Cryptanalysis of Chatterjee-Sarkar hierarchical identity-based encryption scheme at PKC 06

Jong Hwan Park; Dong Hoon Lee

doi:10.1587/transfun.E92.A.1724

Cryptanalysis of Chatterjee-Sarkar hierarchical identity-based encryption scheme at PKC 06

Jong Hwan Park, Dong Hoon Lee

School of Cybersecurity

Research output: Contribution to journal › Article › peer-review

Abstract

In 2006, Chatterjee and Sarkar proposed a hierarchical identity-based encryption (HIBE) scheme which can support an unbounded number of identity levels. This property is particularly useful in providing forward secrecy by embedding time components within hierarchical identities. In this paper we show that their scheme does not provide the claimed property. Our analysis shows that if the number of identity levels becomes larger than the value of a fixed public parameter, an unintended receiver can reconstruct a new valid ciphertext and decrypt the ciphertext using his or her own private key. The analysis is similarly applied to a multi-receiver identity-based encryption scheme presented as an application of Chatterjee and Sarkar's HIBE scheme.

Original language	English
Pages (from-to)	1724-1726
Number of pages	3
Journal	IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences
Volume	E92-A
Issue number	7
DOIs	https://doi.org/10.1587/transfun.E92.A.1724
Publication status	Published - 2009

Keywords

Bilinear pairing
Hierarchical identity-based encryption
Unbounded delegation

ASJC Scopus subject areas

Signal Processing
Computer Graphics and Computer-Aided Design
Electrical and Electronic Engineering
Applied Mathematics

Access to Document

10.1587/transfun.E92.A.1724

Cite this

@article{b43be53f85c94d0b97f28201d0171661,

title = "Cryptanalysis of Chatterjee-Sarkar hierarchical identity-based encryption scheme at PKC 06",

abstract = "In 2006, Chatterjee and Sarkar proposed a hierarchical identity-based encryption (HIBE) scheme which can support an unbounded number of identity levels. This property is particularly useful in providing forward secrecy by embedding time components within hierarchical identities. In this paper we show that their scheme does not provide the claimed property. Our analysis shows that if the number of identity levels becomes larger than the value of a fixed public parameter, an unintended receiver can reconstruct a new valid ciphertext and decrypt the ciphertext using his or her own private key. The analysis is similarly applied to a multi-receiver identity-based encryption scheme presented as an application of Chatterjee and Sarkar's HIBE scheme.",

keywords = "Bilinear pairing, Hierarchical identity-based encryption, Unbounded delegation",

author = "Park, {Jong Hwan} and Lee, {Dong Hoon}",

year = "2009",

doi = "10.1587/transfun.E92.A.1724",

language = "English",

volume = "E92-A",

pages = "1724--1726",

journal = "IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences",

issn = "0916-8508",

publisher = "Maruzen Co., Ltd/Maruzen Kabushikikaisha",

number = "7",

}

TY - JOUR

T1 - Cryptanalysis of Chatterjee-Sarkar hierarchical identity-based encryption scheme at PKC 06

AU - Park, Jong Hwan

AU - Lee, Dong Hoon

PY - 2009

Y1 - 2009

N2 - In 2006, Chatterjee and Sarkar proposed a hierarchical identity-based encryption (HIBE) scheme which can support an unbounded number of identity levels. This property is particularly useful in providing forward secrecy by embedding time components within hierarchical identities. In this paper we show that their scheme does not provide the claimed property. Our analysis shows that if the number of identity levels becomes larger than the value of a fixed public parameter, an unintended receiver can reconstruct a new valid ciphertext and decrypt the ciphertext using his or her own private key. The analysis is similarly applied to a multi-receiver identity-based encryption scheme presented as an application of Chatterjee and Sarkar's HIBE scheme.

AB - In 2006, Chatterjee and Sarkar proposed a hierarchical identity-based encryption (HIBE) scheme which can support an unbounded number of identity levels. This property is particularly useful in providing forward secrecy by embedding time components within hierarchical identities. In this paper we show that their scheme does not provide the claimed property. Our analysis shows that if the number of identity levels becomes larger than the value of a fixed public parameter, an unintended receiver can reconstruct a new valid ciphertext and decrypt the ciphertext using his or her own private key. The analysis is similarly applied to a multi-receiver identity-based encryption scheme presented as an application of Chatterjee and Sarkar's HIBE scheme.

KW - Bilinear pairing

KW - Hierarchical identity-based encryption

KW - Unbounded delegation

UR - http://www.scopus.com/inward/record.url?scp=84884254517&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84884254517&partnerID=8YFLogxK

U2 - 10.1587/transfun.E92.A.1724

DO - 10.1587/transfun.E92.A.1724

M3 - Article

AN - SCOPUS:84884254517

SN - 0916-8508

VL - E92-A

SP - 1724

EP - 1726

JO - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

JF - IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences

IS - 7

ER -

Cryptanalysis of Chatterjee-Sarkar hierarchical identity-based encryption scheme at PKC 06

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this