A ABE, See Attribute-Based Encryption (ABE) Additive Inverse Addition and Subtraction Property, 7, 8 Inverse Addition and Subtra

Index

A B ABE, see Attribute-based encryption (ABE) Baby-step giant-step algorithm, 30–31 Additive inverse Bilinear mapping, 20, 26–27, 34–35 addition and subtraction property, 7, 8 Blind signature schemes inverse Chaum’s RSA, 252–253 addition and subtraction property, 7, 8 Okomoto-Schnorr protocol, 254–255 modular arithmetic, 7 Schnorr protocol, 253–254 and multiplicative inverse, 2 BLS short signature/BLS signature scheme, notation, 158–161 260 Asymmetric encryption (ASE), 82 Boneh-Boyen IBE, 152–156 Asymmetric key cryptography, 37, 104, 113, algorithm 244 decryption, 155 Attribute-based encryption (ABE) encryption, 155 access policy, 230–231 extract, 154, 155 basic model basic scheme complexity assumptions, 230 additive notation, 158 categories decrypting, 160–161 CP-ABE, 235–237 encryption, 160 KP-ABE, 233–235 private key extraction, 60 comparisons, 239–240 security, 167–169 difference, 237 setup of parameters, 158–160 encryption, 226 classiﬁcation of IBE schemes, 156–157 IBE, 228 full scheme literature review, 238–239 decrypting, 167 PKI, 227, 228 encrypting, 166 public key encryption, 226–227 private key extraction, 166 security, 225, 240 setup of parameters, 165–166 working, 231–233 HIBE Attributes decryption, 199 Boneh-Franklin IBE, 138 encryption, 198 FIBE, 206 extraction of the private key, 198 public parameters, 162 setup, 197–198 See also Attribute-based encryption (ABE) limitation, 152

© Springer Nature Switzerland AG 2021 303 K. A. B. Ahmad et al. (eds.), Functional Encryption, EAI/Springer Innovations in Communication and Computing, https://doi.org/10.1007/978-3-030-60890-3 304 Index

Boneh-Boyen IBE (cont.) pairing-based (see Pairing-based multiplicative notation cryptography) decrypting, 164 public key, 188–189 encrypting, 163–164 XTR-DH protocol, 50–51 extraction of the private key, 162–163 XTR-DSA signature scheme, 52–53 setup of parameters, 162 XTR-ElGamal encryption scheme, 51 security, 167–169 XTR-Nyberg-Rueppel (NR) signature setup algorithm, 154 scheme, 52 Boneh-Franklin IBE, HIBE XTR version of DH problem and its Boneh-Boyen IBE, 197–199 variants, 49–50 decryption, 196–197 Cryptosystem encryption, 195–196 ElGamal, 247 extraction of the private key, 195 elliptic curve and bilinear mapping-based, lower level setup, 195 34–35 root setup, 194–195 log-based, 34 Boneh-Franklin scheme LUC, 104 bilinear Difﬁe-Hellman problem, 191 NTRU, 105–111 decryption, 141–143 physical faults, 97 elliptic curve, 156 pitfalls, 190 encryption, 141–143 proposed, 281 examples, 146–148 RSA-based, 34, 60 furtherworks on, 144–146 XTR, 38, 50, 53 HIBE, 194–199 CvA, see Chaum-Van Antwerper (CvA) IBE, 137–139 Cyclotomic polynomial, 40 private key extraction, 140–142 proof, 169 security, 144 D setup of parameters, 139–140, 142 Decryption, 110–111, 125–126, 141–143 algorithm, 155 encoded version, 11 C FE scheme, 2 Chaum-Van Antwerper (CvA), 256–258 HIBE, 196–197, 199 Ciphertext policy-ABE (CP-ABE), 233, hyperelliptic curve, 72–73 235–241 operation, 286–287 Cocks scheme private key, 104 correctness of cocks IBE, 130 public key cryptosystem, 104 decryption, 125–126 Sakai-Kasahara IBE, 177, 180 encryption, 123–125 table, 292, 294, 296 examples, 126–129 Difﬁe-Hellman key exchange, 35, 86–88, 280, features, 119 283, 289 IBE, 118 Digital signature algorithm (DSA), 24, 34, 49, mathematical concepts, 119–120 52–53, 283 parameters, 121–122 Digital signatures private key extraction, 122–123 algorithms, 244 security, 131–133 hash functions, 245 working, 118–119 hierarchical IBS, 264–267 Conjugate element, 39, 40 other schemes, 267 Convolutional multiplication, 106, 114 security CP-ABE, see Ciphertext policy-ABE models, 244–245 (CP-ABE) services, 243 Cryptography signcryption, 268–270 HECC (see Hyperelliptic curve Digital signature standard (DSS), 250–251, cryptography (HECC)) 260, 272 Index 305

