Towards Anonymous Ciphertext Indistinguishability with Identity Leakage

  • Tsz Hon Yuen
  • Cong Zhang
  • Sherman S. M. Chow
  • Joseph K. Liu
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8209)


Key escrow is a major drawback of identity-based encryption (IBE). The key generation centre (KGC) can generate the user secret key of any user by using the master secret key and the user’s identity. This paper presents a systematic study of what it takes to prevent a malicious KGC from decrypting a ciphertext encrypted for an honest user, which covers the case for certificateless encryption, and shows the impossibility of ideal escrow-free IBE, unless there is uncertainty in the user’s identity.

Our study also explains the underpinning idea of anonymous ciphertext indistinguishability (ACI), formalized by Chow in PKC 2009. An ACI-secure IBE prevent a KGC (or any logical entity which get holds of the master secret key, such as the collusion of a number of authorities holding the sufficient number of master secret’s shares) from decrypting if it does not know the intended recipient of the ciphertext, a guarantee that none of the existing attempts in the literature can provide.

The notion of ACI crucially relies on the privacy of user’s identity in the eyes of the KGC. The only privacy leakage allowed in Chow’s model is via querying an embedded-identity encryption oracle. In this paper, we strengthen his model to allow arbitrary bounded leakage of the recipient’s identity. We also give a generic construction on how to achieve this notion when the identity has enough entropy.


identity-based encryption anonymous ciphertext indistinguishability key escrow leakage 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  2. 2.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Chow, S.S.M.: Certificateless Encryption. In: Identity-Based Cryptography, pp. 135–155. IOS Press (2008)Google Scholar
  5. 5.
    Dent, A.W.: A Survey of Certificateless Encryption Schemes and Security Models. Int. J. Inf. Sec. 7(5), 349–377 (2008)CrossRefGoogle Scholar
  6. 6.
    Gentry, C.: Certificate-based encryption and the certificate revocation problem. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 272–293. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  7. 7.
    Girault, M.: Self-certified public keys. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 490–497. Springer, Heidelberg (1991)CrossRefGoogle Scholar
  8. 8.
    Chow, S.S.M.: Removing escrow from identity-based encryption. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 256–276. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  9. 9.
    Goyal, V.: Reducing trust in the PKG in identity based cryptosystems. In: Menezes, A. (ed.) CRYPTO 2007. LNCS, vol. 4622, pp. 430–447. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  10. 10.
    Au, M.H., Huang, Q., Liu, J.K., Susilo, W., Wong, D.S., Yang, G.: Traceable and retrievable identity-based encryption. In: Bellovin, S.M., Gennaro, R., Keromytis, A.D., Yung, M. (eds.) ACNS 2008. LNCS, vol. 5037, pp. 94–110. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Goyal, V., Lu, S., Sahai, A., Waters, B.: Black-box accountable authority identity-based encryption. In: CCS 2008, pp. 427–436. ACM (2008)Google Scholar
  12. 12.
    Yuen, T.H., Susilo, W., Mu, Y.: How to construct identity-based signatures without the key escrow problem. Int. J. Inf. Sec. 9(4), 297–311 (2010)CrossRefGoogle Scholar
  13. 13.
    Chow, S.S.M., Boyd, C., González Nieto, J.M.: Security-Mediated Certificateless Cryptography. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 508–524. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  14. 14.
    Lewko, A., Rouselakis, Y., Waters, B.: Achieving leakage resilience through dual system encryption. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 70–88. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  15. 15.
    Yuen, T.H., Chow, S.S.M., Zhang, Y., Yiu, S.M.: Identity-based encryption resilient to continual auxiliary leakage. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 117–134. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  16. 16.
    Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults (extended abstract). In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  17. 17.
    Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)CrossRefGoogle Scholar
  18. 18.
    Bellare, M., Paterson, K.G., Thomson, S.: RKA security beyond the linear barrier: IBE, encryption and signatures. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 331–348. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  19. 19.
    Chow, S.S.M.: New Privacy-Preserving Architectures for Identity-/Attribute-based Encryption. PhD thesis, New York University (2010)Google Scholar
  20. 20.
    Dodis, Y., Lewko, A.B., Waters, B., Wichs, D.: Storing Secrets on Continually Leaky Devices. In: Ostrovsky, R. (ed.) FOCS 2011, pp. 688–697. IEEE (2011)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Tsz Hon Yuen
    • 1
  • Cong Zhang
    • 1
  • Sherman S. M. Chow
    • 2
  • Joseph K. Liu
    • 3
  1. 1.Department of Computer ScienceThe University of Hong KongHong Kong
  2. 2.Department of Information EngineeringThe Chinese University of Hong KongHong Kong
  3. 3.Institute for Infocomm ResearchSingapore

Personalised recommendations