Abstract
Digital certificate validation associated with traditional public key cryptosystems make it impractical in real-world environments due to their storage cost. The identity-based cryptosystems have been proven advantageous as they do not require any digital certificate validation and hence their storage. Due to the key escrow, user slandering and secure key issuing problems, IBE adoption is limited to the small networks only. The existing solutions either lose the identity-based feature or require high computation cost. In this paper, we propose a mechanism to generate the user’s private key in which we mitigate the trust on single PKG by replacing it with single semi-trusted key generation center (KGC), which authenticates the user and provide the partial private key and multiple cloud privacy centers (CPCs), which protect the user’s private key with their secret keys. In order to reduce the computation cost to generate the user’s private key, the maximum computations are offloaded to the CPCs, and only constant (very less) number of operations are run on the KGC. We use the ECC-based blind technique to secure the communication over a public channel. Using the proposed escrow-free private key generation mechanism, we design an identity based encryption scheme, which is semantically secured against IND-ID-CCA attack assuming BDH problem.
Similar content being viewed by others
References
Al-Riyami SS, Paterson KG (2003) Certificateless public key cryptography. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 452–473
Barreto PSLM, Lynn B, Scott M (2003) On the selection of pairing-friendly groups. In: International Workshop on Selected Areas in Cryptography, pp. 17–25
Bellare M, Desai A, Pointcheval D, Rogaway P (1998) Relations among notions of security for public-key encryption schemes. In: Advances in Cryptology—CRYPTO’98, pp. 26–45
Boldyreva A, Goyal V, Kumar V (2008) Identity-based encryption with efficient revocation. In: Proceedings of the 15th ACM conference on Computer and communications security, pp. 417–426
Boneh D (1998) The decision diffie-hellman problem. In: International Algorithmic Number Theory Symposium, pp. 48–63
Boneh D, Boyen X (2004) Efficient selective-ID secure identity-based encryption without random oracles. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 223–238
Boneh D, Franklin M (2001) Identity-based encryption from the Weil pairing. In: Annual International Cryptology Conference, pp 213–229
Cao X, Kou W, Du X (2010) A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges. Inf Sci (Ny) 180(15):2895–2903
Cao D, Wang X-F, Wang F, Hu Q-L, Su J-S (2011) Sa-ibe: A secure and accountable identity-based encryption scheme. Dianzi Yu Xinxi Xuebao (Journal Electron Inf Technol) 33(12):2922–2928
Chen L, Harrison K, Soldera D, Smart NP (2002) Applications of multiple trust authorities in pairing based cryptosystems. In: Infrastructure Security, Springer, pp. 260–275
Chen P, Su J, Zhao B, Wang X, You I (2016) An escrow-free online/offline HIBS scheme for privacy protection of people-centric sensing. Secur Commun Networks 9(14):2302–2312
Chen P, Wang X, Su J (2015) An escrow-free hierarchical identity-based signature model for cloud storage. In: International Conference on Algorithms and Architectures for Parallel Processing, pp. 633–647
Chen P, Wang X, Su J (2015) T-HIBE: a trustworthy HIBE scheme for the OSN privacy protection. In: Security and Privacy in Social Networks and Big Data (SocialSec), 2015 International Symposium on, pp. 72–79
Chen P, Wang X, Zhao B, Su J, You I (2015) Removing Key Escrow from the LW-HIBE Scheme. In: International Conference on Algorithms and Architectures for Parallel Processing, pp. 593–605
Chen P, Wang X, Zhao B, Sun H, Su J, You I (2015) An escrow-free hierarchical identity-based signature scheme from composite order bilinear groups. In: Broadband and Wireless Computing, Communication and Applications (BWCCA), 2015 10th International Conference on, pp. 364–369
Choon JC, Cheon JH (2003) An identity-based signature from gap Diffie-Hellman groups. In: International Workshop on Public Key Cryptography, pp. 18–30
Chow SSM (2009) Removing escrow from identity-based encryption. In: International Workshop on Public Key Cryptography, pp. 256–276
Chung YF, Huang KH, Lai F, Chen TS (2007) ID-based digital signature scheme on the elliptic curve cryptosystem. Comput Stand Interfaces 29(6):601–604
Cocks C (2001) An identity based encryption scheme based on quadratic residues. In: IMA International Conference on Cryptography and Coding, pp. 360–363
Debiao H, Jianhua C, Jin H (2011) An ID-based proxy signature schemes without bilinear pairings. Ann Telecommun des télécommunications 66(11–12):657–662
Desmedt YG (1994) Threshold cryptography. Trans Emerg Telecommun Technol 5(4):449–458
ElGamal T (1985) A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theory 31(4):469–472
Fujisaki E, Okamoto T (2013) Secure integration of asymmetric and symmetric encryption schemes. J. Cryptol. 1–22
Gentry C (2003) Certificate-based encryption and the certificate revocation problem. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 272–293
Gentry C (2006) Practical identity-based encryption without random oracles. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp 445–464
Gentry C, Silverberg A (2002) Hierarchical ID-based cryptography. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 548–566
