ESKI-IBE: Efficient and secure key issuing identity-based encryption with cloud privacy centers

Abstract

Digital certificate validation associated with traditional public key cryptosystems make it impractical in real-world environments due to their storage cost. The identity-based cryptosystems have been proven advantageous as they do not require any digital certificate validation and hence their storage. Due to the key escrow, user slandering and secure key issuing problems, IBE adoption is limited to the small networks only. The existing solutions either lose the identity-based feature or require high computation cost. In this paper, we propose a mechanism to generate the user’s private key in which we mitigate the trust on single PKG by replacing it with single semi-trusted key generation center (KGC), which authenticates the user and provide the partial private key and multiple cloud privacy centers (CPCs), which protect the user’s private key with their secret keys. In order to reduce the computation cost to generate the user’s private key, the maximum computations are offloaded to the CPCs, and only constant (very less) number of operations are run on the KGC. We use the ECC-based blind technique to secure the communication over a public channel. Using the proposed escrow-free private key generation mechanism, we design an identity based encryption scheme, which is semantically secured against IND-ID-CCA attack assuming BDH problem.

This is a preview of subscription content, log in to check access.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8

References

  1. 1.

    Al-Riyami SS, Paterson KG (2003) Certificateless public key cryptography. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 452–473

  2. 2.

    Barreto PSLM, Lynn B, Scott M (2003) On the selection of pairing-friendly groups. In: International Workshop on Selected Areas in Cryptography, pp. 17–25

  3. 3.

    Bellare M, Desai A, Pointcheval D, Rogaway P (1998) Relations among notions of security for public-key encryption schemes. In: Advances in Cryptology—CRYPTO’98, pp. 26–45

  4. 4.

    Boldyreva A, Goyal V, Kumar V (2008) Identity-based encryption with efficient revocation. In: Proceedings of the 15th ACM conference on Computer and communications security, pp. 417–426

  5. 5.

    Boneh D (1998) The decision diffie-hellman problem. In: International Algorithmic Number Theory Symposium, pp. 48–63

  6. 6.

    Boneh D, Boyen X (2004) Efficient selective-ID secure identity-based encryption without random oracles. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 223–238

  7. 7.

    Boneh D, Franklin M (2001) Identity-based encryption from the Weil pairing. In: Annual International Cryptology Conference, pp 213–229

    Google Scholar 

  8. 8.

    Cao X, Kou W, Du X (2010) A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges. Inf Sci (Ny) 180(15):2895–2903

    MathSciNet  Article  MATH  Google Scholar 

  9. 9.

    Cao D, Wang X-F, Wang F, Hu Q-L, Su J-S (2011) Sa-ibe: A secure and accountable identity-based encryption scheme. Dianzi Yu Xinxi Xuebao (Journal Electron Inf Technol) 33(12):2922–2928

    Google Scholar 

  10. 10.

    Chen L, Harrison K, Soldera D, Smart NP (2002) Applications of multiple trust authorities in pairing based cryptosystems. In: Infrastructure Security, Springer, pp. 260–275

  11. 11.

    Chen P, Su J, Zhao B, Wang X, You I (2016) An escrow-free online/offline HIBS scheme for privacy protection of people-centric sensing. Secur Commun Networks 9(14):2302–2312

    Article  Google Scholar 

  12. 12.

    Chen P, Wang X, Su J (2015) An escrow-free hierarchical identity-based signature model for cloud storage. In: International Conference on Algorithms and Architectures for Parallel Processing, pp. 633–647

  13. 13.

    Chen P, Wang X, Su J (2015) T-HIBE: a trustworthy HIBE scheme for the OSN privacy protection. In: Security and Privacy in Social Networks and Big Data (SocialSec), 2015 International Symposium on, pp. 72–79

  14. 14.

    Chen P, Wang X, Zhao B, Su J, You I (2015) Removing Key Escrow from the LW-HIBE Scheme. In: International Conference on Algorithms and Architectures for Parallel Processing, pp. 593–605

  15. 15.

    Chen P, Wang X, Zhao B, Sun H, Su J, You I (2015) An escrow-free hierarchical identity-based signature scheme from composite order bilinear groups. In: Broadband and Wireless Computing, Communication and Applications (BWCCA), 2015 10th International Conference on, pp. 364–369

  16. 16.

    Choon JC, Cheon JH (2003) An identity-based signature from gap Diffie-Hellman groups. In: International Workshop on Public Key Cryptography, pp. 18–30

  17. 17.

