TY - GEN
T1 - Tightly secure IBE under constant-size master public key
AU - Chen, Jie
AU - Gong, Junqing
AU - Weng, Jian
N1 - Publisher Copyright:
© International Association for Cryptologic Research 2017.
PY - 2017
Y1 - 2017
N2 - Chen and Wee [CRYPTO, 2013] proposed the first almost tightly and adaptively secure IBE in the standard model and left two open problems which called for a tightly secure IBE with (1) constant-size master public key and/or (2) constant security loss. In this paper, we propose an IBE scheme with constant-size master public key and tighter security reduction. This (partially) solves Chen and Wee’s first open problem and makes progress on the second one. Technically, our IBE scheme is built based on Wee’s petit IBE scheme [TCC, 2016] in the composite-order bilinear group whose order is product of four primes. The sizes of master public key, ciphertexts, and secret keys are not only constant but also nearly optimal as Wee’s petit IBE. We can prove its adaptive security in the multi-instance, multi-ciphertext setting [PKC, 2015] based on the decisional subgroup assumption and a subgroup variant of DBDH assumption. The security loss is O(log q) where q is the upper bound of the total number of secret keys and challenge ciphertexts per instance. It’s much smaller than those for all known adaptively secure IBE schemes in a concrete sense.
AB - Chen and Wee [CRYPTO, 2013] proposed the first almost tightly and adaptively secure IBE in the standard model and left two open problems which called for a tightly secure IBE with (1) constant-size master public key and/or (2) constant security loss. In this paper, we propose an IBE scheme with constant-size master public key and tighter security reduction. This (partially) solves Chen and Wee’s first open problem and makes progress on the second one. Technically, our IBE scheme is built based on Wee’s petit IBE scheme [TCC, 2016] in the composite-order bilinear group whose order is product of four primes. The sizes of master public key, ciphertexts, and secret keys are not only constant but also nearly optimal as Wee’s petit IBE. We can prove its adaptive security in the multi-instance, multi-ciphertext setting [PKC, 2015] based on the decisional subgroup assumption and a subgroup variant of DBDH assumption. The security loss is O(log q) where q is the upper bound of the total number of secret keys and challenge ciphertexts per instance. It’s much smaller than those for all known adaptively secure IBE schemes in a concrete sense.
UR - https://www.scopus.com/pages/publications/85014502153
U2 - 10.1007/978-3-662-54365-8_9
DO - 10.1007/978-3-662-54365-8_9
M3 - 会议稿件
AN - SCOPUS:85014502153
SN - 9783662543641
T3 - Lecture Notes in Computer Science
SP - 207
EP - 231
BT - Public-Key Cryptography - PKC 2019 - 22nd IACR International Conference on Practice and Theory of Public-Key Cryptography, Proceedings
A2 - Fehr, Serge
PB - Springer Verlag
T2 - 20th IACR International Conference on Practice and Theory of Public-Key Cryptography, PKC 2017
Y2 - 28 March 2017 through 31 March 2017
ER -