Abstract
Identity-based cryptography (IBC) is an asymmetric key cryptographic technology with a special feature, in which a user’s public key can be an identifier of the user and the corresponding private key is created by binding the identifier with a system master secret. This paper is based on the author’s lecture notes in this area. In this paper, we introduce the concept of IBC by explaining some basic cryptographic primitives, such as identity-based encryption, signatures, combined encryption/signing and key-agreement. We also introduce two types of implementation techniques, which are based on integer factorization and discrete logarithm from pairings respectively. In order to make the technology easier to understand, we describe a small number of mechanisms in each primitive. Some of the mechanisms have been adopted by international standard bodies. At the end of the paper, we briefly cover the key escrow issue and a few well-known security models for these primitives.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Al-Riyami, S., Paterson, K.: Certifficateless Public Key Cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)
Al-Riyami, S., Paterson, K.: CBE from CL-PKE: a generic construction and efficient schemes. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 398–415. Springer, Heidelberg (2005)
Au, M., Liu, J., Yuen, T., Wong, D.: Practical hierarchical identity based encryption and signature schemes without random oracles. Cryptology ePrint Archive, Report 2006/368
Barbosa, M., Chen, L., Cheng, Z., Chimley, M., Dent, A., Farshim, P., Harrison, K., Malone-Lee, J., Smart, N.P., Vercauteren, F.: SK-KEM: an identity-based KEM. Submitted to IEEE P 1363.3, available at http://grouper.ieee.org/groups/1363/IBC/submissions/index.html
Barreto, P.: The pairing-based crypto lounge, http://paginas.terra.com.br/informatica/paulobarreto/pblounge.html
Barreto, P., Libert, B., McCullagh, N., Quisquater, J.: Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 515–532. Springer, Heidelberg (2005)
Barreto, P., Libert, B., McCullagh, N., Quisquater, J.: Efficient and secure identity-based signatures and signcryption from bilinear maps. IEEE P.3 1363 available at http://grouper.ieee.org/groups/1363/IBC/submissions/index.html (submitted)
Bellare, M., Namprempre, C., Neven, G.: Security proofs for identity-based identification and signature schemes. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 268–286. Springer, Heidelberg (2004)
Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the First Annual Conference on Computer and Communications Security, pp. 62–73. ACM Press, New York (1993)
Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)
Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)
Bentahar, K., Farshim, P., Malone-Lee, J., Smart, N.P.: Generic constructions of identity-based and certificateless KEMs. Cryptology ePrint Archive, Report 2005/058
Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M. (ed.) Cryptography and Coding. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997)
Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)
Boneh, D., Boyen, X.: Secure identity-based encryption without random oracles. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 443–459. Springer, Heidelberg (2004)
Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Boyd, C., Mao, W., Paterson, K.: Key agreement using statically keyed authenticators. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 248–262. Springer, Heidelberg (2004)
Boyen, X.: Multipurpose identity-based signcryption: a swiss army knife for identity-based cryptography. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 382–398. Springer, Heidelberg (2003)
Boyen, X., Waters, B.: Anonymous hierarchical identity-based encryption (without random oracles). In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, Springer, Heidelberg (2006)
Cha, J.C., Cheon, J.H.: An identity-based signature from gap Diffie-Hellman groups. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 18–30. Springer, Heidelberg (2002)
Chen, L., Cheng, Z.: Security proof of Sakai-Kasahar’s identity-based encryption scheme. In: Smart, N.P. (ed.) Cryptography and Coding. LNCS, vol. 3796, pp. 442–459. Springer, Heidelberg (2005)
Chen, L., Cheng, Z., Malone-Lee, J., Smart, N.: An efficient ID-KEM based on the Sakai-Kasahara key construction. IEE Proceedings Information Security 153(1), 19–26 (2006)
Chen, L., Cheng, Z., Smart, N.: Identity-based key agreement protocols from pairings. International Journal of Information Security. This paper has been submitted to IEEE P 1363.3 (to appear), available at http://grouper.ieee.org/groups/1363/IBC/submissions/index.html
