New Assumptions on Isogenous Pairing Groups with Applications to Attribute-Based Encryption

  • Takeshi Koshiba
  • Katsuyuki TakashimaEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11396)


We introduce new isogeny-related assumptions called Isog-DDH and Isog-DBDH assumptions. By using the assumptions, we reinforce security of several existing (hierarchical) identity-/attribute-based encryption (HIBE/ABE) schemes. While the existing schemes are proven from the standard DBDH assumption, our reinforced secure ones have two incomparable security proofs: one is proven from the DBDH as well and another is proven from the Isog-DDH assumption which is incomparable with DBDH. As a result, if either DBDH or Isog-DDH assumption holds, the proposed HIBE/ABE schemes are secure. For obtaining our (H)IBE secure in the standard model, we assign a unique (product) group called ID-group to each (H)ID, and introduce a new proof technique, i.e., ID-group partitioning by using isogenies as trapdoors.


Isogenous pairing groups Identity-based encryption Attribute-based encryption Security reinforcement 


  1. 1.
    Agrawal, S., Boneh, D., Boyen, X.: Efficient lattice (H)IBE in the standard model. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 553–572. Springer, Heidelberg (2010). Scholar
  2. 2.
    Attrapadung, N., Hanaoka, G., Yamada, S.: Conversions among several classes of predicate encryption and applications to ABE with various compactness tradeoffs. In: Iwata, T., Cheon, J.H. (eds.) ASIACRYPT 2015, Part I. LNCS, vol. 9452, pp. 575–601. Springer, Heidelberg (2015). Scholar
  3. 3.
    Benson, K., Shacham, H., Waters, B.: The k-BDH assumption family: bilinear map cryptography from progressively weaker assumptions. In: Dawson, E. (ed.) CT-RSA 2013. LNCS, vol. 7779, pp. 310–325. Springer, Heidelberg (2013). Scholar
  4. 4.
    Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004). Scholar
  5. 5.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001). Scholar
  6. 6.
    Boneh, D., et al.: Fully key-homomorphic encryption, arithmetic circuit ABE and compact garbled circuits. In: Nguyen, P.Q., Oswald, E. (eds.) EUROCRYPT 2014. LNCS, vol. 8441, pp. 533–556. Springer, Heidelberg (2014). Scholar
  7. 7.
    Boneh, D., Gentry, C., Hamburg, M.: Space-efficient identity based encryption without pairings. In: FOCS 2007, pp. 647–657 (2007)Google Scholar
  8. 8.
    Boneh, D., et al.: Multiparty non-interactive key exchange and more from isogenies on elliptic curves. In: MATHCRYPT 2018 (2018).
  9. 9.
    Charles, D., Lauter, K., Goren, E.: Cryptographic hash functions from expander graphs. J. Crypt. 22(1), 93–113 (2009). Preliminary version: IACR Cryptology eprint Archiv, 2006:021 (2006)MathSciNetCrossRefGoogle Scholar
  10. 10.
    Chen, J., Gay, R., Wee, H.: Improved dual system ABE in prime-order groups via predicate encodings. In: Oswald, E., Fischlin, M. (eds.) EUROCRYPT 2015, Part II. LNCS, vol. 9057, pp. 595–624. Springer, Heidelberg (2015). Scholar
  11. 11.
    Cheon, J.H.: Security analysis of the strong Diffie-Hellman problem. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 1–11. Springer, Heidelberg (2006). Scholar
  12. 12.
    Cocks, C.: An identity based encryption scheme based on quadratic residues. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 360–363. Springer, Heidelberg (2001). Scholar
  13. 13.
    Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167–226 (2003)MathSciNetCrossRefGoogle Scholar
  14. 14.
    De Feo, L., Jao, D., Plût, J.: Towards quantum-resistant cryptosystems from supersingular elliptic curve isogenies. J. Math. Crypt. 8(3), 209–247 (2014). Preliminary version: IACR Cryptology eprint Archiv, 2011:506 (2011)MathSciNetzbMATHGoogle Scholar
  15. 15.
    Dodis, Y., Katz, J.: Chosen-ciphertext security of multiple encryption. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 188–209. Springer, Heidelberg (2005). Scholar
  16. 16.
    Gentry, C., Peikert, C., Vaikuntanathan, V.: Trapdoors for hard lattices and new cryptographic constructions. In: STOC 2008, pp. 197–206 (2008)Google Scholar
  17. 17.
    Gorbunov, S., Vaikuntanathan, V., Wee, H.: Attribute-based encryption for circuits. In: STOC 2013, pp. 545–554 (2013)Google Scholar
  18. 18.
    Goyal, V., Pandey, O., Sahai, A., Waters, B.: Attribute-based encryption for fine-grained access control of encrypted data. In: ACM CCS 2006, pp. 89–98 (2006)Google Scholar
  19. 19.
    Herzberg, A.: Folklore, practice and theory of robust combiners. J. Comput. Secur. 17(2), 159–189 (2009)MathSciNetCrossRefGoogle Scholar
  20. 20.
    ISO/IEC 18033–5:2015: Information technology - Security techniques - Encryption algorithms - Part 5: Identity-based ciphers. ISO/IEC (2015)Google Scholar
  21. 21.
    Koshiba, T., Takashima, K.: Pairing cryptography meets isogeny: a new framework of isogenous pairing groups. IACR Cryptology ePrint Archive 2016:1138 (2016)Google Scholar
  22. 22.
    Menezes, A., Okamoto, T., Vanstone, S.: Reducing elliptic curve logarithms to logarithms in a finite field. IEEE Trans. Inf. Theory 39(5), 1639–1646 (1993). Preliminary version appeared in STOC 1991MathSciNetCrossRefGoogle Scholar
  23. 23.
    National Institute of Standards and Technology: Post-Quantum crypto standardization: Call for Proposals Announcement, December 2016.
  24. 24.
    Okamoto, T., Takashima, K.: Fully secure functional encryption with general relations from the decisional linear assumption. In: Rabin, T. (ed.) CRYPTO 2010. LNCS, vol. 6223, pp. 191–208. Springer, Heidelberg (2010). Scholar
  25. 25.
    Shacham, H.: A cramer-shoup encryption scheme from the linear assumption and from progressively weaker linear variants. IACR Cryptology ePrint Archive 2007:74 (2007).
  26. 26.
    Shoup, V.: Using hash functions as a hedge against chosen ciphertext attack. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 275–288. Springer, Heidelberg (2000). Scholar
  27. 27.
    Silverman, J.: The Arithmetic of Elliptic Curves. GTM, vol. 106, 2nd edn. Springer, New York (2009). Scholar
  28. 28.
    Waters, B.: Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 619–636. Springer, Heidelberg (2009). Scholar
  29. 29.
    Yoshida, R., Takashima, K.: Computing a sequence of 2-isogenies on supersingular elliptic curves. IEICE Trans. Fundam. 96-A(1), 158–165 (2013). Preliminary version is available in ICISC 2008. LNCS, vol. 5461, pp. 52–65 (2008)Google Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.Waseda UniversityTokyoJapan
  2. 2.Mitsubishi ElectricKanagawaJapan

Personalised recommendations