University of Wollongong
Browse

File(s) not publicly available

Hierarchical Identity-based Puncturable Encryption from Lattices with Application to Forward Security

journal contribution
posted on 2024-11-17, 13:43 authored by Priyanka Dutta, Mei Jiang, Dung Hoang Duong, Willy Susilo, Kazuhide Fukushima, Shinsaku Kiyomoto
Puncturable encryption (PE), introduced by Green and Miers at IEEE S&P 2015, allows recipients to update their decryption keys to revoke decryption capability for selected messages without communicating with senders. In general, it allows users to control which ciphertexts their keys may decrypt. The notion of PE has been found very useful in many applications, such as asynchronous messaging systems, group messaging systems, public-key watermarking schemes, secure cloud emails, and many more. In this paper, we introduce a new primitive called hierarchical identity-based puncturable encryption (HIBPE) that enhances the concept of PE by allowing more general key delegation and flexible key puncture. It enhances the capability of the data owner for multi-level encrypted data sharing within a group of users by delegating the decryption keys of the users in higher-levels to generate decryption keys for the users in lower-levels. Moreover, it allows users to puncture (update) their decryption keys on tags so that a decryption key punctured on a tag can no longer decrypt ciphertexts under this tag. In addition, to control access to the users' data, the higher-level users can further puncture the delegated keys (for lower-level users) with some tags such that the part of the owner's data is labeled by the punctured tags will no longer be accessible by the lower-level users. These features offer an efficient and flexible solution for encrypted data sharing as well as data-access control mechanisms in a hierarchical setting. We propose the formal definition and security model for HIBPE schemes and provide a concrete HIBPE scheme based on the hardness of the learning with errors problem in the standard model. Further, we provide a generic construction of forward secure hierarchical identity-based encryption (fs-HIBE) from HIBPE, which enables the first quantum-safe construction of fs-HIBE in the standard model. Moreover, this is the first fs-HIBE construction by exploring the concept of PE. The proposed fs-HIBE provides quantum-safe protection for secret keys from exposure in multi-level encrypted data sharing by evolving the keys with time.

Funding

Australian Research Council (LP190100984)

History

Journal title

ASIA CCS 2022 - Proceedings of the 2022 ACM Asia Conference on Computer and Communications Security

Pagination

408-422

Language

English

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC