In this paper,we show how to use the dual techniques in the subgroups to give a secure identity-based broadcast encryption(IBBE) scheme with constant-size ciphertexts. Our scheme achieves the full security(adaptive se...In this paper,we show how to use the dual techniques in the subgroups to give a secure identity-based broadcast encryption(IBBE) scheme with constant-size ciphertexts. Our scheme achieves the full security(adaptive security) under three static(i.e. non q-based) assumptions. It is worth noting that only recently Waters gives a short ciphertext broadcast encryption system that is even adaptively secure under the simple assumptions. One feature of our methodology is that it is relatively simple to leverage our techniques to get adaptive security.展开更多
In order to tolerate possible leakage of secret keys, leakage-resilient cryptosystem models a class of attractive leakage output by allowing an adversary to provide any computable leakage function and learning the par...In order to tolerate possible leakage of secret keys, leakage-resilient cryptosystem models a class of attractive leakage output by allowing an adversary to provide any computable leakage function and learning the partial keys or other possible intemal states from the output of function. In this work, we present an adaptively secure broadcast encryption resilient to key continual leakage in the standard model. Our scheme provides the tolerance of continual leakage, in which any user can generate multiple private keys per user by periodically updating the key. We use the dual system encryption mechanism to implement the leakage resilience and adaptive security, and intrinsically set an algorithm to refresh a key and produce a same distributed new key. We also give the evaluation of the leakage bound and leakage fraction, and the simulations show that our scheme can tolerate about 71% leakage fraction with 3.34× 10^-52 failure probability in standard 80-bit security level when we adjust the leakage factor to allow the private key to be 100 Kb.展开更多
This study deals with the dynamic property of threshold cryptosystem. A dynamic threshold cryptosystem allows the sender to choose the authorized decryption group and the threshold value for each message dynamically. ...This study deals with the dynamic property of threshold cryptosystem. A dynamic threshold cryptosystem allows the sender to choose the authorized decryption group and the threshold value for each message dynamically. We first introduce an identity based dynamic threshold cryptosystem, and then use the CanettiHalevi-Katz(CHK) transformation to transform it into a fully secure system in the traditional public key setting.Finally, the elegant dual system encryption technique is applied to constructing a fully secure dynamic threshold cryptosystem with adaptive security.展开更多
Many real world attacks often target the implementation of a cryptographic scheme,rather than the algorithm itself,and a system designer has to consider new models that can capture these attacks.For example,if the key...Many real world attacks often target the implementation of a cryptographic scheme,rather than the algorithm itself,and a system designer has to consider new models that can capture these attacks.For example,if the key can be tampered by physical attacks on the device,the security of the scheme becomes totally unclear.In this work,we investigate predicate encryption(PE),a powerful encryption primitive,in the setting of tampering attacks.First,we show that many existing frameworks to construct PE are vulnerable to tampering attacks.Then we present a new security notion to capture such attacks.Finally,we take Attrapadung’s framework in Eurocrypt’14 as an example to show how to"compile"these frameworks to tampering resilient ones.Moreover,our method is compatible with the original pair encoding schemes without introducing any redundancy.展开更多
Many real world attacks often target the implementation of a cryptographic scheme,rather than the algorithm itself,and a system designer has to consider new models that can capture these attacks.For example,if the key...Many real world attacks often target the implementation of a cryptographic scheme,rather than the algorithm itself,and a system designer has to consider new models that can capture these attacks.For example,if the key can be tampered by physical attacks on the device,the security of the scheme becomes totally unclear.In this work,we investigate predicate encryption(PE),a powerful encryption primitive,in the setting of tampering attacks.First,we show that many existing frameworks to construct PE are vulnerable to tampering attacks.Then we present a new security notion to capture such attacks.Finally,we take Attrapadung’s framework in Eurocrypt’14 as an example to show how to“compile"these frameworks to tampering resilient ones.Moreover,our method is compatible with the original pair encoding schemes without introducing any redundancy.展开更多
基金supported by the Nature Science Foundation of China under grant 60970119, 60803149the National Basic Research Program of China(973) under grant 2007CB311201
文摘In this paper,we show how to use the dual techniques in the subgroups to give a secure identity-based broadcast encryption(IBBE) scheme with constant-size ciphertexts. Our scheme achieves the full security(adaptive security) under three static(i.e. non q-based) assumptions. It is worth noting that only recently Waters gives a short ciphertext broadcast encryption system that is even adaptively secure under the simple assumptions. One feature of our methodology is that it is relatively simple to leverage our techniques to get adaptive security.
