Blind Identity-Based Encryption and Simulatable Oblivious Transfer

  • Matthew Green
  • Susan Hohenberger
Conference paper

DOI: 10.1007/978-3-540-76900-2_16

Part of the Lecture Notes in Computer Science book series (LNCS, volume 4833)
Cite this paper as:
Green M., Hohenberger S. (2007) Blind Identity-Based Encryption and Simulatable Oblivious Transfer. In: Kurosawa K. (eds) Advances in Cryptology – ASIACRYPT 2007. ASIACRYPT 2007. Lecture Notes in Computer Science, vol 4833. Springer, Berlin, Heidelberg


In an identity-based encryption (IBE) scheme, there is a key extraction protocol where a user submits an identity string to a master authority who then returns the corresponding secret key for that identity. In this work, we describe how this protocol can be performed efficiently and in a blind fashion for several known IBE schemes; that is, a user can obtain a secret key for an identity without the master authority learning anything about this identity.

We formalize this notion as blind IBE and discuss its many practical applications. In particular, we build upon the recent work of Camenisch, Neven, and shelat [12] to construct oblivious transfer (OT) schemes which achieve full simulatability for both sender and receiver. OT constructions with comparable efficiency prior to Camenisch et al. were proven secure in the weaker half-simulation model. Our OT schemes are constructed from the blind IBE schemes we propose, which require only static complexity assumptions (e.g., DBDH) whereas prior comparable schemes require dynamic assumptions (e.g., q-PDDH).

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Matthew Green
    • 1
  • Susan Hohenberger
    • 1
  1. 1.The Johns Hopkins University, Information Security Institute, 3400 N. Charles Street; Baltimore, MD 21218USA

Personalised recommendations