关键词: 身份基加密, 完全子树方法, 成员撤销, 在线/离线加密, 轻量级设备

Abstract:

Identity Based Encryption（IBE） must provide an effective member revocation mechanism. However, the existing revocable member IBE scheme has the excessive computation problems of key update and encryption, which may make the devices performing the operations become the bottleneck of the system. This paper combines the complete subtree method and the online/offline technology, modifies the key generation and encryption algorithm of exponential inverse type IBE, and proposes an efficiently revocable identity-based online/offline encryption scheme. In this scheme, the complete subtree method is used to generate the update key, which makes the revoked user unable to obtain the update key and lose the decryption ability. The majority of the encryption operations are preprocessed in the off-line phase by using the online /offline technique, so that only a few simple calculations can be performed in the online phase to generate ciphertext. Compared with other well-known schemes, this scheme not only improves the efficiency of key update for key generation center, but also greatly reduces the online encryption workload of restricted devices. It is suitable for lightweight devices to protect users' privacy information.

Key words: identity-based encryption, complete subtree method, member revocation, online/offline encryption, lightweight device