Forward-secure hierarchical IBE with applications to broadcast encryption

Danfeng Yao, Nelly Fazio, Yevgeniy Dodis, Anna Lysyanskaya

Research output: Chapter in Book/Report/Conference proceedingChapter

Abstract

A forward-secure encryption scheme protects secret keys from exposure by evolving the keys with time. Forward security has several unique requirements in hierarchical identity-based encryption (HIBE) scheme: (1) users join dynamically; (2) encryption is joining-time-oblivious; (3) users evolve secret keys autonomously. We define and construct a scalable pairing-based forward-secure HIBE (fs-HIBE) scheme satisfying all of the above requirements. We also show how our fs-HIBE scheme can be used to realize a forward-secure public-key broadcast encryption scheme, which protects the secrecy of prior transmissions in the broadcast encryption setting. We further generalize fs-HIBE into a collusion-resistant multiple hierarchical ID-based encryption scheme, which can be used for secure communications with entities having multiple roles in role-based access control. The security of our schemes is based on the bilinear Diffie-Hellman assumption in the random oracle model.

Original languageEnglish (US)
Title of host publicationIdentity-Based Cryptography
Pages100-118
Number of pages19
Volume2
DOIs
StatePublished - 2009

Publication series

NameCryptology and Information Security Series
Volume2
ISSN (Print)18716431
ISSN (Electronic)18798101

Fingerprint

Cryptography
Access control
Joining

Keywords

  • broadcast encryption
  • Forward security
  • ID-based encryption

ASJC Scopus subject areas

  • Computer Science Applications
  • Information Systems
  • Electrical and Electronic Engineering

Cite this

Yao, D., Fazio, N., Dodis, Y., & Lysyanskaya, A. (2009). Forward-secure hierarchical IBE with applications to broadcast encryption. In Identity-Based Cryptography (Vol. 2, pp. 100-118). (Cryptology and Information Security Series; Vol. 2). https://doi.org/10.3233/978-1-58603-947-9-100

Forward-secure hierarchical IBE with applications to broadcast encryption. / Yao, Danfeng; Fazio, Nelly; Dodis, Yevgeniy; Lysyanskaya, Anna.

Identity-Based Cryptography. Vol. 2 2009. p. 100-118 (Cryptology and Information Security Series; Vol. 2).

Research output: Chapter in Book/Report/Conference proceedingChapter

Yao, D, Fazio, N, Dodis, Y & Lysyanskaya, A 2009, Forward-secure hierarchical IBE with applications to broadcast encryption. in Identity-Based Cryptography. vol. 2, Cryptology and Information Security Series, vol. 2, pp. 100-118. https://doi.org/10.3233/978-1-58603-947-9-100
Yao D, Fazio N, Dodis Y, Lysyanskaya A. Forward-secure hierarchical IBE with applications to broadcast encryption. In Identity-Based Cryptography. Vol. 2. 2009. p. 100-118. (Cryptology and Information Security Series). https://doi.org/10.3233/978-1-58603-947-9-100
Yao, Danfeng ; Fazio, Nelly ; Dodis, Yevgeniy ; Lysyanskaya, Anna. / Forward-secure hierarchical IBE with applications to broadcast encryption. Identity-Based Cryptography. Vol. 2 2009. pp. 100-118 (Cryptology and Information Security Series).
@inbook{3bbff5b981dc4c70b0c58346c7f26fb5,
title = "Forward-secure hierarchical IBE with applications to broadcast encryption",
abstract = "A forward-secure encryption scheme protects secret keys from exposure by evolving the keys with time. Forward security has several unique requirements in hierarchical identity-based encryption (HIBE) scheme: (1) users join dynamically; (2) encryption is joining-time-oblivious; (3) users evolve secret keys autonomously. We define and construct a scalable pairing-based forward-secure HIBE (fs-HIBE) scheme satisfying all of the above requirements. We also show how our fs-HIBE scheme can be used to realize a forward-secure public-key broadcast encryption scheme, which protects the secrecy of prior transmissions in the broadcast encryption setting. We further generalize fs-HIBE into a collusion-resistant multiple hierarchical ID-based encryption scheme, which can be used for secure communications with entities having multiple roles in role-based access control. The security of our schemes is based on the bilinear Diffie-Hellman assumption in the random oracle model.",
keywords = "broadcast encryption, Forward security, ID-based encryption",
author = "Danfeng Yao and Nelly Fazio and Yevgeniy Dodis and Anna Lysyanskaya",
year = "2009",
doi = "10.3233/978-1-58603-947-9-100",
language = "English (US)",
isbn = "9781586039479",
volume = "2",
series = "Cryptology and Information Security Series",
pages = "100--118",
booktitle = "Identity-Based Cryptography",

}

TY - CHAP

T1 - Forward-secure hierarchical IBE with applications to broadcast encryption

AU - Yao, Danfeng

AU - Fazio, Nelly

AU - Dodis, Yevgeniy

AU - Lysyanskaya, Anna

PY - 2009

Y1 - 2009

N2 - A forward-secure encryption scheme protects secret keys from exposure by evolving the keys with time. Forward security has several unique requirements in hierarchical identity-based encryption (HIBE) scheme: (1) users join dynamically; (2) encryption is joining-time-oblivious; (3) users evolve secret keys autonomously. We define and construct a scalable pairing-based forward-secure HIBE (fs-HIBE) scheme satisfying all of the above requirements. We also show how our fs-HIBE scheme can be used to realize a forward-secure public-key broadcast encryption scheme, which protects the secrecy of prior transmissions in the broadcast encryption setting. We further generalize fs-HIBE into a collusion-resistant multiple hierarchical ID-based encryption scheme, which can be used for secure communications with entities having multiple roles in role-based access control. The security of our schemes is based on the bilinear Diffie-Hellman assumption in the random oracle model.

AB - A forward-secure encryption scheme protects secret keys from exposure by evolving the keys with time. Forward security has several unique requirements in hierarchical identity-based encryption (HIBE) scheme: (1) users join dynamically; (2) encryption is joining-time-oblivious; (3) users evolve secret keys autonomously. We define and construct a scalable pairing-based forward-secure HIBE (fs-HIBE) scheme satisfying all of the above requirements. We also show how our fs-HIBE scheme can be used to realize a forward-secure public-key broadcast encryption scheme, which protects the secrecy of prior transmissions in the broadcast encryption setting. We further generalize fs-HIBE into a collusion-resistant multiple hierarchical ID-based encryption scheme, which can be used for secure communications with entities having multiple roles in role-based access control. The security of our schemes is based on the bilinear Diffie-Hellman assumption in the random oracle model.

KW - broadcast encryption

KW - Forward security

KW - ID-based encryption

UR - http://www.scopus.com/inward/record.url?scp=84865495647&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84865495647&partnerID=8YFLogxK

U2 - 10.3233/978-1-58603-947-9-100

DO - 10.3233/978-1-58603-947-9-100

M3 - Chapter

AN - SCOPUS:84865495647

SN - 9781586039479

VL - 2

T3 - Cryptology and Information Security Series

SP - 100

EP - 118

BT - Identity-Based Cryptography

ER -