Generic Constructions of Revocable Hierarchical Identity-based Encryption

Revocable hierarchical identity-based encryption (RHIBE) is an extension of hierarchical identity-based encryption (HIBE) supporting the key revocation mechanism. In this paper, we propose a generic construction of RHIBE from HIBE with the complete subtree method. Then, we obtain the first RHIBE schemes under the quadratic residuosity assumption, CDH assumption without pairing, factoring Blum integers, LPN assumption, and code-based assumption, and the first almost tightly secure RHIBE schemes under the k-linear assumption. Furthermore, by using pairing-based (dual) identity-based broadcast encryption, we obtain the variants of the scheme with shorter ciphertexts or shorter key updates

Revocable hierarchical identity-based encryption via history-free approach

In the context of Identity-Based Encryption (IBE), both revocation and delegation of key generation are important functionalities. Although a number of IBE schemes with either efficient revocation or efficient delegation of key generation functionality have been proposed, an important open problem is efficiently delegating both the key generation and revocation functionalities in IBE systems. Seo and Emura (2014) [25] proposed the first realization of Revocable Hierarchical IBE (RHIBE), a sole IBE scheme that achieves both functionalities simultaneously. However, their approach implements history-preserving updates, wherein a low-level user must know the history of key updates performed by ancestors in the current time period, and it renders the scheme very complex. In this paper, we present a new method to construct RHIBE that implements history free updates. Our history-free approach renders the scheme simple and efficient. As a second contribution, we redefine the security model for RHIBE to ensure security against insiders, where adversaries are allowed to obtain all internal system information, e.g., state information. In addition, we also consider the decryption key exposure attack, which was considered by Seo and Emura (2013) [23]. Further, we propose two RHIBE schemes with shorter secret keys and constant size ciphertexts that implement the aforementioned history-free updates approach and security model. For revocation, our constructions use the Complete Subtree (CS) method and the Subset Difference (SD) method. Both schemes are selectively secure in the standard model under the q-weak Bilinear Diffie-Hellman Inversion assumption. (c) 2015 Elsevier B.V. All rights reserved.Jae Hong Seo was supported by ETRI R&D program (15ZS1500)