Abstract
Identity-based encryption (IBE) is a public key cryptosystem and eliminates the demands of public key infrastructure (PKI) and certificate administration in conventional public key settings. Due to the absence of PKI, the revocation problem is a critical issue in IBE settings. Several revocable IBE schemes have been proposed regarding this issue. Quite recently, by embedding an outsourcing computation technique into IBE, Li et al. proposed a revocable IBE scheme with a key-update cloud service provider (KU-CSP). However, their scheme has two shortcomings. One is that the computation and communication costs are higher than previous revocable IBE schemes. The other shortcoming is lack of scalability in the sense that the KU-CSP must keep a secret value for each user. In the article, we propose a new revocable IBE scheme with a cloud revocation authority (CRA) to solve the two shortcomings, namely, the performance is significantly improved and the CRA holds only a system secret for all the users. For security analysis, we demonstrate that the proposed scheme is semantically secure under the decisional bilinear Diffie-Hellman (DBDH) assumption. Finally, we extend the proposed revocable IBE scheme to present a CRA-aided authentication scheme with period-limited privileges for managing a large number of various cloud services.
| Original language | English |
|---|---|
| Article number | 7430324 |
| Pages (from-to) | 1041-1053 |
| Number of pages | 13 |
| Journal | IEEE Transactions on Cloud Computing |
| Volume | 6 |
| Issue number | 4 |
| DOIs | |
| Publication status | Published - 2018 Oct 1 |
Fingerprint
All Science Journal Classification (ASJC) codes
- Software
- Information Systems
- Hardware and Architecture
- Computer Science Applications
- Computer Networks and Communications
Cite this
}
Identity-based encryption with cloud revocation authority and its applications. / Tseng, Yuh-Min; Tsai, Tung Tso; Huang, Sen-Shan; Huang, Chung Peng.
In: IEEE Transactions on Cloud Computing, Vol. 6, No. 4, 7430324, 01.10.2018, p. 1041-1053.Research output: Contribution to journal › Article
TY - JOUR
T1 - Identity-based encryption with cloud revocation authority and its applications
AU - Tseng, Yuh-Min
AU - Tsai, Tung Tso
AU - Huang, Sen-Shan
AU - Huang, Chung Peng
PY - 2018/10/1
Y1 - 2018/10/1
N2 - Identity-based encryption (IBE) is a public key cryptosystem and eliminates the demands of public key infrastructure (PKI) and certificate administration in conventional public key settings. Due to the absence of PKI, the revocation problem is a critical issue in IBE settings. Several revocable IBE schemes have been proposed regarding this issue. Quite recently, by embedding an outsourcing computation technique into IBE, Li et al. proposed a revocable IBE scheme with a key-update cloud service provider (KU-CSP). However, their scheme has two shortcomings. One is that the computation and communication costs are higher than previous revocable IBE schemes. The other shortcoming is lack of scalability in the sense that the KU-CSP must keep a secret value for each user. In the article, we propose a new revocable IBE scheme with a cloud revocation authority (CRA) to solve the two shortcomings, namely, the performance is significantly improved and the CRA holds only a system secret for all the users. For security analysis, we demonstrate that the proposed scheme is semantically secure under the decisional bilinear Diffie-Hellman (DBDH) assumption. Finally, we extend the proposed revocable IBE scheme to present a CRA-aided authentication scheme with period-limited privileges for managing a large number of various cloud services.
AB - Identity-based encryption (IBE) is a public key cryptosystem and eliminates the demands of public key infrastructure (PKI) and certificate administration in conventional public key settings. Due to the absence of PKI, the revocation problem is a critical issue in IBE settings. Several revocable IBE schemes have been proposed regarding this issue. Quite recently, by embedding an outsourcing computation technique into IBE, Li et al. proposed a revocable IBE scheme with a key-update cloud service provider (KU-CSP). However, their scheme has two shortcomings. One is that the computation and communication costs are higher than previous revocable IBE schemes. The other shortcoming is lack of scalability in the sense that the KU-CSP must keep a secret value for each user. In the article, we propose a new revocable IBE scheme with a cloud revocation authority (CRA) to solve the two shortcomings, namely, the performance is significantly improved and the CRA holds only a system secret for all the users. For security analysis, we demonstrate that the proposed scheme is semantically secure under the decisional bilinear Diffie-Hellman (DBDH) assumption. Finally, we extend the proposed revocable IBE scheme to present a CRA-aided authentication scheme with period-limited privileges for managing a large number of various cloud services.
UR - http://www.scopus.com/inward/record.url?scp=85055820655&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85055820655&partnerID=8YFLogxK
U2 - 10.1109/TCC.2016.2541138
DO - 10.1109/TCC.2016.2541138
M3 - Article
AN - SCOPUS:85055820655
VL - 6
SP - 1041
EP - 1053
JO - IEEE Transactions on Cloud Computing
JF - IEEE Transactions on Cloud Computing
SN - 2168-7161
IS - 4
M1 - 7430324
ER -