In the situation where there are one sender and multiple receivers, a receiver selective opening (RSO) attack for an identity-based encryption (IBE) scheme considers adversaries that can corrupt some of the receivers and get their user secret keys and plaintexts. Security against RSO attacks for an IBE scheme ensures confidentiality of ciphertexts of uncorrupted receivers. In this paper, we formalize a definition of RSO security against chosen ciphertext attacks (RSO-CCA security) for IBE and propose the first RSO-CCA secure IBE schemes. More specifically, we construct an RSO-CCA secure IBE scheme based on an IND-ID-CPA secure IBE scheme and a non-interactive zero-knowledge proof system with unbounded simulation soundness and multi-theorem zero-knowledge. Through our generic construction, we obtain the first pairing-based and lattice-based RSO-CCA secure IBE schemes.
Keisuke HARA
Tokyo Institute of Technology,National Institute of Advanced Industrial Science and Technology (AIST)
Takahiro MATSUDA
National Institute of Advanced Industrial Science and Technology (AIST)
Keisuke TANAKA
Tokyo Institute of Technology
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Keisuke HARA, Takahiro MATSUDA, Keisuke TANAKA, "Receiver Selective Opening Chosen Ciphertext Secure Identity-Based Encryption" in IEICE TRANSACTIONS on Fundamentals,
vol. E105-A, no. 3, pp. 160-172, March 2022, doi: 10.1587/transfun.2021CIP0006.
Abstract: In the situation where there are one sender and multiple receivers, a receiver selective opening (RSO) attack for an identity-based encryption (IBE) scheme considers adversaries that can corrupt some of the receivers and get their user secret keys and plaintexts. Security against RSO attacks for an IBE scheme ensures confidentiality of ciphertexts of uncorrupted receivers. In this paper, we formalize a definition of RSO security against chosen ciphertext attacks (RSO-CCA security) for IBE and propose the first RSO-CCA secure IBE schemes. More specifically, we construct an RSO-CCA secure IBE scheme based on an IND-ID-CPA secure IBE scheme and a non-interactive zero-knowledge proof system with unbounded simulation soundness and multi-theorem zero-knowledge. Through our generic construction, we obtain the first pairing-based and lattice-based RSO-CCA secure IBE schemes.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.2021CIP0006/_p
Copy
@ARTICLE{e105-a_3_160,
author={Keisuke HARA, Takahiro MATSUDA, Keisuke TANAKA, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Receiver Selective Opening Chosen Ciphertext Secure Identity-Based Encryption},
year={2022},
volume={E105-A},
number={3},
pages={160-172},
abstract={In the situation where there are one sender and multiple receivers, a receiver selective opening (RSO) attack for an identity-based encryption (IBE) scheme considers adversaries that can corrupt some of the receivers and get their user secret keys and plaintexts. Security against RSO attacks for an IBE scheme ensures confidentiality of ciphertexts of uncorrupted receivers. In this paper, we formalize a definition of RSO security against chosen ciphertext attacks (RSO-CCA security) for IBE and propose the first RSO-CCA secure IBE schemes. More specifically, we construct an RSO-CCA secure IBE scheme based on an IND-ID-CPA secure IBE scheme and a non-interactive zero-knowledge proof system with unbounded simulation soundness and multi-theorem zero-knowledge. Through our generic construction, we obtain the first pairing-based and lattice-based RSO-CCA secure IBE schemes.},
keywords={},
doi={10.1587/transfun.2021CIP0006},
ISSN={1745-1337},
month={March},}
Copy
TY - JOUR
TI - Receiver Selective Opening Chosen Ciphertext Secure Identity-Based Encryption
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 160
EP - 172
AU - Keisuke HARA
AU - Takahiro MATSUDA
AU - Keisuke TANAKA
PY - 2022
DO - 10.1587/transfun.2021CIP0006
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E105-A
IS - 3
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - March 2022
AB - In the situation where there are one sender and multiple receivers, a receiver selective opening (RSO) attack for an identity-based encryption (IBE) scheme considers adversaries that can corrupt some of the receivers and get their user secret keys and plaintexts. Security against RSO attacks for an IBE scheme ensures confidentiality of ciphertexts of uncorrupted receivers. In this paper, we formalize a definition of RSO security against chosen ciphertext attacks (RSO-CCA security) for IBE and propose the first RSO-CCA secure IBE schemes. More specifically, we construct an RSO-CCA secure IBE scheme based on an IND-ID-CPA secure IBE scheme and a non-interactive zero-knowledge proof system with unbounded simulation soundness and multi-theorem zero-knowledge. Through our generic construction, we obtain the first pairing-based and lattice-based RSO-CCA secure IBE schemes.
ER -