Multi-identity management for identity-based cryptography

Abstract In identity-based (or ID-based) cryptography, user identities can be employed as public keys, where each public key maps a unique private key generated by a trusted authority usually called Private Key Generator (PKG). In some situations, a user could hold multiple identities; therefore, he has to manage the same number of private keys. This adds extra work to the user, especially when the number is large. In this paper, we tackle this issue by proposing two novel key management schemes that allow a single private key to map multiple public keys (identities). We name them Multi-Identity-Based Encryption (MIBE) and Mutable Identity-Based Signature (MIBS), respectively. In MIBE scheme, a single private key can be used to decrypt multiple ciphertexts encrypted with different public keys associated to the single private key. In MIBS, there is only a single private key that maps various public keys (identities).We refer to this property of public keys as mutable. We also provide complete security analysis to our schemes.

[1]  Ran Canetti,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[2]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[3]  Josh Benaloh,et al.  One-Way Accumulators: A Decentralized Alternative to Digital Sinatures (Extended Abstract) , 1994, EUROCRYPT.

[4]  M. Kasahara,et al.  A New Traitor Tracing , 2002, IEICE Trans. Fundam. Electron. Commun. Comput. Sci..

[5]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[6]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[7]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[8]  Florian Hess,et al.  Efficient Identity Based Signature Schemes Based on Pairings , 2002, Selected Areas in Cryptography.

[9]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[10]  Fuchun Guo,et al.  Multi-Identity Single-Key Decryption without Random Oracles , 2007, Inscrypt.

[11]  Birgit Pfitzmann,et al.  Collision-Free Accumulators and Fail-Stop Signature Schemes Without Trees , 1997, EUROCRYPT.

[12]  Kenneth G. Paterson,et al.  Efficient Identity-Based Signatures Secure in the Standard Model , 2006, ACISP.

[13]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[14]  Jan Camenisch,et al.  Dynamic Accumulators and Application to Efficient Revocation of Anonymous Credentials , 2002, CRYPTO.

[15]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[16]  Chanathip Namprempre,et al.  Security Proofs for Identity-Based Identification and Signature Schemes , 2008, Journal of Cryptology.

[17]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[18]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[19]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[20]  Lan Nguyen,et al.  Accumulators from Bilinear Pairings and Applications , 2005, CT-RSA.

[21]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[22]  Dan Boneh,et al.  Hierarchical Identity Based Encryption with Constant Size Ciphertext , 2005, EUROCRYPT.

[23]  Fuchun Guo,et al.  Identity-Based Encryption: How to Decrypt Multiple Ciphertexts Using a Single Decryption Key , 2007, Pairing.

[24]  Fuchun Guo,et al.  Mutative Identity-Based Signatures or Dynamic Credentials Without Random Oracles , 2007, CANS.

[25]  Brent Waters,et al.  Fuzzy Identity-Based Encryption , 2005, EUROCRYPT.

[26]  Ben Lynn,et al.  Toward Hierarchical Identity-Based Encryption , 2002, EUROCRYPT.

[27]  Jung Hee Cheon,et al.  Security Analysis of the Strong Diffie-Hellman Problem , 2006, EUROCRYPT.