Abstract
Key escrow is a major drawback of identity-based encryption (IBE). The key generation centre (KGC) can generate the user secret key of any user by using the master secret key and the user s identity. This paper presents a systematic study of what it takes to prevent a malicious KGC from decrypting a ciphertext encrypted for an honest user, which covers the case for certificateless encryption, and shows the impossibility of ideal escrow-free IBE, unless there is uncertainty in the user s identity. Our study also explains the underpinning idea of anonymous ciphertext indistinguishability (ACI), formalized by Chow in PKC 2009. An ACI-secure IBE prevent a KGC (or any logical entity which get holds of the master secret key, such as the collusion of a number of authorities holding the sufficient number of master secret s shares) from decrypting if it does not know the intended recipient of the ciphertext, a guarantee that none of the existing attempts in the literature can provide. The notion of ACI crucially relies on the privacy of user s identity in the eyes of the KGC. The only privacy leakage allowed in Chow s model is via querying an embedded-identity encryption oracle. In this paper, we strengthen his model to allow arbitrary bounded leakage of the recipient s identity. We also give a generic construction on how to achieve this notion when the identity has enough entropy.
Original language | English |
---|---|
Title of host publication | 7th International Conference on Provable Security (ProvSec 2013) |
Editors | Willy Susilo, Reza Reyhanitabar |
Place of Publication | Heidelberg Germany |
Publisher | Springer |
Pages | 139 - 153 |
Number of pages | 15 |
Volume | 8209 |
ISBN (Print) | 9783642412264 |
DOIs | |
Publication status | Published - 2013 |
Externally published | Yes |
Event | International Conference on Provable Security 2013 - Melaka, Malaysia Duration: 23 Oct 2013 → 25 Oct 2013 Conference number: 7th https://link.springer.com/book/10.1007/978-3-642-41227-1 (Proceedings) |
Conference
Conference | International Conference on Provable Security 2013 |
---|---|
Abbreviated title | ProvSec 2013 |
Country/Territory | Malaysia |
City | Melaka |
Period | 23/10/13 → 25/10/13 |
Internet address |
|