Tightly CCA-secure identity-based encryption with ciphertext pseudorandomness. - Citegraph

Paper Info

Title
Tightly CCA-secure identity-based encryption with ciphertext pseudorandomness.

Abstract
Affine message authentication code (MAC) and delegatable affine MAC turn out to be useful tools for constructing identity-based encryption (IBE) and hierarchical IBE (HIBE), as shown in Blazy, Kiltz and Pan’s (BKP) creative work in CRYPTO (). An important result obtained by BKP is IBE of tight PR-ID-CPA security, i.e., tight IND-ID-CPA security together with ciphertext pseudorandomness (PR). However, the problem of designing tightly PR-ID-CCA2 secure IBE remains open. We note that the CHK transformation does not preserve ciphertext pseudorandomness when converting IND-ID-CPA secure 2-level HIBE to IND-ID-CCA2 secure IBE. In this paper, we solve this problem with a new approach. We introduce a new concept called and define for it . We construct such a MAC with a tight security reduction to the Matrix DDH assumption, which includes the -Linear and DDH assumptions. We present a paradigm for constructing PR-ID-CCA2 secure IBE, which enjoys both ciphertext pseudorandomness and IND-ID-CCA2 security, from De-randomized delegatable affine MAC and Chameleon hashing. The security reduction is tightness preserving. It provides another approach to IND-ID-CCA2 security besides the CHK transformation. By instantiating the paradigm with our specific De-randomized delegatable affine MAC, we obtain the first IBE of tight PR-ID-CCA2 security from the Matrix DDH assumption over pairing groups of prime order. Our IBE also serves as the first tightly IND-ID-CCA2 secure IBE with anonymous recipient (ANON-ID-CCA2) from the Matrix DDH assumption. Our IBE further implies the first tightly IND-ID-CCA2 secure extractable IBE based on the Matrix DDH assumption. The latter can be used to get IBE of simulation-based selective opening CCA2 (SIM-SO-CCA2) security (due to Lai et al. in EUROCRYPT, ). The tight security of our IBE leads to a tighter reduction of the SIM-SO-CCA2 security.

Year	DOI	Venue
2018	https://doi.org/10.1007/s10623-017-0339-3	Des. Codes Cryptography
Keywords	Field	DocType
Tight security reduction,Identity-based encryption,Ciphertext pseudorandomness,CCA2 security,Affine message authentication code,68P25,94A60	Affine transformation,Prime (order theory),Discrete mathematics,Message authentication code,Pseudorandomness,Adaptive chosen-ciphertext attack,Encryption,Hash function,Ciphertext,Mathematics	Journal
Volume	Issue	ISSN
86	3	0925-1022
Citations	PageRank	References
0	0.34	19
Authors
4

Authors (4 rows)

Cited by (0 rows)

References (19 rows)

Name	Order	Citations	PageRank
Shuai Han	1	7	10.28
Shengli Liu	2	484	45.70
Baodong Qin	3	190	19.40
Dawu Gu	4	644	103.50

1