Server-aided Revocable Identity-based Encryption
Efficient user revocation in Identity-Based Encryption (IBE) has been a challenging problem and has been the subject of several research efforts in the literature. Among them, the tree-based revocation approach, due to Boldyreva, Goyal and Kumar, is probably the most efficient one. In this approach,...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2015
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/2883 https://ink.library.smu.edu.sg/context/sis_research/article/3883/viewcontent/Qin2015_Chapter_Server_AidedRevocableIdentity_pvoa.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-3883 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-38832022-02-16T06:54:21Z Server-aided Revocable Identity-based Encryption QIN, Baodong DENG, Robert H., Yingjiu LI, LIU, Shengli Efficient user revocation in Identity-Based Encryption (IBE) has been a challenging problem and has been the subject of several research efforts in the literature. Among them, the tree-based revocation approach, due to Boldyreva, Goyal and Kumar, is probably the most efficient one. In this approach, a trusted Key Generation Center (KGC) periodically broadcasts a set of key updates to all (non-revoked) users through public channels, where the size of key updates is only O(r log N/r), with N being the number of users and r the number of revoked users, respectively; however, every user needs to keep at least O(logN) longterm secret keys and all non-revoked users are required to communicate with the KGC regularly. These two drawbacks pose challenges to users who have limited resources to store their secret keys or cannot receive key updates in real-time. To alleviate the above problems, we propose a novel system model called server-aided revocable IBE. In our model, almost all of the workloads on users are delegated to an untrusted server which manages users’ public keys and key updates sent by a KGC periodically. The server is untrusted in the sense that it does not possess any secret information. Our system model requires each user to keep just one short secret key and does not require users to communicate with either the KGC or the server during key updating. In addition, the system supports delegation of users’ decryption keys, namely it is secure against decryption key exposure attacks. We present a concrete construction of the system that is provably secure against adaptive-ID chosen plaintext attacks under the DBDH assumption in the standard model. One application of our server-aided revocable IBE is encrypted email supporting lightweight devices (e.g., mobile phones) in which an email server plays the role of the untrusted server so that only non-revoked users can read their email messages. 2015-09-01T07:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/2883 info:doi/10.1007/978-3-319-24174-6_15 https://ink.library.smu.edu.sg/context/sis_research/article/3883/viewcontent/Qin2015_Chapter_Server_AidedRevocableIdentity_pvoa.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University IBE Revocation Decryption key exposure Computer Sciences Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
IBE Revocation Decryption key exposure Computer Sciences Information Security |
| spellingShingle |
IBE Revocation Decryption key exposure Computer Sciences Information Security QIN, Baodong DENG, Robert H., Yingjiu LI, LIU, Shengli Server-aided Revocable Identity-based Encryption |
| description |
Efficient user revocation in Identity-Based Encryption (IBE) has been a challenging problem and has been the subject of several research efforts in the literature. Among them, the tree-based revocation approach, due to Boldyreva, Goyal and Kumar, is probably the most efficient one. In this approach, a trusted Key Generation Center (KGC) periodically broadcasts a set of key updates to all (non-revoked) users through public channels, where the size of key updates is only O(r log N/r), with N being the number of users and r the number of revoked users, respectively; however, every user needs to keep at least O(logN) longterm secret keys and all non-revoked users are required to communicate with the KGC regularly. These two drawbacks pose challenges to users who have limited resources to store their secret keys or cannot receive key updates in real-time. To alleviate the above problems, we propose a novel system model called server-aided revocable IBE. In our model, almost all of the workloads on users are delegated to an untrusted server which manages users’ public keys and key updates sent by a KGC periodically. The server is untrusted in the sense that it does not possess any secret information. Our system model requires each user to keep just one short secret key and does not require users to communicate with either the KGC or the server during key updating. In addition, the system supports delegation of users’ decryption keys, namely it is secure against decryption key exposure attacks. We present a concrete construction of the system that is provably secure against adaptive-ID chosen plaintext attacks under the DBDH assumption in the standard model. One application of our server-aided revocable IBE is encrypted email supporting lightweight devices (e.g., mobile phones) in which an email server plays the role of the untrusted server so that only non-revoked users can read their email messages. |
| format |
text |
| author |
QIN, Baodong DENG, Robert H., Yingjiu LI, LIU, Shengli |
| author_facet |
QIN, Baodong DENG, Robert H., Yingjiu LI, LIU, Shengli |
| author_sort |
QIN, Baodong |
| title |
Server-aided Revocable Identity-based Encryption |
| title_short |
Server-aided Revocable Identity-based Encryption |
| title_full |
Server-aided Revocable Identity-based Encryption |
| title_fullStr |
Server-aided Revocable Identity-based Encryption |
| title_full_unstemmed |
Server-aided Revocable Identity-based Encryption |
| title_sort |
server-aided revocable identity-based encryption |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2015 |
| url |
https://ink.library.smu.edu.sg/sis_research/2883 https://ink.library.smu.edu.sg/context/sis_research/article/3883/viewcontent/Qin2015_Chapter_Server_AidedRevocableIdentity_pvoa.pdf |
| _version_ |
1770572663875436544 |