    Chow SSM (2009) Removing escrow from identity-based encryption. In: International Workshop on Public Key Cryptography, pp. 256–276

  18. 18.

    Chung YF, Huang KH, Lai F, Chen TS (2007) ID-based digital signature scheme on the elliptic curve cryptosystem. Comput Stand Interfaces 29(6):601–604

    Article  Google Scholar 

  19. 19.

    Cocks C (2001) An identity based encryption scheme based on quadratic residues. In: IMA International Conference on Cryptography and Coding, pp. 360–363

  20. 20.

    Debiao H, Jianhua C, Jin H (2011) An ID-based proxy signature schemes without bilinear pairings. Ann Telecommun des télécommunications 66(11–12):657–662

    Article  Google Scholar 

  21. 21.

    Desmedt YG (1994) Threshold cryptography. Trans Emerg Telecommun Technol 5(4):449–458

    Article  Google Scholar 

  22. 22.

    ElGamal T (1985) A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theory 31(4):469–472

    MathSciNet  Article  MATH  Google Scholar 

  23. 23.

    Fujisaki E, Okamoto T (2013) Secure integration of asymmetric and symmetric encryption schemes. J. Cryptol. 1–22

  24. 24.

    Gentry C (2003) Certificate-based encryption and the certificate revocation problem. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 272–293

  25. 25.

    Gentry C (2006) Practical identity-based encryption without random oracles. In: Annual International Conference on the Theory and Applications of Cryptographic Techniques, pp 445–464

    Google Scholar 

  26. 26.

    Gentry C, Silverberg A (2002) Hierarchical ID-based cryptography. In: International Conference on the Theory and Application of Cryptology and Information Security, pp. 548–566

  27. 27.

    Goyal V (2007) Reducing trust in the PKG in identity based cryptosystems. Adv Cryptology-CRYPTO 2007:430–447

    MathSciNet  MATH  Google Scholar 

  28. 28.

    Han J, Yang Y, Huang X, Yuen TH, Li J, Cao J (2016) Accountable mobile E-commerce scheme via identity-based plaintext-checkable encryption. Inf Sci (Ny) 345:143–155

    Article  Google Scholar 

  29. 29.

    Hess F (2002) Efficient identity based signature schemes based on pairings. In: International Workshop on Selected Areas in Cryptography, pp. 310–324

  30. 30.

    Horwitz J, Lynn B (2002) Toward hierarchical identity-based encryption. In: International Conference on the Theory and Applications of Cryptographic Techniques, pp. 466–481

  31. 31.

    Z. Huang, Chen K, Wang Y (2005) Efficient identity-based signatures and blind signatures. In: International Conference on Cryptology and Network Security, pp. 120–133

  32. 32.

    Huang J, Huang Q (2018) Black-box constructions of signature schemes in the bounded leakage setting. Inf Sci (Ny) 423:313–325

    MathSciNet  Article  Google Scholar 

  33. 33.

    Islam SKH, Biswas GP (2012) A pairing-free identity-based authenticated group key agreement protocol for imbalanced mobile networks. Ann télécommunications-annales des Telecommun 67(11–12):547–558

    Article  Google Scholar 

  34. 34.

    Jia X, He D, Zeadally S, Li L (2017) Efficient Revocable ID-Based Signature With Cloud Revocation Server. IEEE Access 5:2945–2954

    Article  Google Scholar 

  35. 35.

    Karati A, Islam SKH, Biswas GP (2018) A Pairing-free and Provably Secure Certificateless Signature Scheme,” Inf. Sci. (Ny)

  36. 36.

    Karati A, Islam SKH, Karuppiah M (2018) Provably Secure and Lightweight Certificateless Signature Scheme for IIoT Environments. IEEE Trans. Ind. Informatics

  37. 37.

    Koblitz N (1987) Elliptic curve cryptosystems. Math Comput 48(177):203–209

    MathSciNet  Article  MATH  Google Scholar 

  38. 38.

    Kumar M, Katti CP, Saxena PC (2017) A Secure Anonymous E-Voting System Using Identity-Based Blind Signature Scheme. In: International Conference on Information Systems Security, pp. 29–49

  39. 39.

    Kumar M, Katti CP, Saxena PC (2017) An Untraceable Identity-Based Blind Signature Scheme without Pairing for E-cash Payment System. In: International Conference on Ubiquitous Communication and Network Computing

  40. 40.

