Efficient Hierarchical Identity-Based Encryption System for Internet of Things Infrastructure
Abstract
:1. Introduction
1.1. Applications
1.2. Our Contributions
1.3. Related Work
1.4. Paper Organization
2. Preliminaries
2.1. Bilinear Groups
- (Bilinear) .
- (Non-degenerate) such that has order N in .
2.2. Complexity Assumptions
2.3. Hierarchical Identity-Based Encryption
- GlobalSetup (): On input where k is a security parameter, it returns the public parameters and a master secret key .
- KeyGen (): On input and an identity of depth j, it returns a private key of .
- Delegate: On input , a private key for , and an identity , it returns a private key for =().
- Encrypt (): On input message M, , and identity , it returns a ciphertext C.
- Decrypt: On input and C, it returns the message M.
2.4. Security Definition
- Create: The identity vector of depth j is given to by . runs the KeyGen algorithm to generate the key for this identity vector. The key is then added in the set S. A reference of this key is returned to .
- Delegate: specifies a private key in S and gives an identity to . runs the Delegate algorithm to generate a new private key for =( and adds this key to S. It returns a reference of this key to .
- Reveal: specifies an element of the set S. gives this private key to and removes it from S. At this point, no longer needs to make delegation queries for this private key, as it can run the Delegate algorithm by itself.
3. Our Improved HIBE System
3.1. Construction
- GlobalSetup (): Let k be the security parameter, , and . The public parameters and master secret key are generated as:
- KeyGen (): The key generation algorithm first selects a random and random elements of . It then generates the private key for an identity of depth j by computing:
- Delegate: Given a private key for (), a new key for () is created as follows. The delegation algorithm selects a random and random elements . The new key is computed as: It outputs the private key for as . We fully rerandomize this new key, i.e., the new key is only related to the values of the previous key.
- Encrypt (): To encrypt a message M under the public key , the encryption algorithm selects a random . It computes:
- Decrypt: Given an identity and a ciphertext , it decrypts the ciphertext with the private key by first computing:The message is then recovered by computing:
3.2. Semi-Functional Algorithms
4. Security Analysis
- one of is , and the other is ;
- one of is , and the other is ;
- one of is , and the other is .
- Case 1: first tests whether or . If either one of these equalities holds, then Case 1 occurs. subsequently tests whether (we assume without loss of generality that and ). If the equality holds, determines that . Otherwise, .
- Case 2: first tests whether or . If neither of these holds and the test for Case 1 fails, then Case 2 occurs. Next, can determine which of a, b is equal to by testing which of , is the identity. Without loss of generality, we assume that and . subsequently tests whether . If the equality holds, determines that . Otherwise, .
- Case 3: If the tests for Cases 1 and 2 fail, then Case 3 occurs. can then determine which of a, b is equal to by testing which of , is the identity. We assume without loss of generality that . subsequently tests whether . If the equality holds, determines that . Otherwise, .
- For , selects random exponents first and then creates a semi-functional key as:The semi-functional key is properly distributed with . We note that values of t and zmodulo and modulo are uncorrelated by the Chinese remainder theorem.
- For , runs the KeyGen algorithm to generate a normal key.
- For , sets first and then creates the following key by choosing random exponents :
5. Performance Comparison
6. Conclusions and Future Work
Author Contributions
Funding
Conflicts of Interest
References
- Shamir, A. Identity-Based Cryptosystems and Signature Schemes. In Advances in Cryptology; Springer: Berlin/Heidelberg, Germany, 1984; pp. 47–53. [Google Scholar]
