Leakage-Resilient Revocable Identity-Based Signature with Cloud Revocation Authority

Very recently, side-channel attacks have threatened all traditional cryptographic schemes. Typically, in traditional cryptography, private/secret keys are assumed to be completely hidden to adversaries. However, by side-channel attacks, an adversary may extract fractional content of these private/secret keys. To resist side-channel attacks, leakage-resilient cryptography is a countermeasure. Identity-based public-key system (ID-PKS) is an attractive public-key setting. ID-PKS settings not only discard the certificate requirement, but also remove the construction of the public-key infrastructure. For solving the user revocation problem in ID-PKS settings, revocable ID-PKS (RIDPKS) setting has attracted significant attention. Numerous cryptographic schemes based on RIDPKS settings have been proposed. However, under RID-PKS settings, no leakage-resilient signature or encryption scheme is proposed. In this article, we present the first leakage-resilient revocable ID-based signature (LR-RIBS) scheme with cloud revocation authority (CRA) under the continual leakage model. Also, a new adversary model of LR-RIBS schemes with CRA is defined. Under this new adversary model, security analysis is made to demonstrate that our LR-RIBS scheme with CRA is provably secure in the generic bilinear group (GBG) model. Finally, performance analysis is made to demonstrate that our scheme is suitable for mobile devices.


Introduction
Identity-based public-key system (ID-PKS) (Shamir, 1984;Boneh and Franklin, 2001) not only discards the certificate requirement, but also removes the construction of the public-key infrastructure. In an ID-PKS setting, there are two roles, namely, users and a private key generator (PKG). A user's identity information is regarded as the user's public key. The PKG employs the user's identity information to generate the user's associated private key. For public-key settings, user revocation mechanisms are required to revoke the misbehaving or compromised users before the intended expiration date of their public keys. Typically, a conventional public-key setting adopts the certificate revocation list (CRL) (Housley et al., 2002) to manage the revoked users. In such a setting, each user has a public key and the associated certificate. Before employing a user's public key, one must validate its associated certificate while looking up the CRL to ensure that the user's certificate was not revoked. However, ID-PKS settings do not require the usage of certificates so that the CRL mechanism cannot be employed to the ID-PKS settings.
Recently, Tseng and Tsai (2012) proposed a revocable ID-PKS (RID-PKS) setting with a public channel. In the RID-PKS setting, a user's private key includes two parts, namely, a secret key and a time update key. Initially, the PKG employs a user's identity information to generate and send the associated secret key to the user using a secure channel. Also, the PKG generates the time update key by time period and the user's identity information. Namely, for all non-revoked users, the PKG periodically generates and sends the associated time update keys to these users using a public channel. Subsequently, numerous cryptographic primitives based on RID-PKS settings were presented, such as revocable ID-based encryption (RIBE) (Tsai et al., , 2013a and revocable ID-based signature (RIBS) schemes (Tsai et al., 2013b;Hung et al., 2017). Furthermore, several RIBE and RIBS schemes (Li et al., 2015;Tseng et al., 2018;Jia et al., 2017) have been proposed to outsource the periodical generations of time update keys to a cloud revocation authority (CRA).
Quite recently, side-channel attacks have threatened all traditional cryptographic schemes because private/secret keys are assumed to be completely hidden to adversaries in traditional cryptography. By various kinds of side-channel attacks (Boneh et al., 1997;Kocher et al., 1999;Brumley and Boneh, 2005;Biham et al., 2008), an adversary can extract fractional content of private/secret keys participated in computation rounds. To resist side-channel attacks, leakage-resilient cryptography is a countermeasure while the design of leakage-resilient cryptographic schemes has attracted significant attention from researchers. For leakage-resilient cryptographic schemes, adversaries are allowed to extract fractional content of private/secret keys while these schemes still retain secure. However, no leakage-resilient RIBS scheme based on RID-PKS settings is proposed. In the article, our goal is to propose the first leakage-resilient RIBS (LR-RIBS) scheme.

Related Work
Here, let us briefly review some leakage-resilient encryption and signature schemes based on conventional and ID-PKS settings.
According to the amount of leaked content of private/secret keys during the life time, the leakage model has two kinds, namely, bounded leakage model (Alwen et al., 2009) and continual leakage model (Brakerski et al., 2010). In a leakage-resilient cryptographic scheme under the bounded leakage model, the overall amount of leaked content has to be limited to a ratio or a fixed bit-length of private/secret keys. On the contrary, a leakageresilient cryptographic scheme under the continual leakage model allows adversaries to continuously extract fractional content of private/secret keys so that its overall amount of leaked content is unlimited. For security robustness, a cryptographic scheme under the continual leakage model is stronger than that under the bounded leakage model. The properties of continual leakage model have four properties as below: -Bounded leakage of single observation: A cryptographic scheme typically includes several computation rounds (i.e. observations). In each computation round, an adversary can extract fractional content of private/secret keys. Namely, adversaries can select a leakage function f for each computation round and then obtain the leakage information f (SK), where SK denotes the involved private/secret keys and the output information of f (SK) is bounded to λ bits. -Only computation leakage: Adversaries are only allowed to extract fractional content of private/secret keys involved in the current computation round. -Independent leakage: Any two leaked fractional contents of private/secret keys in various computation rounds are mutually independent. For achieving this property, a private/secret key must be updated before (or after) running each computation round. -Overall unbounded leakage: The total amount of leakage information is overall unbounded. Indeed, by the independent leakage property, the total leakage amount of private/secret keys is not strict.
Under the continual leakage model, there are several leakage-resilient encryption and signature schemes based on the conventional public-key settings. In the generic bilinear group (GBG) model , Kiltz and Pietrzak (2010) presented a leakageresilient encryption scheme that allows adversaries to continually extract fractional content of secret/private keys. In Kiltz and Pietrzak's scheme, each user's secret key is divided into two components. After/before performing the decryption procedure, a receiver (user) must refresh two components of her/his secret key. The key idea of refreshing employs the multiplicative blinding technique which appeared in Kiltz and Pietrzak (2010). Based on this key idea, Galindo et al. (2016) presented an efficient leakage-resilient ElGamal public-key encryption scheme. Also, Galindo and Virek (2013) proposed the first leakageresilient signature scheme under the continual leakage model. To improve the performance of their scheme, Tang et al. (2014) presented a modified leakage-resilient signature scheme by employing Boneh et al.'s short signature .
Based on an ID-PKS setting, Brakerski et al. (2010) presented the first leakage-resilient ID-based encryption (LR-IBE) scheme under the continual leakage model. Subsequently, Yuen et al. (2012) presented an improvement on Brakerski et al.'s scheme in terms of computational costs. under the continual leakage model, Wu et al. (2016) proposed the first leakage-resilient ID-based signature (LR-IBS) scheme.

