×

Efficient hybrid encryption from ID-based encryption. (English) Zbl 1197.94171

Research on efficient and secure public-key encryption (PKE) has been central in cryptography. In this paper, the authors focus on CCA(chosen ciphertext attacks)-secure cryptosystems under standard cryptographic assumptions, without using random oracles. They consider generic transformations from ID-based key encapsulation mechanism (IBKEM) to PKE. The authors present new generic transformations that are applicable to partitioned IBKEMs. Also, they show an analogue generic transformation in the threshold setting and present a concrete scheme which results in the most efficient threshold PKE scheme in the standard model.

MSC:

94A60 Cryptography
11T71 Algebraic coding theory; cryptography (number-theoretic aspects)

Software:

KEM-DEM
PDFBibTeX XMLCite
Full Text: DOI

References:

[1] Abe M.: Robust distributed multiplication without interaction. In: Wiener M.J. (ed.) Advances in Cryptology–CRYPTO’99. Lecture Notes in Computer Science, Santa Barbara, CA, USA, August 15–19, vol. 1666, pp. 130–147. Springer, Berlin, Germany (1999). · Zbl 0940.94005
[2] Abe M., Fehr S.: Adaptively secure feldman VSS and applications to universally-composable threshold cryptography. In: Franklin M. (ed.) Advances in Cryptology–CRYPTO 2004. Lecture Notes in Computer Science, Santa Barbara, CA, USA, August 15–19, vol. 3152, pp. 317–334. Springer, Berlin, Germany (2004). · Zbl 1104.94042
[3] Abe M., Gennaro R., Kurosawa K.: Tag-KEM/DEM: a new framework for hybrid encryption. J. Cryptol. 21(1), 97–130 (2008) · Zbl 1147.68498 · doi:10.1007/s00145-007-9010-x
[4] Bellare M., Rogaway P.: Random oracles are practical: a paradigm for designing efficient protocols. In: ACM CCS 93: 1st Conference on Computer and Communications Security, Fairfax, Virginia, USA, November 3–5, pp. 62–73. ACM Press (1993).
[5] Bellare M., Rogaway P.: Collision-resistant hashing: towards making UOWHFs practical. In: Kaliski B.S., Jr. (ed.) Advances in Cryptology–CRYPTO’97. Lecture Notes in Computer Science, Santa Barbara, CA, USA, August 17–21, vol. 1294, pp. 470–484. Springer, Berlin, Germany (1997). · Zbl 0882.94015
[6] Bernstein D.J.: Pippenger’s Exponentiation Algorithm. http://cr.yp.to/papers.html (2001).
[7] Boneh D., Boyen X.: Efficient selective-ID secure identity based encryption without random oracles. In: Cachin C., Camenisch J. (eds.) Advances in Cryptology–EU-ROCRYPT 2004. Lecture Notes in Computer Science, Interlaken, Switzerland, May 2–6, vol. 3027, pp. 223–238. Springer, Berlin, Germany (2004). · Zbl 1122.94355
[8] Boneh D., Boyen X.: Short signatures without random oracles. In: Cachin C., Camenisch J. (eds.) Advances in Cryptology–EUROCRYPT 2004. Lecture Notes in Computer Science, Interlaken, Switzerland, May 2–6, vol. 3027, pp. 56–73. Springer, Berlin, Germany (2004). · Zbl 1122.94354
[9] Boneh D., Boyen X., Halevi S.: Chosen ciphertext secure public key threshold encryption without random oracles. In: Pointcheval D. (ed.) Topics in Cryptology–CT-RSA 2006. Lecture Notes in Computer Science, San Jose, CA, USA, February 13–17, vol. 3860, pp. 226–243. Springer, Berlin, Germany (2006). · Zbl 1125.94012
[10] Boneh D., Canetti R., Halevi S., Katz J.: Chosen-ciphertext security from identity-based encryption. SIAM J. Comput. 36(5), 1301–1328 (2007) · Zbl 1138.94010 · doi:10.1137/S009753970544713X
[11] Boneh D., Franklin M.K.: Identity-based encryption from the Weil pairing. In: Kilian J. (ed.) Advances in Cryptology–CRYPTO 2001. Lecture Notes in Computer Science, Santa Barbara, CA, USA, August 19–23, vol. 2139, pp. 213–229. Springer, Berlin, Germany (2001). · Zbl 1002.94023
[12] Boneh D., Franklin M.K.: Identity based encryption from the Weil pairing. SIAM J. Comput. 32(3), 586–615 (2003) · Zbl 1046.94008 · doi:10.1137/S0097539701398521
[13] Boneh D., Katz J.: Improved efficiency for CCA-secure cryptosystems built using identity-based encryption. In: Menezes A. (ed.) Topics in Cryptology–CT-RSA 2005. Lecture Notes in Computer Science, San Francisco, CA, USA, February 14–18, vol. 3376, pp. 87–103. Springer, Berlin, Germany (2005). · Zbl 1079.94535
