Fully Secure Identity-based Broadcast Encryption in the Subgroups

In this paper,we show how to use the dual techniques in the subgroups to give a secure identity-based broadcast encryption(IBBE) scheme with constant-size ciphertexts. Our scheme achieves the full security(adaptive security) under three static(i.e. non q-based) assumptions. It is worth noting that only recently Waters gives a short ciphertext broadcast encryption system that is even adaptively secure under the simple assumptions. One feature of our methodology is that it is relatively simple to leverage our techniques to get adaptive security.

Revocable Hierarchical Identity-Based Broadcast Encryption

Hierarchical Identity-Based Broadcast Encryption （HIBBE） organizes users into a tree-like structure, and it allows users to delegate their decryption ability to subordinates and enable encryption to any subset of users while only intended users can decrypt. However, current HIBBE schemes do not support efficient revocation of private keys. Here, a new primitive called Revocable Hierarchical Identity-Based Broadcast Encryption （RHIBBE） is formalized that allows revocation of the HIBBE. Ciphertext indistinguishability is defined against the selectively Bounded Revocable Identity-Vector-Set and Chosen-Plaintext Attack （IND-sBRIVS-CPA）. An IND-sBRIVS-CPA secure RHIBBE scheme is constructed with efficient revocation on prime-order bilinear groups. The unbounded version of the scheme is also shown to be secure but a little weaker than the former under the decisional n-Weak Bilinear Diffie-Hellman inversion assumption.

Some Remarks on Cocks'Identity-Based Encryption Scheme

The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However,a notable drawback of Cocks’scheme is the significant expansion of the ciphertext,and some of its limitations have been addressed in subsequent research.Recently,Cotan and Teşeleanu highlighted that previous studies on Cocks’scheme relied on a trial-and-error method based on Jacobi symbols to generate the necessary parameters for the encryption process.They enhanced the encryption speed of Cocks’scheme by eliminating this trialand-error method.Based on security analysis,this study concludes that the security of Cotan-Teşeleanu’s proposal cannot be directly derived from the security of the original Cocks’scheme.Furthermore,by adopting the Cotan-Teşeleanu method and introducing an additional variable as a public element,this study develops a similar enhancement scheme that not only accelerates the encryption speed but also provides security equivalent to the original Cocks’scheme.

Identity-based Broadcast Encryption with Shorter Transmissions

This paper describes two identity-based broadcast encryption （IBBE） schemes for mobile ad hoc networks. The first scheme proposed achieves sub-linear size cipertexts and the second scheme achieves O（1）- size ciphertexts. Furthermore, when the public keys are transmitted, the two schemes have short transmissions and achieve O（1） user storage cost, which are important for a mobile ad hoc network. Finally, the proposed schemes are provable security under the decision generalized bilinear Diffi-Hellman （GBDH） assumption in the random oracles model.

Chosen Ciphertext Secure Identity-Based Broadcast Encryption in the Standard Model

To give concurrent consideration both the efficiency and the security(intensity of intractable problem) in the standard model,a chosen ciphertext secure identity-based broadcast encryption is proposed.Against the chosen ciphertext security model,by using identity(ID) sequence and adding additional information in ciphertext,the self-adaptive chosen identity security(the full security) and the chosen ciphertext security are gained simultaneously.The reduction of scheme's security is the decisional bilinear Diffie-Hellman(BDH) intractable assumption,and the proof of security shows that the proposed scheme is indistinguishable against adaptive chosen ciphertext attacks in the standard model under the decisional BDH intractable assumption.So the security level is improved,and it is suitable for higher security environment.

An Efficient Identity-Based Homomorphic Broadcast Encryption

Broadcast encryption (BE) allows a sender to broadcast its message to a set of receivers in a single ciphertext. However, in broadcast encryption scheme, ciphertext length is always related to the size of the receiver set. Thus, how to improve the communication of broadcast encryption is a big issue. In this paper, we proposed an identity-based homomorphic broadcast encryption scheme which supports an external entity to directly calculate ciphertexts and get a new ciphertext which is the corresponding result of the operation on plaintexts without decrypting them. The correctness and security proofs of our scheme were formally proved. Finally, we implemented our scheme in a simulation environment and the experiment results showed that our scheme is efficient for practical applications.

