Dealerless Corporate Key Generation for Identity-Based Encryption Schemes
Authors: 
Zhen Liu, Duncan S. Wong, Jack PoonAuthors Info & Claims
Zhen Liu, Duncan S. Wong, Jack PoonAuthors Info & ClaimsAbstract
In Identity-Based Encryption (IBE) system, the Private Key Generator (PKG) holds the master secret key and is responsible for generating private keys for the users. This incurs the key-escrow problem, i.e. the PKG can decrypt any user' any ciphertexts without any possible detection. Also, compromising the master secret key will enable an adversary to do anything to the whole system, and having the master secret key be unavailable implies that new users cannot obtain private keys from the PKG, and existing users cannot get their private keys back from the PKG when they lost them. To address the key-escrow problem and protect the master secret key as much as possible with strong security and availability, distributed PKG protocols supporting threshold policy have been adopted in some IBE schemes. In this paper, we propose a distributed PKG protocol that supports the policy to be any monotonic access structures. Also, we propose the first distributed PKG protocol that supports the dynamic changes of the PKGs and the policy, while remaining the master secret key unchanged. The two protocols do not need any third party acting as a trusted dealer to present, and the master secret key should never be generated or resided in any one single site. The protocols are applicable to a generic IBE template, which covers many existing important IBE schemes. When applied to this generic type of IBE schemes, the two distributed PKG protocols do not affect the encryption and decryption algorithms, and only each user knows his own private key.
References
[1]
Y. Aumann and Y. Lindell. Security against covert adversaries: Efficient protocols for realistic adversaries. In TCC 2007, pages 137--156, 2007.
[2]
A. Beimel. Secure Schemes for Secret Sharing and Key Distribution. PhD thesis, Israel Institute of Technology, Technion, Haifa, Israel, 1996.
[3]
D. Boneh and X. Boyen. Efficient selective-id secure identity-based encryption without random oracles. In EUROCRYPT 2004, pages 223--238, 2004.
[4]
D. Boneh and X. Boyen. Secure identity based encryption without random oracles. In CRYPTO 2004, pages 443--459, 2004.
[5]
D. Boneh, X. Boyen, and E. Goh. Hierarchical identity based encryption with constant size ciphertext. In EUROCRYPT 2005, pages 440--456, 2005.
[6]
D. Boneh and M. K. Franklin. Identity-based encryption from the weil pairing. In CRYPTO 2001, pages 213--229, 2001.
[7]
D. Boneh and M. K. Franklin. Identity-based encryption from the weil pairing. SIAM J. Comput., 32(3):586--615, 2003.
[8]
X. Boyen. A tapestry of identity-based encryption: practical frameworks compared. IJACT, 1(1):3--21, 2008.
[9]
X. Boyen and B. Waters. Anonymous hierarchical identity-based encryption (without random oracles). In CRYPTO 2006, pages 290--307, 2006.
[10]
M. Geisler and N. P. Smart. Distributing the key distribution centre in sakai-kasahara based systems. In Cryptography and Coding 2009, pages 252--262, 2009.
[11]
R. Gennaro, S. Jarecki, H. Krawczyk, and T. Rabin. Secure distributed key generation for discrete-log based cryptosystems. In EUROCRYPT'99, pages 295--310, 1999.
[12]
C. Gentry. Practical identity-based encryption without random oracles. In EUROCRYPT 2006, pages 445--464, 2006.
[13]
J. Horwitz and B. Lynn. Toward hierarchical identity-based encryption. In EUROCRYPT 2002, pages 466--481, 2002.
[14]
A. Kate and I. Goldberg. Distributed private-key generators for identity-based cryptography. In SCN 2010, pages 436--453, 2010.
[15]
A. B. Lewko and B. Waters. Decentralizing attribute-based encryption. IACR Cryptology ePrint Archive, 2010:351, 2010.
[16]
A. B. Lewko and B. Waters. New techniques for dual system encryption and fully secure HIBE with short ciphertexts. In TCC 2010, pages 455--479, 2010.
[17]
Z. Liu, Z. Cao, and D. S. Wong. Efficient generation of linear secret sharing scheme matrices from threshold access trees. IACR Cryptology ePrint Archive, 2010:374, 2010.
[18]
R. Sakai and M. Kasahara. ID based cryptosystems with pairing on elliptic curve. IACR Cryptology ePrint Archive, 2003:54, 2003.
[19]
J. H. Seo, T. Kobayashi, M. Ohkubo, and K. Suzuki. Anonymous hierarchical identity-based encryption with constant size ciphertexts. In PKC 2009, pages 215--234, 2009.
[20]
A. Shamir. How to share a secret. Commun. ACM, 22(11):612--613, 1979.
[21]
A. Shamir. Identity-based cryptosystems and signature schemes. In CRYPTO'84, pages 47--53, 1984.
[22]
B. Waters. Efficient identity-based encryption without random oracles. In EUROCRYPT 2005, pages 114--127, 2005.
Index Terms
- Dealerless Corporate Key Generation for Identity-Based Encryption Schemes
Recommendations
Building Key-Private Public-Key Encryption Schemes
ACISP '09: Proceedings of the 14th Australasian Conference on Information Security and PrivacyIn the setting of identity-based encryption with multiple trusted authorities, TA anonymity formally models the inability of an adversary to distinguish two ciphertexts corresponding to the same message and identity, but generated using different TA ...
Simple CCA-Secure Public Key Encryption from Any Non-Malleable Identity-Based Encryption
Information Security and Cryptology --- ICISC 2008In this paper, we present a simple and generic method for constructing public key encryption (PKE) secure against chosen ciphertext attacks (CCA) from identity-based encryption (IBE). Specifically, we show that a CCA-secure PKE scheme can be generically ...
Multi-use and unidirectional identity-based proxy re-encryption schemes
In a proxy re-encryption scheme, a semi-trusted proxy is given special power that allows it to transform a ciphertext for Alice into a ciphertext for Bob without learning any information about the messages encrypted under either key. When a proxy re-...
Comments
Information & Contributors
Information
Published In
May 2016
958 pages
ISBN:9781450342339
DOI:10.1145/2897845
- General Chair:
- Xiaofeng Chen,
- Program Chairs:
- XiaoFeng Wang,
- Xinyi Huang
Copyright © 2016 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 30 May 2016
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
ASIA CCS '16
Sponsor:
ASIA CCS '16: ACM Asia Conference on Computer and Communications Security
May 30 - June 3, 2016
Xi'an, China
Acceptance Rates
ASIA CCS '16 Paper Acceptance Rate 73 of 350 submissions, 21%;
Overall Acceptance Rate 418 of 2,322 submissions, 18%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 178Total Downloads
- Downloads (Last 12 months)7
- Downloads (Last 6 weeks)0
Reflects downloads up to 28 Feb 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in