[14] Boyen X., Mei Q., Waters B.: Direct chosen ciphertext security from identity-based techniques. In: ACM CCS 05: 12th Conference on Computer and Communications Security, Alexandria, Virginia, USA, November 7–11, pp. 320–329. ACM Press (2005).
[15] Canetti R., Goldreich O., Halevi S.: The random oracle methodology, revisited. In: 30th Annual ACM Symposium on Theory of Computing, Dallas, Texas, USA, May 23–26, pp. 209–218. ACM Press (1998). · Zbl 1027.68603
[16] Canetti R., Goldwasser S.: An effcient threshold public key cryptosystem secure against adaptive chosen ciphertext attack. In: Stern J. (ed.) Advances in Cryptology–EURO-CRYPT’99. Lecture Notes in Computer Science, Prague, Czech Republic, May 2–6, vol. 1592, pp. 90–106. Springer, Berlin, Germany (1999). · Zbl 0948.94008
[17] Canetti R., Halevi S., Katz J.: A forward-secure public-key encryption scheme. In: Biham E. (ed.) Advances in Cryptology–EUROCRYPT 2003. Lecture Notes in Computer Science, Warsaw, Poland, May 4–8, vol. 2656, pp. 255–271, Springer, Berlin, Germany (2003). · Zbl 1037.68532
[18] Canetti R., Halevi S., Katz J.: Chosen-ciphertext security from identity-based encryption. In: Cachin C., Camenisch J. (eds.) Advances in Cryptology–EURO-CRYPT 2004. Lecture Notes in Computer Science, Interlaken, Switzerland, May 2–6, vol. 3027, pp. 207–222, Springer, Berlin, Germany (2004). · Zbl 1122.94358
[19] Canetti R., Halevi S., Katz J.: Adaptively-secure, non-interactive public-key encryption. In: kilian J. (ed.) TCC 2005: 2nd Theory of Cryptography Conference. Lecture Notes in Computer Science, Cambridge, MA, USA, February 10–12, vol. 3378, pp. 150–168. Springer, Berlin, Germany (2005). · Zbl 1079.94537
[20] Chatterjee S., Sarkar P.: Trading time for space: towards an effcient ibe scheme with short(er) public parameters in the standard model. Proceedings of ICISC 2005 (2005). · Zbl 1184.94235
[21] Cramer R., Shoup V.: A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In: Krawczyk H. (ed.) Advances in Cryptology–CRYPTO’98. Lecture Notes in Computer Science, Santa Barbara, CA, USA, August 23–27, vol. 1462, pp. 13–25. Springer, Berlin, Germany (1998). · Zbl 0931.94018
[22] Cramer R., Shoup V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Comput. 33(1), 167–226 (2003) · Zbl 1045.94013 · doi:10.1137/S0097539702403773
[23] Damgård I.: Collision free hash functions and public key signature schemes. In: Chaum D., Price W.L. (eds.) Advances in Cryptology–EUROCRYPT’87. Lecture Notes in Computer Science, Amsterdam, The Netherlands, April 13–15, vol. 304, pp. 203–216. Springer, Berlin, Germany (1988). · Zbl 0647.94011
[24] Dolev D., Dwork C., Naor M.: Nonmalleable cryptography. SIAM J. Comput. 30(2), 391–437 (2000) · Zbl 0963.68067 · doi:10.1137/S0097539795291562
[25] Even S., Goldreich O., Micali S.: On-line/off-line digital signatures. J. Crypt. 9(1), 35–67 (1996) · Zbl 0844.94011 · doi:10.1007/BF02254791
[26] Galindo D., Kiltz E.: Threshold chosen-ciphertext secure identity-based key encapsulation without random oracles. In: SCN 2006, vol. 4116, pp. 173–185. Springer (2006). · Zbl 1152.94419
[27] Gennaro R., Jarecki S., Krawczyk H., Rabin T.: Secure distributed key gener- ation for discrete-log based cryptosystems. In: Stern J. (ed.) Advances in Cryptology–EU-ROCRYPT’99. Lecture Notes in Computer Science, Prague, Czech Republic, May 2–6, vol. 1592, pp. 295–310. Springer, Berlin, Germany (1999). · Zbl 0931.94021
[28] Gentry G.: Practical identity-based encryption without random oracles. In: Vaudenay S. (ed.) Advances in Cryptology–EUROCRYPT 2006. Lecture Notes in Computer Science, St. Petersburg, Russia, May 28 to June 1, vol. 4004, pp. 445–464. Springer, Berlin, Germany (2006). · Zbl 1140.94340
[29] Gentry C., Silverberg A.: Hierarchical ID-based cryptography. In: Zheng Y. (ed.) Advances in Cryptology–ASIACRYPT 2002. Lecture Notes in Computer Science, Queenstown, New Zealand, December 1–5, vol. 2501, pp. 548–566. Springer, Berlin, Germany (2002). · Zbl 1065.94547
