Hierarchical Identity Based Encryption with Constant Size Ciphertext

By Dan Boneh, Xavier Boyen, and Eu-Jin Goh.

In Advances in Cryptology (EUROCRYPT 2005), volume 3494 of Lecture Notes in Computer Science, pages 440-456. Springer, 2005.


We present a Hierarchical Identity Based Encryption (HIBE) system where the ciphertext consists of just three group elements and decryption requires only two bilinear map computations, regardless of the hierarchy depth. Encryption is as efficient as in other HIBE systems. We prove that the scheme is selective-ID secure in the standard model and fully secure in the random oracle model. Our system has a number of applications: it gives very efficient forward secure public key and identity based cryptosystems (with short ciphertexts), it converts the NNL broadcast encryption system into an efficient public key broadcast system, and it provides an efficient mechanism for encrypting to the future. The system also supports limited delegation where users can be given restricted private keys that only allow delegation to bounded depth. The HIBE system can be modified to support sublinear size private keys at the cost of some ciphertext expansion.


- published paper (PS) (PDF) (also accessible from the publisher) © IACR
- full version (PS) (PDF)
- presentation slides (HTML)


  author = {Dan Boneh and Xavier Boyen and Eu-Jin Goh},
  title = {Hierarchical Identity Based Encryption with Constant Size Ciphertext},
  booktitle = {Advances in Cryptology---EUROCRYPT 2005},
  series = {Lecture Notes in Computer Science},
  volume = {3494},
  pages = {440--456},
  publisher = {Berlin: Springer-Verlag},
  year = {2005},
  note = {Available at \url{http://www.cs.stanford.edu/~xb/eurocrypt05a/}}

Unless indicated otherwise, these documents are Copyright © Xavier Boyen; all rights reserved in all countries.
Back to Xavier's homepage