Advertisement

An Interpretation of Identity-Based Cryptography

  • Liqun Chen
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4677)

Abstract

Identity-based cryptography (IBC) is an asymmetric key cryptographic technology with a special feature, in which a user’s public key can be an identifier of the user and the corresponding private key is created by binding the identifier with a system master secret. This paper is based on the author’s lecture notes in this area. In this paper, we introduce the concept of IBC by explaining some basic cryptographic primitives, such as identity-based encryption, signatures, combined encryption/signing and key-agreement. We also introduce two types of implementation techniques, which are based on integer factorization and discrete logarithm from pairings respectively. In order to make the technology easier to understand, we describe a small number of mechanisms in each primitive. Some of the mechanisms have been adopted by international standard bodies. At the end of the paper, we briefly cover the key escrow issue and a few well-known security models for these primitives.

Keywords

Signature Scheme Random Oracle Trusted Third Party Random Oracle Model Signcryption Scheme 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Al-Riyami, S., Paterson, K.: Certifficateless Public Key Cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)Google Scholar
  2. 2.
    Al-Riyami, S., Paterson, K.: CBE from CL-PKE: a generic construction and efficient schemes. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 398–415. Springer, Heidelberg (2005)Google Scholar
  3. 3.
    Au, M., Liu, J., Yuen, T., Wong, D.: Practical hierarchical identity based encryption and signature schemes without random oracles. Cryptology ePrint Archive, Report 2006/368Google Scholar
  4. 4.
    Barbosa, M., Chen, L., Cheng, Z., Chimley, M., Dent, A., Farshim, P., Harrison, K., Malone-Lee, J., Smart, N.P., Vercauteren, F.: SK-KEM: an identity-based KEM. Submitted to IEEE P 1363.3, available at http://grouper.ieee.org/groups/1363/IBC/submissions/index.html
  5. 5.
    Barreto, P.: The pairing-based crypto lounge, http://paginas.terra.com.br/informatica/paulobarreto/pblounge.html
  6. 6.
    Barreto, P., Libert, B., McCullagh, N., Quisquater, J.: Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 515–532. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Barreto, P., Libert, B., McCullagh, N., Quisquater, J.: Efficient and secure identity-based signatures and signcryption from bilinear maps. IEEE P.3 1363 available at http://grouper.ieee.org/groups/1363/IBC/submissions/index.html (submitted)
  8. 8.
    Bellare, M., Namprempre, C., Neven, G.: Security proofs for identity-based identification and signature schemes. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 268–286. Springer, Heidelberg (2004)Google Scholar
  9. 9.
    Bellare, M., Rogaway, P.: Random oracles are practical: a paradigm for designing efficient protocols. In: Proceedings of the First Annual Conference on Computer and Communications Security, pp. 62–73. ACM Press, New York (1993)CrossRefGoogle Scholar
  10. 10.
    Bellare, M., Rogaway, P.: Entity authentication and key distribution. In: Stinson, D.R. (ed.) CRYPTO 1993. LNCS, vol. 773, pp. 232–249. Springer, Heidelberg (1994)Google Scholar
  11. 11.
    Bellare, M., Canetti, R., Krawczyk, H.: Keying hash functions for message authentication. In: Koblitz, N. (ed.) CRYPTO 1996. LNCS, vol. 1109, pp. 1–15. Springer, Heidelberg (1996)Google Scholar
  12. 12.
    Bentahar, K., Farshim, P., Malone-Lee, J., Smart, N.P.: Generic constructions of identity-based and certificateless KEMs. Cryptology ePrint Archive, Report 2005/058Google Scholar
  13. 13.
    Blake-Wilson, S., Johnson, D., Menezes, A.: Key agreement protocols and their security analysis. In: Darnell, M. (ed.) Cryptography and Coding. LNCS, vol. 1355, pp. 30–45. Springer, Heidelberg (1997)Google Scholar
  14. 14.
    Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)Google Scholar
  15. 15.
    Boneh, D., Boyen, X.: Secure identity-based encryption without random oracles. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 443–459. Springer, Heidelberg (2004)Google Scholar
  16. 16.