[30] Kiltz E.: Chosen-ciphertext security from tag-based encryption. In: Halevi S., Rabin T. (eds.) TCC 2006: 3rd Theory of Cryptography Conference. Lecture Notes in Computer Science, New York, NY, USA, March 4–7, vol. 3876, pp. 581–600. Springer, Berlin, Germany (2006). · Zbl 1113.94008
[31] Kiltz E.: On the limitations of the spread of an IBE-to-PKE transformation. In: Yung M., Dodis Y., Kiayias A., Malkin T. (eds.) PKC 2006: 9th International Conference on Theory and Practice of Public Key Cryptography. Lecture Notes in Computer Science, New York, NY, USA, April 24–26, vol. 3958, pp. 274–289, Springer, Berlin, Germany (2006). · Zbl 1151.94526
[32] Kiltz E.: From selective-ID to full security: the case of the inversion-based Boneh-Boyen IBE scheme. Cryptology ePrint Archive, Report 2007/033, http://eprint.iacr.org/ (2007).
[33] Kiltz E., Galindo D.: Direct chosen-ciphertext secure identity-based key encapsulation without random oracles. In: ACISP 2006, vo. 4058, pp. 336–347. Springer (2006). · Zbl 1176.94046
[34] Krawczyk H., Rabin T.: Chameleon signatures. In: ISOC Network and Distributed System Security Symposium NDSS 2000, San Diego, California, USA, February 2–4. The Internet Society (2000).
[35] Malkin T., Moriarty R., Yakovenko N.: Generalized environmental security from number theoretic assumptions. In: Halevi S., Rabin T. (eds.) TCC 2006: 3rd Theory of Cryptography Conference. Lecture Notes in Computer Science, New York, NY, USA, March 4–7, vol. 3876, pp. 343–359. Springer, Berlin, Germany (2006). · Zbl 1112.94016
[36] Naor M.: Bit commitment using pseudo-randomness. J. Crypt. 4(2), 151–158 (1991) · Zbl 0731.68033 · doi:10.1007/BF00196774
[37] Naor M., Yung M.: Universal one-way hash functions and their cryptographic applications. In: 21st Annual ACM Symposium on Theory of Computing, Seattle, Washington, USA, May 15–17, pp. 33–43. ACM Press (1989).
[38] Naor M., Yung M.: Public-key cryptosystems provably secure against chosen ciphertext attacks. In: 22nd Annual ACM Symposium on Theory of Computing, Baltimore, Maryland, USA, May 14–16, ACM Press (1990).
[39] Page D., Smart N.P., Vercauteren F.: A comparison of MNT curves and supersingular curves. Cryptology ePrint Archive, Report 2004/165, http://eprint.iacr.org/ (2004). · Zbl 1134.94377
[40] Pedersen T.P.: Non-interactive and information-theoretic secure verifiable secret sharing. In: Feigenbaum J. (ed.) Advances in Cryptology–CRYPTO’91. Lecture Notes in Computer Science, Santa Barbara, CA, USA, August 11–15, vol. 576, pp. 129–140. Springer, Berlin, Germany (1992). · Zbl 0763.94015
[41] Prabhakaran M., Sahai A.: New notions of security: Achieving universal composability without trusted setup. In: STOC’04, pp. 242–251. ACM (2004). · Zbl 1192.94124
[42] Rackoff C., Simon D.R.: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In: Feigenbaum J. (ed.) Advances in Cryptology–CRYPTO’91. Lecture Notes in Computer Science, Santa Barbara, CA, USA, August 11–15, vol. 576, pp. 433–444. Springer, Berlin, Germany (1992). · Zbl 0767.94006
[43] Sahai A.: Non-malleable non-interactive zero knowledge and adaptive chosen-ciphertext security. In: FOCS, pp. 543–553 (1999).
[44] Sakai R., Ohgishi K., Kasahara M.: Cryptosystems based on pairing. In: SCIS 2000, Okinawa, Japan, January (2000).
[45] Shamir A.: Identity-based cryptosystems and signature schemes. In: Blakley G.R., Chaum D. (eds.) Advances in Cryptology–CRYPTO’84. Lecture Notes in Computer Science, Santa Barbara, CA, USA, August 19–23, vol. 196. Springer, Berlin, Germany (1985).
[46] Shoup V., Gennaro R.: Securing threshold cryptosystems against chosen ciphertext attack. In: Nyberg K. (ed.) Advances in Cryptology–EUROCRYPT’98. Lecture Notes in Computer Science, Espoo, Finland, May 31 to June 4, vol. 1403, pp. 1–16. Springer, Berlin, Germany (1998). · Zbl 0919.94031
[47] Waters B.R.: Efficient identity-based encryption without random oracles. In: Cramer R. (ed.) Advances in Cryptology–EUROCRYPT 2005. Lecture Notes in Computer Science, Aarhus, Denmark, May 22–26, vol. 3494, pp. 114–127. Springer, Berlin, Germany (2005). · Zbl 1137.94360
[48] Zhang R.: Tweaking TBE/IBE to PKE transforms with chameleon hash functions. ACNS 2007 (2007). · Zbl 1214.94058
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.