On the Anonymity of Identity-Based Encryption

Anonymity of identity-based encryption (IBE) means that given a ciphertext, one cannot distinguish the target identity from a random identity. In this paper, we thoroughly discuss the anonymity of IBE systems. We found that the current definition of anonymity is obscure to describe some IBE systems, such as Gentry IBE system. Furthermore, current definition cannot express the degree of anonymity. So we divide the degree of anonymity into weak anonymity and strong anonymity based on indistinguishability between different games. For weakly anonymous IBE systems, the target identity in a ciphertext cannot be distinguished from a random identity. For strongly anonymous IBE systems, the whole ciphertext cannot be distinguished from a random tuple. We also discuss the type of anonymity and divide it into two types. Type 1 means that a random tuple can be seen as a valid ciphertext, while type 2 cannot. Based on our new definitions, we show that three famous IBE systems, Gentry IBE system, Boyen-Waters IBE system, and Lewko IBE system, have strong but different types of anonymity.

[1]  Léo Ducas,et al.  Anonymity from Asymmetry: New Constructions for Anonymous HIBE , 2010, CT-RSA.

[2]  Wolfram Koepf,et al.  Lecture Notes in Computer Science (LNCS) , 2011 .

[3]  Elaine Shi,et al.  Multi-Dimensional Range Query over Encrypted Data , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).

[4]  Vincenzo Iovino,et al.  Hidden-Vector Encryption with Groups of Prime Order , 2008, Pairing.

[5]  Robin Milner,et al.  On Observing Nondeterminism and Concurrency , 1980, ICALP.

[6]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[7]  A. Lewko,et al.  Fully Secure HIBE with Short Ciphertexts , 2009 .

[8]  Brent Waters,et al.  Anonymous Hierarchical Identity-Based Encryption (Without Random Oracles) , 2006, CRYPTO.

[9]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[10]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[11]  Brent Waters,et al.  Dual System Encryption: Realizing Fully Secure IBE and HIBE under Simple Assumptions , 2009, IACR Cryptol. ePrint Arch..

[12]  Kenneth G. Paterson,et al.  Security and Anonymity of Identity-Based Encryption with Multiple Trusted Authorities , 2008, Pairing.

[13]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[14]  Allison Lewko,et al.  Tools for simulating features of composite order bilinear groups in the prime order setting , 2012 .

[15]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[16]  Xavier Boyen,et al.  Multipurpose Identity-Based Signcryption (A Swiss Army Knife for Identity-Based Cryptography) , 2003, CRYPTO.

[17]  Elaine Shi,et al.  Delegating Capabilities in Predicate Encryption Systems , 2008, ICALP.

[18]  Javier Herranz,et al.  Relations between semantic security and anonymity in identity-based encryption , 2011, Inf. Process. Lett..

[19]  Jan Camenisch,et al.  Blind and Anonymous Identity-Based Encryption and Authorised Private Searches on Public Key Encrypted Data , 2009, Public Key Cryptography.

[20]  Hoeteck Wee,et al.  Shorter IBE and Signatures via Asymmetric Pairings , 2012, Pairing.

[21]  Mihir Bellare,et al.  Searchable Encryption Revisited: Consistency Properties, Relation to Anonymous IBE, and Extensions , 2005, Journal of Cryptology.

[22]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[23]  Koutarou Suzuki,et al.  Fully Secure Anonymous Hierarchical Identity-Based Encryption with Constant Size Ciphertexts , 2011, IACR Cryptol. ePrint Arch..

[24]  Clifford C. Cocks An Identity Based Encryption Scheme Based on Quadratic Residues , 2001, IMACC.

[25]  Jonathan Katz,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[26]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[27]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[28]  Brent Waters,et al.  Conjunctive, Subset, and Range Queries on Encrypted Data , 2007, TCC.

[29]  Angelo De Caro,et al.  Fully Secure Anonymous HIBE and Secret-Key Anonymous IBE with Short Ciphertexts , 2010, Pairing.