Goyal V (2007) Reducing trust in the PKG in identity based cryptosystems. Adv Cryptology-CRYPTO 2007:430–447
Han J, Yang Y, Huang X, Yuen TH, Li J, Cao J (2016) Accountable mobile E-commerce scheme via identity-based plaintext-checkable encryption. Inf Sci (Ny) 345:143–155
Hess F (2002) Efficient identity based signature schemes based on pairings. In: International Workshop on Selected Areas in Cryptography, pp. 310–324
Horwitz J, Lynn B (2002) Toward hierarchical identity-based encryption. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 466–481
Z. Huang, Chen K, Wang Y (2005) Efficient identity-based signatures and blind signatures. In: International Conference on Cryptology and Network Security, pp. 120–133
Huang J, Huang Q (2018) Black-box constructions of signature schemes in the bounded leakage setting. Inf Sci (Ny) 423:313–325
Islam SKH, Biswas GP (2012) A pairing-free identity-based authenticated group key agreement protocol for imbalanced mobile networks. Ann télécommunications-annales des Telecommun 67(11–12):547–558
Jia X, He D, Zeadally S, Li L (2017) Efficient Revocable ID-Based Signature With Cloud Revocation Server. IEEE Access 5:2945–2954
Karati A, Islam SKH, Biswas GP (2018) A Pairing-free and Provably Secure Certificateless Signature Scheme,” Inf. Sci. (Ny)
Karati A, Islam SKH, Karuppiah M (2018) Provably Secure and Lightweight Certificateless Signature Scheme for IIoT Environments. IEEE Trans. Ind. Informatics
Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48(177):203–209
Kumar M, Katti CP, Saxena PC (2017) A Secure Anonymous E-Voting System Using Identity-Based Blind Signature Scheme. In: International Conference on Information Systems Security, pp. 29–49
Kumar M, Katti CP, Saxena PC (2017) An Untraceable Identity-Based Blind Signature Scheme without Pairing for E-cash Payment System. In: International Conference on Ubiquitous Communication and Network Computing
Lee B, Boyd C, Dawson E, Kim K, Yang J, Yoo S (2004) Secure key issuing in ID-based cryptography. In: Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation-Volume 32, pp. 69–74
Li T, Li J (2016) Leakage-resilient traceable identity-based signature scheme. J Comput Theor Nanosci 13(1):878–889
Li J, Li J, Chen X, Jia C, Lou W (2015) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437
Li Y, Qi F, Tang Z (2017) An Efficient Hierarchical Identity-Based Encryption Scheme for the Key Escrow. In: International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage, pp. 108–120
Lynn B (2010) The pairing-based cryptography (PBC) library
Miller VS (1985) Use of elliptic curves in cryptography. Conference on the theory and application of cryptographic techniques. Springer, Berlin, Heidelberg
Paterson KG (2002) Cryptography from pairings: a snapshot of current research. Inf Secur Tech Rep 7(3):41–54
Qi F, Tang X, Wei Q (2015) New Escrow-Free Scheme for Hierarchical Identity-Based Encryption. In: International Conference on Algorithms and Architectures for Parallel Processing, pp. 701–713
Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126
Sahana SC, Bhuyan B, Das ML (2017) An Efficient Key Escrow-Free Identity-Based Signature Scheme. Int J Appl Eng Res 12(19):8964–8971
Sakai R, Kasahara M (2003) ID based Cryptosystems with Pairing on Elliptic Curve. IACR Cryptol ePrint Arch 2003:54
Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613
Shamir A (1984) Identity-based cryptosystems and signature schemes. In: Workshop on the Theory and Application of Cryptographic Techniques, pp. 47–53
Shparlinski I (2011) Computational Diffie-Hellman Problem. In: Encyclopedia of Cryptography and Security, Springer, pp. 240–244
Sui A et al (2005) Separable and anonymous identity-based key issuing. In: Parallel and Distributed Systems, 2005. Proceedings. 11th International Conference on, vol. 2, pp. 275–279
Tanaka H (1987) A realization scheme for the identity-based cryptosystem. In: Conference on the Theory and Application of Cryptographic Techniques, pp. 340–349
Tseng Y-M, Tsai T-T, Huang S-S, Huang C-P (2016) Identity-based encryption with cloud revocation authority and its applications. IEEE Trans. Cloud Comput
Yuen TH, Susilo W, Mu Y (2010) How to construct identity-based signatures without the key escrow problem. Int J Inf Secur 9(4):297–311
Zhang Y, Liu JK, Huang X, Au MH, Susilo W (2012) Efficient Escrow-Free Identity-Based Signature.. In: ProvSec, pp. 161–174
Zhang J, Sun Z (2013) An ID-based server-aided verification short signature scheme avoid key escrow. J Inf Sci Eng 29(3):459–473
Acknowledgements
This research work has been partially supported by the Council of Scientific and Industrial Research, a research and development organization in India, with sanctioned no. 09/263(1052)/2015 EMR-I and the UPE-II grant received from JNU. Additionally, the author would like to sincere thanks to the anonymous reviewers for their fruitful comments.
Author information
Authors and Affiliations
Corresponding author
Additional information
Publisher’s note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Kumar, M., Chand, S. ESKI-IBE: Efficient and secure key issuing identity-based encryption with cloud privacy centers. Multimed Tools Appl 78, 19753–19786 (2019). https://doi.org/10.1007/s11042-019-7155-x
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11042-019-7155-x