Identity-based encryption resilient to auxiliary leakage under the decisional linear assumption

Abstract

Leakage-resilience guarantees that even if some information about the secret key is partially leaked, the security is maintained. Several security models considering leakage-resilience have been proposed. Among them, auxiliary leakage model proposed by Dodis et al. in STOC’09 is especially important, since it can deal with a leakage caused by a function which information-theoretically reveals the secret key, e.g., one-way permutation. Contribution of this work is two-fold. Firstly, we propose an identity-based encryption (IBE) scheme and prove that it is fully secure and resilient to the auxiliary leakage under the decisional linear assumption in the standard model. Secondly, although the IBE scheme proposed by Yuen et al. in Eurocrypt’12 has been considered to be the only IBE scheme resilient to auxiliary leakage, we prove that the security proof for the IBE scheme is defective. We insist that our IBE scheme is the only IBE scheme resilient to auxiliary leakage.