Sciweavers

PKC
2012
Springer

Circular and KDM Security for Identity-Based Encryption

12 years 2 months ago
Circular and KDM Security for Identity-Based Encryption
We initiate the study of security for key-dependent messages (KDM), sometimes also known as “circular” or “clique” security, in the setting of identity-based encryption (IBE). Circular/KDM security requires that ciphertexts preserve secrecy even when they encrypt messages that may depend on the secret keys, and arises in natural usage scenarios for IBE. We construct an IBE system that is circular secure for affine functions of users’ secret keys, based on the learning with errors (LWE) problem (and hence on worst-case lattice problems). The scheme is secure in the standard model, under a natural extension of a selective-identity attack. Our three main technical contributions are (1) showing the circular/KDM-security of a “dual”-style LWE public-key cryptosystem, (2) proving the hardness of a version of the “extended LWE” problem due to O’Neill, Peikert and Waters (CRYPTO’11), and (3) building an IBE scheme around the dual-style system using a novel lattice-based...
Jacob Alperin-Sheriff, Chris Peikert
Added 29 Sep 2012
Updated 29 Sep 2012
Type Journal
Year 2012
Where PKC
Authors Jacob Alperin-Sheriff, Chris Peikert
Comments (0)