KDM and Selective Opening Secure IBE Based on the LWE Problem.

Based on the learning with errors (LWE) problem, we construct an identity-based encryption (IBE) scheme in the standard-model which is secure against the key dependent message (KDM) attacks and the selective opening (SO) attacks. KDM security, which requires that the scheme can still obtain secrecy even if the messages depend on the secret key, is necessary for IBE when updating the identity secret keys with the old ones. SO security, which requires that when the adversary corrupts some fraction of senders, the uncorrupted senders' messages still maintain privacy, is useful for IBE since that one user receives messages from many senders is a natural scenario. Although there is a KDM secure IBE scheme based on LWE constructed by Alperin-Sheriff and Peikert (PKC'12), and a SO secure IBE scheme based on LWE constructed by He et al. (IWSEC'15), those two schemes cannot achieve both of the security requirements at the same time. In this paper, first, we propose a new transformation which is a new variant of LWE assumption. Then, we prove that a dual-style public key encryption (PKE) scheme of the LWE based PKE of Gentry et al. (STOC'08) is KDM secure with the help of our transformation. At last, based on the PKE scheme, we construct an IBE scheme in the standard model that is both KDM and SO secure.