Abstract
In identity-based cryptography, a user’s public key is easily derived from the user’s identity and a corresponding private key is generated for the user by a trusted third party, known as a Key Generation Center (KGC). The direct derivation of public keys in identity-based cryptography can eliminate the need for certificates and can solve certain public key management problems. Identity-based cryptography has many advantages for public key management, but it has two drawbacks that prevent its practical application in the real world: key escrow problems and lack of support for a fine-grained revocation of identity. At present, there is no solution that can simultaneously solve both problems; schemes that can solve the key escrow problem still have the identity revocation problem, and vice versa. In this paper, we consider a secure identity-based encryption scheme to support a fine-grained revocation without key escrow and also present a mediated key agreement protocol based on the same setting. Using the proposed scheme, we can apply identity-based cryptography more securely and practically in the real world.
Keywords
This research was supported by University IT Research Center Project of Korea.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Boneh, D., Ding, X., Tsudik, G., Wong, C.M.: A method for fast revocation of public key certificates and security capabilities. In: 10th USENIX Security Symposium, Washington, D.C. (2001)
Boneh, D., Ding, X., Tsudik, G.: Identity based encryption using mediated rsa. In: 3rd Workshop on Information Security Application, Jeju Island (2002)
Ding, X., Tsudik, G.: Simple Identity-Based Cryptography with Mediated RSA. In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 193–210. Springer, Heidelberg (2003)
Gentry, C.: Certificate-based encryption and the certificate revocation problem. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 272–293. Springer, Heidelberg (2003)
Paterson, K.G.: Cryptographic from pairings: a snapshot of current research. Information Security Technical Report 7(3), 41–54 (2002)
Al-Riyami, S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)
Lee, B., Boyd, C., Dawson, E., Kim, K., Yang, J., Yoo, S.: Secure Key Issuing in ID-Based Cryptography. In: ACM Second Australasian Information Security Workshop, New Zealand, pp. 69–74 (2004)
Cheng, Z., Comley, R., Vasiu, L.: Remove Key Escrow from The Identity-Based Encryption System. In: Foundations of Information Technology in the Era of Network and Mobile Computing (2004)
Ai-fen, et al.: Separable and Anonymous Identity-Based Key Issuing without Secure Channel. Cryptology ePrint Archive, Report2004/322 (2004)
Chen, L., Harrison, K., Smart, N., Soldera, D.: Applications of multiple trust authorities in pairing based cryptosystems. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 260–275. Springer, Heidelberg (2002)
Libert, B., Quisquater, J.: Efficient Revocation and Threshold Pairing Based Cryptosystems. Principle of Distributed Computing (PODC) (2003)
Baek, J., Zheng, Y.: Identity-Based Threshold Decryption. Cryptology ePrint Archive, Report2003/164 (2003)
Libert, B., Quisquater, J.: What is Possible with Identity Based Cryptography for PKIs and What Still Must Be Improved. In: Katsikas, S.K., Gritzalis, S., López, J. (eds.) EuroPKI 2004. LNCS, vol. 3093, pp. 57–70. Springer, Heidelberg (2004)
Chen, L., Kudla, C.: Identity Based Authenticated Key Agreement Protocols from Pairings. In: 16th IEEE Computer Security Foundations Workshop - CSFW 2003, pp. 219–233 (2003)
Junior, W., Terada, R.: An IBE Scheme to Exchage Authenticated Sceret Keys. Cryptology ePrint Archive, Report2004/071 (2004)
Smart, N.P.: An Identity based authenticated key agreement protocol based on the Weil pairing. Electronic Letters 38, 630–632 (2002)
McCullagh, N., Barreto, P.: A New Two-Party Identity-Based Authenticated Key Agreement. Cryptology ePrint Archive, Report2004/122 (2004)
Hess, F.: Efficient Identity Based Signature Schemes based on Pairings. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 310–324. Springer, Heidelberg (2003)
Barreto, P., Kim, H., Lynnn, B., scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 354–368. Springer, Heidelberg (2002)
Galbraith, S.: Supersingular curves in cryptography. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 495–513. Springer, Heidelberg (2001)
Cha, J.C., Cheon, J.H.: An Identity-Based Signature from Gap Diffie-Hellman Groups. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 18–30. Springer, Heidelberg (2002)
Paterson, K.G.: ID-based signatures from pairings on elliptic curves. Electronics Letters 38(18), 1025–1026 (2002)
Solinas, J.A.: ID-based Digital Signature Algorithms. In: 7th Workshop on Elliptic Curve Cryptography-ECC 2003 (2003)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Oh, J., Lee, K., Moon, S. (2005). How to Solve Key Escrow and Identity Revocation in Identity-Based Encryption Schemes. In: Jajodia, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2005. Lecture Notes in Computer Science, vol 3803. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11593980_22
Download citation
DOI: https://doi.org/10.1007/11593980_22
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-30706-8
Online ISBN: 978-3-540-32422-5
eBook Packages: Computer ScienceComputer Science (R0)