Contribution and Organization
Up to date, no work has been published on leakage-resilient revocable ID-based signature (LR-RIBS) scheme. In the article, we present a new adversary model of LR-RIBS schemes with a cloud revocation authority (CRA) under the continual leakage model. In the adversary model, there are two types of adversaries, namely, Type I adversary (a curious CRA or an outsider) and Type II adversary (a revoked user). As compared with the adversary models of RIBS schemes presented in Tsai et al. (2013b), Hung et al. (2017), Jia et al. (2017), three new key leakage queries, namely, the key extract leak query, time key update leak query and signing leak query are added to our new adversary model. These added leak queries allow an adversary to continuously extract fractional content of private/secret keys participated in the computation rounds.
The first LR-RIBS scheme with CRA is proposed while the revocation functionality is outsourced to the CRA. By employing Kiltz and Pietrzak's key refreshing idea (Kiltz and Pietrzak, 2010), the proposed LR-RIBS scheme with CRA allows adversaries to continuously gain fractional content of private/secret keys so that its overall amount of leaked content is unbounded and it possesses overall unbounded leakage property. Under the new adversary model and generic bilinear group (GBG) model , security analysis is given to show that our LR-RIBS scheme is existential unforgeability against adaptive chosen-message (UF-LR-RIBS-ACMA) attacks of both Types I and II adversaries. Finally, performance analysis and comparisons are made to demonstrate that the proposed LR-RIBS scheme requires some additional computation costs than the previously proposed RIBS schemes. The point is that the proposed LR-RIBS scheme with CRA can resist side-channel attacks. By the simulation experiences (Lynn, 2015) on a smartphone, the proposed LR-RIBS scheme with CRA is still suitable for mobile devices.
The rest of the paper is organized as follows. In Section 2, preliminaries are given. In Section 3, we define the framework and adversary model of LR-RIBS schemes with CRA. In Section 4, we propose a secure LR-RIBS scheme with CRA under the continual leakage model. Section 5 demonstrates the security analysis of the proposed LR-RIBS scheme. In Section 6, we present the performance analysis and comparisons with the previously proposed RIBS schemes. Finally, conclusions are given in Section 7.

Preliminaries
Several preliminaries are introduced in this section.

Bilinear groups
Let G and G T be two multiplicative cyclic groups with (large) prime order p. Let g be a generator of G. An admissible bilinear mapê : G × G → G T possesses the following three properties: 1. Non-degeneracy:ê(g, g) =1.

Generic Bilinear Group Model
By extending the generic group model presented by Shoup (1997), Boneh et al. (2005) introduced the generic bilinear group (GBG) model. Their GBG model is an adversary model played by adversaries and a challenger. In the GBG model, to perform various kinds of group operations, adversaries have to request the associated group oracles/queries to the challenger. Also, the challenger uses bit strings to denote group elements of G and G T .
More precisely, the challenger employs two random injective functions ε : Z p → ξ and ε T : Z p → ξ T , respectively, to transform the elements of G and G T into bit strings in ξ and ξ T . In addition, both ξ and ξ T have p elements and are disjoint, namely |ξ | = |ξ T | = p and ξ ∩ ξ T = φ. The discrete logarithm problem on G or G T will be solved if the adversary discovers a collision encoding element of G or G T .
-Discrete logarithm problem: Let G and G T be two multiplicative cyclic groups of a large prime order p. Let g andê(g, g) denote the generators of G and G T , respectively. Given a group element g z ∈ G orê(g, g) ∈ G T with unknown z ∈ Z * p , the discrete logarithm problem in G and G T is that no probabilistic polynomial time (PPT) algorithm A may obtain z with a non-negligible probability .
In the GBG model, there are three group operations, namely, the multiplication Q G on G, the multiplication Q T on G T , and the bilinear map Q p : G × G → G T , which is denoted byê above. For any r, s ∈ Z * p , we have the following properties:

