国際会議

IdentityBased Encryption with Security against the KGC: A Formal Model and Its Instantiation from Lattices
 著者
 K. Emura, S. Katsumata, and Y. Watanabe
 会議名
 ESORICS 2019
 巻
 LNCS 11736
 ページ
 113–133
 出版社
 Springer
 発行年
 2019
 発表日
 Sep. 25, 2019
Abstract
The key escrow problem is one of the main barriers to the widespread realworld use of identitybased encryption (IBE). Specifically, a key generation center (KGC), which generates secret keys for a given identity, has the power to decrypt all ciphertexts. At PKC 2009, Chow defined a notion of security against the KGC, that relies on assuming that it cannot discover the underlying identities behind ciphertexts. However, this is not a realistic assumption since, in practice, the KGC manages an identity list and hence it can easily guess the identities corresponding to given ciphertexts. Chow later closed the gap between theory and practice by introducing a new entity called an identitycertifying authority (ICA) and proposed an anonymous keyissuing protocol. Essentially, this allows the users, KGC, and ICA to interactively generate secret keys without users ever having to reveal their identities to the KGC. Unfortunately, the proposed protocol did not include a concrete security definition, meaning that all of the subsequent works following Chow lack the formal proofs needed to determine whether or not it delivers a secure solution to the key escrow problem.
In this paper, based on Chow’s work, we formally define an IBE scheme that resolves the key escrow problem and provide formal definitions of security against corrupted users, KGC, and ICA. Along the way, we observe that if we are allowed to assume a fully trusted ICA, as in Chow’s work, then we can construct a trivial (and meaningless) IBE scheme that is secure against the KGC. Finally, we present a latticebased construction in our new security model based on the Gentry–Peikert–Vaikuntanathan (GPV) IBE scheme (STOC 2008) and Rückert’s latticebased blind signature scheme (ASIACRYPT 2010).