FORWARD -SECURE IDENTITY -BASED ENCRYPTION WITH DIRECT CHOSEN-CIPHERTEXT SECURITY IN THE STANDARD MODEL

The paradigm of forward security provides a promising approach to deal with the key exposure problem as it can effectively minimize the damage caused by the key exposure. In this paper, we develop a new forward -secure identity -based encryption scheme without random oracles. We formally prove that the proposed scheme is secure against adaptive chosen-ciphertext attacks in the standard model. In the proposed scheme, the running time of the private key extraction and decryption algorithms and the sizes of the user's initial private key and the ciphertext are independent on the total number of time periods, and any other performance parameter has at most log -squared complexity in terms of the total number of time periods. Compared with the previous forward -secure identity -based encryption schemes, the proposed scheme enjoys obvious advantage in the overall performance. To the best of our knowledge, it is the first forward -secure identity -based encryption scheme that achieves direct chosen-ciphertext security in the standard model.