Chen, L., Harrison, K.: Multiple trusted authorities in identifier based cryptography from pairings on elliptic curves. HP Technical Report, HPL-2003-48, Available at http://www.hpl.hp.com/techreports/2003/HPL-2003-48.html
Chen, L., Harrison, K., Malone-Lee, J. (as co-inventors): Identifier-based signcryption with two trusted authorities. GB patent GB2416282 A: Application No. GB200415774A, filed on July 15, 2004 (published on January 18, 2006)
Chen, L., Harrison, K., Moss, A., Smart, N., Soldera, D.: Certification of public keys within an identity based system. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, pp. 322–333. Springer, Heidelberg (2002)
Chen, L., Harrison, K., Smart, N., Soldera, D.: Applications of multiple trust authorities in pairing based cryptosystems. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 260–275. Springer, Heidelberg (2002)
Chen, L., Kudla, C.: Identity-based authenticated key agreement from pairings. In: Proceedings of the 16th IEEE Computer Security Foundations Workshop, pp. 219–233. IEEE, Los Alamitos (2003)
Chen, L., Malone-Lee, J.: Improved identity-based signcryption. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 362–379. Springer, Heidelberg (2005)
Cheng, Z., Chen, L.: On security proof of McCullagh-Barreto’s key agreement protocol and its variants. International Journal of Security and Networks 2(3/4), 251–259 (2007)
Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM Journal on Computing 33, 167–226 (2003)
Choie, Y., Jeong, E., Lee, E.: Efficient identity-based authenticated key agreement protocol from pairings. Applied Mathematics and Computation 162, 179–188 (2005)
Choudary Gorantla, M., Gangishetti, R., Saxena, A.: A survey on ID-based cryptographic primitives. Cryptology ePrint Archive, Report 2005/094
Cocks, C.: An identity-based encryption scheme based on quadratic residues. In: Honary, B. (ed.) Cryptography and Coding. LNCS, vol. 2260, pp. 360–363. Springer, Heidelberg (2001)
Desmedt, Y., Quisquater, J.: Public-key systems based on the difficulty of tampering (is there a difference between DES and RSA?). In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 111–117. Springer, Heidelberg (1987)
Dutta, R., Barua, R., Sarkar, P.: Pairing-based cryptographic protocols: a survey. Cryptology ePrint Archive, Report 2004/064
Fiat, A., Shamir, A.: How to prove yourself: practical solution to identityfication and signature schemes. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)
Galbraith, S., Paterson, K., Smart, N.P.: Pairings for cryptographers. Cryptology ePrint Archive, Report 2006/165
Gentry, C.: Certificate-Based Encryption and the Certificate Revocation Problem. In: Biham, E. (ed.) Advances in Cryptology – EUROCRPYT 2003. LNCS, vol. 2656, pp. 272–293. Springer, Heidelberg (2003)
Girault, M., Paillès, J.C.: An identity-based scheme providing zero-knowledge authentication and authenticated key exchange. In: Proceeedings of First European Symposium on Research in Computer Security – ESORICS 1990, AFCET, pp. 173–184 (1990)
Girault, M., Stern, J.: On the length of cryptographic hash-values used in identification schemes. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 202–215. Springer, Heidelberg (1988)
Guillou, L., Quisquater, J.: A paradoxical identity-based signature scheme resulting from zeroknowledge. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 216–231. Springer, Heidelberg (1990)
Hess, F.: Efficient identity based signature schemes based on pairings. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 310–324. Springer, Heidelberg (2003)
ISO/IEC 9594-8:2001(the 4th edn.): Information technology – Open Systems Interconnection – The Directory: Public-key and attribute certificate frameworks. International Organization for Standardization, Geneva, Switzerland (2001)
ISO/IEC 11770-3:1999: Information technology – Security techniques – Key management – Part 3: Mechanisms using asymmetric techniques. International Organization for Standardization, Geneva, Switzerland (1999)
ISO/IEC 14888-2:1998: Information technology – Security techniques – Digital signatures with appendix – Part 2: Identity-based mechanisms. International Organization for Standardization, Geneva, Switzerland (1998)
ISO/IEC 14888-3:2006: Information technology – Security techniques – Digital signatures with appendix – Part 3: Discrete logarithm based mechanisms. International Organization for Standardization, Geneva, Switzerland (2006)
IEEE P 1363.3, http://grouper.ieee.org/groups/1363/IBC/index.html
Li, S., Yuan, Q., Li, J.: Towards security two-part authenticated key agreement protocols. Cryptology ePrint Archive, Report 2005/300
Libert, B., Quisquater, J.: New identity based signcryption schemes from pairings. In: Proceedings of IEEE Information Theory Workshop 2003, IEEE Computer Society Press, Los Alamitos (2003)
