Chosen-Ciphertext Secure Threshold Identity-Based Key Encapsulation Without Random Oracles

  • David Galindo
  • Eike Kiltz
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4116)


We describe the first identity-based key encapsulation mechanism with threshold key delegation and decapsulation that is secure in the standard model against chosen-ciphertext (CCA2) attacks. Our scheme is unconditionally consistent and proved secure under the Bilinear Decisional Diffie-Hellman assumption.


Random Oracle Random Oracle Model Identity Base Encryption Multiplicative Cyclic Group Honest Player 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abdalla, M., Bellare, M., Catalano, D., Kiltz, E., Kohno, T., Lange, T., Malone-Lee, J., Neven, G., Paillier, P., Shi, H.: Searchable encryption revisited: Consistency properties, relation to anonymous IBE, and extensions. In: Shoup, V. (ed.) CRYPTO 2005. LNCS, vol. 3621, pp. 205–222. Springer, Heidelberg (2005)Google Scholar
  2. 2.
    Baek, J., Zheng, Y.: Identity-based threshold decryption. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 262–276. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  3. 3.
    Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998)Google Scholar
  4. 4.
    Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: ACM CCS 1993, pp. 62–73. ACM Press, New York (1993)CrossRefGoogle Scholar
  5. 5.
    Bentahar, K., Farshim, P., Malone-Lee, J., Smart, N.: Generic constructions of identity-based and certificateless KEMs. Cryptology ePrint Archive, Report, 2005/058 (2005),
  6. 6.
    Boneh, D., Boyen, X., Goh, E.-J.: Hierarchical identity based encryption with constant size ciphertext. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 440–456. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Boneh, D., Boyen, X., Halevi, S.: Chosen ciphertext secure public key threshold encryption without random oracles. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 226–243. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  8. 8.
    Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  9. 9.
    Boneh, D., Franklin, M.K.: Identity based encryption from the Weil pairing. SIAM Journal on Computing 32(3), 586–615 (2003)MATHCrossRefMathSciNetGoogle Scholar
  10. 10.
    Boyen, X., Mei, Q., Waters, B.: Simple and efficient CCA2 security from IBE techniques. In: ACM Conference on Computer and Communications Security—CCS 2005, pp. 320–329. ACM Press, New York (2005), Available at: CrossRefGoogle Scholar
  11. 11.
    Canetti, R., Goldreich, O., Halevi, S.: The random oracle methodology, revisited. In: 30th ACM STOC, pp. 209–218. ACM Press, New York (1998)Google Scholar
  12. 12.
    Chai, Z., Cao, Z., Lu, R.: ID-based threshold decryption without random oracles and its application in key escrow. In: Proceedings of ICISC (2004)Google Scholar
  13. 13.
    Dodis, Y., Yung, M.: Exposure-resilience for free: The hierarchical id-based encryption case. In: Proceedings of IEEE Security in Storage Workshop 2002, pp. 45–52 (2002)Google Scholar
  14. 14.
    Galindo, D., Kiltz, E.: Direct chosen-ciphertext secure identity-based key encapsulation without random oracles. In: Batten, L.M., Safavi-Naini, R. (eds.) ACISP 2006. LNCS, vol. 4058, pp. 336–347. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  15. 15.
    Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  16. 16.
    Joux, A.: A one round protocol for tripartite diffie-hellman. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 385–394. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  17. 17.
    Kiltz, E., Galindo, D.: Direct chosen-ciphertext secure identity-based key encapsulation without random oracles (January 2006), Available at:
  18. 18.
    Sakai, K.O.R., Kasahara, M.: Cryptosystems based on pairings. In: Proceedings of the Symposium on Cryptography and Information Security — SCIS 2000, pp. 26–28 (January 2000)Google Scholar
  19. 19.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  20. 20.
    Shoup, V., Gennaro, R.: Securing threshold cryptosystems against chosen ciphertext attack. In: Nyberg, K. (ed.) EUROCRYPT 1998. LNCS, vol. 1403, pp. 1–16. Springer, Heidelberg (1998)CrossRefGoogle Scholar
  21. 21.
    Waters, B.R.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • David Galindo
    • 1
  • Eike Kiltz
    • 2
  1. 1.Radboud University NijmegenThe Netherlands
  2. 2.CWI AmsterdamThe Netherlands

Personalised recommendations