Key-Evolving Hierarchical ID-Based Signcryption

摘要

Key-evolving cryptography is intended to mitigate the damage in case of a secret key compromise, one of the severest security threats to actual cryptographic schemes. In the public-key setting, the essential idea of key-evolving lies in updating the private key with time, while maintaining the same public key. Key evolution in encryption and signing has been well studied, especially in the identity-based (ID-based) setting where an entity's public key can be derived from that entity's identity information. From a more practical standpoint, however, one would like to use the primitive signcryption in the hierarchical ID-based setting. In this paper, we propose the first key-evolving hierarchical ID-based signcryption scheme that is scalable and joining-time-oblivious and allows secret keys to be updated autonomously. The security proofs of our construction depend on the bilinear Diffie-Hellman assumption and the computational Diffie-Hellman assumption in the random oracle model. To be specific, our proposal not only achieves the fundamental goals of confidentiality and authenticity, but also enjoys desirable properties of non-repudiation, ciphertext anonymity and strong forward security. Compared with the conventional sign-then-encrypt approach, our construction provides better efficiency in terms of the computation cost and the communication overhead.