International Conference on Pairing-based Cryptography 

About: International Conference on Pairing-based Cryptography is an academic conference. The conference publishes majorly in the area(s): Pairing & Encryption. Over the lifetime, 125 publications have been published by the conference receiving 5190 citations.

Public key encryption with conjunctive keyword search and its extension to a multi-user system

Abstract: We study the problem of a public key encryption with conjunctive keyword search (PECK). The keyword searchable encryption enables a user to outsource his data to the storage of an untrusted server and to have the ability to selectively search his data without leaking information. The PECK scheme provides the document search containing each of several keywords over a public key setting. First, we construct an efficient PECK scheme whose security is proven over a decisional linear Diffie-Hellman assumption in the random oracle model. In comparison with previous schemes, our scheme has the shortest ciphertext size and private key size, and requires a comparable computation overhead. Second, we discuss problems related to the security proof of previous schemes and show they cannot guarantee complete security. Finally, we introduce a new concept called a multi-user PECK scheme, which can achieve an efficient computation and communication overhead and effectively manage the storage in a server for a number of users.

Fully collusion secure dynamic broadcast encryption with constant-size ciphertexts or decryption keys

Abstract: This paper puts forward new efficient constructions for public-key broadcast encryption that simultaneously enjoy the following properties: receivers are stateless; encryption is collusion-secure for arbitrarily large collusions of users and security is tight in the standard model; new users can join dynamically i.e. without modification of user decryption keys nor ciphertext size and little or no alteration of the encryption key. We also show how to permanently revoke any subgroup of users. Most importantly, our constructions achieve the optimal bound of O(1)-size either for ciphertexts or decryption keys, where the hidden constant relates to a couple of elements of a pairing-friendly group. Our broadcast-KEM trapdoor technique, which has independent interest, also provides a dynamic broadcast encryption system improving all previous efficiency measures (for both execution time and sizes) in the private-key setting.

Conjunctive Broadcast and Attribute-Based Encryption

Abstract: Attribute-based encryption (ABE) system enables an access control mechanism over encrypted data by specifying access policies among private keys and ciphertexts. There are two flavors of ABE, namely key-policy and ciphertext-policy, depending on which of private keys or ciphertexts that access policies are associated with. In this paper we propose a new cryptosystem called Broadcast ABE for both flavors. Broadcast ABE can be used to construct ABE systems with direct revocation mechanism. Direct revocation has a useful property that revocation can be done without affecting any non-revoked users; in particular, it does not require users to update keys periodically. For key-policy variant, our systems appear to be the first fully-functional directly revocable schemes. For ciphertext-policy variant, our systems improve the efficiency from the previously best revocable schemes; in particular, one of our schemes admits ciphertext and private key sizes roughly the same as the currently best (non-revocable) ciphertext-policy ABE. Broadcast ABE can also be utilized to construct multi-authority ABE in the disjunctive setting.

High-speed software implementation of the optimal ate pairing over Barreto-Naehrig curves

Abstract: This paper describes the design of a fast software library for the computation of the optimal ate pairing on a Barreto-Naehrig elliptic curve. Our library is able to compute the optimal ate pairing over a 254-bit prime field Fp, in just 2.33 million of clock cycles on a single core of an Intel Core i7 2.8GHz processor, which implies that the pairing computation takes 0.832msec. We are able to achieve this performance by a careful implementation of the base field arithmetic through the usage of the customary Montgomery multiplier for prime fields. The prime field is constructed via the Barreto-Naehrig polynomial parametrization of the prime p given as, p = 36t4 + 36t3 + 24t2 + 6t + 1, with t = 262 - 254 + 244. This selection of t allows us to obtain important savings for both the Miller loop as well as the final exponentiation steps of the optimal ate pairing.

Homomorphic Encryption and Signatures from Vector Decomposition

Abstract: This paper introduces a new concept, distortion eigenvector space; it is a (higher dimensional) vector space in which bilinear pairings and distortion maps are available. A distortion eigenvector space can be efficiently realized on a supersingular hyperelliptic curve or a direct product of supersingular elliptic curves. We also introduce an intractable problem (with trapdoor) on distortion eigenvector spaces, the higher dimensional generalization of the vector decomposition problem (VDP). We define several computational and decisional problems regarding VDP, and clarify the relations among them. A trapdoor bijective functionwith algebraically rich properties can be obtained from the VDP on distortion eigenvector spaces. This paper presents two applications of this trapdoor bijective function; one is multivariate homomorphic encryption as well as a two-party protocol to securely evaluate 2DNF formulas in a higher dimensional manner, and the other is various types of signatures such as ordinary signatures, blind signatures, generically (selectively and universally) convertible undeniable signatures and their combination.