Towards Forward Security Properties for PEKS and IBE

In cryptography, forward secrecy is a well-known property
for key agreement protocols. It ensures that a session key will remain
private even if one of the long-term secret keys is compromised in the
future. In this paper, we investigate some forward security properties
for Public-key Encryption with Keyword Search (PEKS) schemes, which
allow a client to store encrypted data and delegate search operations to
a server. The proposed properties guarantee that the client’s privacy is
protected to the maximum extent even if his private key is compromised
in the future. Motivated by the generic transformation from anonymous
Identity-Based Encryption (IBE) to PEKS, we correspondingly propose
some forward security properties for IBE, in which case we assume the
attacker learns the master secret key. We then study several existing
PEKS and IBE schemes, including a PEKS scheme by Nishioka, an
IBE scheme by Boneh, Raghunathan and Segev, and an IBE scheme
by Arriaga, Tang and Ryan. Our analysis indicates that the proposed
forward security properties can be achieved by some of these schemes if
the attacker is RO-non-adaptive (the attacker does not define its distributions
based on the random oracle). Finally, we propose the concept
of correlated-input indistinguishable hash function and show how to extend
the Boyen-Waters anonymous IBE scheme to achieve the forward
security properties against adaptive attackers.