McCullagh, N., Barreto, P.: Efficient and forward-secure identity-based signcryption. Cryptology ePrint Archive, Report 2004/117
McCullagh, N., Barreto, P.: A new two-party identity-based authenticated key agreement. In: Menezes, A.J. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 262–274. Springer, Heidelberg (2005)
Mitsunari, S., Sakai, R., Kasahara, M.: A new traitor tracing. IEICE Trans. Fundamentals E85-A(2), 481–484 (2002)
Malone-Lee, J.: Identity-Based Signcryption. Cryptology ePrint Archive, Report 2002/098
Maurer, U.M., Yacobi, Y.: Non-interactive public key cryptography. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 498–507. Springer, Heidelberg (1991)
Okamoto, E.: Proposal for identity-based key distribution system. Electronics Letters 22, 1283–1284 (1986)
Okamoto, E.: Key distribution system based on identification information. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 194–202. Springer, Heidelberg (1988)
Paterson, K.: ID-based signatures from pairings on elliptic curves. Electronic Letters 38(18), 1025–1026 (2002)
Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)
Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. Journal of Cryptology 13, 361–396 (2000)
Ryu, E., Yoon, E., Yoo, K.: An efficient ID-based authenticated key agreement protocol from pairings. In: Mitrou, N.M., Kontovasilis, K., Rouskas, G.N., Iliadis, I., Merakos, L. (eds.) NETWORKING 2004. LNCS, vol. 3042, pp. 1458–1463. Springer, Heidelberg (2004)
Sakai, R., Kasahara, M.: ID based cryptosystems with pairing on elliptic curve. Cryptology ePrint Archive, Report 2003/054
Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing. In: The 2000 Symposium on Cryptography and Information Security, Okinawa, Japan (January 2000)
Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing over elliptic curve (in Japanese). In: The 2001 Symposium on Cryptography and Information Security, Oiso, Japan (January 2001)
Scott, M.: Authenticated ID-based key exchange and remote log-in with insecure token and PIN number. Cryptology ePrint Archive, Report 2002/164
Shacham, H.: New Paradigms in Signature Schemes. PhD Thesis, U. Stanford (2005)
Shamir, A.: How to share a secret. Communications of the ACM 22, 612–613 (1979)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Shim, K.: Efficient ID-based authenticated key agreement protocol based on the Weil pairing. Electronics Letters 39, 653–654 (2003)
Silverman, J.: The arithmetic of elliptic curve. Springer, Heidelberg (1986)
Smart, N.: An identity based authenticated key agreement protocol based on the Weil pairing. Electronics Letters 38(13), 630–632 (2002)
Tanaka, H.: A realization scheme for the identity-based cryptosystem. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 340–349. Springer, Heidelberg (1988)
Tanaka, K., Okamoto, E.: Key distribution system for mail systems using ID-related information directory. Computers & Security 10, 25–33 (1991)
Vanstone, S., Zuccherato, R.: Elliptic curve cryptosystems using curves of smooth order over the ring Z n . IEEE Transactions on Information Theory 43(4), 1231–1237 (1997)
Wang, Y.: Efficient identity-based and authenticated key agreement protocol. Cryptology ePrint Archive, Report 2005/108
Wang, S., Cao, Z., Choo, K.: New identity-based authenticated key agreement protocols from pairings (without random oracles). Cryptology ePrint Archive, Report 2006/446
Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)
Xie, G.: An ID-based key agreement scheme from pairing. Cryptology ePrint Archive, Report 2005/093
Yuan, Q., Li, S.: A new efficient ID-based authenticated key agreement protocol. Cryptology ePrint Archive, Report 2005/309
Yi, X.: An identity-based signature scheme from the Weil pairing. IEEE Communications Letters 7(2), 76–78 (2003)
Yuen, T., Wei, V.: Constant-size hierarchical identity-based signature/signcryption without random oracles. Cryptology ePrint Archive, Report 2005/412
Zheng, Y.: Digital signcryption or how to achieve cost (signature & encryption) < < cost (signature) + cost (encryption). In: Kaliski, Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 165–179. Springer, Heidelberg (1997)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chen, L. (2007). An Interpretation of Identity-Based Cryptography. In: Aldini, A., Gorrieri, R. (eds) Foundations of Security Analysis and Design IV. FOSAD FOSAD 2007 2006. Lecture Notes in Computer Science, vol 4677. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74810-6_7
Download citation
DOI: https://doi.org/10.1007/978-3-540-74810-6_7
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-74809-0
Online ISBN: 978-3-540-74810-6
eBook Packages: Computer ScienceComputer Science (R0)