{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,9]],"date-time":"2026-02-09T00:23:26Z","timestamp":1770596606235,"version":"3.49.0"},"reference-count":45,"publisher":"Oxford University Press (OUP)","issue":"4","license":[{"start":{"date-parts":[[2019,11,15]],"date-time":"2019-11-15T00:00:00Z","timestamp":1573776000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/academic.oup.com\/journals\/pages\/open_access\/funder_policies\/chorus\/standard_publication_model"}],"funder":[{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61872359"],"award-info":[{"award-number":["61872359"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/501100001809","name":"National Natural Science Foundation of China","doi-asserted-by":"publisher","award":["61936008"],"award-info":[{"award-number":["61936008"]}],"id":[{"id":"10.13039\/501100001809","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020,4,17]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:p>Efficient key revocation in Identity-based Encryption (IBE) has been a both fundamental and critical problem when deploying an IBE system in practice. Boneh and Franklin proposed the first revocable IBE (RIBE) scheme where the size of key updates is linear in the number of users. Then, Boldyreva, Goyal and Kumar proposed the first scalable RIBE by using the tree-based approach where the size of key updates is $O(r\\log (N\/r))$ and the size of every user\u2019s long-term secret key is $O(\\log N)$ with $N$ being the number of users and $r$ the number of revoked users. Recently, Qin et al. presented the notion of server-aided RIBE where the size of every user\u2019s long-term secret key is $O(1),$ and users do not need to communicate with Key Generator Center (KGC) during every key updates. However, users must change their identities once their secret keys are revoked as they cannot decrypt ciphertexts by using their revoked secret keys.<\/jats:p>\n               <jats:p>To address the above problem, we formalize the notion of RIBE with identity reuse. In our system model, users can obtain a new secret key called the reuse secret key from KGC when their secret keys are revoked. The decryption key can be derived from the reuse secret key and new key updates while it cannot be derived from the revoked secret key and the new key updates. We present a concrete construction that is secure against adaptive-ID chosen plaintext attacks and decryption key exposure attacks under the $\\mathsf{ADDH}1$ and $\\mathsf{DDH}2$ assumptions in the standard model. Furthermore, we extend it to server-aided RIBE scheme with identity reuse property that is more suitable for lightweight devices.<\/jats:p>","DOI":"10.1093\/comjnl\/bxz114","type":"journal-article","created":{"date-parts":[[2019,11,13]],"date-time":"2019-11-13T20:09:44Z","timestamp":1573675784000},"page":"620-632","source":"Crossref","is-referenced-by-count":1,"title":["Server-aided Revocable IBE with Identity Reuse"],"prefix":"10.1093","volume":"63","author":[{"given":"Xuecheng","family":"Ma","sequence":"first","affiliation":[{"name":"State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China"},{"name":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China"}]},{"given":"Dongdai","family":"Lin","sequence":"first","affiliation":[{"name":"State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China"},{"name":"School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China"}]}],"member":"286","published-online":{"date-parts":[[2019,11,15]]},"reference":[{"key":"2020050407474771400_ref1","first-page":"47","article-title":"Identity-based cryptosystems and signature schemes","volume-title":"Advances in Cryptology. Proc. CRYPTO\u201984, Santa Barbara, California, USA, August 19\u201322, 1984","author":"Shamir","year":"1984"},{"key":"2020050407474771400_ref2","first-page":"213","article-title":"Identity-based encryption from the weil pairing","volume-title":"Proc. CRYPTO 2001, Santa Barbara, California, USA, August 19\u201323, 2001","author":"Boneh","year":"2001"},{"key":"2020050407474771400_ref3","first-page":"62","article-title":"Random oracles are practical: