分野別セミナー

Revocable identity-based encryption is one of cryptographic primitives, where key generator center can revoke efficiently the users whose private keys are compromised or expired. Existing revocable identity-based encryption schemes use mainly the subset cover framework to revoke users. Such revocation mechanism has an inherent limitation that the number of private key elements and update key elements cannot be constant. Recently, Park et al. devised a new technique to propose a revocable identity-based encryption scheme with constant private key and update key sizes by using 3-leveled multilinear maps. A significant drawback of their scheme is its linear public parameter sizes in the cardinality of the users. In this talk, we present an improvement of Park et al.'s scheme and describe an efficient revocable identity-based encryption scheme from asymmetric multilinear maps where the public parameter sizes are essentially logarithmic. In the proposed scheme, we combine the hierarchical identity-bases encryption of Boneh and Boyen and broadcast encryption from multilinear maps of Boneh and Waters to generate the initial private keys for all users and the update key for non-revoked users. Furthermore, only non-revoked users can use these partial keys to generate their full private keys at random. To prove the security of our scheme, we generalize computational hardness assumptions of multilinear maps, and prove its IND-CPA security in the selective revocation list model.