    Boneh, D., Franklin, M.: Identity based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  17. 17.
    Boyd, C., Mao, W., Paterson, K.: Key agreement using statically keyed authenticators. In: Jakobsson, M., Yung, M., Zhou, J. (eds.) ACNS 2004. LNCS, vol. 3089, pp. 248–262. Springer, Heidelberg (2004)Google Scholar
  18. 18.
    Boyen, X.: Multipurpose identity-based signcryption: a swiss army knife for identity-based cryptography. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 382–398. Springer, Heidelberg (2003)Google Scholar
  19. 19.
    Boyen, X., Waters, B.: Anonymous hierarchical identity-based encryption (without random oracles). In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, Springer, Heidelberg (2006)CrossRefGoogle Scholar
  20. 20.
    Cha, J.C., Cheon, J.H.: An identity-based signature from gap Diffie-Hellman groups. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 18–30. Springer, Heidelberg (2002)Google Scholar
  21. 21.
    Chen, L., Cheng, Z.: Security proof of Sakai-Kasahar’s identity-based encryption scheme. In: Smart, N.P. (ed.) Cryptography and Coding. LNCS, vol. 3796, pp. 442–459. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  22. 22.
    Chen, L., Cheng, Z., Malone-Lee, J., Smart, N.: An efficient ID-KEM based on the Sakai-Kasahara key construction. IEE Proceedings Information Security 153(1), 19–26 (2006)CrossRefGoogle Scholar
  23. 23.
    Chen, L., Cheng, Z., Smart, N.: Identity-based key agreement protocols from pairings. International Journal of Information Security. This paper has been submitted to IEEE P 1363.3 (to appear), available at http://grouper.ieee.org/groups/1363/IBC/submissions/index.html
  24. 24.
    Chen, L., Harrison, K.: Multiple trusted authorities in identifier based cryptography from pairings on elliptic curves. HP Technical Report, HPL-2003-48, Available at http://www.hpl.hp.com/techreports/2003/HPL-2003-48.html
  25. 25.
    Chen, L., Harrison, K., Malone-Lee, J. (as co-inventors): Identifier-based signcryption with two trusted authorities. GB patent GB2416282 A: Application No. GB200415774A, filed on July 15, 2004 (published on January 18, 2006)Google Scholar
  26. 26.
    Chen, L., Harrison, K., Moss, A., Smart, N., Soldera, D.: Certification of public keys within an identity based system. In: Chan, A.H., Gligor, V.D. (eds.) ISC 2002. LNCS, vol. 2433, pp. 322–333. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  27. 27.
    Chen, L., Harrison, K., Smart, N., Soldera, D.: Applications of multiple trust authorities in pairing based cryptosystems. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 260–275. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  28. 28.
    Chen, L., Kudla, C.: Identity-based authenticated key agreement from pairings. In: Proceedings of the 16th IEEE Computer Security Foundations Workshop, pp. 219–233. IEEE, Los Alamitos (2003)CrossRefGoogle Scholar
  29. 29.
    Chen, L., Malone-Lee, J.: Improved identity-based signcryption. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 362–379. Springer, Heidelberg (2005)Google Scholar
  30. 30.
    Cheng, Z., Chen, L.: On security proof of McCullagh-Barreto’s key agreement protocol and its variants. International Journal of Security and Networks 2(3/4), 251–259 (2007)CrossRefMathSciNetGoogle Scholar
  31. 31.
    Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM Journal on Computing 33, 167–226 (2003)zbMATHCrossRefMathSciNetGoogle Scholar
  32. 32.
    Choie, Y., Jeong, E., Lee, E.: Efficient identity-based authenticated key agreement protocol from pairings. Applied Mathematics and Computation 162, 179–188 (2005)zbMATHCrossRefMathSciNetGoogle Scholar
  33. 33.
    Choudary Gorantla, M., Gangishetti, R., Saxena, A.: A survey on ID-based cryptographic primitives. Cryptology ePrint Archive, Report 2005/094Google Scholar
  34. 34.
    Cocks, C.: An identity-based encryption scheme based on quadratic residues. In: Honary, B. (ed.) Cryptography and Coding. LNCS, vol. 2260, pp. 360–363. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  35. 35.
    Desmedt, Y., Quisquater, J.: Public-key systems based on the difficulty of tampering (is there a difference between DES and RSA?). In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 111–117. Springer, Heidelberg (1987)Google Scholar