a paradigm for designing efficient protocols","volume-title":"Proc. CCS\u201993, Fairfax, Virginia, USA, November 3\u20135, 1993","author":"Bellare","year":"1993"},{"key":"2020050407474771400_ref4","first-page":"223","article-title":"Efficient selective-id secure identity-based encryption without random oracles","volume-title":"Proc. EUROCRYPT 2004, Interlaken, Switzerland, May 2\u20136, 2004","author":"Boneh","year":"2004"},{"key":"2020050407474771400_ref5","first-page":"443","article-title":"Secure identity based encryption without random oracles","volume-title":"Proc. CRYPTO 2004, Santa Barbara, California, USA, August 15\u201319, 2004","author":"Boneh","year":"2004"},{"key":"2020050407474771400_ref6","first-page":"114","article-title":"Efficient identity-based encryption without random oracles","volume-title":"Proc. EUROCRYPT 2005, Aarhus, Denmark, May 22\u201326, 2005","author":"Waters","year":"2005"},{"key":"2020050407474771400_ref7","first-page":"445","article-title":"Practical identity-based encryption without random oracles","volume-title":"Proc. EUROCRYPT 2006, St. Petersburg, Russia, May 28\u2013June 1, 2006","author":"Gentry","year":"2006"},{"key":"2020050407474771400_ref8","first-page":"619","article-title":"Dual system encryption: realizing fully secure IBE and HIBE under simple assumptions","volume-title":"Proc. CRYPTO 2009, Santa Barbara, CA, USA, August 16\u201320, 2009","author":"Waters","year":"2009"},{"key":"2020050407474771400_ref9","first-page":"360","article-title":"An identity based encryption scheme based on quadratic residues","volume-title":"Proc. Cryptography and Coding, Cirencester, UK, December 17\u201319, 2001","author":"Cocks","year":"2001"},{"key":"2020050407474771400_ref10","first-page":"647","article-title":"Space-efficient identity based encryption without pairings","volume-title":"Proc. FOCS 2007","author":"Boneh","year":"2007"},{"key":"2020050407474771400_ref11","first-page":"553","article-title":"Efficient lattice (H) IBE in the standard model","volume-title":"Proc. EUROCRYPT 2010, Monaco\/French Riviera, May 30\u2013June 3, 2010","author":"Agrawal","year":"2010"},{"key":"2020050407474771400_ref12","first-page":"125","article-title":"Fully-secure lattice-based IBE as compact as PKE","volume":"2016","author":"Apon","year":"2016","journal-title":"IACR Cryptology ePrint Archive"},{"key":"2020050407474771400_ref13","first-page":"499","article-title":"Lattice mixing and vanishing trapdoors: a framework for fully secure short signatures and more","volume-title":"Proc. PKC 2010, Paris, France, May 26\u201328, 2010","author":"Boyen","year":"2010"},{"key":"2020050407474771400_ref14","first-page":"404","article-title":"Towards tightly secure lattice short signature and id-based encryption","volume-title":"Proc. ASIACRYPT 2016 Hanoi, Vietnam, December 4\u20138, 2016, Part II","author":"Boyen","year":"2016"},{"key":"2020050407474771400_ref15","doi-asserted-by":"crossref","first-page":"601","DOI":"10.1007\/s00145-011-9105-2","article-title":"Bonsai trees, or how to delegate a lattice basis","volume":"25","author":"Cash","year":"2012","journal-title":"J. Cryptology"},{"key":"2020050407474771400_ref16","first-page":"197","article-title":"Trapdoors for hard lattices and new cryptographic constructions","volume-title":"Proc. the 40th Annual ACM Symposium on Theory of Computing, Victoria, British Columbia, Canada, May 17\u201320, 2008","author":"Gentry","year":"2008"},{"key":"2020050407474771400_ref17","first-page":"161","article-title":"Asymptotically compact adaptively secure lattice ibes and verifiable random functions via generalized partitioning techniques","volume-title":"Proc. CRYPTO 2017, Santa Barbara, CA, USA, August 20\u201324, 2017, Part III","author":"Yamada","year":"2017"},{"key":"2020050407474771400_ref18","first-page":"303","article-title":"Programmable hash functions from lattices: short signatures and ibes with small key sizes","volume-title":"Proc. CRYPTO 2016, Santa Barbara, CA, USA, August 14\u201318, 2016, Part III","author":"Zhang","year":"2016"},{"key":"2020050407474771400_ref19","first-page":"537","article-title":"Identity-based encryption from the diffie-hellman assumption","volume-title":"Proc. CRYPTO 2017, Santa Barbara, CA, USA, August 20\u201324, 2017, Part I","author":"D\u00f6ttling","year":"2017"},{"key":"2020050407474771400_ref20","doi-asserted-by":"crossref","first-page":"284","DOI":"10.1016\/j.future.2019.02.051","article-title":"A secure iot cloud storage system with fine-grained access control and decryption key exposure resistance","volume":"97","author":"Xu","year":"2019","journal-title":"Future Generation Comp. Syst."