Discrete logarithm (DL) problem, 30, 31, 34, F 38, 60, 83, 95, 138, 245 FE, see Functional encryption (FE) Divisors FIBE, see Fuzzy identity-based encryption explanation 1, 62 (FIBE) explanation 2, 63 Finite field, 24, 61–62, 85–86 explanation 3, 63 definitions and results, 39–40 explanation 4, 63 factoring polynomials, 33 explanation 5, 63 hyperelliptic curves, 68–73 semi-reduced and reduced divisors, 65–67 irreducible polynomials, 33 DL problem, see Discrete logarithm (DL) properties, 25–26 problem Functional encryption (FE) DSA, see Digital signature algorithm (DSA) applications, 6 DSS, see Digital signature standard (DSS) challenges, 5–6 cryptography impact, 98 data security, 1 encrypted version, 2 E fully homomorphic encryption, 4–5 ECC, see Elliptic curve cryptography (ECC) functionality, 3 EC discrete logarithm problem (ECDLP), 83, obfuscation, 4–5 94 scheme, 3–4 ECDLP, see EC discrete logarithm problem symmetric, 2 (ECDLP) Functional field sieve, 31 ECSTR, see Efficient and compact subgroup Functionalities test trace representation (ECSTR) equality test, 27–28 Efficient and compact subgroup trace inequality test, 28 representation (ECSTR), 38 inner product evaluation, 28 ElGamal scheme, 49, 51, 52, 54 Fuzzy IBE, 157 ElGamal signature method, 73–74 Fuzzy identity-based encryption (FIBE), 206, Elliptic curve cryptography (ECC) 222, 229, 230, 233 data files, 60 formal model, 210 MOV attack, 34 security properties, 210–211 Elliptic curve factorization, 31–32 Encryption flowchart, 298 G functional (see Functional encryption) Greatest common divisor (GCD), 14, 63, 66, hyperelliptic curve, 72 67 simulation, 289–298 Bezout’s algorithm, 15–16 Exponential Euclidean/ Euclid’s algorithm, 14–15 algorithms, 92 extended Euclid’s algorithm, 16–17 Cipher technique, 280 Groups (mathematical), 20 mathematical operations, 281 Group theory See also Quatro-inverse exponential cipher axiom, 21 technique (QUIET) bilinear mapping, 26–27 Extensions of IBE cryptography, 20 FIBE, 206, 209–211 cryptosystem, 33–35 IBCPRE, 220–221 finite field properties, 25–26 IBKA, 207–209 illustrations, 21–22 LEKS, 213–214 properties of group PEKS, 206, 214–216 Abelian group, 22–23 secret session key, 205 finite field, 24 TBEKS, 211–212 Lagrange’s theorem, 23 WIBE, 207, 216–217 Schnorr group, 23–24 WKD-IBE, 218–219 science and conceptual variable-based math, 19 306 Index

