Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption

  • Dan Boneh
  • Jonathan Katz
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3376)

Abstract

Recently, Canetti, Halevi, and Katz showed a general method for constructing CCA-secure encryption schemes from identity-based encryption schemes in the standard model. We improve the efficiency of their construction, and show two specific instantiations of our resulting scheme which offer the most efficient encryption (and, in one case, key generation) of any CCA-secure encryption scheme to date.

Keywords

Chosen-ciphertext security Identity-based encryption Public-key encryption 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)Google Scholar
  2. 2.
    Bellare, M., Rogaway, P.: Random Oracles are Practical: a Paradigm for Designing Efficient Protocols. In: First ACM Conf. on Computer and Comm. Security, pp. 62–73. ACM, New York (1993)CrossRefGoogle Scholar
  3. 3.
    Bleichenbacher, D.: Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS #1. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 1–12. Springer, Heidelberg (1998)Google Scholar
  4. 4.
    Blum, M., Feldman, P., Micali, S.: Non-Interactive Zero-Knowledge and its Applications. In: 20th ACM Symposium on Theory of Computing (STOC), pp. 103–112. ACM, New York (1988)Google Scholar
  5. 5.
    Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004), http://eprint.iacr.org/2004/172 CrossRefGoogle Scholar
  6. 6.
    Boneh, D., Boyen, X.: Secure identity based encryption without random oracles. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 443–459. Springer, Heidelberg (2004)Google Scholar
  7. 7.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001); Full version in SIAM J. Computing 32(3), 586–615 (2003), available from, http://crypto.stanford.edu/~dabo/pubs.html
  8. 8.
    Canetti, R.: Universally Composable Security: A New Paradigm for Cryptographic Protocols. In: 42nd IEEE Symp. on Foundations of Computer Science (FOCS), pp. 136–145. IEEE, Los Alamitos (2001), Full version available at, http://eprint.iacr.org/2000/067/ Google Scholar
  9. 9.
    Canetti, R., Goldreich, O., Halevi, S.: The Random Oracle Methodology, Revisited. In: 30th ACM Symp. on Theory of Computing (STOC), pp. 209–218. ACM, New York (1998)Google Scholar
  10. 10.
    Canetti, R., Halevi, S., Katz, J.: A Forward-Secure Public-Key Encryption Scheme. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 255–271. Springer, Heidelberg (2003), http://eprint.iacr.org/2003/083 CrossRefGoogle Scholar
  11. 11.
    Canetti, R., Halevi, S., Katz, J.: Chosen-Ciphertext Security from Identity-Based Encryption. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 207–222. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  12. 12.
    Cocks, C.: An Identity-Based Encryption Scheme Based on Quadratic Residues. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 360–363. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  13. 13.
    Cramer, R., Shoup, V.: A Practical Public Key Cryptosystem Provably Secure Against Chosen Ciphertext Attack. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 13–25. Springer, Heidelberg (1998)Google Scholar
  14. 14.
    Cramer, R., Shoup, V.: Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 45–64. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  15. 15.
    Camenisch, J., Shoup, V.: Practical Verifiable Encryption and Decryption of Discrete Logarithms. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 126–144. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  16. 16.
    Damgård, I.B., Pedersen, T.P., Pfitzmann, B.: On the Existence of Statistically- Hiding Bit Commitment Schemes and Fail-Stop Signatures. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 250–265. Springer, Heidelberg (1994)Google Scholar
  17. 17.
    Dolev, D., Dwork, C., Naor, M.: Non-Malleable Cryptography. SIAM J. Computing 30(2), 391–437 (2000)MATHCrossRefMathSciNetGoogle Scholar
  18. 18.
    Feige, U., Lapidot, D., Shamir, A.: Multiple Non-Interactive Zero-Knowledge Proofs Under General Assumptions. SIAM J. Computing 29(1), 1–28 (1999)MATHCrossRefMathSciNetGoogle Scholar
  19. 19.
    Gennaro, R., Lindell, Y.: A Framework for Password-Based Authenticated Key Exchange. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 524–543. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  20. 20.
    Goldwasser, S., Micali, S., Rivest, R.: A Digital Signature Scheme Secure against Adaptive Chosen-Message Attacks. SIAM J. Computing 17(2), 281–308 (1988)MATHCrossRefMathSciNetGoogle Scholar
  21. 21.
    Halevi, S., Micali, S.: Practical and provably-secure commitment schemes from collision-free hashing. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 201–215. Springer, Heidelberg (1996)Google Scholar
  22. 22.
    Håstad, J., Impagliazzo, R., Levin, L., Luby, M.: Construction of a Pseudorandom Generator from any One-Way Function. SIAM J. Comp. 28(4), 1364–1396 (1999)MATHCrossRefGoogle Scholar
  23. 23.
    Howgrave-Graham, N., Nguyen, P.Q., Pointcheval, D., Proos, J., Silverman, J.H., Singer, A., Whyte, W.: The Impact of Decryption Failures on the Security of NTRU Encryption. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 226–246. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  24. 24.
    Joye, M., Quisquater, J.-J., Yung, M.: On the Power of Misbehaving Adversaries and Security Analysis of the Original EPOC. In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 208–222. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  25. 25.
    Kurosawa, K., Desmedt, Y.: A New Paradigm of Hybrid Encryption Scheme. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 426–442. Springer, Heidelberg (2004)Google Scholar
  26. 26.
    Lamport, L.: Constructing Digital Signatures from a One-Way Function. Technical Report CSL-98, SRI International (1978)Google Scholar
  27. 27.
    Lindell, Y.: A Simpler Construction of CCA-Secure Public-Key Encryption Under General Assumptions. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 241–254. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  28. 28.
    Naor, M., Yung, M.: Universal One-Way Hash Functions and Their Cryptographic Applications. In: 21st ACM Symposium on Theory of Computing (STOC), pp. 33–43. ACM, New York (1989)Google Scholar
  29. 29.
    Rackoff, C., Simon, D.: Non-interactive zero-knowledge proof of knowledge and chosen ciphertext attack. In: Feigenbaum, J. (ed.) CRYPTO 1991. LNCS, vol. 576, pp. 433–444. Springer, Heidelberg (1992)Google Scholar
  30. 30.
    Sahai, A.: Non-Malleable Non-Interactive Zero Knowledge and Adaptive Chosen- Ciphertext Security. In: 40th IEEE Symposium on Foundations of Computer Science (FOCS), pp. 543–553. IEEE, Los Alamitos (1999)Google Scholar
  31. 31.
    Shamir, A.: Identity-Based Cryptosystems and Signature Schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  32. 32.
    Shoup, V.: Why Chosen Ciphertext Security Matters. IBM Research Report RZ 3076 (November 1998), Available at http://www.shoup.net/papers
  33. 33.
    Shoup, V.: Using Hash Functions as a Hedge Against Chosen Ciphertext Attack. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 275–288. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  34. 34.
    Waters, B.: Efficient Identity-Based Encryption Without Random Oracles, Available at http://eprint.iacr.org/2004/180
  35. 35.
    Wegman, M.N., Carter, J.L.: New Hash Functions and Their Use in Authentication and Set Equality. J. Computer System Sciences 22(3), 265–279 (1981)MATHCrossRefMathSciNetGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Dan Boneh
    • 1
  • Jonathan Katz
    • 2
  1. 1.Computer Science DepartmentStanford UniversityStanfordUSA
  2. 2.Dept. of Computer ScienceUniv. of Maryland 

Personalised recommendations