Abstract
In the Identity-Based Encryption (IBE) setting, the rejoin functionality seems to be impossible since each user has the unique identity as its public key. Moreover, sometimes these identities are unchangeable, e.g., biological information (finger print iris, and so on) is regarded as the identity. Even if changeable value is indicated as an identity, e.g., e-mail address, it is preferable that the same identity can be used after a secret key is leaked. In this paper, we give a formal security definition of RIBE with the rejoin functionality, and also show that the Seo-Emura RIBE scheme [PKC 2013] (with a slight modification) has the rejoin functionality.