    Lee B, Boyd C, Dawson E, Kim K, Yang J, Yoo S (2004) Secure key issuing in ID-based cryptography. In: Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation-Volume 32, pp. 69–74

  41. 41.

    Li T, Li J (2016) Leakage-resilient traceable identity-based signature scheme. J Comput Theor Nanosci 13(1):878–889

    Article  Google Scholar 

  42. 42.

    Li J, Li J, Chen X, Jia C, Lou W (2015) Identity-based encryption with outsourced revocation in cloud computing. IEEE Trans Comput 64(2):425–437

    MathSciNet  Article  MATH  Google Scholar 

  43. 43.

    Li Y, Qi F, Tang Z (2017) An Efficient Hierarchical Identity-Based Encryption Scheme for the Key Escrow. In: International Conference on Security, Privacy and Anonymity in Computation, Communication and Storage, pp. 108–120

  44. 44.

    Lynn B (2010) The pairing-based cryptography (PBC) library

  45. 45.

    Miller VS (1985) Use of elliptic curves in cryptography. Conference on the theory and application of cryptographic techniques. Springer, Berlin, Heidelberg

  46. 46.

    Paterson KG (2002) Cryptography from pairings: a snapshot of current research. Inf Secur Tech Rep 7(3):41–54

    Article  Google Scholar 

  47. 47.

    Qi F, Tang X, Wei Q (2015) New Escrow-Free Scheme for Hierarchical Identity-Based Encryption. In: International Conference on Algorithms and Architectures for Parallel Processing, pp. 701–713

  48. 48.

    Rivest RL, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126

    MathSciNet  Article  MATH  Google Scholar 

  49. 49.

    Sahana SC, Bhuyan B, Das ML (2017) An Efficient Key Escrow-Free Identity-Based Signature Scheme. Int J Appl Eng Res 12(19):8964–8971

    Google Scholar 

  50. 50.

    Sakai R, Kasahara M (2003) ID based Cryptosystems with Pairing on Elliptic Curve. IACR Cryptol ePrint Arch 2003:54

    Google Scholar 

  51. 51.

    Shamir A (1979) How to share a secret. Commun ACM 22(11):612–613

    MathSciNet  Article  MATH  Google Scholar 

  52. 52.

    Shamir A (1984) Identity-based cryptosystems and signature schemes. In: Workshop on the Theory and Application of Cryptographic Techniques, pp. 47–53

  53. 53.

    Shparlinski I (2011) Computational Diffie-Hellman Problem. In: Encyclopedia of Cryptography and Security, Springer, pp. 240–244

  54. 54.

    Sui A et al (2005) Separable and anonymous identity-based key issuing. In: Parallel and Distributed Systems, 2005. Proceedings. 11th International Conference on, vol. 2, pp. 275–279

  55. 55.

    Tanaka H (1987) A realization scheme for the identity-based cryptosystem. In: Conference on the Theory and Application of Cryptographic Techniques, pp. 340–349

  56. 56.

    Tseng Y-M, Tsai T-T, Huang S-S, Huang C-P (2016) Identity-based encryption with cloud revocation authority and its applications. IEEE Trans. Cloud Comput

  57. 57.

    Yuen TH, Susilo W, Mu Y (2010) How to construct identity-based signatures without the key escrow problem. Int J Inf Secur 9(4):297–311

    Article  Google Scholar 

  58. 58.

    Zhang Y, Liu JK, Huang X, Au MH, Susilo W (2012) Efficient Escrow-Free Identity-Based Signature.. In: ProvSec, pp. 161–174

  59. 59.

    Zhang J, Sun Z (2013) An ID-based server-aided verification short signature scheme avoid key escrow. J Inf Sci Eng 29(3):459–473

    MathSciNet  Google Scholar 

Download references

Acknowledgements

This research work has been partially supported by the Council of Scientific and Industrial Research, a research and development organization in India, with sanctioned no. 09/263(1052)/2015 EMR-I and the UPE-II grant received from JNU. Additionally, the author would like to sincere thanks to the anonymous reviewers for their fruitful comments.

Author information

Affiliations

Authors

Corresponding author

Correspondence to Mahender Kumar.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Kumar, M., Chand, S. ESKI-IBE: Efficient and secure key issuing identity-based encryption with cloud privacy centers. Multimed Tools Appl 78, 19753–19786 (2019). https://doi.org/10.1007/s11042-019-7155-x

Download citation

Keywords

  • Identity-based encryption
  • Secure key issue
  • Key-escrow
  • Cloud computing
  • Bilinear pairing