H Boneh-Boyen (see Boneh-Boyen IBE) HECC, see Hyperelliptic curve cryptography classification (HECC) “commutative blinding”, 157 HECC signature algorithm “exponent inversion”, 157 ElGamal signature method, 73–74 “full domain hash”, 156–157 security, 76 “quadratic residuosity”, 156 signature FIBE (see Fuzzy identity-based encryption generation, 74–75 (FIBE)) verification, 75–76 HIBE (see Hierarchical identity-based HIBE, see Hierarchical identity-based encryption (HIBE)) encryption (HIBE) Sakai-Kasahara (see Sakai-Kasahara IBE) HIBS schemes, 265, 266 See also Boneh-Franklin scheme Hierarchical identity-based encryption (HIBE), Identity-based encryption with wildcard key 192–194 derivation (WKD-IBE) Boneh-Franklin IBE, 194–197 formal model, 218–219 identity-based encryption, 190–192 security requirements, 219 master secret sharing, 199–201 Identity-based key agreement (IBKA), 206, pitfalls, PKC, 190 207 public key cryptography, 188–189 formal model, 208 security, 201–202 security requirements Hyperelliptic curve cryptography (HECC) Oracles, 209 computer algorithm-based systems, 60 divisors, 62–63 ECC, 60 J encryption and decryption, 72–73 Jacobian finite fields hyper ECs, 84 proof, 68–70 hyperelliptic curve Jacobian Hasse-Weil theory, 64 Hasse-Weil theory, 64 instruction, 64 instruction, 64 methodology, 65 methodology, 65 zeta function, 64–65 zeta function, 64–65 quotient group, 74 mathematical terminologies arithmetical closure, 61 cryptography of hyperelliptic curve, 61 finite field, 61–62 K interpretation, 62 Key policy-ABE (KP-ABE), 233–235, 237, Mumford arithmetic, 67–68 238, 241 pair generation, 70–72 Keyword search, 206 semi-reduced and reduced divisors, 65–67 IBCPRE, 220–221 signature algorithm, 73–76 LEKS, 213–214 PEKS, 206, 214–216 WIBE, 207, 216–217 I WKD-IBE, 218–219 IBCPRE, see Identity-based conditional proxy KP-ABE, see Key policy-ABE (KP-ABE) re-encryption (IBCPRE) IBE, see Identity-based encryption (IBE) IBKA, see Identity-based key agreement L (IBKA) Lagrange’s theorem, 23, 34 Identity-based conditional proxy re-encryption Lattice, 104, 112–114 (IBCPRE), 207, 222 LC, see Linear congruence (LC) formal model, 220–221 LEKS, see Linear encryption with keyword security requirements, 221 search (LEKS) Identity-based encryption (IBE), 118, 138–140 Linear congruence (LC), 11–12 Index 307

Linear encryption with keyword search encryption, 109 (LEKS), 206, 222 improvements, 113 formal model, 213 key generation, 107–109 security requirements, 213–214 optimization, 111–112 Low-Hamming-weight product, 112 parameters, 107 public key cryptosystem, 104 security, 112 M symbols and notations, 105–107 Master secret working method, 111 basic scheme—additive notation, 159 PKG, 121 public parameters, 154 O sharing, 199–201 Obfuscation, 2, 4–6 user’s identity, 190 Mathematical tools elliptic curve factorization, 31–32 P factoring polynomials, 33 Pair generation functional field sieve, 31 divisor order, 70–71 functionalities, 27–28 hyperelliptic curve cryptographic irreducible polynomials, 33 arrangement, 71–72 Paley–Wiener hypothesis, 28 Pairing-based cryptography primality test |set 1 Ate, 94 Fermat’s little theorem, 29 drawbacks/vulnerabilities, 94–95 Fermat’s strategy, 29 Eta, 93 Miller-Rabin method, 29 mathematical terms and concepts school method, 29 ASE, 82 Solovay–Strassen primality test, 29–30 Diffie–Hellman algorithm, 86–88 random square factoring, 32 ECC, 89–90 Matrices, 2, 9–11, 113 ECDLP, 83 Multiplicative elliptic curves, 83–84 Boneh-Boyen scheme, 156 field, 85 decrypting, 164 finite field, 85–86 encrypting, 163–164 groups, 85 extraction of the private key, 162–163 Jacobian of hyper ECs, 84 finite field, 25, 52 key escrow, 83 inverse, 2, 16, 17, 287 Miller’s algorithm, 88–89 modular arithmetic, 8–9 public key encryption, 82 multiplication property of modular RO, 81 arithmetic, 8, 9 SE, 82 polynomial expressions, 16 subexponential algorithm, 82 S-K IBE, 177–180 turing machine, 83 setup of parameters, 162 public key, 81 subgroup, 38 secret key mechanism, 80 Mumford representation, 67–68 security, 95–97 Tate-Lichtenbaum, 91–92 Weil pairing, 91 N PEKS, see Public key encryption with keyword NR scheme, 52 search (PEKS) NTRU cryptosystem PKC, see Public key cryptography (PKC) algorithm, 107 PKG, see Private key generator (PKG) asymmetric key cryptosystem, 104 PKI, see Public key infrastructure (PKI) complexity, 105 Polynomial cryptography, 103 capacity, 31 decryption, 110–111 coefficient, 201 308 Index

