Efficient IBE with Tight Reduction to Standard Assumption in the Multi-challenge Setting

In 2015, Hofheinz et al. [PKC, 2015] extended Chen and Wee\u27s almost-tight reduction technique for identity based encryptions (IBE) [CRYPTO, 2013] to the multi-instance, multi-ciphertext (MIMC, or multi-challenge) setting, where the adversary is allowed to obtain multiple challenge ciphertexts from multiple IBE instances, and gave the first almost-tightly secure IBE in this setting using composite-order bilinear groups. Several prime-order realizations were proposed lately. However there seems to be a dilemma of high system performance (involving ciphertext/key size and encryption/decryption cost) or weak/standard security assumptions. A natural question is: can we achieve high performance without relying on stronger/non-standard assumptions? In this paper, we answer the question in the affirmative by describing a prime-order IBE scheme with the same performance as the most efficient solutions so far but whose security still relies on the standard k-linear (k-Lin) assumption. Our technical start point is Blazy et al.\u27s almost-tightly secure IBE [CRYPTO, 2014]. We revisit their concrete IBE scheme and associate it with the framework of nested dual system group. This allows us to extend Blazy et al.\u27s almost-tightly secure IBE to the MIMC setting using Gong et al.\u27s method [PKC, 2016]. We emphasize that, when instantiating our construction by the Symmetric eXternal Diffie-Hellman assumption (SXDH = 1-Lin), we obtain the most efficient concrete IBE scheme with almost-tight reduction in the MIMC setting, whose performance is even comparable to the most efficient IBE in the classical model (i.e., the single-instance, single-ciphertext setting). Besides pursuing high performance, our IBE scheme also achieves a weaker form of anonymity pointed out by Attrapadung et al. [AsiaCrypt, 2015]

Identity-based Broadcast Encryption with Efficient Revocation

Identity-based broadcast encryption (IBBE) is an effective method to protect the data security and privacy in multi-receiver scenarios, which can make broadcast encryption more practical. This paper further expands the study of scalable revocation methodology in the setting of IBBE, where a key authority releases a key update material periodically in such a way that only non-revoked users can update their decryption keys. Following the binary tree data structure approach, a concrete instantiation of revocable IBBE scheme is proposed using asymmetric pairings of prime order bilinear groups. Moreover, this scheme can withstand decryption key exposure, which is proven to be semi-adaptively secure under chosen plaintext attacks in the standard model by reduction to static complexity assumptions. In particular, the proposed scheme is very efficient both in terms of computation costs and communication bandwidth, as the ciphertext size is constant, regardless of the number of recipients. To demonstrate the practicality, it is further implemented in Charm, a framework for rapid prototyping of cryptographic primitives

CCA-Secure ABE using Tag and Pair Encoding

International audienc

A Tag Based Encoding: An Efficient Encoding for Predicate Encryption in Prime Order Groups

10th International Conference on Security and Cryptography for Networks (SCN), Aug 31-Aug 2, 2016, Amalfi, ItalyDepartment of Computin

Large Universe Subset Predicate Encryption Based on Static Assumption (Without Random Oracle)

In a recent work, Katz et al. (CANS�17) generalized the notion of Broadcast Encryption to define Subset Predicate Encryption (SPE) that emulates subset containment predicate in the encrypted domain. They proposed two selective secure constructions of SPE in the small universe settings. Their first construction is based on q-type assumption while the second one is based on DBDH. Both achieve constant size secret key while the ciphertext size depends on the size of the privileged set. They also showed some black-box transformation of SPE to well-known primitives like WIBE and ABE to establish the richness of the SPE structure. This work investigates the question of large universe realization of SPE scheme based on static assumption without random oracle. We propose two constructions both of which achieve constant size secret key. First construction (Formula Presented), instantiated in composite order bilinear groups, achieves constant size ciphertext and is proven secure in a restricted version of selective security model under the subgroup decision assumption (SDP). Our main construction (Formula Presented) is adaptive secure in the prime order bilinear group under the symmetric external Diffie-Hellman assumption (SXDH). Thus (Formula Presented) is the first large universe instantiation of SPE to achieve adaptive security without random oracle. Both our constructions have efficient decryption function suggesting their practical applicability. Thus the primitives like WIBE and ABE resulting through black-box transformation of our constructions become more practical. © 2019, Springer Nature Switzerland AG

Efficient Anonymous Multi-group Broadcast Encryption

© 2020, Springer Nature Switzerland AG. Nowadays, broadcasters must supply diverse content to multiple groups without delay in platforms such as social media and streaming sites. Unfortunately, conventional broadcast encryption schemes are deemed unsuitable for such platforms since they generate an independent ciphertext for each piece of contents and hence the number of headers generated during encryption increases linearly with the size of contents. The increased number of headers will result in wasting a limited network bandwidth, which makes the application impractical. To resolve this issue, multi-channel broadcast encryption was proposed in the literature, which transmits a single header for multiple channels to several groups of viewers at a time. However, the multi-channel broadcast encryption is also impractical because it requires heavy computations, communications, and storage overheads. Moreover, it should also address additional issues, such as receiver privacy (anonymity), static user-set size, and limited encryption. In this work, we aim to tackle this problem by proposing an efficient broadcast encryption scheme, called “anonymous multi-group broadcast encryption”. This primitive achieves faster encryption and decryption, provides smaller sized public parameters, private keys, and ciphertexts. Hence, it solves the aforementioned issues of the multi-channel broadcast encryption. Specifically, the proposed scheme provides provable anonymity and confidentiality based on the External Diffie-Hellman (XDH) and-Decisional Bilinear Diffie-Hellman (DBDH) assumptions, respectively, in the standard model