Entropy of Leakage Content
In information theory, entropy is usually employed to measure the uncertainty of unknown private/secret values. Assume that W is a discrete random variable (i.e. secret value) and Pr[W = w] denotes the probability of W = w. The min-entropy of W is the estimation of W = w with the largest probability, namely, the worst-case predictability of W . Two types of min-entropies are defined as below: • Min-entropy of W : • Average conditional min-entropy of W under the condition Z = z: To measure the entropy of a finite discrete random variable (secret value) with fractional leakage content, Dodis et al. (2008) derived the following consequence.
Lemma 1 (See Dodis et al., 2008). Assume that a leakage function f : W → {0, 1} λ takes as input a discrete random variable W and the maximal output bit-length is λ. Under the event f (W ), the average conditional min-entropy of W is H ∞ (W |f (W )) H ∞ (W ) − λ.
By Lemma 1, Galindo and Virek (2013) derived the following consequence to measure the probability distribution of a polynomial with multiple random variables and leakage content. Galindo and Virek, 2013). Let F ∈ Z p [W 1 , W 2 , . . . , W n ] be a non-zero polynomial. Its maximal output bit-length of fraction leakage content and degree are λ (0 λ log p). and at most d, respectively. Let P i be the associated probability distributions of W i = w i , for i = 1, 2, . . . , n, that satisfy H ∞ (P i ) log p − λ. Thus, we have

System Architecture, Framework and Adversary Model
Here, let us present the system architecture, framework and adversary model of LR-RIBS schemes with CRA. In an LR-RIBS scheme with CRA, there are three roles, namely, PKG, CRA and users. Several notations are defined as below: • SPK: the PKG's system public key.
• SSK: the PKG's system secret key.
• TPK: the CRA's time public key.
• TSK: the CRA's time secret key.
• UTK ID,t : the time update key of the user with identity ID at period T t .
• USK ID : the secret key of the user with identity ID.

System Architecture
The system architecture of LR-RIBS schemes with CRA is depicted in Fig. 1. Firstly, the PKG sets the system secret key SSK, the time secret key TSK and a total number z of periods T 0 , T 1 , . . . , T z while computing public parameters PP and sending TSK to the CRA. The PKG employs SSK to generate the secret key USK ID of the user with identity ID. By a secure channel, the PKG sends USK ID to the user. For non-revoked user ID at time period T t , the CRA employs TSK to generate the time update key UTK ID,t . By a public channel (e.g. e-mail), the CRA sends UTK ID,t to the user. Hence, a user's private key consists of two parts, namely, USK ID and UTK ID,t . Suppose that the user (signer) with identity ID at period T t would like to sign a message msg, the signer employs USK ID and UTK ID,t to generate a signature value σ and sends it to a verifier.

Framework
To achieve overall unbounded leakage property (Galindo and Virek, 2013;Wu et al., 2016Wu et al., , 2018Wu et al., , 2019, a private/secret key must be split into two components. Additionally, each private/secret key participated in the associated algorithm is also refreshed before/after each algorithm invocation. In such a case, the PKG's system secret key SSK, the CRA's time secret key TSK and a user's secret key USK ID must, respectively, be split into two components. In the meantime, the PKG's SSK must be refreshed before/after performing the key extract algorithm. Also, the CRA's TSK and a user's secret key USK ID must be refreshed before/after performing the time key update and signing algorithms, respectively. In the following, we define the framework (syntax) of LR-RIBS schemes with CRA. Definition 1. An LR-RIBS scheme with CRA includes five algorithms as follows: • System setup: The PKG first sets the system secret key SSK = (SSK 0,1 , SSK 0,2 ), a time secret key TSK = (TSK 0,1 , TSK 0,2 ) and z periods T 0 , T 1 , . . . , T z while generating public parameters PP and sending TSK to the CRA using a secure channel. The PKG holds SSK = (SSK 0,1 , SSK 0,2 ) and publishes PP. • Key extract: In the i-th invocation of the Key extract algorithm, the PKG refreshes (SSK i−1,1 , SSK i−1,2 ) to set the current system secret key (SSK i,1 , SSK i,2 ). The PKG takes as input a user's identity ID and generates the user's associated secret key USK ID . The PKG returns USK ID to the user via a secure channel. Afterwards, the user sets her/his initial secret key USK ID = (USK ID,0,1 , USK ID,0,2 ). • Time key update: In the j -th invocation of the Time key update algorithm, the CRA refreshes (TSK j −1,1 , TSK j −1,2 ) to set the current time secret key (TSK j,1 , TSK j,2 ). The CRA takes as input a user's identity ID and a period T t , and generates the user's time update key UTK ID,t . The CRA sends UTK ID,t to the user via a public channel.
• Signing: In the k-th invocation of the Signing algorithm, the user ID refreshes (USK ID,k−1,1 , USK ID,k−1,2 ) to set her/his current secret key (USK ID,k,1 , USK ID,k,2 ). At period T t , the user ID employs her/his current secret key (USK ID,k,1 , USK ID,k,2 ) and time update key UTK ID,t to generate a signature value σ on a message msg. The user outputs a signature tuple (ID, T t , msg, σ ). • Verifying: Upon receiving (ID, T t , msg, σ ), the verifier returns either "accept" or "reject".

