WEKO3
-
RootNode
アイテム
Ancestor Excludable Hierarchical ID-based Encryption and Its Application to Broadcast Encryption
https://ipsj.ixsq.nii.ac.jp/records/9824
https://ipsj.ixsq.nii.ac.jp/records/98248029829f-5ebf-40ad-ab6c-3bd7bdcf6930
| 名前 / ファイル | ライセンス | アクション |
|---|---|---|
IPSJ-JNL4809013.pdf (478.6 kB)
|
Copyright (c) 2007 by the Information Processing Society of Japan
|
|
| オープンアクセス | ||
| Item type | Journal(1) | |||||||
|---|---|---|---|---|---|---|---|---|
| 公開日 | 2007-09-15 | |||||||
| タイトル | ||||||||
| タイトル | Ancestor Excludable Hierarchical ID-based Encryption and Its Application to Broadcast Encryption | |||||||
| タイトル | ||||||||
| 言語 | en | |||||||
| タイトル | Ancestor Excludable Hierarchical ID-based Encryption and Its Application to Broadcast Encryption | |||||||
| 言語 | ||||||||
| 言語 | eng | |||||||
| キーワード | ||||||||
| 主題Scheme | Other | |||||||
| 主題 | 特集:情報システムを支えるコンピュータセキュリティ技術の再考 | |||||||
| 資源タイプ | ||||||||
| 資源タイプ識別子 | http://purl.org/coar/resource_type/c_6501 | |||||||
| 資源タイプ | journal article | |||||||
| その他タイトル | ||||||||
| その他のタイトル | セキュリティ基盤技術 | |||||||
| 著者所属 | ||||||||
| Japan Advanced Institute Science and Technology | ||||||||
| 著者所属(英) | ||||||||
| en | ||||||||
| Japan Advanced Institute Science and Technology | ||||||||
| 著者名 |
Atsuko, Miyaji
× Atsuko, Miyaji
|
|||||||
| 著者名(英) |
Atsuko, Miyaji
× Atsuko, Miyaji
|
|||||||
| 論文抄録 | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | An ID-based encryption (IBE) is a public key cryptosystem in which a user’s public key is given as a user ID. In IBE only a single center generates all user secret keys which may give the center a load of burdensome work. A hierarchical ID-based encryption (HIBE) is a kind of IBE and overcomes the problem by delegating a user secret key generation to a lower-level center in which centers form a hierarchical structure. However all ancestor nodes in HIBE act as centers. That is any ancestor as well as the root can generate a secret key for any descendant node and thus a cipher text to a node can be decrypted by any ancestor node even if the ancestor does not have the same secret key as that of a target node. In this paper we propose the concept of ancestor-excludable HIBE in which ancestors with a level less than the designated one can be excluded from a set of privileged ancestors with a right to decrypt a cipher text to a target node. We also give the functional definition together with the security definition. This notion is denoted by AE-HIBE simply. We present the concrete example of AE-HIBE which can work with constant-size ciphertext and decryption time independent of the hierarchy level. We prove that our AE-HIBE is selective-ID-CPA secure in the standard model which can be converted to be selective-ID-CCA secure by applying a general conversion method. Furthermore AE-HIBE can be naturally applied to the broadcast encryption to realize the efficient public-key version with the user-key size of O(log2 N) and the transmission rate of O(r) for N users and r revoked users. The user-key size is the smallest at the transmission rate of O(r) up to the present. | |||||||
| 論文抄録(英) | ||||||||
| 内容記述タイプ | Other | |||||||
| 内容記述 | An ID-based encryption (IBE) is a public key cryptosystem, in which a user’s public key is given as a user ID. In IBE, only a single center generates all user secret keys, which may give the center a load of burdensome work. A hierarchical ID-based encryption (HIBE) is a kind of IBE and overcomes the problem by delegating a user secret key generation to a lower-level center, in which centers form a hierarchical structure. However, all ancestor nodes in HIBE act as centers. That is, any ancestor as well as the root can generate a secret key for any descendant node and, thus, a cipher text to a node can be decrypted by any ancestor node even if the ancestor does not have the same secret key as that of a target node. In this paper, we propose the concept of ancestor-excludable HIBE, in which ancestors with a level less than the designated one can be excluded from a set of privileged ancestors with a right to decrypt a cipher text to a target node. We also give the functional definition together with the security definition. This notion is denoted by AE-HIBE simply. We present the concrete example of AE-HIBE, which can work with constant-size ciphertext and decryption time, independent of the hierarchy level. We prove that our AE-HIBE is selective-ID-CPA secure in the standard model, which can be converted to be selective-ID-CCA secure by applying a general conversion method. Furthermore, AE-HIBE can be naturally applied to the broadcast encryption to realize the efficient public-key version with the user-key size of O(log2 N) and the transmission rate of O(r) for N users and r revoked users. The user-key size is the smallest at the transmission rate of O(r), up to the present. | |||||||
| 書誌レコードID | ||||||||
| 収録物識別子タイプ | NCID | |||||||
| 収録物識別子 | AN00116647 | |||||||
| 書誌情報 |
情報処理学会論文誌 巻 48, 号 9, p. 2999-3013, 発行日 2007-09-15 |
|||||||
| ISSN | ||||||||
| 収録物識別子タイプ | ISSN | |||||||
| 収録物識別子 | 1882-7764 | |||||||
