Revocable Hierarchical Identity-Based Encryption from Multilinear Maps
This work addresses a specific bottleneck in cryptographic systems for managing large-scale user hierarchies with dynamic credentials, offering incremental improvements in efficiency.
The paper tackles the problem of inefficient key revocation in revocable hierarchical identity-based encryption (RHIBE) by proposing two new schemes using multilinear maps and public-key broadcast encryption, which reduce private and update key elements to O(ℓ) and O(1) respectively, overcoming the dependency on the number of revoked users.
In identity-based encryption (IBE) systems, an efficient key delegation method to manage a large number of users and an efficient key revocation method to handle the dynamic credentials of users are needed. Revocable hierarchical IBE (RHIBE) can provide these two methods by organizing the identities of users as a hierarchy and broadcasting an update key for non-revoked users per each time period. To provide the key revocation functionality, previous RHIBE schemes use a tree-based revocation scheme. However, this approach has an inherent limitation such that the number of update key elements depends on the number of revoked users. In this paper, we propose two new RHIBE schemes in multilinear maps that use the public-key broadcast encryption scheme instead of using the tree-based revocation scheme to overcome the mentioned limitation. In our first RHIBE scheme, the number of private key elements and update key elements is reduced to $O(\ell)$ and $O(\ell)$ respectively where $\ell$ is the depth of a hierarchical identity. In our second RHIBE scheme, we can further reduce the number of private key elements from $O(\ell)$ to $O(1)$.