Adversary Model (Security Notions)
By extending the adversary model (security notions) presented in the RIBS schemes (Tsai et al., 2013b;Hung et al., 2017;Jia et al., 2017), we present an adversary model of LR-RIBS schemes with CRA, which allows an adversary to extract fractional content of the private/secret keys. According to our framework, an adversary can extract fractional content of the PKG's system secret key (SSK i,1 , SSK i,2 ) in the i-th invocation of the Key extract algorithm. Also, an adversary can extract fractional content of the CRA's time secret key (TSK j,1 , TSK j,2 ) in the j -th invocation of the Time key update algorithm. In the k-th invocation of the Signing algorithm by the user ID at period T t , an adversary can extract fractional content of the user's secret key ) to indicate, respectively, the fractional content of (SSK i,1 , SSK i,2 ), (TSK j,1 , TSK j,2 ) and (USK ID,k,1 , USK ID,k,2 ). Also, we require that the output bit-string lengths of the six leakage functions are at most λ. For brevity, we introduce the following notation which will be used in the sequel: In the adversary model of LR-RIBS schemes with CRA, there are two types of adversaries: • Type I adversary A I (a curious CRA or an outsider): A I denotes a curious CRA or an outsider. A I is allowed to acquire the time update key UTK ID,t for any user ID and period T t . Meanwhile, A I can acquire the secret key USK ID for any ID, except for the target identity ID * . In addition, A I can extract fractional content of the target user's secret key USK ID * in the Signing algorithm and the PKG's system secret key SSK in the Key extract algorithm. • Type II adversary A II (a revoked user): A II denotes the adversary who was a legal user with identity ID * and has been revoked at period T * t . In such a case, A II is allowed to acquire the secret key USK ID and time update key UTK ID,t for any ID and T t . But, A II is disallowed to acquire the time update key UTK ID,t * for the target identity ID * at period T * t . In addition, A II can extract fractional content of the CRA's time secret key TSK in the Time key update algorithm.
The following security game G LR-RIBS is used to model the adversary model (security notions) of LR-RIBS schemes with CRA.
Definition 2 (G LR-RIBS ). For the LR-RIBS scheme with CRA, the game G LR-RIBS is used to model the interactions between an adversary A (A I or A II ) and a challenger C. It is said that the LR-RIBS scheme with CRA is existential unforgeability against adaptive chosen-message attacks (UF-LR-RIBS-ACMA) if no probabilistic polynomial-time (PPT) adversary may win G LR-RIBS with a non-negligible probability. Three phases of G LR-RIBS are presented as below: -Setup phase. The challenger C performs the System setup algorithm in Definition 1 to set a system secret key SSK = (SSK 0,1 , SSK 0,2 ), a time secret key TSK = (TSK 0,1 , TSK 0,2 ) and a total number z of periods T 0 , T 1 , . . . , T z . Meanwhile, C sets and publishes public parameters PP. In addition, by a secure channel, C sends the time secret key TSK to the CRA. Also, if A is a Type I adversary, the time secret key TSK is sent to A. -Query phase. The adversary A can request the following queries to C adaptively.
• Key extract query (ID): Upon receiving a user's ID, C generates and sends the user's corresponding secret key to A. and h S,k , C computes the fraction leakage content Λf S,k and Λh S,k of the signer's secret key (USK ID,k,1 , USK ID,k,2 ), and returns Λf S,k and Λh S,k to A. In the k-th Signing query requested by the user ID, A is allowed to issue the Signing leak query only once. -Forgery phase. The adversary A outputs a signature tuple (ID * , T * t , msg * , σ * ) and A wins G LR-RIBS if the following conditions hold.
(1) If A is a Type I adversary (a curious CRA or an outsider), the Key extract query on ID * cannot be requested.
(2) If A is a Type II adversary (a revoked user), the Time key update query on (ID * , T * t ) cannot be requested. (3) The Signing query on (ID * , T * t , msg * ) cannot be requested. (4) The output of the Verifying algorithm on (ID * , T * t , msg * , σ * ) is "accept".

The Proposed LR-RIBS Scheme with CRA
Here, let us present the first LR-RIBS scheme with CRA that consists of five algorithms as below: -System setup: The PKG runs the System setup algorithm to choose two groups G = g and G T = ê(g, g) of a large prime order p. The algorithm sets a total number z of periods T 0 , T 1 , . . . , T z . Moreover, the algorithm performs the following steps to compute the system secret key SSK = (SSK 0,1 , SSK 0,2 ), the time secret key TSK = (TSK 0,1 , TSK 0,2 ) and public parameters PP.
(2) Choose a random integer β ∈ Z * p , and set the time secret key TSK = g β and time public key TPK =ê(g, g β ).
-Key extract: In the i-th invocation of the Key extract algorithm, the PKG sets the current system secret key (SSK i,1 , SSK i,2 ) by refreshing (SSK i−1,1 , SSK i−1,2 ). Afterwards, the PKG takes as input a user's identity ID and carries out the following steps: (1) Choose a random integer a ∈ Z * p , and update the PKG's system secret key (2) Choose a random integer γ ∈ Z * p , and compute QK ID = g γ . (3) Compute TID = STID (mod p), where STID is the integer value of the bit string IDQK ID . And compute the temporary information TI KE = SSK i,1 · (U · V TID ) γ and the user's secret key USK ID = SSK i,2 · TI KE . (4) Finally, by a secure channel, the PKG sends USK ID and QK ID to the user. Upon receiving USK ID and QK ID,1 , the user randomly selects an integer c ∈ Z * p , and sets the user's initial secret key (USK ID,0,1 , USK ID,0,2 ) = (g c , USK ID · g −c ).
-Time key update: In the j -th invocation of the Time key update algorithm, the CRA sets the current time secret key (TSK j,1 , TSK j,2 ) by refreshing (TSK j −1,1 , TSK j −1,2 ). Afterwards, the CRA takes as input a user's identity ID and a period T t , and carries out the following steps: (1) Choose a random integer b ∈ Z * p , and update the CRA's current time secret key (TSK i,1 , TSK i,2 ) = (TSK i−1,1 · g b , TSK i−1,2 · g −b ).
(2) Randomly select an integer η ∈ Z * p , and compute QTK ID,t = g η . (3) Compute TTD = STTD (mod p), where STTD is the integer value of the bit string ID||T t ||QTK ID,t . And compute the temporary information TI TKU = TSK j,1 · (W · X TTD ) η and the user's time secret key UTK ID,t = TSK j,2 · TI TKU . (4) Finally, by a secure channel, the CRA sends UTK ID,t and QTK ID,t to the user.
Hence, the equality is verified bŷ