- Boneh, D.; Franklin, M. Identity-Based Encryption from the Weil Pairing. In Advances in Cryptology-CRYPTO 2001; Springer: Berlin/Heidelberg, Germany, 2001; pp. 213–229. [Google Scholar] [Green Version]
- Boneh, D.; Boyen, X. Secure Identity Based Encryption Without Random Oracles. In Advances in Cryptology—CRYPTO 2004; Springer: Berlin/Heidelberg, Germany, 2004; pp. 443–459. [Google Scholar] [Green Version]
- Gentry, C. Practical Identity-Based Encryption Without Random Oracles. In Advances in Cryptology—EUROCRYPT 2006; Springer: Berlin/Heidelberg, Germany, 2006; pp. 445–464. [Google Scholar] [Green Version]
- Waters, B. Efficient Identity-Based Encryption Without Random Oracles. In Advances in Cryptology—EUROCRYPT 2005; Springer: Berlin/Heidelberg, Germany, 2005; pp. 114–127. [Google Scholar] [Green Version]
- Horwitz, J.; Lynn, B. Towards Hierarchical Identity-Based Encryption. In Advances in Cryptology—EUROCRYPT 2002; Springer: Berlin/Heidelberg, Germany, 2002; pp. 466–481. [Google Scholar]
- Lewko, A.; Waters, B. New Techniques for Dual System Encryption and Fully Secure HIBE with Short Ciphertexts. In Theory of Cryptography—TCC2010; Springer: Berlin/Heidelberg, Germany, 2010; pp. 455–479. [Google Scholar] [Green Version]
- Daniel, R.M.; Rajsingh, E.B.; Silas, S. Analysis of Hierarchical Identity Based Encryption Schemes and Its Applicability to Computing Environments. J. Inf. Secur. Appl. 2017, 36, 20–31. [Google Scholar] [CrossRef]
- Li, Y.; Wang, Y.; Zhang, Y. SecHome: A Secure Large-Scale Smart Home System Using Hierarchical Identity Based Encryption. In Information and Communications Security; Springer: Cham, Switzerland, 2018; pp. 339–351. [Google Scholar]
- Sha, K.; Wei, W.; Yang, T.A.; Wang, Z.; Shi, W. On Security Challenges and Open Issues in Internet of Things. Future Gener. Comput. Syst. 2018, 83, 326–337. [Google Scholar] [CrossRef]
- Trnka, M.; Cerny, T.; Stickney, N. Survey of Authentication and Authorization for the Internet of Things. Secur. Commun. Netw. 2018, 2018, 4351603. [Google Scholar] [CrossRef]
- Yu, F.R.; Tang, H.; Mason, P.C.; Wang, F. A Hierarchical Identity Based Key Management Scheme in Tactical Mobile Ad Hoc Networks. IEEE Trans. Netw. Serv. Manag. 2010, 7, 258–267. [Google Scholar] [CrossRef]
- Ning, H.; Liu, H.; Yang, L.T. Aggregated-Proof Based Hierarchical Authentication Scheme for the Internet of Things. IEEE Trans. Parallel Distrib. Syst. 2015, 26, 657–667. [Google Scholar] [CrossRef]
- Yang, L.T.; Liu, H.; Ning, H. Cyberentity Security in the Internet of Things. Computer 2013, 46, 46–53. [Google Scholar]
- Gentry, C.; Silverberg, A. Hierarchical ID-Based Cryptography. In Advances in Cryptology—ASIACRYPT 2002; Springer: Berlin/Heidelberg, Germany, 2002; pp. 548–566. [Google Scholar]
- Boneh, D.; Boyen, X. Efficient Selective-ID Secure Identity-Based Encryption Without Random Oracles. In Advances in Cryptology—EUROCRYPT 2004; Springer: Berlin/Heidelberg, Germany, 2004; pp. 223–238. [Google Scholar] [Green Version]
- Chatterjee, S.; Sarkar, P. HIBE With Short Public Parameters Without Random Oracle. In Advances in Cryptology—ASIACRYPT 2006; Springer: Berlin/Heidelberg, Germany, 2006; pp. 145–160. [Google Scholar]
- Sarkar, P.; Chatterjee, S. Construction of a Hybrid HIBE Protocol Secure against Adaptive Attacks: without Random Oracle. In First International Conference on Provable Security—ProvSec 2007; Springer: Berlin/Heidelberg, Germany, 2007; pp. 51–67. [Google Scholar]
- Waters, B. Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions. In Advances in Cryptology—CRYPTO 2009; Springer: Berlin/Heidelberg, Germany, 2009; pp. 619–636. [Google Scholar] [Green Version]
- De Caro, A.; Iovino, V.; Persiano, G. Fully Secure Anonymous HIBE and Secret-Key Anonymous IBE with Short Ciphertexts. In Pairing-Based Cryptography—Pairing 2010; Springer: Berlin/Heidelberg, Germany, 2010; pp. 347–366. [Google Scholar]
- Chen, J.; Wee, H. Dual System Groups and its Applications—Compact HIBE and More. 2014. Available online: https://eprint.iacr.org/2014/265.pdf (accessed on 18 June 2019).