OBLIVIOUS TRANSFER WITH ACCESS CONTROL AND IDENTITY-BASED ENCRYPTION WITH ANONYMOUS KEY ISSUING

In ACM'CCS 2009,Camenisch,et al.proposed the Oblivious Transfer with Access Control(AC-OT) in which each item is associated with an attribute set and can only be available,on request,to the users who have all the attributes in the associated set.Namely,AC-OT achieves access control policy for conjunction of attributes.Essentially,the functionality of AC-OT is equivalent to the sim-plified version that we call AC-OT-SV:for each item,one attribute is associated with it,and it is requested that only the users who possess the associated attribute can obtain the item by queries.On one hand,AC-OT-SV is a special case of AC-OT when there is just one associated attribute with each item.On the other hand,any AC-OT can be realized by an AC-OT-SV.In this paper,we first present a concrete AC-OT-SV protocol which is proved to be secure in the model defined by Camenisch,et al..Then from the protocol,interestingly,a concrete Identity-Based Encryption(IBE) with Anonymous Key Issuing(AKI) is given which is just a direct application to AC-OT-SV.By comparison,we show that the AKI protocol we present is more efficient in communications than that proposed by Chow.

Security Analysis of a Privacy-Preserving Identity-Based Encryption Architecture

Identity-Based Encryption (IBE) has seen limited adoption, largely due to the absolute trust that must be placed in the private key generator (PKG)—an authority that computes the private keys for all the users in the environment. Several constructions have been proposed to reduce the trust required in the PKG (and thus preserve the privacy of users), but these have generally relied on unrealistic assumptions regarding non-collusion between various entities in the system. Unfortunately, these constructions have not significantly improved IBE adoption rates in real-world environments. In this paper, we present a construction that reduces trust in the PKG without unrealistic non-collusion assumptions. We achieve this by incorporating a novel combination of digital credential technology and bilinear maps, and making use of multiple randomly-chosen entities to complete certain tasks. The main result and primary contribution of this paper are a thorough security analysis of this proposed construction, examining the various entity types, attacker models, and collusion opportunities in this environment. We show that this construction can prevent, or at least mitigate, all considered attacks. We conclude that our construction appears to be effective in preserving user privacy and we hope that this construction and its security analysis will encourage greater use of IBE in real-world environments.

Construction and Implementation of a Privacy-Preserving Identity-Based Encryption Architecture

A recent proposal by Adams integrates the digital credentials (DC) technology of Brands with the identity-based encryption (IBE) technology of Boneh and Franklin to create an IBE scheme that demonstrably enhances privacy for users. We refer to this scheme as a privacy-preserving identity-based encryption (PP-IBE) construction. In this paper, we discuss the concrete implementation considerations for PP-IBE and provide a detailed instantiation (based on q-torsion groups in supersingular elliptic curves) that may be useful both for proof-of-concept purposes and for pedagogical purposes.

A Novel Broadcast Encryption Scheme Based on SD Scheme Reconstruction

In this paper,we introduce a novel way to solve thetradeoff problem about communication,storage,computation overhead of broadcast encryptionscheme.We construct a new scheme based on SubsetDifference(SD)scheme,use the concept of RSAaccumulator and the idea of separating the user-sidedevice into different function parts,take advantageof the public device’s functionality,minimize thestorage and computation overhead of the privatedevice,and make the broadcast encryption schememore implementation-oriented.

Broadcast group-oriented encryption secure against chosen ciphertext attack

A novel broadcast encryption scheme for group communication scenarios in distributed networks is presented. In the scheme, anyone is allowed to encrypt a message and distribute it to a designated group. Each member in the designated group has the ability to independently decrypt a ciphertext. In contrast to traditional broadcast encryption, all the valid receivers in the proposed scheme compose the designated group. To take advantage of this property, a tab for the group is set and the matching private key for each member is generated. In addition, before decrypting a ciphertext, anyone in the scheme can verify the ciphertext, to ensure that the ciphertext is correct. This property is very important for large-scale group communication, as the gateway can filter incorrect ciphertext and alleviate the receiver＇s workload. Finally, a proof in the random oracle model is given, to show that the proposed scheme is secure against the adaptively chosen ciphertext attack.

Implementing Broadcast Encryption Scheme Using Bilinear Map and Group Characteristic

This paper introduced a novel method for implementing broadcast encryption. Our scheme takes advantages of bilinear map and group characteristic, and shifts most of the storage overhead to the public device instead of storing in the tamper-proof device which is a major problem on current implementation. Furthermore, the broadcast keys in our scheme could be reused periodically resulting in more operational efficiency.

VANET Security through Group Broadcast Encryption

VANET security is an evolving topic in mobile networks, as providing a secure layer of communications in such a dynamic and fast network is a challenge. The work presented in this article was conducted in order to verify and evaluate the feasibility of applying group broadcast cryptography to the VANET environment, as an attempt to gain performance by decreasing the number of messages in the wireless network. Group broadcast is a symmetric/asymmetric hybrid cryptography method, aiming to merge the best of the two approaches without their major drawbacks. Simulations were set-up and run using the ONE simulator, comparing the usage of the three different cryptography approaches for VANETs. Results consider the number of connections, the number messages and the number of revocation messages per day. The resulting data promises that group broadcast encryption can be used to simplify the encrypting phase, reduce required storage and significantly decrease the number of messages in the network.