Security Analysis
Let us analyse the security of our LR-RIBS scheme with CRA. By the adversary model (i.e. security game G LR-RIBS ) of LR-RIBS schemes with CRA, there are two types of adversaries. In the GBG model, Theorem 1 demonstrates that our scheme is provably secure against Type I adversary. In Theorem 2, we prove that our scheme is also provably secure against Type II adversary.

Theorem 1. In the GBG model, our LR-RIBS scheme with CRA possesses existential unforgeability under the UF-LR-RIBS-ACMA attack of Type I adversary (a curious CRA or an outsider).
Proof. Let A I denote a Type I adversary in the security game G LR-RIBS played with a challenger C. A I is allowed to request all queries in the security game G LR-RIBS while the number of queries issued by A I is at most q times. In the GBG model introduced in earlier section, there are three group queries (oracles) Q G , Q T and Q p . In such a case, the challenger C also responses the queries Q G , Q T and Q p issued by the adversary A I , where these queries are provided in the Query phase of G LR-RIBS . For G LR-RIBS on the proposed LR-RIBS scheme with CRA, three phases (Setup, Query and Forgery) are presented as below: -Setup phase: The challenger C carries out the System Setup algorithm of our scheme to generate SSK, TSK, a total number z of periods T 0 , T 1 , . . . , T z and PP = (p, G, G T ,ê, g, SPK, TPK, U, V , W, X, Y, Z). Additionally, C constructs four lists L G , L T , L K and L TK to record the related parameters and results of the queries issued by the adversary.
• L G and L T are, respectively, employed to record all group elements of G and G T .
(1) L G contains pairs of the form (Ξ G m,n,r , ξG m,n,r ), where ΞG m,n,r represents an element (multivariate polynomial) in G and ξG m,n,r is the associated bit string. Here, m and n, respectively, denote the query type and the n-th query, and the index r represents the r-th element of G. Initially, nine pairs (Ξg, ξ G I,1,1 ), (Ξ U, ξ G I,1,2 ), (Ξ V , ξ G I,1,3 ), (Ξ W, ξ G I,1,4 ), (Ξ X, ξ G I,1,5 ), (Ξ Y, ξ G I,1,6 ), (Ξ Z, ξ G I,1,7 ), (Ξ SSK,ξG I,1,8 ) and (Ξ TSK,ξG I,1,9 ) are recorded in L G . (2) L T contains pairs of the form (Ξ T m,n,r , ξT m,n,r ), where (Ξ T m,n,r represents an element (multivariate polynomial) in G/G T and ξG m,n,r is the associated bit string. The meanings of the indices m, n and r are the same with those in L G . Initially, two pairs (Ξ SPK, ξT I,1,1 ) and (Ξ TPK, ξT I,1,2 ) are recorded in L T , where Ξ SPK = Ξg · Ξ SSK and Ξ TPK = Ξg · Ξ TSK. It is worth mentioning that C employs two rules to respond the transformation request as below: (1) When C receives ΞG m,n,r /Ξ T m,n,r , C looks for (Ξ G m,n,r , ξG m,n,r )/(Ξ T m,n,r , ξT m,n,r ) in L G /L T . If so, C returns the associated bit string ξG m,n,r /ξ T m,n,r . Otherwise, C randomly selects a distinct bit string ξG m,n,r /ξ T m,n,r and returns it. Finally, C adds (Ξ G m,n,r , ξG m,n,r )/ (Ξ T m,n,r , ξT m,n,r ) in L G /L T . (2) When C receives ξG m,n,r /ξ T m,n,r in L G /L T , C returns the associated multivariate polynomial ΞG m,n,r /Ξ T m,n,r if it is found. Otherwise, C terminates the game. • L K contains tuples of the form (ID, Ξ USK ID , Ξ QK ID ), where the multivariate polynomials Ξ USK ID and Ξ QK ID , respectively, denote the user's USK ID and QK ID in the Key extract phase. • L TK contains tuples of the form (ID, T t , Ξ UTK ID,t , Ξ QTK ID,t ), where the multivariate polynomials Ξ UTK ID,t and Ξ QTK ID,t , respectively, denote the user's UTK ID,t and QTK ID,t in the Time key update phase. Finally, C sends these public parameters Ξg, ΞU , ΞV , ΞW , ΞX, ΞY , ΞZ, Ξ SPK and Ξ TPK to A I . -Query phase: A I can request the following queries to C adaptively.
• Group query Q T (ξ T Q,i,1 ,ξT Q,i,2 ,OP): Upon receiving the i-th Q T with a pair of bit strings (ξT Q,i,1 , ξT Q,i,2 ) and an OP operation, C carries out the similar steps with Q G and returns the bit string ξT Q,i,3 . • Pairing query Q P (ξ G P ,i,1 , ξG P ,i,2 ): Upon receiving the i-th Q P with a pair of bit strings (ξG P ,i,1 , ξG P ,i,2 ), C carries out the following steps: (1) Transform ξG P ,i,1 and ξG P ,i,2 , respectively, to gain the corresponding polynomials ΞG P ,i,1 and ΞG P ,i,2 . (2) Compute the resulting polynomial ΞT P ,i,1 = ΞG P ,i,1 · ΞG P ,i,2 .
• Key extract query (ID): Upon receiving the i-th Key extract query with a user's ID, C looks for (ID, Ξ USK ID , Ξ QK ID ) in L K . If so, C returns two corresponding bit strings ξ USK ID of Ξ USK ID and ξ QK ID of Ξ QK ID to A I . Otherwise, C carries out the following steps: (1) Choose a new variate ΞT G KE,i,1 in G.
(3) Compute the user's secret key Ξ USK ID = Ξ SSK + Ξ TG KE,i,1 · (Ξ U + ΞV · Ξ TID) while adding (ID, Ξ USK ID , Ξ QK ID ) in L K . (4) Transform and return two corresponding bit strings ξ USK ID of Ξ USK ID and ξ QK ID of Ξ QK ID to A I . • Key extract leak query (i, f KE,i , h KE,i (SSK i,1 , a, γ ) and Λh KE,i = h KE,i (SSK i,2 ,a,γ,TI KE ). Note that in the i-th Key extract query, A I is allowed to issue the Key extract leak query only once. • Time key update query (ID, T t ): In the j -th Time key update query with ID and T t , C looks for (ID, T t , Ξ UTK ID,t , Ξ QTK ID,t ) in L TK . If so, C returns two corresponding bit strings ξ UTK ID,t and ξ QTK ID,t to A I . Otherwise, C carries out the following steps: (1) Choose a new variate ΞT G TKU,ID,t,1 in G.