},{"key":"2020050407474771400_ref21","doi-asserted-by":"crossref","first-page":"116","DOI":"10.1016\/j.ins.2018.11.031","article-title":"Revocable attribute-based encryption with decryption key exposure resistance and ciphertext delegation","volume":"479","author":"Xu","year":"2019","journal-title":"Inform. Sci."},{"key":"2020050407474771400_ref22","doi-asserted-by":"crossref","first-page":"2101","DOI":"10.1109\/TIFS.2018.2810065","article-title":"Secure fine-grained access control and data sharing for dynamic groups in the cloud","volume":"13","author":"Xu","year":"2018","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"2020050407474771400_ref23","first-page":"457","article-title":"Fuzzy identity-based encryption","volume-title":"Proc. EUROCRYPT 2005, Aarhus, Denmark, May 22\u201326, 2005","author":"Sahai","year":"2005"},{"key":"2020050407474771400_ref24","first-page":"41","article-title":"Revocation and tracing schemes for stateless receivers","volume-title":"Proc. CRYPTO 2001, Santa Barbara, California, USA, August 19\u201323, 2001","author":"Naor","year":"2001"},{"key":"2020050407474771400_ref25","first-page":"417","article-title":"Identity-based encryption with efficient revocation","volume-title":"Proc. CCS 2008, Alexandria, Virginia, USA, October 27\u201331, 2008","author":"Boldyreva","year":"2008"},{"key":"2020050407474771400_ref26","doi-asserted-by":"crossref","first-page":"288","DOI":"10.1504\/IJACT.2017.086229","article-title":"Cca-secure revocable identity-based encryption schemes with decryption key exposure resistance","volume":"3","author":"Ishida","year":"2017","journal-title":"IJACT"},{"key":"2020050407474771400_ref27","doi-asserted-by":"crossref","first-page":"39","DOI":"10.1007\/s10623-016-0287-3","article-title":"Efficient revocable identity-based encryption via subset difference methods","volume":"85","author":"Lee","year":"2017","journal-title":"Des. Codes Cryptogr."},{"key":"2020050407474771400_ref28","first-page":"1","article-title":"Adaptive-id secure revocable identity-based encryption","volume-title":"Proc. CT-RSA 2009, San Francisco, CA, USA, April 20\u201324, 2009","author":"Libert","year":"2009"},{"key":"2020050407474771400_ref29","first-page":"216","article-title":"Revocable identity-based encryption revisited: security model and construction","volume-title":"Proc. PKC 2013, Nara, Japan, February 26\u2013March 1, 2013","author":"Seo","year":"2013"},{"key":"2020050407474771400_ref30","first-page":"432","article-title":"New revocable IBE in prime-order groups: adaptively secure, decryption key exposure resistant, and with short public parameters","volume-title":"Proc. CT-RSA 2017, San Francisco, CA, USA, February 14\u201317, 2017","author":"Watanabe","year":"2017"},{"key":"2020050407474771400_ref31","doi-asserted-by":"crossref","first-page":"45","DOI":"10.1016\/j.tcs.2015.11.047","article-title":"Revocable hierarchical identity-based encryption via history-free approach","volume":"615","author":"Seo","year":"2016","journal-title":"Theor. Comput. Sci."},{"key":"2020050407474771400_ref32","doi-asserted-by":"crossref","first-page":"83","DOI":"10.1587\/transfun.E99.A.83","article-title":"Semi-generic transformation of revocable hierarchical identity-based encryption and its DBDH instantiation","volume":"99-A","author":"Emura","year":"2016","journal-title":"IEICE Trans."