Contributions to Lattice-based Expressive Encryption Systems
Post-quantum cryptography (PQC), also known as quantum-resistant cryptography, is a cryptographic method designed to be secure against both quantum and classical computers. Recent advancements in quantum computers pose security threats to many existing cryptographic primitives. Over the past five decades, there has been significant growth in the development of cryptographic primitives. However, most rely on number theoretic hard assumptions such as the integer factorisation problem and the discrete logarithm problem. In 1994 Peter Shor showed that these problems could be solved in polynomial time. Since then, there have been efforts to find other assumptions that can be secure against quantum adversaries, leading to the creation of post-quantum cryptography. In 2016, a procedure was started to assess and standardise one or more post-quantum public-key cryptography algorithms by the National Institute of Standards and Technology (NIST). Currently, there are multiple post-quantum secure platforms such as codebased, hash-based, lattice-based, etc. However, this research project mainly focuses on “lattice-based” cryptosystems—the most prominent candidates for post-quantum cryptography due to its efficiency and versatility. In recent years, lattices have evolved into a solid and comprehensive framework thanks to the discovery of key concepts and techniques. This paved the way for developing more powerful and expressive public-key encryption systems, representing a new world of cryptographic constructions waiting to be explored and utilised. Despite whether we can pinpoint the precise moment that the quantum computer era began, we need to start preparing our information security systems today to withstand quantum computing.
One of the most essential cryptographic primitives is public-key encryption. It is being used to provide confidentiality for communications, data storage, and serve as building blocks for some security protocols. The need for new public-key encryption systems that are both appropriate for novel applications and resistant to increasingly potent and cunning attacks is always growing. In this thesis, we aim to build advanced cryptosystems with additional functionalities and applications suitable for a vast range of cryptographic real-life applications by carrying out the study on (Lattice-based) Public key encryptions. Specifically, we consider expressive variants of these primitives for important real-life applications such as Proxy Re-encryption (PRE) and Puncturable Encryption (PE). To be more specific, we make the following contributions to this thesis.
First, we construct an Identity-based PRE (IBPRE) in the Standard model based on Lattices. This is the first concrete construction of IBPRE that is quantum-safe, and satisfies every significant property that one would anticipate in a PRE scheme. Second, we construct two quantum-safe IBPREs that are “collusion-resistant” and have better security features. Next, we study the advanced security models of PRE, namely security against honest re-encryption attacks (HRA). We examine its significance in realising the application objectives of PRE and propelling the research on HRA-secure PRE in the context of Attribute-based Encryption (ABE). We formalise the system and security models for HRA-secure Key-Policy Attribute-based PRE (KP-ABPRE) and present a concrete construction with security proofs to show that it satisfies all the properties. The proposed construction is quantum-safe and secure in the standard model based on lattices.
Fourth, we construct the first quantum-safe puncturable identity-based encryption (PIBE) schemes based on two security models, which are secure in the standard model. Fifth, we provide the first construction of lattice-based puncturable key-policy attribute-based encryption (KP-PABE), which can provide a fine-grained access mechanism with decryption revocation. This builds upon the design concept of selectively secure PIBE. Lastly, we introduce a new primitive called hierarchical identity-based puncturable encryption (HIBPE), which has an adjustable key puncture and more general key delegation than PE. More specifically, these capabilities provide an effective and adaptable solution for dataaccess control mechanisms and encrypted data exchange in a hierarchical structure. We provide the definition and security model for HIBPE schemes and construct the HIBPE scheme based on lattices in the standard model. Moreover, we show a generic construction of forward-secure hierarchical identity-based encryption (fs-HIBE) from HIBPE. In fact, this enables the first quantum-safe construction of fs-HIBE. By evolving the keys with time, the proposed fs-HIBE provides quantum-safe protection for secret keys from exposure in multi-level encrypted data sharing.
History
Year
2024Thesis type
- Doctoral thesis