In this paper, we discuss non-interactive updating of decryption keys in identity-based encryption (IBE). In practice, key revocation is a necessary and inevitable process and IBE is no exception when it comes to having to manage revocation of decryption keys without losing its merits in efficiency. Our main contribution of this paper is to propose novel constructions of IBE where a decryption key can be renewed without having to make changes to its public key, i.e. user's identity. We achieve this by extending the hierarchical IBE (HIBE). Regarding security, we address semantic security against adaptive chosen ciphertext attacks for a very strong attack environment that models all possible types of key exposures in the random oracle model. In addition to this, we show method of constructing a partially collusion resistant HIBE from arbitrary IBE in the random oracle model. By combining both results, we can construct an IBE with non-interactive key update from only an arbitrary IBE.
Abstract. Security is constantly been infringed by inadvertent loss of secret keys, and as a solution, Dodis, Katz, Xu, and Yung [11], in Eurocrypt 2002, proposed a new paradigm called key-insulated security which provides tolerance against key exposures. Their scheme introduces a "helper key" which is used to periodically update the decryption key. The most attractive part of this scheme is that even if a decryption key of a time period is exposed, the security of the rest of the periods are unaffected. But how does this helper key managed? Can it be done efficiently? As, to alleviate the damage caused by key exposures, decryption key has to be updated at very short intervals, although frequent updating will, in contrary, increase the risk of helper key exposure. In this paper, we propose parallel key-insulated public key encryption in which two distinct helper keys alternately update a decryption key. The helper key of one system is independent from the other. Not only does it decrease the chance of helper key exposures, it also allows frequent updating of the decryption key, and over all, increases the security of the system.
Abstract.Anonymous channels or similar techniques that can achieve sender's anonymity play important roles in many applications. However, they will be meaningless if cryptographic primitives containing his identity is carelessly used during the transmission. The main contribution of this paper is to study the security primitives for the above problem. In this paper, we first define unconditionally secure asymmetric encryption scheme (USAE), which is an encryption scheme with unconditional security and is impossible for a receiver to deduce the identity of a sender from the encrypted message. We also investigate tight lower bounds on required memory sizes from an information theoretic viewpoint and show an optimal construction based on polynomials. We also show a construction based on combinatorial theory, a non-malleable scheme and a multi-receiver scheme. Then, we define and formalize group authentication code (GA-code), which is an unconditionally secure authentication code with anonymity like group signatures. In this scheme, any authenticated user will be able to generate and send an authenticated message while the receiver can verify the legitimacy of the message that it has been sent from a legitimate user but at the same time retains his anonymity. For GA-code, we show two concrete constructions.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.