Dual System Groups and its Applications --- Compact HIBE and More

Abstract

We introduce the notion of *dual system groups*. - We show how to derive compact HIBE by instantiating the dual system framework in Waters (Crypto \u2709) and Lewko and Waters (TCC \u2710) with dual system groups. Our construction provides a unified treatment of the prior compact HIBE schemes from static assumptions. - We show how to instantiate dual system groups under the decisional subgroup assumption in composite-order groups and the decisional linear assumption ($d$-LIN) in prime-order groups. Along the way, we provide new tools for simulating properties of composite-order bilinear groups in prime-order groups. In particular, we present new randomization and parameter-hiding techniques in prime-order groups. Combining the two, we obtain a number of new encryption schemes, notably - a new construction of IBE in prime-order groups with shorter parameters; - a new construction of compact HIBE in prime-order groups whose structure closely mirrors the selectively secure HIBE scheme of Boneh, Boyen and Goh (Eurocrypt \u2705); - a new construction of compact spatial encryption in prime-order groups