scispace - formally typeset

Journal ArticleDOI

Security on Cloud Revocation Authority using Identity Based Encryption

01 Nov 2017-Vol. 263, Iss: 4, pp 042051

About: The article was published on 2017-11-01 and is currently open access. It has received None citation(s) till now. The article focuses on the topic(s): Identity (philosophy) & Encryption.
Topics: Identity (philosophy) (63%), Encryption (54%), Revocation (52%)
References
More filters

Journal ArticleDOI
TL;DR: The aim of this paper is to outline, in as simple a fashion as possible, the basic choices that are available when using pairings in cryptography, and the main properties and efficiency issues are summarized.
Abstract: Many research papers in pairing-based cryptography treat pairings as a ''black box''. These papers build cryptographic schemes making use of various properties of pairings. If this approach is taken, then it is easy for authors to make invalid assumptions concerning the properties of pairings. The cryptographic schemes developed may not be realizable in practice, or may not be as efficient as the authors assume. The aim of this paper is to outline, in as simple a fashion as possible, the basic choices that are available when using pairings in cryptography. For each choice, the main properties and efficiency issues are summarized. The paper is intended to be of use to non-specialists who are interested in using pairings to design cryptographic schemes.

663 citations


Journal ArticleDOI
Jin Li1, Jingwei Li2, Xiaofeng Chen3, Chunfu Jia2  +1 moreInstitutions (4)
TL;DR: This paper introduces outsourcing computation into IBE for the first time and proposes a revocable IBE scheme in the server-aided setting and proposes another construction which is provable secure under the recently formulized Refereed Delegation of Computation model.
Abstract: Identity-Based Encryption (IBE) which simplifies the public key and certificate management at Public Key Infrastructure (PKI) is an important alternative to public key encryption. However, one of the main efficiency drawbacks of IBE is the overhead computation at Private Key Generator (PKG) during user revocation. Efficient revocation has been well studied in traditional PKI setting, but the cumbersome management of certificates is precisely the burden that IBE strives to alleviate. In this paper, aiming at tackling the critical issue of identity revocation, we introduce outsourcing computation into IBE for the first time and propose a revocable IBE scheme in the server-aided setting. Our scheme offloads most of the key generation related operations during key-issuing and key-update processes to a Key Update Cloud Service Provider, leaving only a constant number of simple operations for PKG and users to perform locally. This goal is achieved by utilizing a novel collusion-resistant technique: we employ a hybrid private key for each user, in which an AND gate is involved to connect and bound the identity component and the time component. Furthermore, we propose another construction which is provable secure under the recently formulized Refereed Delegation of Computation model. Finally, we provide extensive experimental results to demonstrate the efficiency of our proposed construction.

317 citations


Journal ArticleDOI
Tsu-Yang Wu1, Yuh-Min Tseng1Institutions (1)
01 Jun 2010-Computer Networks
TL;DR: A new user authentication and key exchange protocol using bilinear pairings for mobile client-server environment is presented and it is demonstrated that the protocol is provably secure against previous attacks.
Abstract: Considering the low-power computing capability of mobile devices, the security scheme design is a nontrivial challenge. The identity (ID)-based public-key system with bilinear pairings defined on elliptic curves offers a flexible approach to achieve simplifying the certificate management. In the past, many user authentication schemes with bilinear pairings have been proposed. In 2009, Goriparthi et al. also proposed a new user authentication scheme for mobile client-server environment. However, these schemes do not provide mutual authentication and key exchange between the client and the server that are necessary for mobile wireless networks. In this paper, we present a new user authentication and key exchange protocol using bilinear pairings for mobile client-server environment. As compared with the recently proposed pairing-based user authentication schemes, our protocol provides both mutual authentication and key exchange. Performance analysis is made to show that our presented protocol is well suited for mobile client-server environment. Security analysis is given to demonstrate that our proposed protocol is provably secure against previous attacks.

84 citations


Journal ArticleDOI
Yuh-Min Tseng1, Tung-Tso Tsai1Institutions (1)
TL;DR: An efficient RIBE with a public channel is presented, which provides a practical alternative to the previously proposed revocation solutions, while it remains efficient for encryption and decryption.
Abstract: Over the last few years, identity (ID)-based encryption (IBE) without requiring certificate management offers a practical alternative to public key encryption. However, how to revoke misbehaving/compromised identities in ID-based public key setting becomes a new and critical issue. In the past, there was little work on studying this revocation problem. In 2008, Boldyreva et al. proposed a revocable IBE (RIBE) and its associated revocation solution that used a binary tree structure to reduce the authority's periodic workload in Boneh and Franklin's IBE. However, Boldyreva et al.'s RIBE raised enormous computation costs for encryption and decryption procedures. Both IBEs require a secure channel between each user and the authority to transmit user's periodic private keys, thus the authority and each user need to encrypt and decrypt the private keys for each period. In this article, we present an efficient RIBE with a public channel, which provides a practical alternative to the previously proposed revocation solutions, while it remains efficient for encryption and decryption. Under the bilinear Diffie–Hellman assumption, we demonstrate that our RIBE with a public channel is semantically secure against adaptive chosen plaintext attacks and adaptive chosen ciphertext attacks.

61 citations