TY - GEN
T1 - Making any identity-based encryption accountable, efficiently
AU - Kiayias, Aggelos
AU - Tang, Qiang
N1 - Publisher Copyright:
© Springer India 2015.
PY - 2015
Y1 - 2015
N2 - Identity-Based Encryption (IBE) provides a compelling solution to the PKI management problem, however it comes with the serious privacy consideration that a trusted party (called the PKG) is required to generate (and hence also know) the secret keys of all users. This inherent key escrow problem is considered to be one of the major reasons hindering the wider utilization of IBE systems. In order to address this problem, Goyal [20] introduced the notion of accountable authority IBE (A-IBE), in which a judge can differentiate the PKG from the user as the source of a decryption software. Via this “tracing” mechanism, A-IBE deters the PKG from leaking the user’s secret key and hence offers a defense mechanism for IBE users against a malicious PKG. All previous works on A-IBE focused on specialized constructions trying to achieve different properties and efficiency enhancements. In this paper for the first time we show how to add accountability to any IBE scheme using oblivious transfer (OT), with almost the same ciphertext efficiency as the underlying IBE. Furthermore, we extend our generic construction to support identity reuse without losing efficiency. This property is desirable in practice as users may accidentally lose their secret keys and they -naturally- prefer not to abandon their identities. How to achieve this property was open until our work. Along the way, we first modify the generic construction and develop a new technique to provide public traceability generically.
AB - Identity-Based Encryption (IBE) provides a compelling solution to the PKI management problem, however it comes with the serious privacy consideration that a trusted party (called the PKG) is required to generate (and hence also know) the secret keys of all users. This inherent key escrow problem is considered to be one of the major reasons hindering the wider utilization of IBE systems. In order to address this problem, Goyal [20] introduced the notion of accountable authority IBE (A-IBE), in which a judge can differentiate the PKG from the user as the source of a decryption software. Via this “tracing” mechanism, A-IBE deters the PKG from leaking the user’s secret key and hence offers a defense mechanism for IBE users against a malicious PKG. All previous works on A-IBE focused on specialized constructions trying to achieve different properties and efficiency enhancements. In this paper for the first time we show how to add accountability to any IBE scheme using oblivious transfer (OT), with almost the same ciphertext efficiency as the underlying IBE. Furthermore, we extend our generic construction to support identity reuse without losing efficiency. This property is desirable in practice as users may accidentally lose their secret keys and they -naturally- prefer not to abandon their identities. How to achieve this property was open until our work. Along the way, we first modify the generic construction and develop a new technique to provide public traceability generically.
UR - http://www.scopus.com/inward/record.url?scp=84951309768&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84951309768&partnerID=8YFLogxK
U2 - 10.1007/978-3-319-24174-6_17
DO - 10.1007/978-3-319-24174-6_17
M3 - Conference contribution
AN - SCOPUS:84951309768
SN - 9783319241739
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 326
EP - 346
BT - Computer Security – ESORICS 2015 - 20th European Symposium on Research in Computer Security, Proceedings
A2 - Ryan, Peter Y.A.
A2 - Pernul, Günther
A2 - Weippl, Edgar
PB - Springer Verlag
T2 - 20th European Symposium on Research in Computer Security, ESORICS 2015
Y2 - 21 September 2015 through 25 September 2015
ER -