A Variant of Boneh-Gentry-Hamburg’s Pairing-Free Identity Based Encryption Scheme

Jhanwar, Mahabir Prasad; Barua, Rana

doi:10.1007/978-3-642-01440-6_25

Cited by 14 publications

(13 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Furthermore, due to time constraints we have been unable to give a performance comparison between the schemes considered here and the original scheme due to Boneh, Gentry and Hamburg; we hope to explore this also as part of future work. In addition, this paper identifies an improvement to the work of Jhanwar and Barua [15] that provides their scheme with IND-ID-CPA security. Our experimental results have shown that this scheme has comparable performance to the original Cocks scheme, and has reduced ciphertext size.…”

Section: Discussionmentioning

confidence: 99%

“…Another contribution of this paper is a security assessment of a scheme by Jhanwar and Barua [15], which in turn is a variant of the non-anonymous IBE system from [11]. We consider an alternative parameter setting that gives us IND-ID-CPA security.…”

Section: Contributionsmentioning

confidence: 99%

“…Encryption time is quartic in the security parameter as opposed to cubic for standard number-theoretic schemes. A variant of the non-anonymous BGH construction appeared in [15]. The authors of that work claim their variant achieves higher performance for both encryption and decryption as a trade-off for increased ciphertext size, which is 2 • log 2 √ + 2 bits for an -bit plaintext.…”

Section: Related Workmentioning

confidence: 99%

See 2 more Smart Citations

Anonymous IBE from Quadratic Residuosity with Improved Performance

Clear

Tewari

McGoldrick

2014

Progress in Cryptology – AFRICACRYPT 2014

View full text Add to dashboard Cite

Identity Based Encryption (IBE) has been constructed from bilinear pairings, lattices and quadratic residuosity. The latter is an attractive basis for an IBE owing to the fact that it is a well-understood hard problem from number theory. Cocks constructed the first such scheme, and subsequent improvements have been made to achieve anonymity and improve space efficiency. However, the anonymous variants of Cocks' scheme thus far are all less efficient than the original. In this paper, we present a new universallyanonymous IBE scheme based on the quadratic residuosity problem. Our scheme has better performance than the universally anonymous scheme from Ateniese and Gasti (CT-RSA 2009) at the expense of more ciphertext expansion. Another contribution of this paper is a modification to a variant of the space-efficient scheme by Boneh, Gentry and Hamburg (FOCS 07) that results in an IND-ID-CPA secure IBE scheme with comparable efficiency to Cocks, but with reduced ciphertext expansion. This is an extended version of a paper that appeared at Africacrypt 2014 [1]. The author's work is funded by the Irish Research Council EMBARK Initiative.to encrypt a 128-bit symmetric key; note that IBE is typically used as part of a KEM-DEM). While this is still practical, it is desirable to obtain an anonymous IBE from quadratic residuosity whose performance is on par with the original Cocks scheme, especially for time-critical applications. Universal AnonymityAteniese and Gasti's scheme also enjoys the property of universal anonymization, first introduced at Asiacrypt 2005 by Hayashi and Tanaka [13]. This property allows any party to anonymize a ciphertext without access to the secret key of the recipient. An illustrative application involves disparate systems distinguished by whether they need to know the intended recipient of encrypted data. Regulations may stipulate that some systems learn the recipient's identity. At some suitable point prior to sending the encrypted data to less trusted systems, the encrypted data can be anonymized by any party without knowledge of the secret key.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Contributionsmentioning

confidence: 99%

Section: Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Anonymous IBE from Quadratic Residuosity with Improved Performance

Clear

Tewari

McGoldrick

2014

Progress in Cryptology – AFRICACRYPT 2014

View full text Add to dashboard Cite

show abstract

“…Our method is similar to the one given inŢiplea et al 14 to attack an IBE encryption scheme proposed in Jhanwar and Barua. 15 The rest of this paper is organized as follows. In Section 2, we recall the definition and notion for IBAKE protocols.…”

Section: Our Contributionmentioning

confidence: 99%

Cryptanalysis of an identity‐based authenticated key exchange protocol

Hatri

Otmani

Guenda

2017

Int J Communication

View full text Add to dashboard Cite

Authenticated Key Exchange (AKE) protocols represent an important cryptographic mechanism that enables several parties to communicate securely over an open network. Elashry, Mu and Susilo proposed an Identity Based Authenticated Key Exchange (IBAKE) protocol where different parties establish secure communication by means of their public identities.The authors also introduced a new security notion for IBAKE protocols called resiliency, that is, if the secret shared key is compromised, the entities can generate another shared secret key without establishing a new session between them. They then claimed that their IBAKE protocol satisfies this security notion.We analyze the security of their protocol and prove that it has a major security flaw which renders it insecure against an impersonation attack. We also disprove the resiliency property of their scheme by proposing an attack where an adversary can compute any share secret key if just one secret bit is leaked.

show abstract

“…Jhanwar and Barua [11] made some significant observations on the BGH systems (for solving equations in the form Rx 2 +Sy 2 ≡ 1 (mod N )) and proposed a trade-off system that reduces the private key length but increases the ciphertext length. They found that by knowing the value of S (mod N ), one can find a random solution to the equation Rx 2 + Sy 2 ≡ 1 (mod N ) using only one inversion in Z N .…”

Section: Introductionmentioning

confidence: 99%