Multimedia Tools and Applications

, Volume 78, Issue 14, pp 19753–19786 | Cite as

ESKI-IBE: Efficient and secure key issuing identity-based encryption with cloud privacy centers

  • Mahender KumarEmail author
  • Satish Chand


Digital certificate validation associated with traditional public key cryptosystems make it impractical in real-world environments due to their storage cost. The identity-based cryptosystems have been proven advantageous as they do not require any digital certificate validation and hence their storage. Due to the key escrow, user slandering and secure key issuing problems, IBE adoption is limited to the small networks only. The existing solutions either lose the identity-based feature or require high computation cost. In this paper, we propose a mechanism to generate the user’s private key in which we mitigate the trust on single PKG by replacing it with single semi-trusted key generation center (KGC), which authenticates the user and provide the partial private key and multiple cloud privacy centers (CPCs), which protect the user’s private key with their secret keys. In order to reduce the computation cost to generate the user’s private key, the maximum computations are offloaded to the CPCs, and only constant (very less) number of operations are run on the KGC. We use the ECC-based blind technique to secure the communication over a public channel. Using the proposed escrow-free private key generation mechanism, we design an identity based encryption scheme, which is semantically secured against IND-ID-CCA attack assuming BDH problem.


Identity-based encryption Secure key issue Key-escrow Cloud computing Bilinear pairing 



This research work has been partially supported by the Council of Scientific and Industrial Research, a research and development organization in India, with sanctioned no. 09/263(1052)/2015 EMR-I and the UPE-II grant received from JNU. Additionally, the author would like to sincere thanks to the anonymous reviewers for their fruitful comments.