(3) Set the user's time update key Ξ UTK ID,t = Ξ TSK + ΞT G TKU,ID,t,1 · (Ξ W + ΞX · ΞT T D ID,t ) while adding (ID, T t , ΞUTK ID,t , ΞQTK ID,t ) in L T K. (4) Transform and return two corresponding bit strings ξ UTK ID,t of Ξ UTK ID,t and ξ QTK ID,t of Ξ QTK ID,t to A I . Note that A I is a curious CRA or an outsider who can gain the user's time update key by the Time key update query. Hence A I has no need to request the Time key update leak query.
• Singing query (ID, T t , msg): Upon receiving the k-th Signing query of the user ID, by taking the period T t and the message msg as input, C carries out the following steps: (1) By ID, look for (ID, ΞUSK ID , ΞQK ID ) in L K .
For evaluating the probability that A I wins G LR-RIBS , let us first compute the number of group elements and the maximal degrees of polynomials in L G /L T .
(1) The number of group elements in L G and L T is at most 6q by the following evaluations: • In the Setup phase, nine group elements are initially added in L G and two group elements are initially added in L T . • For each Q G , Q T and Q P query, three new group elements could be generated and added in L G or L T . • In the Key extract query for a new user, two new group elements are generated and added in L G . • In the Time key update query for a user at a period, two new group elements are generated and added in L G . • In each Signing query, six new group elements are added in L G . The total number of Q G , Q T and Q P queries is denoted by q O . Additionally, q KE , q TKU and q S , respectively, represent the numbers of the Key extract query, Time key update query and Signing query. In the Query phase, A I is allowed to request the queries at most q times. Therefore, we have |L G | + |L T | 11 + 3q O + 2q KE + 2q TKU + 6q S 6q.
(2) The maximal degree of polynomials in L G is 3 because of the following reasons: • In the Setup phase, since these polynomials Ξg, ΞU , ΞV , ΞW , ΞX, ΞY , ΞZ, Ξ SSK and Ξ TSK are new variates, they have degree 1. Ξ SPK and Ξ TPK have degree 2. • In Q G , ΞG Q,i,3 has the maximal degree of ΞG Q,i,1 or ΞG Q,i,2 . • In the Key extract query, ΞT G KE,i,1 , ΞT I D and Ξ USK ID have degrees 1, 1 and 3, respectively. • In the Time key update query, Ξ QTK ID,t , Ξ TTD and Ξ UTK ID,t have degrees 1, 1 and 3, respectively. • In the Signing query, Ξ QK ID and Ξσ 4 have degrees 1 and 3, respectively.
(3) The maximal degree of polynomials in L T is 6 because of the following reasons: • In the Setup phase, both ΞSP K and Ξ TPK have degree 2.
• In Q T , ΞT Q,i,3 has the maximal degree of ΞT Q,i,1 or ΞT Q,i,2 .
• In Q P , the maximal degree of ΞT P ,i,1 in L T is 6 because the maximal degree of polynomials in L G is 3 and ΞT P ,i,1 = ΞG P ,i,1 · ΞG P ,i,2 .
If one of the following two cases occurs, we say that A I wins G LR-RIBS : Case 1. A I discovers a collision of group elements in L G or L T . Let n denote the total number of all variates in L G and L T . Now, C selects n random values v i ∈ Z * p for i = 1, . . . , n. In this case, there exist two polynomials ΞG i and ΞG j , both in L G or both in L T , that satisfy ΞG i (v 1 , v 2 , . . . , v n ) = ΞG j (v 1 , v 2 , . . . , v n ).
• With requesting two kinds of leak queries: Under this circumstance, A I is allowed to issue all the leak queries in G LR-RIBS . In the i-th key extract leak query with |f KE,i | λ and |h EK,i | λ, A I gains the fraction leakage content Λf KE,i = f KE,i (SSK i,1 ,a,γ ) and Λh KE,i = h KE,i (SSK i,2 ,a,γ,TI KE ) discussed as below.
a, γ : In each Key extract query, a and γ are random values. Therefore, the leakage of a or γ is of no help to learn the system secret key SSK.
By the multiplicative blinding technique, the fraction leakage content of SSK i−1,1 /SSK i−1,2 is independent of that of SSK i,1 /SSK i,2 . Hence, AI gains at most λ bits of SSK. TI KE : The temporary value TI KE is employed to compute the user's secret key USK ID . Since A I can obtain the entire USK ID except for ID * , TI KE is helpless for A I .
In the k-th Signing query of the user ID, by taking as input two leakage functions f S,k and h S,k with |f S,k | λ and |h S,k | λ, A I gains the fraction leakage content Λf S,k = f S,k (USK ID,k,1 ,UTK ID,t ,c,δ) and Λh S,k = h S,k (USK ID,k,2 , c, TI S ) discussed as below.
c, δ: In each signing query, c and δ are random values. Therefore, the leakage about c and δ is of no help to learn the user's secret key USK ID . (USK ID,k,1 , USK ID,k,2 ): We have USK ID = USK ID,k−1,1 · USK ID,k−1,2 = USK ID,k,1 · USK ID,k,2 . By the multiplicative blinding technique, the fraction leakage content of USK ID,k−1,1 /USK ID,k−1,2 is independent of that of USK ID,k,1 /USK ID,k,2 . Hence, A I gains at most λ bits of USK ID . TI S : The temporary value TI S is used to generate the signature σ 4 . Since A I can obtain the entire σ 4 by the Sign query, TI S is helpless for A I .
Let Adv A−I be the advantage that A I wins G LR-RIBS with requesting the Key extract leak query and Signing leak query. For forging a correct signature, let us discuss the useful leakage content of the target user's secret USK and the system secret key SSK that consists of three events as below: (1) ESSK denotes the event that A I knows the whole SSK by Λf KE,i and Λh KE,i , and its complement event is denoted by ESSK.
(2) EUSK denotes the event that A I knows the whole USK ID by Λf S,k and Λh S,k , and its complement event is denoted by EUSK.
(3) ESF denotes the event that A I forges a correct signature.

