Chosen Ciphertext Security from Identity-Based Encryption Without Strong Condition

Recently, Canetti et al [11] gave a generic construction (called CHK construction) of public key encryption (PKE) from a selective identity-based encryption scheme combined with a strong one-time signature scheme. Later, few schemes were proposed to improve the efficiency of CHK construction [11], for example, Boneh-Katz scheme [8] replaced a strong one-time signature with a message authentication code and Boyen-Mei-Waters scheme [9] was constructed directly from Waters' IBE scheme. But, both constructions have either trade-off the publicly verifiable property or security against adaptive chosen-ciphertext attack. We ask a question whether it is possible to construct an efficient and publicly verifiable PKE scheme from a selective IBE scheme with a weak one-time signature scheme. In this paper, we provide an affirmative answer and construct a public key encryption scheme which preserves the publicly verifiable property and is secure against adaptive chosen-ciphertext attack. The construction of the proposed scheme is based on Boneh-Boyen identity-based encryption (IBE) scheme [5] and a weak one-time signature scheme (using Waters' signature scheme [24]) built within Boneh-Boyen IBE scheme. In this construction, one-time signature scheme is not required to be strongly existential unforgeable as Waters' signature scheme is not a strongly existential unforgeability. We also show that the proposed scheme is ”almost” as efficient as the original Boneh-Boyen IBE scheme.

[1]  Brent Waters,et al.  Strongly Unforgeable Signatures Based on Computational Diffie-Hellman , 2006, Public Key Cryptography.

[2]  Ronald Cramer,et al.  Universal Hash Proofs and a Paradigm for Adaptive Chosen Ciphertext Secure Public-Key Encryption , 2001, EUROCRYPT.

[3]  Brent Waters,et al.  Efficient Identity-Based Encryption Without Random Oracles , 2005, EUROCRYPT.

[4]  Joan Feigenbaum,et al.  Advances in Cryptology-Crypto 91 , 1992 .

[5]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[6]  Moni Naor,et al.  Universal one-way hash functions and their cryptographic applications , 1989, STOC '89.

[7]  David Naccache,et al.  Secure and Practical Identity-based Encryption , 2005 .

[8]  Qixiang Mei,et al.  Direct chosen ciphertext security from identity-based techniques , 2005, CCS '05.

[9]  Dan Boneh,et al.  Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles , 2004, IACR Cryptol. ePrint Arch..

[10]  Dan Boneh,et al.  Short Signatures Without Random Oracles , 2004, EUROCRYPT.

[11]  Tatsuaki Okamoto,et al.  Cryptography Based on Bilinear Maps , 2006, AAECC.

[12]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2006 .

[13]  Dan Boneh,et al.  Secure Identity Based Encryption Without Random Oracles , 2004, CRYPTO.

[14]  Aggelos Kiayias,et al.  Traceable Signatures , 2004, EUROCRYPT.

[15]  Ronald Cramer,et al.  A Practical Public Key Cryptosystem Provably Secure Against Adaptive Chosen Ciphertext Attack , 1998, CRYPTO.

[16]  Alfred Menezes,et al.  Topics in Cryptology – CT-RSA 2005 , 2005 .

[17]  Aggelos Kiayias,et al.  Traitor Tracing with Constant Transmission Rate , 2002, EUROCRYPT.

[18]  Hugo Krawczyk,et al.  Advances in Cryptology - CRYPTO '98 , 1998 .

[19]  Ronald Cramer,et al.  Design and Analysis of Practical Public-Key Encryption Schemes Secure against Adaptive Chosen Ciphertext Attack , 2003, SIAM J. Comput..

[20]  Daniel R. Simon,et al.  Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack , 1991, CRYPTO.

[21]  Jonathan Katz,et al.  Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption , 2005, CT-RSA.

[22]  Silvio Micali,et al.  A Digital Signature Scheme Secure Against Adaptive Chosen-Message Attacks , 1988, SIAM J. Comput..

[23]  Ronald Cramer,et al.  Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22-26, 2005, Proceedings , 2005, EUROCRYPT.

[24]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[25]  Victor Shoup,et al.  Sequences of games: a tool for taming complexity in security proofs , 2004, IACR Cryptol. ePrint Arch..

[26]  Matthew Franklin,et al.  Advances in Cryptology – CRYPTO 2004 , 2004, Lecture Notes in Computer Science.

[27]  Aggelos Kiayias,et al.  Self Protecting Pirates and Black-Box Traitor Tracing , 2001, CRYPTO.

[28]  Eike Kiltz,et al.  On the Limitations of the Spread of an IBE-to-PKE Transformation , 2006, Public Key Cryptography.

[29]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[30]  Aggelos Kiayias,et al.  Public Key Cryptography - PKC 2006 , 2006, Lecture Notes in Computer Science.

[31]  Tal Rabin,et al.  On the Security of Joint Signature and Encryption , 2002, EUROCRYPT.