  1. 1.
    Al-Riyami SS, Paterson KG (2003) Certificateless public key cryptography. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 452–473Google Scholar
  2. 2.
    Barreto PSLM, Lynn B, Scott M (2003) On the selection of pairing-friendly groups. In: International Workshop on Selected Areas in Cryptography, pp. 17–25Google Scholar
  3. 3.
    Bellare M, Desai A, Pointcheval D, Rogaway P (1998) Relations among notions of security for public-key encryption schemes. In: Advances in Cryptology—CRYPTO’98, pp. 26–45Google Scholar
  4. 4.
    Boldyreva A, Goyal V, Kumar V (2008) Identity-based encryption with efficient revocation. In: Proceedings of the 15th ACM conference on Computer and communications security, pp. 417–426Google Scholar
  5. 5.
    Boneh D (1998) The decision diffie-hellman problem. In: International Algorithmic Number Theory Symposium, pp. 48–63Google Scholar
  6. 6.
    Boneh D, Boyen X (2004) Efficient selective-ID secure identity-based encryption without random oracles. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 223–238Google Scholar
  7. 7.
    Boneh D, Franklin M (2001) Identity-based encryption from the Weil pairing. In: Annual International Cryptology Conference, pp 213–229Google Scholar
  8. 8.
    Cao X, Kou W, Du X (2010) A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges. Inf Sci (Ny) 180(15):2895–2903MathSciNetCrossRefzbMATHGoogle Scholar
  9. 9.
    Cao D, Wang X-F, Wang F, Hu Q-L, Su J-S (2011) Sa-ibe: A secure and accountable identity-based encryption scheme. Dianzi Yu Xinxi Xuebao (Journal Electron Inf Technol) 33(12):2922–2928Google Scholar
  10. 10.
    Chen L, Harrison K, Soldera D, Smart NP (2002) Applications of multiple trust authorities in pairing based cryptosystems. In: Infrastructure Security, Springer, pp. 260–275Google Scholar
  11. 11.
    Chen P, Su J, Zhao B, Wang X, You I (2016) An escrow-free online/offline HIBS scheme for privacy protection of people-centric sensing. Secur Commun Networks 9(14):2302–2312CrossRefGoogle Scholar
  12. 12.
    Chen P, Wang X, Su J (2015) An escrow-free hierarchical identity-based signature model for cloud storage. In: International Conference on Algorithms and Architectures for Parallel Processing, pp. 633–647Google Scholar
  13. 13.
    Chen P, Wang X, Su J (2015) T-HIBE: a trustworthy HIBE scheme for the OSN privacy protection. In: Security and Privacy in Social Networks and Big Data (SocialSec), 2015 International Symposium on, pp. 72–79Google Scholar
  14. 14.
    Chen P, Wang X, Zhao B, Su J, You I (2015) Removing Key Escrow from the LW-HIBE Scheme. In: International Conference on Algorithms and Architectures for Parallel Processing, pp. 593–605Google Scholar
  15. 15.
    Chen P, Wang X, Zhao B, Sun H, Su J, You I (2015) An escrow-free hierarchical identity-based signature scheme from composite order bilinear groups. In: Broadband and Wireless Computing, Communication and Applications (BWCCA), 2015 10th International Conference on, pp. 364–369Google Scholar
  16. 16.
    Choon JC, Cheon JH (2003) An identity-based signature from gap Diffie-Hellman groups. In: International Workshop on Public Key Cryptography, pp. 18–30Google Scholar
  17. 17.
    Chow SSM (2009) Removing escrow from identity-based encryption. In: International Workshop on Public Key Cryptography, pp. 256–276Google Scholar
  18. 18.
    Chung YF, Huang KH, Lai F, Chen TS (2007) ID-based digital signature scheme on the elliptic curve cryptosystem. Comput Stand Interfaces 29(6):601–604CrossRefGoogle Scholar
  19. 19.
    Cocks C (2001) An identity based encryption scheme based on quadratic residues. In: IMA International Conference on Cryptography and Coding, pp. 360–363Google Scholar
  20. 20.
    Debiao H, Jianhua C, Jin H (2011) An ID-based proxy signature schemes without bilinear pairings. Ann Telecommun des télécommunications 66(11–12):657–662CrossRefGoogle Scholar
  21. 21.
    Desmedt YG (1994) Threshold cryptography. Trans Emerg Telecommun Technol 5(4):449–458CrossRefGoogle Scholar
  22. 22.
    ElGamal T (1985) A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theory 31(4):469–472MathSciNetCrossRefzbMATHGoogle Scholar
  23. 23.
    Fujisaki E, Okamoto T (2013) Secure integration of asymmetric and symmetric encryption schemes. J. Cryptol. 1–22Google Scholar
  24. 24.
    Gentry C (2003) Certificate-based encryption and the certificate revocation problem. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 272–293Google Scholar
  25. 25.
    Gentry C (2006) Practical identity-based encryption without random oracles. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp 445–464Google Scholar
  26. 26.
    Gentry C, Silverberg A (2002) Hierarchical ID-based cryptography. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 548–566Google Scholar
  27. 27.
    Goyal V (2007) Reducing trust in the PKG in identity based cryptosystems. Adv Cryptology-CRYPTO 2007:430–447MathSciNetzbMATHGoogle Scholar
  28. 28.
    Han J, Yang Y, Huang X, Yuen TH, Li J, Cao J (2016) Accountable mobile E-commerce scheme via identity-based plaintext-checkable encryption. Inf Sci (Ny) 345:143–155CrossRefGoogle Scholar
  29. 29.
    Hess F (2002) Efficient identity based signature schemes based on pairings. In: International Workshop on Selected Areas in Cryptography, pp. 310–324Google Scholar