},{"key":"2020050407474771400_ref33","first-page":"749","article-title":"Revocable hierarchical identity-based encryption with adaptive security","volume":"2016","author":"Lee","year":"2016","journal-title":"IACR Cryptology ePrint Archive"},{"key":"2020050407474771400_ref34","doi-asserted-by":"crossref","first-page":"2407","DOI":"10.1007\/s10623-017-0453-2","article-title":"Revocable hierarchical identity-based encryption with shorter private keys and update keys","volume":"86","author":"Lee","year":"2018","journal-title":"Des. Codes Cryptogr."},{"key":"2020050407474771400_ref35","doi-asserted-by":"crossref","first-page":"3511","DOI":"10.1002\/sec.1274","article-title":"Efficient revocable identity-based encryption from multilinear maps","volume":"8","author":"Mao","year":"2015","journal-title":"Secur. Commun. Netw."},{"key":"2020050407474771400_ref36","article-title":"Revocable hierarchical identity-based encryption from multilinear maps","author":"Park","year":"2016"},{"key":"2020050407474771400_ref37","doi-asserted-by":"crossref","first-page":"1564","DOI":"10.1109\/TIFS.2015.2419180","article-title":"New constructions of revocable identity-based encryption from multilinear maps","volume":"10","author":"Park","year":"2015","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"2020050407474771400_ref38","first-page":"122","article-title":"Unbounded hierarchical identity-based encryption with efficient revocation","volume-title":"Proc. WISA 2015, Jeju Island, Korea, August 20\u201322, 2015, Revised Selected Papers","author":"Ryu","year":"2015"},{"key":"2020050407474771400_ref39","first-page":"441","article-title":"Lattice-based revocable (hierarchical) IBE with decryption key exposure resistance","volume-title":"PKC 2019, Beijing, China, April 14\u201317, 2019, Part II","author":"Katsumata","year":"2019"},{"key":"2020050407474771400_ref40","article-title":"A generic construction of revocable identity-based encryption","author":"Ma","year":"2019"},{"key":"2020050407474771400_ref41","first-page":"286","article-title":"Server-aided revocable identity-based encryption","volume-title":"ESORICS 2015, Vienna, Austria, September 21\u201325, 2015, Part I","author":"Qin","year":"2015"},{"key":"2020050407474771400_ref42","first-page":"107","article-title":"Server-aided revocable identity-based encryption from lattices","volume-title":"Proc. CANS 2016, Milan, Italy, November 14\u201316, 2016","author":"Nguyen","year":"2016"},{"key":"2020050407474771400_ref43","doi-asserted-by":"crossref","first-page":"2436","DOI":"10.1016\/j.ins.2011.01.022","article-title":"Key updating technique in identity-based encryption","volume":"181","author":"Liu","year":"2011","journal-title":"Inform. Sci."},{"key":"2020050407474771400_ref44","doi-asserted-by":"crossref","first-page":"1806","DOI":"10.1587\/transfun.E97.A.1806","article-title":"Revocable identity-based encryption with rejoin functionality","volume":"97-A","author":"Seo","year":"2014","journal-title":"IEICE Transactions"},{"key":"2020050407474771400_ref45","doi-asserted-by":"crossref","first-page":"1193","DOI":"10.1109\/TIFS.2014.2327758","article-title":"Revocable identity-based cryptosystem revisited: security models and constructions","volume":"9","author":"Seo","year":"2014","journal-title":"IEEE Trans. Inf. Forensics Secur."}],"container-title":["The Computer Journal"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/academic.oup.com\/comjnl\/article-pdf\/63\/4\/620\/33153468\/bxz114.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"syndication"},{"URL":"http:\/\/academic.oup.com\/comjnl\/article-pdf\/63\/4\/620\/33153468\/bxz114.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,5,4]],"date-time":"2020-05-04T11:48:59Z","timestamp":1588592939000},"score":1,"resource":{"primary":{"URL":"https:\/\/academic.oup.com\/comjnl\/article\/63\/4\/620\/5625927"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,11,15]]},"references-count":45,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2019,11,15]]},"published-print":{"date-parts":[[2020,4,17]]}},"URL":"https:\/\/doi.org\/10.1093\/comjnl\/bxz114","relation":{},"ISSN":["0010-4620","1460-2067"],"issn-type":[{"value":"0010-4620","type":"print"},{"value":"1460-2067","type":"electronic"}],"subject":[],"published-other":{"date-parts":[[2020,4]]},"published":{"date-parts":[[2019,11,15]]}}}