CISPA
Browse

File(s) not publicly available

IBE with Incompressible Master Secret and Small Identity Secrets

conference contribution
posted on 2023-11-29, 18:25 authored by Nico DöttlingNico Döttling, Sanjam Garg, Mingyuan Wang
Side-stepping the protection provided by cryptography, exfiltration attacks are becoming a considerable real-world threat. With the goal of mitigating the exfiltration of cryptographic keys, big-key cryptosystems have been developed over the past few years. These systems come with very large secret keys which are thus hard to exfiltrate. Typically, in such systems, the setup time must be large as it generates the large secret key. However, subsequently, the encryption and decryption operations, that must be performed repeatedly, are required to be efficient. Specifically, the encryption uses only a small public key and the decryption only accesses small ciphertext-dependent parts of the full secret key. Nonetheless, these schemes require decryption to have access to the entire secret key. Thus, using such big-key cryptosystems necessitate that users carry around large secret-keys on their devices, which can be a hassle and in some cases might also render exfiltration easy. With the goal of removing this problem, in this work, we initiate the study of big-key identity-based encryption (bk-IBE). In such a system, the master secret-key is allowed to be large but we require that the identity-based secret keys are short. This allows users to use the identity-based short keys as the ephemeral secret keys that can be more easily carried around and allow for decrypting ciphertexts matching a particular identity, e.g. messages that were encrypted on a particular date. In particular: We build a new definitional framework for bk-IBE capturing a range of applications. In the case when the exfiltration is small our definition promises stronger security—namely, an adversary can break semantic security for only a few identities, proportional to the amount of leakage it gets. In contrast, in the catastrophic case where a large fraction of the master secret key has been ex-filtrated, we can still resort to a guarantee that the ciphertexts generated for a randomly chosen identity (or, an identity with enough entropy) remain protected. We demonstrate how this framework captures the best possible security guarantees. We show the first construction of such a bk-IBE offering strong security properties. Our construction is based on standard assumptions on groups with bilinear pairings and brings together techniques from seemingly different contexts such as leakage resilient cryptography, reusable two-round MPC, and laconic oblivious transfer. We expect our techniques to be of independent interest.

History

Preferred Citation

Nico Döttling, Sanjam Garg and Mingyuan Wang. IBE with Incompressible Master Secret and Small Identity Secrets. In: Theory of Cryptography Conference (TCC). 2022.

Primary Research Area

  • Algorithmic Foundations and Cryptography

Name of Conference

Theory of Cryptography Conference (TCC)

Legacy Posted Date

2023-06-07

Open Access Type

  • Unknown

BibTeX

@inproceedings{cispa_all_3959, title = "IBE with Incompressible Master Secret and Small Identity Secrets", author = "Döttling, Nico and Garg, Sanjam and Wang, Mingyuan", booktitle="{Theory of Cryptography Conference (TCC)}", year="2022", }

Usage metrics

    Categories

    No categories selected

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC