Identity-Based Encryption (IBE) which simplifies the public key and certificate management at Public Key Infrastructure (PKI) is an important alternative to public key encryption. However, one of the main efficiency drawbacks of IBE is the overhead computation at Private Key Generator (PKG) during user revocation. Efficient revocation has been well studied in traditional PKI setting, but the cumbersome management of certificates is precisely the burden that IBE strives to alleviate. In this paper, aiming at tackling the critical issue of identity revocation, we introduce outsourcing computation into IBE for the first time and propose a revocable IBE scheme in the server-aided setting.
Our
scheme offloads most of the key generation related operations during key-issuing
and key-update processes to a Key Update Cloud Service Provider, leaving only a
constant number of simple operations for PKG and users to perform locally. This
goal is achieved by utilizing a novel collusion-resistant technique: we employ
a hybrid private key for each user, in which an AND gate is involved to connect
and bound the identity component and the time component. Furthermore, we
propose another construction which is provable secure under the recently
formulized Refereed Delegation of Computation model. Finally, we provide
extensive experimental results to demonstrate the efficiency of our proposed
construction.
INTRODUCTION:
Identity-Based Encryption (IBE) is an interesting alternative to public key encryption, which is proposed to simplify key management in a certificate-based Public Key Infrastructure (PKI) by using human-intelligible identities (e.g., unique name, email address, IP address, etc) as public keys. Therefore, sender using IBE does not need to look up public key and certificate, but directly encrypts message with receiver’s identity.
Accordingly, receiver obtaining the private key associated with the corresponding identity from Private Key Generator (PKG) is able to decrypt such ciphertext. Though IBE allows an arbitrary string as the public key which is considered as appealing advantages over PKI, it demands an efficient revocation mechanism. Specifically, if the private keys of some users get compromised, we must provide a mean to revoke such users from system. In PKI setting, revocation mechanism is realized by appending validity periods to certificates or using involved combinations of techniques.
Nevertheless, the cumbersome management of certificates is precisely the burden that IBE strives to alleviate. As far as we know, though revocation has been thoroughly studied in PKI, few revocation mechanisms are known in IBE setting. In Boneh and Franklin suggested that users renew their private keys periodically and senders use the receivers’ identities concatenated with current time period. But this mechanism would result in an overhead load at PKG. In another word, all the users regardless of whether their keys have been revoked or not, have to contact with PKG periodically to prove their identities and update new private keys. It requires that PKG is online and the secure channel must be maintained for all transactions, which will become a bottleneck for IBE system as the number of users grows.
In presented a revocable IBE scheme. Their scheme is built on the idea of fuzzy IBE primitive but utilizing a binary tree data structure to record users’ identities at leaf nodes. Therefore, key-update efficiency at PKG is able to be significantly reduced from linear to the height of such binary tree (i.e. logarithmic in the number ofusers). Nevertheless, we point out that though the binary tree introduction is able to achieve a relative high performance, it will result in other problems:
1) PKG has to generate a key pair for all the nodes on the path from the identity leaf node to the root node, which results in complexity logarithmic in the number of users in system for issuing a single private key.
2) The size of private key grows in logarithmic in the number of users in system, which makes it difficult in private key storage for users.
3) As the number of users in system grows, PKG has to maintain a binary tree with a large amount of nodes, which introduces another bottleneck for the global system. In tandem with the development of cloud computing, there has emerged the ability for users to buy on-demand computing from cloud-based services such as Amazon’s EC2 and Microsoft’s Windows Azure. Thus it desires a new working paradigm for introducing such cloud services into IBE revocation to fix the issue of efficiency and storage overhead described above. A naive approach would be to simply hand over the PKG’s master key to the Cloud Service Providers (CSPs).
The CSPs could then simply update all the
private keys by using the traditional key update technique [4] and transmit the
private keys back to unrevoked users. However, the naive approach is based on
an unrealistic assumption that the CSPs are fully trusted and is allowed to
access the master key for IBE system. On the contrary, in practice the public
clouds are likely outside of the same trusted domain of users and are curious
for users’ individual privacy. For this reason, a challenge on how to design a
secure revocable IBE scheme to reduce the overhead computation at PKG with an
untrusted CSP is raised.
In this paper, we introduce outsourcing computation into IBE revocation, and formalize the security definition of outsourced revocable IBE for the first time to the best of our knowledge. We propose a scheme to offload all the key generation related operations during key-issuing and keyupdate, leaving only a constant number of simple operations for PKG and eligible users to perform locally. In our scheme, as with the suggestion in realize revocation through updating the private keys of the unrevoked users. But unlike that work which trivially concatenates time period with identity for key generation/update and requires to re-issue the whole private key for unrevoked users.
We propose a novel collusion-resistant key issuing technique: we employ a hybrid private key for each user, in which an AND gate is involved to connect and bound two sub-components, namely the identity component and the time component. At first, user is able to obtain the identity component and a default time component (i.e., for current time period) from PKG as his/her private key in key-issuing. Afterwards, in order to maintain decryptability, unrevoked users needs to periodically request on keyupdate for time component to a newly introduced entity named Key Update Cloud Service Provider (KU-CSP).
Our scheme does not have to re-issue the
whole private keys, but just need to update a lightweight component of it at a
specialized entity KU-CSP. We also specify that 1) with the aid of KU-CSP, user
needs not to contact with PKG in key-update, and in other words, PKG is allowed
to be offline after sending the revocation list to KU-CSP. 2) No secure channel
or user authentication is required during key-update between user and KU-CSP.
Furthermore, we consider realizing revocable IBE with a semi-honest KU-CSP. To
achieve this goal, we present a security enhanced construction under the
recently formalized Refereed Delegation of Computation (RDoC) model. Finally,
we provide extensive experimental results to demonstrate the efficiency of our
proposed construction
EXISTING SYSTEM:
DISADVANTAGES:
Boneh and Franklin mechanism would result in an overhead load at PKG. In another word, all the users regardless of whether their keys have been revoked or not, have to contact with PKG periodically to prove their identities and update new private keys. It requires that PKG is online and the secure channel must be maintained for all transactions, which will become a bottleneck for IBE system as the number of users grows.
PROPOSED SYSTEM:
ADVANTAGES:
HARDWARE REQUIREMENT:
ARCHITECTURE DIAGRAM:
IMPLEMENTATION:
IBE
SCHEME (IDENTITY-BASED
ENCRYPTION)
ALGORITHM USED:
KEYCOMBINE
ALGORITHM:
MODULES:
USER MODULES:
PKG (PRIVATE KEY GENERATOR):
KU-CSPS MODELS:
USERS REVOCATION:
PERFORMANCE EVALUATION:
CONCLUSION:
In this paper, focusing on the critical issue of identity revocation, we introduce outsourcing computation into IBE and propose a revocable scheme in which the revocation operations are delegated to CSP. With the aid of KU-CSP, the proposed scheme is full-featured: 1) It achieves constant efficiency for both computation at PKG and private key size at user; 2) User needs not to contact with PKG during keyupdate, in other words, PKG is allowed to be offline after sending the revocation list to KU-CSP; 3) No secure channel or user authentication is required during key-update between user and KU-CSP. Furthermore, we consider realizing revocable IBE under a stronger adversary model. We present an advanced construction and show it is secure under RDoC model, in which at least one of the KU-CSPs is assumed to be honest. Therefore, even if a revoked user and either of the KU-CSPs collude, it is unable to help such user re-obtain his/her decryptability. Finally, we provide extensive experimental results to demonstrate the efficiency of our proposed construction.