM 2011, Shanghai, China, 10-15 April 2011. In Conference Proceedings of INFOCOM WKSHPS, 2011, p. 1048-105
Proxy Key Re-encapsulation Mechanism for Group Communications
Many practical applications use hybrid encryption mechanism to deal with large plaintext messages or real-time communication since the performance of the public key encryption scheme is poor. The key encapsulation is a crucial part in hybrid encryption mechanism, which allows a sender to generate a random session key and distribute it to recipient. In this paper we present a proxy key re-encapsulation scheme for group communication. The proxy in our scheme is allowed to transform the encapsulated message corresponding to group A\u27s public key into one that can be decapsulated by the member in group B. It can be used in cases when a group users need to perform sensitive operation without holding the necessary secret key
An Efficient Identity-Based Signcryption Scheme for Multiple Receivers
This paper puts forward a new efficient construction for Multi-Receiver Signcryption
in the Identity-based setting. We consider a scenario where a user wants to securely send a message
to a dynamically changing subset of the receivers in such a way that non-members of the of this
subset cannot learn the message. The obvious solution is to transmit an individually signcrypted
message to every member of the subset. This requires a very long transmission (the number of
receivers times the length of the message) and high computation cost. Another simple solution
is to provide every possible subset of receivers with a key. This requires every user to store a
huge number of keys. In this case, the storage efficiency is compromised. The goal of this paper
is to provide solutions which are efficient in all three measures i.e. transmission length, storage of
keys and computation at both ends. We propose a new scheme that achieve both confidentiality
and authenticity simultaneously in this setting and is the most efficient scheme to date, in the
parameters described above. It breaks the barrier of ciphertext length of linear order in the number
of receivers, and achieves constant sized ciphertext, independent of the size of the receiver set. This
is the first Multi-receiver Signcryption scheme to do so. We support the scheme with security proofs
under a precisely defined formal security mode
Time-Specific Encryption
This paper introduces and explores the new concept of Time-Specific Encryption (TSE). In (Plain) TSE, a Time Server broadcasts a key at the beginning of each time unit, a Time Instant Key (TIK). The sender of a message can specify any time interval during the encryption process; the receiver can decrypt to recover the message only if it has a TIK that corresponds to a time in that interval. We extend Plain TSE to the public-key and identity-based settings, where receivers are additionally equipped with private keys and either public keys or identities, and where decryption now requires the use of the private key as well as an appropriate TIK. We introduce security models for the plain, public-key and identity-based settings. We also provide constructions for schemes in the different settings, showing how to obtain Plain TSE using identity-based techniques, how to combine Plain TSE with public-key and identity-based encryption schemes, and how to build schemes that are chosen-ciphertext secure from schemes that are chosen-plaintext secure. Finally, we suggest applications for our new primitive, and discuss its relationships with existing primitives, such as Timed Release Encryption and Broadcast Encryption
Efficient Adaptively Secure IBBE from Standard Assumptions
This paper describes the first construction of efficient identity-based broadcast encryption (IBBE) schemes which
can be proved secure against adaptive-identity attacks based on standard assumptions. The constructions are
obtained by extending the currently known most efficient identity-based encryption scheme proposed by Jutla
and Roy in 2013. Ciphertext size and user storage compare favourably to previously known constructions. The
new constructions fill both a practical and a theoretical gap in the literature on efficient IBBE schemes
Efficient identity-based key encapsulation to multiple parties
Abstract. We introduce the concept of identity based key encapsulation to multiple parties (mID-KEM), and define a security model for it. This concept is the identity based analogue of public key KEM to multiple parties. We also analyse possible mID-KEM constructions, and propose an efficient scheme based on bilinear pairings. We prove our scheme secure in the random oracle model under the Gap Bilinear Diffie-Hellman assumption