[Resource Topic] 2019/045: Leakage-resilient Identity-based Encryption in Bounded Retrieval Model with Nearly Optimal Leakage-Ratio

Resource No category
#1

Welcome to the resource topic for 2019/045

Title:
Leakage-resilient Identity-based Encryption in Bounded Retrieval Model with Nearly Optimal Leakage-Ratio

Authors: Ryo Nishimaki, Takashi Yamakawa

Abstract:

We propose new constructions of leakage-resilient public-key encryption (PKE) and identity-based encryption (IBE) schemes in the bounded retrieval model (BRM). In the BRM, adversaries are allowed to obtain at most \ell-bit leakage from a secret key and we can increase \ell only by increasing the size of secret keys without losing efficiency in any other performance measure. We call \ell/|\textsf{sk}| leakage-ratio where |\textsf{sk}| denotes a bit-length of a secret key. Several PKE/IBE schemes in the BRM are known. However, none of these constructions achieve a constant leakage-ratio under a standard assumption in the standard model. Our PKE/IBE schemes are the first schemes in the BRM that achieve leakage-ratio 1-\epsilon for any constant \epsilon>0 under standard assumptions in the standard model. As previous works, we use identity-based hash proof systems (IB-HPS) to construct IBE schemes in the BRM. It is known that a parameter for IB-HPS called the universality-ratio is translated into the leakage-ratio of the resulting IBE scheme in the BRM. We construct an IB-HPS with universality-ratio 1-\epsilon for any constant \epsilon>0 based on any inner-product predicate encryption (IPE) scheme with compact secret keys. Such IPE schemes exist under the d-linear, subgroup decision, learning with errors, or computational bilinear Diffie-Hellman assumptions. As a result, we obtain IBE schemes in the BRM with leakage-ratio 1-\epsilon under any of these assumptions. Our PKE schemes are immediately obtained from our IBE schemes.

ePrint: https://eprint.iacr.org/2019/045

See all topics related to this paper.

Feel free to post resources that are related to this paper below.

Example resources include: implementations, explanation materials, talks, slides, links to previous discussions on other websites.

For more information, see the rules for Resource Topics .