How to construct identity-based signatures without the key escrow problem

The inherent key escrow problem is one of the main reasons for the slow adoption of identity-based cryptography. The existing solution for mitigating the key escrow problem is by adopting multiple Private Key Generators (PKGs). Recently, there was a proposal that attempted to reduce the trust of the PKG by allowing a malicious PKG to be caught if he reveals the user’s identity-based private key illegally. Nonetheless, the proposal does not consider that the PKG can simply decrypt the ciphertext instead of revealing the private key itself (in the case of identity-based encryption schemes). The aim of this paper is to present an escrow-free identity-based signature (IBS) scheme, in which the malicious PKG will be caught if it releases a signature on behalf of the user but signed by itself. We present a formal model to capture such a scheme and provide a concrete construction.

[1]  Vipul Goyal,et al.  Reducing Trust in the PKG in Identity Based Cryptosystems , 2007, CRYPTO.

[2]  Marc Girault,et al.  Self-Certified Public Keys , 1991, EUROCRYPT.

[3]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[4]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[5]  Mihir Bellare,et al.  Key-Privacy in Public-Key Encryption , 2001, ASIACRYPT.

[6]  Sherman S. M. Chow Removing Escrow from Identity-Based Encryption , 2009, Public Key Cryptography.

[7]  Chanathip Namprempre,et al.  Security Proofs for Identity-Based Identification and Signature Schemes , 2008, Journal of Cryptology.

[8]  Melissa Chase,et al.  On Signatures of Knowledge , 2006, CRYPTO.

[9]  Yi Mu,et al.  Certificate-Based Signature: Security Model and Efficient Construction , 2007, EuroPKI.

[10]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[11]  Mihir Bellare,et al.  GQ and Schnorr Identification Schemes: Proofs of Security against Impersonation under Active and Concurrent Attacks , 2002, CRYPTO.

[12]  Brent Waters,et al.  Black-box accountable authority identity-based encryption , 2008, CCS.

[13]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[14]  Yi Mu,et al.  How to Construct Identity-Based Signatures without the Key Escrow Problem , 2009, EuroPKI.

[15]  Javier Herranz,et al.  On the Generic Construction of Identity-Based Signatures with Additional Properties , 2006, ASIACRYPT.

[16]  Craig Gentry,et al.  Certificate-Based Encryption and the Certificate Revocation Problem , 2003, EUROCRYPT.

[17]  Kwangjo Kim,et al.  New ID-based group signature from pairings , 2006 .

[18]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[19]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[20]  Yi Mu,et al.  Malicious KGC attacks in certificateless cryptography , 2007, ASIACCS '07.

[21]  Xiaotie Deng,et al.  Key Replacement Attack Against a Generic Construction of Certificateless Signature , 2006, ACISP.

[22]  Joseph K. Liu,et al.  Traceable and Retrievable Identity-Based Encryption , 2008, ACNS.

[23]  Je Hong Park,et al.  A Certificate-Based Signature Scheme , 2004, CT-RSA.

[24]  Siu-Ming Yiu,et al.  Separable and Anonymous Identity-Based Key Issuing , 2005, 11th International Conference on Parallel and Distributed Systems (ICPADS'05).