Identity-Based Steganography in Spatial Domain

This paper proposed an identity-based steganographic scheme, where a receiver with certain authority can recover the secret message ready for him, but cannot detect the existence of other secret messages. The proposed scheme created several separate covert communication channels tagged by the Fuzzy Identity-Based Encryption (FIBE) in one grayscale image. Then each channel is used to embed one secret message by using any content-aware steganographic scheme. Receivers with different attributes can extract different messages corresponded. The Experiments illustrated the feasibility of this identity-based secret message extraction. Further, the proposed scheme presents high undetectability against steganalytic attack launched by receivers without corresponded attributes.

An Authenticated Identity-Based Key Establishment and Encryption Scheme for Wireless Sensor Networks

Security of wireless sensor networks has received considerable attention. It is a critical challenge to find out suitable encryption schemes for wireless sensor networks due to limitations of power, computation capability and storage resources of these networks. Many encryption schemes based on asymmetric and symmetric have been investigated. In this paper, we present an authenticated identity-based key encryption scheme for wireless sensor networks. We first review briefly about identity-based encryption and decryption, particularly, the Boneh-Franklin algorithms, then describe an authenticated identity-based key encryption scheme based on Boneh-Franklin algorithms, and finally show the integrity of our scheme and discuss its efficiency and security by comparing it with other asymmetric and symmetric encryption schemes.

Identity-based encryption with wildcards in the standard model

In this article, based on Chatterjee-Sarkar＇ hierarchical identity-based encryption （HIBE）, a novel identity-based encryption with wildcards （WIBE） scheme is proposed and is proven secure in the standard model （without random oracle）. The proposed scheme is proven to be secure assuming that the decisional Bilinear Diffie-Hellman （DBDH） problem is hard. Compared with the Wa-WIBE scheme that is secure in the standard model, our scheme has shorter common parameters and ciphertext length.

Identity-based Encryption with Non-Interactive Opening

An identity-based encryption(IBE) was studied with non-interactively opening property that the plain text of a ciphertext can be revealed without affecting the security of the encryption system.Two kinds of non-interactive opening properties for IBE schemes were defined along with a concrete scheme in each case.

New Constructions for Identity-Based Unidirectional Proxy Re-Encryption

We address the cryptographic topic of proxy re-encryption （PRE）, which is a special public-key cryptosystem. A PRE scheme allows a special entity, known as the proxy, to transform a message encrypted with the public key of a delegator （say Alice）, into a new ciphertext that is protected under the public key of a delegatee （say Bob）, and thus the same message can then be recovered with Bob＇s private key. In this paper, in the identity-based setting, we first investigate the relationship between so called mediated encryption and unidirectional PRE. We provide a general framework which converts any secure identity-based unidirectional PRE scheme into a secure identity-based mediated encryption scheme, and vice versa. Concerning the security for unidirectional PRE schemes, Ateniese et al. previously suggested an important property known as the master secret security, which requires that the coalition of the proxy and Bob cannot expose Alice＇s private key. In this paper, we extend the notion to the identity-based setting, and present an identity-based unidirectional PRE scheme, which not only is provably secure against the chosen eiphertext attack in the standard model but also achieves the master secret security at the same time.

Updatable Identity-Based Hash Proof System Based on Lattices and Its Application to Leakage-Resilient Public-Key Encryption Schemes

Identity-based hash proof system is a basic and important primitive. Ittographic schemes and protocols that are secure against key-leakage attacks. In thisupdatable identity-based hash proof system, in which the related master secret keyis widely utilized to construct cryp-paper, we introduce the concept ofand the identity secret key can beupdated securely. Then, we instantiate this primitive based on lattices in the standard model. Moreover, we introduce anapplication of this new primitive by giving a generic construction of leakage-resilient public-key encryption schemes withanonymity. This construction can be considered as the integration of the bounded-retrieval model and the continual leakagemodel. Compared with the existing leakage-resilient schemes, our construction not only is more efficient but also can resistmuch more key leakage.

Reflections on the security proofs of Boneh-Franklin identity-based encryption scheme

In this paper, we first review the existing proofs of the Boneh-Franklin identity-based encryption scheme (BF-IBE for short), and show how to admit a new proof by slightly modifying the specifications of the hash functions of the original BF-IBE. Compared with prior proofs, our new proof provides a tighter security reduction and minimizes the use of random oracles, thus indicates BF-IBE has better provable security with our new choices of hash functions. The techniques developed in our proof can also be applied to improving security analysis of some other IBE schemes. As an independent technical contribution, we also give a rigorous proof of the Fujisaki-Okamoto (FO) transformation in the case of CPA-to-CCA, which demonstrates the efficiency of the FO-transformation (CPA-to-CCA), in terms of the tightness of security reduction, has long been underestimated. This result can remarkably benefit the security proofs of encryption schemes using the FO-transformation for CPA-to-CCA enhancement.