Traceable and Retrievable Identity-Based Encryption
Very recently, the concept of Traceable Identity-based Encryption (IBE) scheme (or Accountable Authority Identity based Encryption scheme) was introduced in Crypto 2007. This concept enables some mechanisms to reduce the trust of a private key generator (PKG) in an IBE system. The aim of this paper is threefold. First, we discuss some subtleties in the first traceable IBE scheme in the Crypto 2007 paper. Second, we present an extension to this work by having the PKG’s master secret key retrieved automatically if more than one user secret key are released. This way, the user can produce a concrete proof of misbehaviour of the PKG in the court. In contrast to previous approach, our idea gives strong incentive for the PKG to strengthen the security of the system since if someone can successfully release a user’s secret key, it means that his security is also compromised. We present a formal model to capture our idea. Third, we present an efficient construction based on Gentry’s IBE that satisfies our model and prove its security. Our construction is proven secure in the random oracle model. Nevertheless, we should emphasize that the aim of this paper is to introduce the new model to strengthen the IBE system.
KeywordsIdentity-based Encryption Traceability Retrievability PKG Trust
Unable to display preview. Download preview PDF.
- 5.Goyal, V.: Reducing trust in the PKG in identity based cryptosystems. Cryptology ePrint Archive, Report 2007/368 (2007); revised and extended version of , http://eprint.iacr.org/2007/368
- 6.Schnorr, C.P.: Efficient identification and signatures for smart cards. In: Brassard, G. (ed.) CRYPTO 1989. LNCS, vol. 435, pp. 235–251. Springer, Heidelberg (1990)Google Scholar
- 7.Camenisch, J., Stadler, M.: Proof systems for general statements about discrete logarithms. Technical Report 260, Institute for Theoretical Computer Science, ETH Zurich (1997)Google Scholar
- 8.Cramer, R., Damgård, I., MacKenzie, P.: Efficient zero-knowledge proofs of knowledge without intractability assumptions. In: Imai, H., Zheng, Y. (eds.) PKC 2000. LNCS, vol. 1751, pp. 354–373. Springer, Heidelberg (2000)Google Scholar