TY - JOUR
T1 - Identity-based encryption with (almost) tight security in the multi-instance, multi-ciphertext setting
AU - Hofheinz, Dennis
AU - Koch, Jessica
AU - Striecks, Christoph
PY - 2024/2/29
Y1 - 2024/2/29
N2 - We construct an identity-based encryption (IBE) scheme that is tightly secure in a very strong sense. Specifically, we consider a setting with many instances of the scheme and many encryptions per instance. In this setting, we reduce the security of our scheme to a variant of a simple assumption used for a similar purpose by Chen and Wee (CRYPTO 2013, Springer, 2013). The security loss of our reduction is O(k)(where k is the security parameter). Our scheme is the first IBE scheme to achieve this strong flavor of tightness under a simple assumption. Technically, our scheme is a variation of the IBE scheme by Chen and Wee. However, in order to “lift” their results to the multi-instance, multi-ciphertext case, we need to develop new ideas. In particular, while we build on (and extend) their high-level proof strategy, we deviate significantly in the low-level proof steps.
AB - We construct an identity-based encryption (IBE) scheme that is tightly secure in a very strong sense. Specifically, we consider a setting with many instances of the scheme and many encryptions per instance. In this setting, we reduce the security of our scheme to a variant of a simple assumption used for a similar purpose by Chen and Wee (CRYPTO 2013, Springer, 2013). The security loss of our reduction is O(k)(where k is the security parameter). Our scheme is the first IBE scheme to achieve this strong flavor of tightness under a simple assumption. Technically, our scheme is a variation of the IBE scheme by Chen and Wee. However, in order to “lift” their results to the multi-instance, multi-ciphertext case, we need to develop new ideas. In particular, while we build on (and extend) their high-level proof strategy, we deviate significantly in the low-level proof steps.
KW - Dual-system groups
KW - Identity-based encryption
KW - Multi-challenge security
KW - Public-key cryptography
KW - Tightness
U2 - 10.1007/s00145-024-09496-4
DO - 10.1007/s00145-024-09496-4
M3 - Article
SN - 0933-2790
VL - 37
SP - 799
EP - 822
JO - Journal of Cryptology
JF - Journal of Cryptology
IS - 2
M1 - 12
ER -