Revocable hierarchical identity-based encryption via history-free approach

Abstract

In the context of Identity-Based Encryption (IBE), both revocation and delegation of key generation are important functionalities. Although a number of IBE schemes with either efficient revocation or efficient delegation of key generation functionality have been proposed, an important open problem is efficiently delegating both the key generation and revocation functionalities in IBE systems. Seo and Emura (2014) [25] proposed the first realization of Revocable Hierarchical IBE (RHIBE), a sole IBE scheme that achieves both functionalities simultaneously. However, their approach implements history-preserving updates, wherein a low-level user must know the history of key updates performed by ancestors in the current time period, and it renders the scheme very complex. In this paper, we present a new method to construct RHIBE that implements history free updates. Our history-free approach renders the scheme simple and efficient. As a second contribution, we redefine the security model for RHIBE to ensure security against insiders, where adversaries are allowed to obtain all internal system information, e.g., state information. In addition, we also consider the decryption key exposure attack, which was considered by Seo and Emura (2013) [23]. Further, we propose two RHIBE schemes with shorter secret keys and constant size ciphertexts that implement the aforementioned history-free updates approach and security model. For revocation, our constructions use the Complete Subtree (CS) method and the Subset Difference (SD) method. Both schemes are selectively secure in the standard model under the q-weak Bilinear Diffie-Hellman Inversion assumption. (c) 2015 Elsevier B.V. All rights reserved.