  30. 30.
    Horwitz J, Lynn B (2002) Toward hierarchical identity-based encryption. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 466–481Google Scholar
  31. 31.
    Z. Huang, Chen K, Wang Y (2005) Efficient identity-based signatures and blind signatures. In: International Conference on Cryptology and Network Security, pp. 120–133Google Scholar
  32. 32.
    Huang J, Huang Q (2018) Black-box constructions of signature schemes in the bounded leakage setting. Inf Sci (Ny) 423:313–325MathSciNetCrossRefGoogle Scholar
  33. 33.
    Islam SKH, Biswas GP (2012) A pairing-free identity-based authenticated group key agreement protocol for imbalanced mobile networks. Ann télécommunications-annales des Telecommun 67(11–12):547–558CrossRefGoogle Scholar
  34. 34.
    Jia X, He D, Zeadally S, Li L (2017) Efficient Revocable ID-Based Signature With Cloud Revocation Server. IEEE Access 5:2945–2954CrossRefGoogle Scholar
  35. 35.
    Karati A, Islam SKH, Biswas GP (2018) A Pairing-free and Provably Secure Certificateless Signature Scheme,” Inf. Sci. (Ny)Google Scholar
  36. 36.
    Karati A, Islam SKH, Karuppiah M (2018) Provably Secure and Lightweight Certificateless Signature Scheme for IIoT Environments. IEEE Trans. Ind. InformaticsGoogle Scholar
  37. 37.
    Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48(177):203–209MathSciNetCrossRefzbMATHGoogle Scholar
  38. 38.
    Kumar M, Katti CP, Saxena PC (2017) A Secure Anonymous E-Voting System Using Identity-Based Blind Signature Scheme. In: International Conference on Information Systems Security, pp. 29–49Google Scholar
  39. 39.
    Kumar M, Katti CP, Saxena PC (2017) An Untraceable Identity-Based Blind Signature Scheme without Pairing for E-cash Payment System. In: International Conference on Ubiquitous Communication and Network ComputingGoogle Scholar
  40. 40.
    Lee B, Boyd C, Dawson E, Kim K, Yang J, Yoo S (2004) Secure key issuing in ID-based cryptography. In: Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation-Volume 32, pp. 69–74Google Scholar
  41. 41.
    Li T, Li J (2016) Leakage-resilient traceable identity-based signature scheme. J Comput Theor Nanosci 13(1):878–889CrossRefGoogle Scholar
  42. 42.
    Li J, Li J, Chen X, Jia C, Lou W (2015) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437MathSciNetCrossRefzbMATHGoogle Scholar
  43. 43.
    Li Y, Qi F, Tang Z (2017) An Efficient Hierarchical Identity-Based Encryption Scheme for the Key Escrow. In: International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage, pp. 108–120Google Scholar
  44. 44.
    Lynn B (2010) The pairing-based cryptography (PBC) libraryGoogle Scholar
  45. 45.
    Miller VS (1985) Use of elliptic curves in cryptography. Conference on the theory and application of cryptographic techniques. Springer, Berlin, HeidelbergGoogle Scholar
  46. 46.
    Paterson KG (2002) Cryptography from pairings: a snapshot of current research. Inf Secur Tech Rep 7(3):41–54CrossRefGoogle Scholar
  47. 47.
    Qi F, Tang X, Wei Q (2015) New Escrow-Free Scheme for Hierarchical Identity-Based Encryption. In: International Conference on Algorithms and Architectures for Parallel Processing, pp. 701–713Google Scholar
  48. 48.
    Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126MathSciNetCrossRefzbMATHGoogle Scholar
  49. 49.
    Sahana SC, Bhuyan B, Das ML (2017) An Efficient Key Escrow-Free Identity-Based Signature Scheme. Int J Appl Eng Res 12(19):8964–8971Google Scholar
  50. 50.
    Sakai R, Kasahara M (2003) ID based Cryptosystems with Pairing on Elliptic Curve. IACR Cryptol ePrint Arch 2003:54Google Scholar
  51. 51.
    Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613MathSciNetCrossRefzbMATHGoogle Scholar
  52. 52.
    Shamir A (1984) Identity-based cryptosystems and signature schemes. In: Workshop on the Theory and Application of Cryptographic Techniques, pp. 47–53Google Scholar
  53. 53.
    Shparlinski I (2011) Computational Diffie-Hellman Problem. In: Encyclopedia of Cryptography and Security, Springer, pp. 240–244Google Scholar
  54. 54.
    Sui A et al (2005) Separable and anonymous identity-based key issuing. In: Parallel and Distributed Systems, 2005. Proceedings. 11th International Conference on, vol. 2, pp. 275–279Google Scholar
  55. 55.
    Tanaka H (1987) A realization scheme for the identity-based cryptosystem. In: Conference on the Theory and Application of Cryptographic Techniques, pp. 340–349Google Scholar
  56. 56.
    Tseng Y-M, Tsai T-T, Huang S-S, Huang C-P (2016) Identity-based encryption with cloud revocation authority and its applications. IEEE Trans. Cloud ComputGoogle Scholar
  57. 57.
    Yuen TH, Susilo W, Mu Y (2010) How to construct identity-based signatures without the key escrow problem. Int J Inf Secur 9(4):297–311CrossRefGoogle Scholar
  58. 58.
    Zhang Y, Liu JK, Huang X, Au MH, Susilo W (2012) Efficient Escrow-Free Identity-Based Signature.. In: ProvSec, pp. 161–174Google Scholar
  59. 59.
    Zhang J, Sun Z (2013) An ID-based server-aided verification short signature scheme avoid key escrow. J Inf Sci Eng 29(3):459–473MathSciNetGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.School of Computer and Systems SciencesJawaharLal Nehru UniversityNew DelhiIndia

Personalised recommendations