This paper presents the first constructions of non-interactive forward-secure public-key encryption (PKE) schemes. The authors introduce the notion of binary tree encryption (BTE) and construct a BTE scheme in the standard model. Their construction implies the first hierarchical identity-based encryption (HIBE) scheme in the standard model. The BTE scheme is used to build a forward-secure encryption scheme that achieves security against chosen-plaintext attacks in the standard model based on the decisional version of the bilinear Diffie-Hellman (BDH) assumption. The parameters of the scheme are poly-logarithmic in the total number of time periods. The authors also show how to extend their scheme to achieve security against adaptive chosen-ciphertext attacks in both the random oracle model and the standard model. The BTE scheme is based on the HIBE scheme of Gentry and Silverberg, which in turn is based on the identity-based encryption (IBE) scheme of Boneh and Franklin. The BTE scheme is used to construct a forward-secure encryption scheme that is secure in the standard model. The authors also show how to modify their scheme to achieve security in the random oracle model. The BTE scheme is efficient and practical for reasonable values of N. The authors also discuss the efficiency of their schemes and compare them to other known schemes. The paper concludes with a discussion of the implications of their results for the design of secure cryptographic systems.This paper presents the first constructions of non-interactive forward-secure public-key encryption (PKE) schemes. The authors introduce the notion of binary tree encryption (BTE) and construct a BTE scheme in the standard model. Their construction implies the first hierarchical identity-based encryption (HIBE) scheme in the standard model. The BTE scheme is used to build a forward-secure encryption scheme that achieves security against chosen-plaintext attacks in the standard model based on the decisional version of the bilinear Diffie-Hellman (BDH) assumption. The parameters of the scheme are poly-logarithmic in the total number of time periods. The authors also show how to extend their scheme to achieve security against adaptive chosen-ciphertext attacks in both the random oracle model and the standard model. The BTE scheme is based on the HIBE scheme of Gentry and Silverberg, which in turn is based on the identity-based encryption (IBE) scheme of Boneh and Franklin. The BTE scheme is used to construct a forward-secure encryption scheme that is secure in the standard model. The authors also show how to modify their scheme to achieve security in the random oracle model. The BTE scheme is efficient and practical for reasonable values of N. The authors also discuss the efficiency of their schemes and compare them to other known schemes. The paper concludes with a discussion of the implications of their results for the design of secure cryptographic systems.