Why proving HIBE systems secure is difficult. (English) Zbl 1326.94109
Nguyen, Phong Q. (ed.) et al., Advances in cryptology – EUROCRYPT 2014. 33rd annual international conference on the theory and applications of cryptographic techniques, Copenhagen, Denmark, May 11–15, 2014. Proceedings. Berlin: Springer (ISBN 978-3-642-55219-9/pbk). Lecture Notes in Computer Science 8441, 58-76 (2014).
Summary: Proving security of hierarchical identity-based encryption (HIBE) and attribution based encryption (ABE) scheme is a challenging problem. There are multiple well-known schemes in the literature where the best known (adaptive) security proofs degrade exponentially in the maximum hierarchy depth. However, we do not have a rigorous understanding of why better proofs are not known. (For ABE, the analog of hierarchy depth is the maximum number of attributes used in a ciphertext.)
In this work, we define a certain commonly found checkability property on ciphertexts and private keys. Roughly the property states that any two different private keys that are both “supposed to” decrypt a ciphertext will decrypt it to the same message. We show that any simple black box reduction to a non-interactive assumption for a HIBE or ABE system that contains this property will suffer an exponential degradation of security.
For the entire collection see [Zbl 1287.94004].
In this work, we define a certain commonly found checkability property on ciphertexts and private keys. Roughly the property states that any two different private keys that are both “supposed to” decrypt a ciphertext will decrypt it to the same message. We show that any simple black box reduction to a non-interactive assumption for a HIBE or ABE system that contains this property will suffer an exponential degradation of security.
For the entire collection see [Zbl 1287.94004].
MSC:
| 94A60 | Cryptography |
