Research On Identity-based Encryption For Rich Hierarchies

In the key management of traditional public-key encryption(PKE),a randomly generated public key must be bound to a user before it can be used as the user's public key.Identity-based encryption(IBE)provides a new key management in which the public key can be directly constructed from the user's identity,and the private keys are all derived by a private key generator(PKG)for users.Hierarchical identity-based encryption(HIBE)further introduces a hierarchical structure by decentralizing key derivation from the PKG to the user.In HIBE,users are organized in a hierarchy,and the key of a user at the lower level can be derived only from the key of a user at the upper level.In order to cope with complex applications,richer hierarchies have been proposed to express the corresponding delegations.This paper focuses on two typical hierarchies and their schemes,one is the binary tree encryption(BTE)scheme for simple hierarchies,binary trees,and the other is IBE with wildcard key derivation(WKD-IBE)for generic hierarchies,wildcard hierarchies.This paper analyzes the existing schemes for these two hierarchies in terms of security,functionality,and efficiency,then proposes corresponding improvements.Concretely,the following two schemes are proposed:1.A BTE scheme with constant-size public key from bilinear pairing in the standard model.In the existing BTE schemes,the size of the public key depends on the height of the underlying binary tree.In order to support more nodes,one has to employ a higher binary tree leading to a larger public key.In addition,the existing schemes only achieve selective security,i.e.,the attacker must choose the target node to attack before obtaining the public key and corrupting the secret keys.This paper applies entropy expansion lemma and dual-system proof technique to prove that the scheme in this paper achieves adaptive security,i.e.,the attacker can adaptively choose the target node to attack.2.A WKD-IBE scheme from lattices in the standard model.In WKD-IBE,the secret keys are no longer derived strictly level-by-level as in HIBE,but selectively according to a wildcard pattern,where the wildcard indicates that the users of the level has not yet been decided and is allowed to be replaced by a specific user in subsequent derivations.However,the current research on WKD-IBE focuses on the construction from bilinear pairing,while it is not been studied yet that the WKD-IBE construction from the other major direction,lattices,and the security achieved in the standard model.This paper proposes a WKD-IBE scheme based on the existing HIBE schemes using the properties of trapdoors from lattices in the standard model,and proves that the scheme in this paper also achieves adaptive security using the partition proof technique.