基金Acknowledgements The work was supported by the National Natural Science Foundation of China (Grant No. 61370224), the Key Program of Natural Science Foundation of Hubei Province (2013CFA046), and the Open Fund Program for State Key Laboratory of Information Security of China.
文摘In order to tolerate possible leakage of secret keys, leakage-resilient cryptosystem models a class of attractive leakage output by allowing an adversary to provide any computable leakage function and learning the partial keys or other possible intemal states from the output of function. In this work, we present an adaptively secure broadcast encryption resilient to key continual leakage in the standard model. Our scheme provides the tolerance of continual leakage, in which any user can generate multiple private keys per user by periodically updating the key. We use the dual system encryption mechanism to implement the leakage resilience and adaptive security, and intrinsically set an algorithm to refresh a key and produce a same distributed new key. We also give the evaluation of the leakage bound and leakage fraction, and the simulations show that our scheme can tolerate about 71% leakage fraction with 3.34× 10^-52 failure probability in standard 80-bit security level when we adjust the leakage factor to allow the private key to be 100 Kb.
基金the National Natural Science Foundation of China(Nos.61202023,60903189 and 61133014)
文摘This study deals with the dynamic property of threshold cryptosystem. A dynamic threshold cryptosystem allows the sender to choose the authorized decryption group and the threshold value for each message dynamically. We first introduce an identity based dynamic threshold cryptosystem, and then use the CanettiHalevi-Katz(CHK) transformation to transform it into a fully secure system in the traditional public key setting.Finally, the elegant dual system encryption technique is applied to constructing a fully secure dynamic threshold cryptosystem with adaptive security.
基金This work was supported in part by National Natural Science Foundation of China(No.61632020,61472416,61772520)National key research and development program of China(No.2017YFB0802705)+1 种基金Key Research Project of Zhejiang Province(No.2017C01062)Fundamental Theory and Cutting-edge Technology Research Program of Institute of Information Engineering,CAS(No.Y7Z0321102).
文摘Many real world attacks often target the implementation of a cryptographic scheme,rather than the algorithm itself,and a system designer has to consider new models that can capture these attacks.For example,if the key can be tampered by physical attacks on the device,the security of the scheme becomes totally unclear.In this work,we investigate predicate encryption(PE),a powerful encryption primitive,in the setting of tampering attacks.First,we show that many existing frameworks to construct PE are vulnerable to tampering attacks.Then we present a new security notion to capture such attacks.Finally,we take Attrapadung’s framework in Eurocrypt’14 as an example to show how to"compile"these frameworks to tampering resilient ones.Moreover,our method is compatible with the original pair encoding schemes without introducing any redundancy.
基金supported in part by National Natural Science Foundation of China(No.61632020,61472416,61772520)National key research and development program of China(No.2017YFB0802705)+1 种基金Key Research Project of Zhejiang Province(No.2017C01062)Fundamental Theory and Cutting-edge Technology Research Program of Institute of Information Engineering,CAS(No.Y7Z0321102).
文摘Many real world attacks often target the implementation of a cryptographic scheme,rather than the algorithm itself,and a system designer has to consider new models that can capture these attacks.For example,if the key can be tampered by physical attacks on the device,the security of the scheme becomes totally unclear.In this work,we investigate predicate encryption(PE),a powerful encryption primitive,in the setting of tampering attacks.First,we show that many existing frameworks to construct PE are vulnerable to tampering attacks.Then we present a new security notion to capture such attacks.Finally,we take Attrapadung’s framework in Eurocrypt’14 as an example to show how to“compile"these frameworks to tampering resilient ones.Moreover,our method is compatible with the original pair encoding schemes without introducing any redundancy.