  36. 36.
    Dutta, R., Barua, R., Sarkar, P.: Pairing-based cryptographic protocols: a survey. Cryptology ePrint Archive, Report 2004/064Google Scholar
  37. 37.
    Fiat, A., Shamir, A.: How to prove yourself: practical solution to identityfication and signature schemes. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)Google Scholar
  38. 38.
    Galbraith, S., Paterson, K., Smart, N.P.: Pairings for cryptographers. Cryptology ePrint Archive, Report 2006/165Google Scholar
  39. 39.
    Gentry, C.: Certificate-Based Encryption and the Certificate Revocation Problem. In: Biham, E. (ed.) Advances in Cryptology – EUROCRPYT 2003. LNCS, vol. 2656, pp. 272–293. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  40. 40.
    Girault, M., Paillès, J.C.: An identity-based scheme providing zero-knowledge authentication and authenticated key exchange. In: Proceeedings of First European Symposium on Research in Computer Security – ESORICS 1990, AFCET, pp. 173–184 (1990)Google Scholar
  41. 41.
    Girault, M., Stern, J.: On the length of cryptographic hash-values used in identification schemes. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 202–215. Springer, Heidelberg (1988)Google Scholar
  42. 42.
    Guillou, L., Quisquater, J.: A paradoxical identity-based signature scheme resulting from zeroknowledge. In: Goldwasser, S. (ed.) CRYPTO 1988. LNCS, vol. 403, pp. 216–231. Springer, Heidelberg (1990)Google Scholar
  43. 43.
    Hess, F.: Efficient identity based signature schemes based on pairings. In: Nyberg, K., Heys, H.M. (eds.) SAC 2002. LNCS, vol. 2595, pp. 310–324. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  44. 44.
    ISO/IEC 9594-8:2001(the 4th edn.): Information technology – Open Systems Interconnection – The Directory: Public-key and attribute certificate frameworks. International Organization for Standardization, Geneva, Switzerland (2001)Google Scholar
  45. 45.
    ISO/IEC 11770-3:1999: Information technology – Security techniques – Key management – Part 3: Mechanisms using asymmetric techniques. International Organization for Standardization, Geneva, Switzerland (1999)Google Scholar
  46. 46.
    ISO/IEC 14888-2:1998: Information technology – Security techniques – Digital signatures with appendix – Part 2: Identity-based mechanisms. International Organization for Standardization, Geneva, Switzerland (1998)Google Scholar
  47. 47.
    ISO/IEC 14888-3:2006: Information technology – Security techniques – Digital signatures with appendix – Part 3: Discrete logarithm based mechanisms. International Organization for Standardization, Geneva, Switzerland (2006)Google Scholar
  48. 48.
  49. 49.
    Li, S., Yuan, Q., Li, J.: Towards security two-part authenticated key agreement protocols. Cryptology ePrint Archive, Report 2005/300Google Scholar
  50. 50.
    Libert, B., Quisquater, J.: New identity based signcryption schemes from pairings. In: Proceedings of IEEE Information Theory Workshop 2003, IEEE Computer Society Press, Los Alamitos (2003)Google Scholar
  51. 51.
    McCullagh, N., Barreto, P.: Efficient and forward-secure identity-based signcryption. Cryptology ePrint Archive, Report 2004/117Google Scholar
  52. 52.
    McCullagh, N., Barreto, P.: A new two-party identity-based authenticated key agreement. In: Menezes, A.J. (ed.) CT-RSA 2005. LNCS, vol. 3376, pp. 262–274. Springer, Heidelberg (2005)Google Scholar
  53. 53.
    Mitsunari, S., Sakai, R., Kasahara, M.: A new traitor tracing. IEICE Trans. Fundamentals E85-A(2), 481–484 (2002)Google Scholar
  54. 54.
    Malone-Lee, J.: Identity-Based Signcryption. Cryptology ePrint Archive, Report 2002/098Google Scholar
  55. 55.
    Maurer, U.M., Yacobi, Y.: Non-interactive public key cryptography. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 498–507. Springer, Heidelberg (1991)Google Scholar
  56. 56.
    Okamoto, E.: Proposal for identity-based key distribution system. Electronics Letters 22, 1283–1284 (1986)CrossRefGoogle Scholar
  57. 57.
    Okamoto, E.: Key distribution system based on identification information. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 194–202. Springer, Heidelberg (1988)Google Scholar
  58. 58.
