Deja Q All Over Again: Tighter and Broader Reductions of q-Type Assumptions.

In this paper, we demonstrate that various cryptographic constructions--including ones for broadcast, attribute-based, and hierarchical identity-based encryption--can rely for security on only the static subgroup hiding assumption when instantiated in composite-order bilinear groups, as opposed to the dynamic q-type assumptions on which their security previously was based. This specific goal is accomplished by more generally extending the recent Déjí Q framework Chase and Meiklejohn, Eurocrypt 2014 in two main directions. First, by teasing out common properties of existing reductions, we expand the q-type assumptions that can be covered by the framework; i.e., we demonstrate broader classes of assumptions that can be reduced to subgroup hiding. Second, while the original framework applied only to asymmetric composite-order bilinear groups, we provide a reduction to subgroup hiding that works in symmetric as well as asymmetric composite-order groups. As a bonus, our new reduction achieves a tightness of $$\\log q$$ rather than q.