论文信息 - An Efficient Hierarchical Identity-Based Encryption Scheme for the Key Escrow

An Efficient Hierarchical Identity-Based Encryption Scheme for the Key Escrow

Hierarchical Identity-Based Encryption (HIBE) is a generalization of Identity-Based Encryption (IBE) that mirrors an organizational hierarchy, however, the residual key escrow problem has still remained. This paper introduces a new scheme, based on the security notion of anonymous ciphertext indistinguishability against key generation center (ACI-KGC) security proposed by Chow, to remove the inherent key escrow problem. The scheme employs multiple Identity Certification Authorities (ICAs) which can ensure that the Private Key Generators (PKGs) distribute private key without knowing the list of user’s identity information, so as to prevent malicious PKGs from decrypting message on behalf of user or maliciously make user’s private key public. Security analysis shows that the scheme can solve the key escrow with keeping the high-efficiency and security of HIBE system. In contrast to Chen’s T-HIBE and Chow’s scheme, to generating the user’s private key, our scheme does not require the multiple KPAs or the complex interactive protocol which take too much extra computation costs. And comparing with GS-HIBE, our scheme focuses on solving the key escrow problem with outstanding performance and security of HIBE system.

Yuanlong Li | Fang Qi | Zhe Tang

[1] Melissa Chase. Efficient non-interactive zero-knowledge proofs for privacy applications , 2008 .

[2] Dan Boneh,et al. Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[3] Siu-Ming Yiu,et al. Separable and Anonymous Identity-Based Key Issuing , 2005, 11th International Conference on Parallel and Distributed Systems (ICPADS'05).

[4] Craig Gentry,et al. Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[5] Jinshu Su,et al. T-HIBE: A Trustworthy HIBE Scheme for the OSN Privacy Protection , 2015, 2015 International Symposium on Security and Privacy in Social Networks and Big Data (SocialSec).

[6] Dan Boneh,et al. Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[7] Ben Lynn,et al. Toward Hierarchical Identity-Based Encryption , 2002, EUROCRYPT.

[8] Sherman S. M. Chow. Removing Escrow from Identity-Based Encryption , 2009, Public Key Cryptography.

[9] Alexandra Boldyreva,et al. Efficient threshold signature, multisignature and blind signature schemes based on the Gap-Diffie-Hellman-Group signature scheme , 2002 .

[10] Vipul Goyal,et al. Reducing Trust in the PKG in Identity Based Cryptosystems , 2007, CRYPTO.

[11] Craig Gentry,et al. Certificate-Based Encryption and the Certificate Revocation Problem , 2003, EUROCRYPT.

[12] Liqun Chen,et al. Applications of Multiple Trust Authorities in Pairing Based Cryptosystems , 2002, InfraSec.