Forward-Secure Revocable Identity-Based Encryption

For identity-based encryption (IBE), if a user's private key is compromised, the security of his/her ciphertexts will fail completely. Revocation capability provides an effective way to mitigate above harm, so that the adversary cannot access to future ciphertexts anymore. However, current revocable IBE schemes do not provide any means to guarantee the security of the user's previous ciphertexts. In this paper, we propose a new cryptographic primitive, namely forward-secure revocable identity-based encryption (FS-RIBE), to address this issue. In FS-RIBE, when the event of full exposure of the user's current private key occurs, the forward security can guarantee that the user's private keys prior to this remain secure, while the revocation capability further guarantees that the adversary cannot obtain any valid decryption keys for future times. We provide formal definition and security model for FS-RIBE, and give a generic construction that is secure under the security model from (Hierarchical) IBE. Finally, we show some results of instantiations from various IBE and Hierarchical IBE schemes.