Hence, the advantage Adv A−I is Pr[ESF] and satisfies the inequality
In our LR-RIBS scheme with CRA, the PKG employed SSK and a user's information ID||QK ID to generate the user's secret key USK ID by using the signature scheme in Galindo and Virek (2013). By Lemma 5 in Galindo and Virek (2013), we have Pr [ESSK] O((q 2 /p)·2 2λ ). Next, A I may gain fractional content of USK ID by the Signing leak query. Hence, Pr[ESF ∧ EUSK] is the probability that A I can get fractional content of USK ID by Λf S,k and Λh S,k . Thus, we can gain the probability Pr[ESF ∧ EUSK] O((q 2 /p) · 2 2λ ). Finally, the event ESSK ∧ EUSK is that A I can gain fractional content of (USK ID,k,1 , USK ID,k,2 ) by Λf S,k and Λh S,k . In such a case, A I can gain at most λ bits about USK ID , and so we have Pr[ESF ∧ ESSK ∧ EUSK] O((q 2 /p) · 2 λ ). According to the events discussed above, we reach the inequality Theorem 2. In the GBG model, our LR-RIBS scheme with CRA possesses existential unforgeability under the UF-LR-RIBS-ACMA attack of Type II adversary (a revoked user).
By the same arguments in Theorem 1, the total number of group elements in L G and L T is at most 6q, namely, |L G | + |L T | 6q. The maximal polynomial degrees in L G and L T are 3 and 6, respectively. Let us evaluate A II 's advantage winning G LR-RIBS without requesting Time key update leak query and Signing leak query. Subsequently, A II 's advantage in G LR-RIBS with requesting two kinds of leak queries is evaluated.
• Without requesting two kinds of leak queries: Let Pr A−I I −W denote the advantage that A II wins G LR-RIBS without requesting two kinds of leak queries. By the similar discussions as Theorem 1, we have the inequality • With requesting two kinds of leak queries: Under this circumstance, A II is allowed to request all queries in G LR-RIBS . For the j -th time key update leak query with f TKU,j and h TKU,j that satisfy |f TKU,j | λ and |h TKU,j | λ, A II can gain the fraction leakage content Λf TKU,j = f TKU,j (TSK j,1 ,b,η) and Λh TKU,j = h TKU,j (TSK j,2 , b, η, TI TKU ) discussed below: b, η: In each time key update query, b and η are random values. Therefore, the leakage about b and η is of no help to learn the time secret key TSK. (TSK j,1 , TSK j,2 ): For the time secret key TSK, we have TSK = TSK j −1,1 · TSK j −1,1 = TSK j,1 · TSK j,2 . By the multiplicative blinding technique, the fraction leakage content of TSK j −1,1 /TSK j −1,2 is independent of that of TSK j,1 /TSK j,2 . Thus, A II gains at most λ bits of TSK. TI TKU : The temporary value TI TKU is employed to generate user's time key UTK ID,t . Since A II can obtain the whole UTK ID,t by the time key update query, TI TKU is helpless for A II .
For the k-th Signing leak query of the user ID, by taking as input two leakage functions f S,k and h S,k such that |f S,k | λ and |h S,k | λ, A II gains the fraction leakage content Λf S,k = f S,k (USK ID,k,1 ,UTK ID,t ,c,δ) and Λh S,k = h S,k (USK ID,k,2 , c, TI S ). Indeed, a revoked user has possessed the user secret key USK ID . In particular, since the user's time update key UTK ID,t is not generated, the Signing leak query does not leak any content.
Let Adv A−I I be the advantage that A II wins G LR-RIBS with requesting the time key update query. Since A II simulates a revoked user, she/he can obtain the target user's secret key USK I D. For forging a correct signature, let us discuss the helpful leakage content about the target user's time key UTK ID,t that consists of two events as below: (1) ETSK denotes the event that A II gains the whole TSK by Λf TKU,j and Λh TKU,j , and ETSK denotes the complement event of ETSK.
(2) ESF denotes the event that A II forges a correct signature. In the Time key update phase of our scheme, the CRA employed the time secret key TSK and a user's content TTD = ID||T t ||QTK ID,t to generate the user's secret key UTK ID,t by using the signature scheme in Galindo and Virek (2013). The probability Pr[ETSK] is identical to Pr [ESSK] in Theorem 1 so that we have Pr[ETSK] O((q 2 /p) * 2 2λ ) Next, the event is that A II can gain at most λ bits of (TSK j,1 , TSK j,2 ), we have Pr[ESF ∧ ET SK] O((q 2 /p) * 2 λ ). According to the events discussed above, we reach the inequality Therefore, Adv A−I I O((q 2 /p) * 2 2λ ). Finally, by Lemma 2, Adv A−I I is negligible if λ < log p − ω(log log p).