    Paterson, K.: ID-based signatures from pairings on elliptic curves. Electronic Letters 38(18), 1025–1026 (2002)CrossRefGoogle Scholar
  59. 59.
    Pointcheval, D., Stern, J.: Security proofs for signature schemes. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 387–398. Springer, Heidelberg (1996)Google Scholar
  60. 60.
    Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. Journal of Cryptology 13, 361–396 (2000)zbMATHCrossRefGoogle Scholar
  61. 61.
    Ryu, E., Yoon, E., Yoo, K.: An efficient ID-based authenticated key agreement protocol from pairings. In: Mitrou, N.M., Kontovasilis, K., Rouskas, G.N., Iliadis, I., Merakos, L. (eds.) NETWORKING 2004. LNCS, vol. 3042, pp. 1458–1463. Springer, Heidelberg (2004)Google Scholar
  62. 62.
    Sakai, R., Kasahara, M.: ID based cryptosystems with pairing on elliptic curve. Cryptology ePrint Archive, Report 2003/054Google Scholar
  63. 63.
    Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing. In: The 2000 Symposium on Cryptography and Information Security, Okinawa, Japan (January 2000)Google Scholar
  64. 64.
    Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing over elliptic curve (in Japanese). In: The 2001 Symposium on Cryptography and Information Security, Oiso, Japan (January 2001)Google Scholar
  65. 65.
    Scott, M.: Authenticated ID-based key exchange and remote log-in with insecure token and PIN number. Cryptology ePrint Archive, Report 2002/164Google Scholar
  66. 66.
    Shacham, H.: New Paradigms in Signature Schemes. PhD Thesis, U. Stanford (2005)Google Scholar
  67. 67.
    Shamir, A.: How to share a secret. Communications of the ACM 22, 612–613 (1979)zbMATHCrossRefMathSciNetGoogle Scholar
  68. 68.
    Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)CrossRefGoogle Scholar
  69. 69.
    Shim, K.: Efficient ID-based authenticated key agreement protocol based on the Weil pairing. Electronics Letters 39, 653–654 (2003)CrossRefGoogle Scholar
  70. 70.
    Silverman, J.: The arithmetic of elliptic curve. Springer, Heidelberg (1986)Google Scholar
  71. 71.
    Smart, N.: An identity based authenticated key agreement protocol based on the Weil pairing. Electronics Letters 38(13), 630–632 (2002)CrossRefGoogle Scholar
  72. 72.
    Tanaka, H.: A realization scheme for the identity-based cryptosystem. In: Pomerance, C. (ed.) CRYPTO 1987. LNCS, vol. 293, pp. 340–349. Springer, Heidelberg (1988)Google Scholar
  73. 73.
    Tanaka, K., Okamoto, E.: Key distribution system for mail systems using ID-related information directory. Computers & Security 10, 25–33 (1991)CrossRefGoogle Scholar
  74. 74.
    Vanstone, S., Zuccherato, R.: Elliptic curve cryptosystems using curves of smooth order over the ring Z n. IEEE Transactions on Information Theory 43(4), 1231–1237 (1997)zbMATHCrossRefMathSciNetGoogle Scholar
  75. 75.
    Wang, Y.: Efficient identity-based and authenticated key agreement protocol. Cryptology ePrint Archive, Report 2005/108Google Scholar
  76. 76.
    Wang, S., Cao, Z., Choo, K.: New identity-based authenticated key agreement protocols from pairings (without random oracles). Cryptology ePrint Archive, Report 2006/446Google Scholar
  77. 77.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R.J.F. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005)Google Scholar
  78. 78.
    Xie, G.: An ID-based key agreement scheme from pairing. Cryptology ePrint Archive, Report 2005/093Google Scholar
  79. 79.
    Yuan, Q., Li, S.: A new efficient ID-based authenticated key agreement protocol. Cryptology ePrint Archive, Report 2005/309Google Scholar
  80. 80.
    Yi, X.: An identity-based signature scheme from the Weil pairing. IEEE Communications Letters 7(2), 76–78 (2003)CrossRefGoogle Scholar
  81. 81.
    Yuen, T., Wei, V.: Constant-size hierarchical identity-based signature/signcryption without random oracles. Cryptology ePrint Archive, Report 2005/412Google Scholar
  82. 82.
    Zheng, Y.: Digital signcryption or how to achieve cost (signature & encryption) < < cost (signature) + cost (encryption). In: Kaliski, Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 165–179. Springer, Heidelberg (1997)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Liqun Chen
    • 1
  1. 1.Hewlett-Packard Laboratories, BristolUK

Personalised recommendations