International Association
for Cryptologic Research

We introduce the notion of *dual system groups*.

- We show how to derive compact HIBE by instantiating the dual system framework in Waters (Crypto \'09) and Lewko and Waters (TCC \'10) with dual system groups. Our construction provides a unified treatment of the prior compact HIBE schemes from static assumptions.

- We show how to instantiate dual system groups under the decisional subgroup assumption in composite-order groups and the decisional linear assumption ($d$-LIN) in prime-order groups. Along the way, we provide new tools for simulating properties of composite-order bilinear groups in prime-order groups. In particular, we present new randomization and parameter-hiding techniques in prime-order groups.

Combining the two, we obtain a number of new encryption schemes, notably

- a new construction of IBE in prime-order groups with shorter parameters;

- a new construction of compact HIBE in prime-order

groups whose structure closely mirrors the selectively secure HIBE

scheme of Boneh, Boyen and Goh (Eurocrypt \'05);

- a new construction of compact spatial encryption in prime-order groups.