Performance Comparisons
Here, we compare the performance between previously proposed RIBS schemes (Tsai et al., 2013b;Jia et al., 2017) and our LR-RIBS scheme with CRA. In the following, four notations are defined respectively to represent four time-consuming operation costs of bilinear groups: • T bp : The executing cost of a bilinear mapê : G × G → G T . • T me : The executing cost of a scalar multiplication on an additive cycle group G or an exponentiation operation on a multiplicative cycle group G. • T ex : The executing cost of an exponentiation operation on a multiplicative cycle group G T . • T mh : The executing cost of a map-to-point hash function operation in G.
Indeed, the cost of the operation (additive/multiplicative) on an (additive/multiplicative) cyclic group G is smaller than T bp , T me , T ex and T mh (Scott, 2011;Lynn, 2015), and so is negligible. The simulation experiences (Lynn, 2015) on a PC and a smartphone are employed as the benchmark costs of T pb , T me , T ex and T mh . The simulation platform on both the PKG and CRA sides is an Intel Core-2 Quad Q6600 PC with 2.4 GHz processor and Ubuntu OS. Meanwhile, the simulation platform on the user side is a HTC Desire HD-A9191 smartphone with Qualcomm 1 GHz processor and Android 2.2 OS. Additionally, under the same security level with 1024-bit RSA system, an elliptic curve over a finite field E(F q ) are employed for bilinear pairing groups with a prime order p, where p and q are 160 and is 512 bits, respectively. Table 1 lists the executing cost (in milliseconds) of T pb , T me , T ex and T mh on both a PC and a smartphone in Lynn (2015). Table 2 lists the performance comparisons between two previously proposed RIBS schemes (Tsai et al., 2013b;Jia et al., 2017) and our LR-RIBS scheme with CRA in terms of resisting side-channel attacks, overall unbounded leakage property, outsourced revocation authority and the computation costs of four phases. In Tsai et al. (2013b), the PKG is responsible to carry out both the Key extract and Time key update phases. On the other hand, the scheme in Jia et al. (2017) and our scheme employ a CRA to outsource the functionality of user revocation. Note that the executing costs of both the Key extract and Time key update phases are measured under a PC while the executing costs of both the Signing and Verifying phases are measured under a smartphone.
By Table 2, although performing worse than the other two schemes in the computation costs, our scheme is still well suited for a smartphone with limited computing capability. We should emphasize that our scheme can resist side-channel attacks with overall unbounded leakage property, but the other two cannot.

Conclusions
In the continual leakage model, we have defined a novel adversary model of LR-RIBS schemes with CRA. In the adversary model, Type I adversary (a curious CRA or an outsider) is allowed to extract fractional content of the target signer's secret key and the PKG's system secret key. Also, Type II adversary (a revoked user) is allowed to extract fractional content of the CRA's time secret key. We have proposed the first LR-RIBS scheme with CRA and it possesses the overall unbounded leakage property. In the GBG model, security analysis demonstrated that the proposed LR-RIBS scheme with CRA is secure against Types I and II adversaries under the continual leakage model. Performance comparisons demonstrated that the proposed LR-RIBS scheme with CRA requires some additional computation costs than the previously proposed RIBS schemes. This point is that our scheme not only can resist side-channel attacks, but also is still suitable for mobile devices with limited computing capability.

Funding
The work was partially supported by the Ministry of Science and Technology, Taiwan, under contract no. MOST108-2221-E-018-004-MY2.
J.-D. Wu received the BS degree from the Department of Mathematics, National