International Journal of Information Security

, Volume 17, Issue 4, pp 477–490 | Cite as

Efficient revocable hierarchical identity-based encryption using cryptographic accumulators

  • Hongyong JiaEmail author
  • Yue Chen
  • Julong Lan
  • Kaixiang Huang
  • Jun Wang
Regular Contribution


Hierarchical identity-based encryption is an important extension from IBE and has found many applications in the network world. Private key revocation is a crucial requirement for any public key system. In this paper, we propose a novel revocation method for the hierarchical identity-based encryption. Existing revocable hierarchical identity-based encryption schemes have several disadvantages: the key update size increases logarithmically with the number of users in the system, the public information of key update received by each user is different and always related to the level of the identity hierarchy and the security proof of the revocable scheme is very complex. In our scheme, cryptographic accumulators are used to compress hierarchical levels and revoked users’ information into constant values. So we achieve almost constant size of private key update which is irrelevant with the user number in the system. Because of the compression of hierarchical information we can use simple dual system encryption techniques to prove our scheme to be fully secure under several common assumptions without resorting to complex nested dual system encryption techniques.


Revocation Cryptographic accumulator Private key update Dual system encryption Hierarchical identity-based encryption 



This work is sponsored by the National Basic Research Program of China (973 Program) under Grant No. 2012CB315901.


  1. 1.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Advances in Cryptology—Crypto 1984. Lecture Notes in Computer Science, vol. 196, pp. 47–53, Springer, Berlin (1984)Google Scholar
  2. 2.
    Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Advances in Cryptology—CRYPTO 2001, pp. 213–229. Springer, Berlin (2001)Google Scholar
  3. 3.
    Li, J., Li, J., Chen, X., Jia, C., Lou, W.: Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans. Comput. (2015). doi: 10.1109/TC.2013.208
  4. 4.
    Lim, H.W., Paterson, K.G.: Identity-based cryptography for grid security. In: Proceedings of the e-Science, pp. 395–404 (2005)Google Scholar
  5. 5.
    Su, L., Lim, H.W., Ling, S., et al.: Revocable IBE systems with almost constant-size key update. In: International Conference on Pairing-Based Cryptography Pairing 2013, pp. 168–185. Springer, Berlin (2014)Google Scholar
  6. 6.
    Abdalla, M., Kiltz, E., Neven, G.: Generalised key delegation for hierarchical identity-based encryption. IET Inf. Secur. 2(3), 67–78 (2008)CrossRefGoogle Scholar
  7. 7.
    Seo, J.H., Emura, K.: Efficient delegation of key generation and revocation functionalities in identity-based encryption. CT-RSA 2013, 343–358 (2013)MathSciNetzbMATHGoogle Scholar
  8. 8.
    Tsai, T.-T., Tseng, Y.-M., Wu, T.-Y.: RHIBE: constructing revocable hierarchical ID-based encryption from HIBE. Informatica 25(2), 299–326 (2014)MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Ryu, G., Lee, K., Park, S., Lee, D.H.: Unbounded hierarchical identity-based encryption with efficient revocation.
  10. 10.
    Bellare, M., Waters, B., Yilek, S.: Identity-based encryption secure against selective opening attack. TCC 2011, 235–252 (2011)MathSciNetzbMATHGoogle Scholar
  11. 11.
    Boneh, D., Boyen, X.: Efficient selective-id identity based encryption without random oracles. In: Advances in cryptology-EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Berlin (2004)Google Scholar
  12. 12.
    Boldyreva, A., Goyal, V., Kumar, V.: Identity-based encryption with efficient revocation. In: Proceedings of the 15th ACM Conference on Computer and Communications Security, ACM, pp. 417–426 (2008)Google Scholar
  13. 13.
    Naor, D., Naor, M., Lotspiech, J.: Revocation and tracing schemes for stateless receivers. In: Advances in Cryptology—CRYPTO 2001. LNCS, vol. 2139, pp. 41–62. Springer, Berlin (2001)Google Scholar
  14. 14.
    Camenisch, J., Kohlweiss, M., Soriente, C.: An accumulator based on bilinear maps and efficient revocation for anonymous credentials. In: International Workshop on Public Key Cryptography—PKC 2009, pp. 481–500. Springer, Berlin (2009)Google Scholar
  15. 15.
    Waters, B.: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions. In: Advances in Cryptology—Crypto09. LNCS, vol. 5677, pp. 619–636 (2009)Google Scholar
  16. 16.
    Lewko, A., Waters, B.: Unbounded HIBE and attribute-based encryption. In Advances in Cryptology—Eurocrypt11. LNCS, vol. 6632, pp. 547–567 (2011)Google Scholar

Copyright information

© Springer-Verlag GmbH Germany 2017

Authors and Affiliations

  • Hongyong Jia
    • 1
    Email author
  • Yue Chen
    • 1
  • Julong Lan
    • 2
  • Kaixiang Huang
    • 1
  • Jun Wang
    • 1
  1. 1.State Key Laboratory of Mathematical Engineering and Advanced ComputingZhengzhouChina
  2. 2.China National Digital Switching System Engineering and Technological Research CentreZhengzhouChina

Personalised recommendations