Polynomial (cont.) QUIET, see Quatro-inverse exponential cipher deterministic, 252 technique (QUIET) Euclidean method, 66 expressions, 16 factoring, 33 R irreducible, 33 Random Oracle (RO), 81, 133, 144, 155–157, See also NTRU cryptosystem 201, 251, 252, 260, 265 Prime Rivest, Shamir, Adleman (RSA) numbers, 12–13, 25, 28–30, 34, 40, 61, 85, blind signature scheme, 252–253 87, 91, 119–121, 126, 134, 146, 190, cryptosystem, 23 261 encryption, 16 and relative prime numbers, 12–13 group theory, 34 Private key extraction, 134, 140–142, 176, 179, signature scheme, 246–247 181, 208 undeniable signature schemes, 258–260 Private key generator (PKG), 118, 121, 138, RO, see Random Oracle (RO) 145, 173, 190–195, 198–201, 266 Public key encryption, 82, 226–227 S PEKS, 214–216 Sakai-Kasahara IBE (S-K IBE) PKC (see Public key cryptography (PKC)) additive notation PKI (see Public key infrastructure (PKI)) decryption, 177 RSA, 60 encryption, 176–177 XTR, 50 extraction of the private key, 176 Public key cryptography (PKC), 60, 81, 138, setup of parameters, 174–175 188–189 Cocks IBE scheme, 172 Public key encryption with keyword search encrypted message, 173 (PEKS), 206, 207, 222 full scheme formal model, 215 decryption, 183 security requirements, 215–216 encryption, 182 Public key infrastructure (PKI), 151, 152, 227, extraction of the private key, 181–182 228 security, 183–184 setup of parameters, 181 motivation, 172 Q multiplicative notation Quadratic residuosity problem, 118, 131–133, decryption, 179–180 172, 191 encryption, 179–180 Quadratic sieve algorithm (QS), 32 extraction of the private key, 179 Quatro-inverse exponential cipher technique setup of parameters, 178 (QUIET) operations, 173–174 algorithm formulated Schnorr group, 20, 23–24, 34, 35 encryption algorithm, 289 Security key generation algorithm, 287–289 Boneh-Boyen IBE, 167–169 digital era, 280 chosen ciphertext security, 133 encoding and decoding operation fault attacks cipher text decoding, 286–287 Duursma–Lee, 96 encryption, 284–286 Miller’s algorithm, 97 key fuzzy model for ABE, 240 selection, 281–283 HIBE, 201–202 sharing, 283 NTRU cryptosystem, 112 methodology adopted, 281 proof, 133 problem statement, 280 quadratic residuosity problem, 131–133 proposed cryptosystem, 281 Sakai-Kasahara IBE, 183–184 result, 299–300 side channel analysis, 97 Index 309

Semi-reduced and reduced divisors Symmetric encryption (SE), 2, 51, 52, 82, 206, accession, 66 226 Euclidean polynomial methods, 66 methodology for accession, 66–67 SE, see Symmetric encryption (SE) T Short signature scheme Tate-Lichtenbaum pairing, 91–92 Boneh-Boyen, 263–264 hyperelliptic, 92 computational assumption, 263 Threshold broadcast encryption with keyword Boneh-Lynn-Shacham, 262 search (TBEKS) bilinear pairing, 261 formal model, 211–212 computation assumptions, 261 security requirements, 212 Side channel analysis Trace power analysis, 97 ECSTR, 38 timing attacks, 97 electromagnetic waves, 97 Sieve method, 32 Triplicative, 299, 300 Signature algorithm ElGamal signature method, 73–74 generation, 74–75 U security, 76 Undeniable signature schemes verification, 75–76 CvA, 256–258 Signature schemes RSA-based, 258–260 algorithms, 244 blind, 251–255 W DSS, 250–251 Weil pairing, 91 ElGamal, 247–248 Wildcard identity-based encryption (WIBE) encryption schemes, 49 formal model, 216–217 forgery/tampering, 243 security requirements, 217 hash functions, 245 Wildcards key derivation (WKD), 207, hierarchical IBS, 264–267 218–219, 222 IFP and DLP, 246–251 WKD, see Wildcards key derivation (WKD) N-R, 249–250 other schemes, 267 public key, 145 X RSA, 246–247 XTR algorithm Schnorr algorithm, 248–249 arithmetic operation in GF(p2), 41–42 security cryptographic applications, 49–53 models, 244–245 definitions and results, finite field, 39–40 services, 243 development, 53–54 short scheme, 260–264 DH key exchange protocol, 37 shortest possible signature, 260–264 ECSTR, 38 signcryption, 268–270 group, 40–41 undeniable, 255–260 parameter selection, 47–48 XTR-DSA, 52–53 subgroup selection, 48–49 Signcryption, 245, 268–270, 272 translation of arithmetic operation of G to S-K IBE, see Sakai-Kasahara IBE (S-K IBE) GF(p2), 42–47