Abstract
The inherent key escrow problem is one of the main reasons for the slow adoption of identity-based cryptography. The existing solution for mitigating the key escrow problem is by adopting multiple Private Key Generators (PKGs). Recently, there was a proposal that attempted to reduce the trust of the PKG by allowing a malicious PKG to be caught if he reveals the user’s identity-based private key illegally. Nonetheless, the proposal does not consider that the PKG can simply decrypt the ciphertext instead of revealing the private key itself (in the case of identity-based encryption schemes). The aim of this paper is to present an escrow-free identity-based signature (IBS) scheme, in which the malicious PKG will be caught if it releases a signature on behalf of the user but signed by itself. We present a formal model to capture such a scheme and provide a concrete construction.
Similar content being viewed by others
References
Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: ASIACRYPT 2003, LNCS, vol. 2894, pp. 452–473 Springer (2003)
Au, M.H., Huang, Q., Liu, J.K., Susilo, W., Wong, D.S., Yang, G.: Traceable and retrievable identity-based encryption. In: ACNS 2008, LNCS, vol. 5037, pp. 94–110 (2008)
Au, M.H., Mu, Y., Chen, J., Wong, D.S., Liu, J.K., Yang, G.: Malicious KGC attacks in certificateless cryptography. In: ASIACCS 2007, pp. 302–311. ACM (2007) doi:10.1145/1229285.1266997
Bellare, M., Boldyreva, A., Desai, A., Pointcheval, D.: Key-privacy in public-key encryption. In: ASIACRYPT 2001, LNCS, vol. 2248, pp. 566–582. Springer (2001)
Bellare, M., Namprempre, C., Neven, G.: Security proofs for identity-based identification and signature schemes. In: EUROCRYPT 2004, LNCS, vol. 3027, pp. 268–286. Springer (2004)
Bellare, M., Palacio, A.: GQ and schnorr identification schemes: Proofs of security against impersonation under active and concurrent attacks. In: CRYPTO 2002, LNCS, vol. 2442, pp. 162–177. Springer (2002)
Boneh, D., Boyen, X.: Short signatures without random oracles. In: EUROCRYPT 2004, LNCS, vol. 3027, pp. 56–73. Springer (2004)
Boneh, D., Franklin, M.K.: Identity-based encryption from the weil pairing. In: CRYPTO 2001, LNCS, vol. 2139, pp. 213–229. Springer (2001)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: ASIACRYPT 2001, LNCS, vol. 2248, pp. 514–532. Springer (2001)
Chase, M., Lysyanskaya, A.: On signatures of knowledge. In: CRYPTO 2006, LNCS, vol. 4117, pp. 78–96. Springer (2006)
Chen X., Zhang F., Kim K.: New id-based group signature from pairings. J. Electron. (China) 23(6), 892–900 (2006)
Chow, S.S.M.: Removing escrow from identity-based encryption. In: PKC 2009, LNCS, vol. 5443, pp. 256–276. Springer (2009)
Galindo, D., Herranz, J., Kiltz, E.: On the generic construction of identity-based signatures with additional properties. In: ASIACRYPT 2006, LNCS, vol. 4284, pp. 178–193. Springer (2006)
Gentry, C.: Certificate-based encryption and the certificate revocation problem. In: EUROCRYPT 2003, LNCS, vol. 2656, pp. 272–293. Springer (2003)
Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: ASIACRYPT 2002, LNCS, vol. 2501, pp. 548–566. Springer (2002)
Girault, M.: Self-certified public keys. In: EUROCRYPT ’91, LNCS, vol. 547, pp. 490–497. Springer (1991)
Goyal, V.: Reducing trust in the PKG in Identity Based Cryptosystems. In: CRYPTO 2007, LNCS, vol. 4622, pp. 430–447. Springer (2007)
Goyal, V., Lu, S., Sahai, A., Waters, B.: Black-box accountable authority identity-based encryption. In: CCS 2008, pp. 427–436. ACM (2008)
Hu, B.C., Wong, D.S., Zhang, Z., Deng, X.: Key replacement attack against a generic construction of certificateless signature. In: ACISP 2006, LNCS, vol. 4058, pp. 235–246. Springer (2006)
Kang, B.G., Park, J.H., Hahn, S.G.: A certificate-based signature scheme. In: CT-RSA 2004, LNCS, vol. 2964, pp. 99–111. Springer (2004)
Li, J., Huang, X., Mu, Y., Susilo, W., Wu, Q.: Certificate-based signature: Security model and efficient construction. In: EuroPKI 2007, LNCS, vol. 4582, pp. 110–125. Springer (2007)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: CRYPTO ’84, LNCS, vol. 196, pp. 47–53. Springer (1984)
Sui, A.F., Chow, S.S.M., Hui, L.C.K., Yiu, S.M., Chow, K.P., Tsang, W.W., Chong, C.F., Pun, K.K.H., Chan, H.W.: Separable and anonymous identity-based key issuing. In: ICPADS 2005, pp. 275–279. IEEE Computer Society (2005)
Yuen, T.H., Susilo, W., Mu, Y.: How to construct identity-based signatures without the key escrow problem. Cryptology ePrint Archive, Report 2009/421 (2009). To appear in EuroPKI 2009
Author information
Authors and Affiliations
Corresponding author
Additional information
This is an extended version of the paper in [24]. We improve the notations in the security model in [24]. We give some generic conversions between the escrow-free identity-based signatures and other cryptographic primitives in Sect. 8.
Rights and permissions
About this article
Cite this article
Yuen, T.H., Susilo, W. & Mu, Y. How to construct identity-based signatures without the key escrow problem. Int. J. Inf. Secur. 9, 297–311 (2010). https://doi.org/10.1007/s10207-010-0110-5
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-010-0110-5
Keywords
- Identity-based signatures
- Key escrow
- Certificateless signatures
- Certificate-based signatures
- Self-certificated signatures