- Lee, K.; Park, J.H.; Lee, D.H. Anonymous HIBE with Short Ciphertexts: Full Security in Prime Order Groups. Designs Codes Cryptogr. 2015, 74, 395–425. [Google Scholar] [CrossRef]
- Park, J.H.; Lee, D.H. Anonymous HIBE: Compact Construction Over Prime-Order Groups. IEEE Trans. Inf. Theory 2013, 59, 2531–2541. [Google Scholar] [CrossRef]
- Zhang, L.; Mu, Y.; Wu, Q. Compact Anonymous Hierarchical Identity-Based Encryption with Constant Size Private Keys. Comput. J. 2016, 59, 452–461. [Google Scholar] [CrossRef]
- Hu, X.; Wang, J.; Xu, H.; Yang, Y. Constant Size Ciphertext and Private Key HIBE without Random Oracles. J. Inf. Sci. Eng. 2014, 30, 333–345. [Google Scholar]
- Seo, J.H.; Emura, K. Revocable Hierarchical Identity-based Encryption. Theor. Comput. Sci. 2014, 542, 44–62. [Google Scholar] [CrossRef]
- Jia, H.; Chen, Y.; Lan, J.; Huang, K.; Wang, J. Efficient Revocable Hierarchical Identity-Based Encryption using Cryptographic Accumulators. Int. J. Inf. Secur. 2018, 17, 477–490. [Google Scholar] [CrossRef]
- Lee, K.; Park, S. Revocable Hierarchical Identity-Based Encryption with Shorter Private Keys and Update Keys. Designs Codes Cryptogr. 2018, 86, 2407–2440. [Google Scholar] [CrossRef]
- Park, S.; Lee, D.H.; Lee, K. Revocable Hierarchical Identity-Based Encryption from Multilinear Maps. arXiv 2016, arXiv:1610.07948. [Google Scholar]
- Wang, C.; Li, Y.; Jiang, S.; Wu, J. An Efficient Adaptive-ID Secure Revocable Hierarchical Identity-Based Encryption Scheme. In Proceedings of the International Conference on Smart Computing and Communication (SmartCom 2016), Shenzhen, China, 17–19 December 2019; pp. 506–515. [Google Scholar]
- Xing, Q.; Wang, B.; Wang, X.; Chen, P. Unbounded Revocable Hierarchical Identity-Based Encryption with Adaptive-ID Security. In Proceedings of the IEEE 18th International Conference on High Performance Computing and Communications, Sydney, Austrilia, 12–14 Decmber 2016; pp. 430–437. [Google Scholar]
- Xing, Q.; Wang, B.; Wang, X.; Tao, J. Unbounded and Revocable Hierarchical Identity-Based Encryption with Adaptive Security, Decryption Key Exposure Resistant, and Short Public Parameters. PLoS ONE 2018, 13, e0195204. [Google Scholar] [CrossRef] [PubMed]
- Boneh, D.; Goh, E.-J.; Nissim, K. Evaluating 2-DNF Formulas on Ciphertexts. In Theory of Cryptography—TCC2005; Springer: Berlin/Heidelberg, Germany, 2005; pp. 325–341. [Google Scholar] [Green Version]
- Shi, E.; Waters, B. Delegating Capabilities in Predicate Encryption Systems. In Automata, Languages and Programming—ICALP2008; Springer: Berlin/Heidelberg, Germany, 2008; pp. 560–578. [Google Scholar] [Green Version]
Depth | [7] (s) | Ours (s) |
---|---|---|
1 | 38.851 | 2.444 |
5 | 184.653 | 12.122 |
10 | 348.413 | 23.886 |
15 | 493.993 | 36.009 |
20 | 616.044 | 47.865 |
25 | 734.034 | 59.715 |
30 | 834.744 | 72.646 |
35 | 886.534 | 85.998 |
40 | 975.188 | 98.309 |
45 | 1012.288 | 108.427 |
50 | 1028.230 | 125.729 |
Depth | [7] (s) | Ours (s) |
---|---|---|
1 | 0.887 | 0.857 |
5 | 0.949 | 0.840 |
10 | 1.051 | 0.825 |
15 | 1.132 | 0.839 |
20 | 1.289 | 0.831 |
25 | 1.427 | 0.828 |
30 | 1.517 | 0.841 |
35 | 1.536 | 0.852 |
40 | 1.635 | 0.840 |
45 | 1.755 | 0.842 |
50 | 1.817 | 0.882 |
© 2019 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/).
Share and Cite
Guo, L.; Wang, J.; Yau, W.-C. Efficient Hierarchical Identity-Based Encryption System for Internet of Things Infrastructure. Symmetry 2019, 11, 913. https://doi.org/10.3390/sym11070913
Guo L, Wang J, Yau W-C. Efficient Hierarchical Identity-Based Encryption System for Internet of Things Infrastructure. Symmetry. 2019; 11(7):913. https://doi.org/10.3390/sym11070913
Chicago/Turabian StyleGuo, Lifeng, Jing Wang, and Wei-Chuen Yau. 2019. "Efficient Hierarchical Identity-Based Encryption System for Internet of Things Infrastructure" Symmetry 11, no. 7: 913. https://doi.org/10.3390/sym11070913
APA StyleGuo, L., Wang, J., & Yau, W. -C. (2019). Efficient Hierarchical Identity-Based Encryption System for Internet of Things Infrastructure. Symmetry, 11(7), 913. https://doi.org/10.3390/sym11070913