Efficient revocable identity-based encryption via subset difference methods

Kwangsu Lee, Dong Hoon Lee, Jong Hwan Park

Research output: Contribution to journalArticlepeer-review

41 Citations (Scopus)


Providing an efficient revocation mechanism for identity-based encryption (IBE) is very important since a user’s credential (or private key) can be expired or revealed. revocable IBE (RIBE) is an extension of IBE that provides an efficient revocation mechanism. Previous RIBE schemes essentially use the complete subtree (CS) scheme of Naor, Naor and Lotspiech (CRYPTO 2001) for key revocation. In this paper, we present a new technique for RIBE that uses the efficient subset difference (SD) scheme of Naor et al. instead of using the CS scheme to improve the size of update keys. Following our new technique, we first propose an efficient RIBE scheme in prime-order bilinear groups by combining the IBE scheme of Boneh and Boyen and the SD scheme and prove its selective security under the standard assumption. Our RIBE scheme is the first RIBE scheme in bilinear groups that has O(r) number of group elements in an update key where r is the number of revoked users. Next, we also propose another RIBE scheme in composite-order bilinear groups and prove its full security under static assumptions. Our RIBE schemes also can be integrated with the layered subset difference scheme of Halevy and Shamir (CRYPTO 2002) to reduce the size of a private key.

Original languageEnglish
Pages (from-to)39-76
Number of pages38
JournalDesigns, Codes, and Cryptography
Issue number1
Publication statusPublished - 2017 Oct 1

Bibliographical note

Funding Information:
Kwangsu Lee was supported by the MSIP (Ministry of Science, ICT and Future Planning), Korea, under the ITRC (Information Technology Research Center) support program (IITP-2016-R0992-16-1006). Dong Hoon Lee was supported by Institute for Information & communications Technology Promotion (IITP) grant funded by the Korea government (MSIP) (R0126-16-1090).

Publisher Copyright:
© 2016, Springer Science+Business Media New York.


  • Bilinear maps
  • Identity-based encryption
  • Key revocation
  • Revocable identity-based encryption
  • Subset difference method

ASJC Scopus subject areas

  • Computer Science Applications
  • Applied Mathematics


Dive into the research topics of 'Efficient revocable identity-based encryption via subset difference methods'. Together they form a unique fingerprint.

Cite this