Abstract
Identity-based encryption (IBE) is useful for providing end-to-end access control and data protection in many scenarios such as cloud applications and wireless sensor networks However, there are some practical threats for the data owner or the sensor, who encrypts raw data; and the data user or the control centre, who decrypts the ciphertext and recovers the raw data. In this paper, we tackle the open problem of proposing a leakage-resilience encryption model that can capture leakage from both the secret key owner (the data user or control centre) and the encryptor (the data owner or sensor), in the auxiliary input model. Existing models only allow the leakage of the secret key and do not allow adversaries to query more leakage information after seeing the challenge ciphertext of the security games. We solve this problem by defining the post-challenge auxiliary input model in which the family of leakage functions must be defined before the adversary is given the public key. The post-challenge query will return the leakage of the encryption randomness used by the encryptor. This model is able to capture a wider class of real-world attacks. To realize our model, we propose a generic transformation from the auxiliary input model to our new post-challenge auxiliary input model for both public key encryption (PKE) and IBE. Furthermore, we extend Canetti et al. s technique, that converts CPA-secure IBE to CCA-secure PKE, into the leakage-resilient setting.
Original language | English |
---|---|
Title of host publication | Computer Security - ESORICS 2014 |
Subtitle of host publication | 19th European Symposium on Research in Computer Security Wroclaw, Poland, September 7-11, 2014 - Proceedings, Part II |
Editors | Miroslaw Kutylowski, Jaideep Vaidya |
Place of Publication | Heidelberg Germany |
Publisher | Springer |
Pages | 130-147 |
Number of pages | 18 |
ISBN (Electronic) | 9783319112039 |
ISBN (Print) | 9783319112022 |
DOIs | |
Publication status | Published - 2014 |
Externally published | Yes |
Event | European Symposium On Research In Computer Security 2014 - Wroclaw University of Technology, Wroclaw, Poland Duration: 7 Sep 2014 → 11 Sep 2014 Conference number: 19th https://esorics2014.pwr.wroc.pl/ https://link.springer.com/book/10.1007/978-3-319-11203-9 (Proceedings) |
Publication series
Name | Lecture Notes in Computer Science |
---|---|
Publisher | Springer |
Volume | 8712 |
ISSN (Print) | 0302-9743 |
ISSN (Electronic) | 1611-3349 |
Conference
Conference | European Symposium On Research In Computer Security 2014 |
---|---|
Abbreviated title | ESORICS 2014 |
Country/Territory | Poland |
City | Wroclaw |
Period | 7/09/14 → 11/09/14 |
Internet address |
Keywords
- IBE
- leakage-resilient
- auxiliary inputs
- randomness