Abstract
Identity-Based (IB) cryptography is a rapidly emerging approach to public-key cryptography that does not require principals to pre-compute key pairs and obtain certificates for their public keys—instead, public keys can be arbitrary identifiers such as email addresses, while private keys are derived at any time by a trusted private key generator upon request by the designated principals. Despite the flurry of recent results on IB encryption and signature, some questions regarding the security and efficiency of practicing IB encryption (IBE) and signature (IBS) as a joint IB signature/encryption (IBSE) scheme with a common set of parameters and keys, remain unanswered.
We first propose a stringent security model for IBSE schemes. We require the usual strong security properties of: (for confidentiality) indistinguishability against adaptive chosen-ciphertext attacks, and (for non-repudiation) existential unforgeability against chosen-message insider attacks. In addition, to ensure as strong as possible ciphertext armoring, we also ask (for anonymity) that authorship not be transmitted in the clear, and (for unlinkability) that it remain unverifiable by anyone except (for authentication) by the legitimate recipient alone.
We then present an efficient IBSE construction, based on bilinear pairings, that satisfies all these security requirements, and yet is as compact as pairing-based IBE and IBS in isolation. Our scheme is secure, compact, fast and practical, offers detachable signatures, and supports multi-recipient encryption with signature sharing for maximum scalability.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
An, J.H., Dodis, Y., Rabin, T.: On the security of joint signature and encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, p. 83. Springer, Heidelberg (2002)
Barreto, P.S.L.M., Kim, H.Y., Lynn, B., Scott, M.: Efficient algorithms for pairing-based cryptosystems. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, p. 354. Springer, Heidelberg (2002)
Bellare, M., Rogaway, P.: Random oracles are practical: A paradigm for designing efficient protocols. In: Proc. Conf. Computer and Communication Security (1993)
Blake, I., Seroussi, G., Smart, N.: Elliptic Curves in Cryptography. Cambridge University Press, Cambridge (1999)
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001), See [6] for the full version.
Boneh, D., Franklin, M.: Identity based encryption from the weil pairing. Cryptology ePrint Archive, Report 2001/090 (2001), http://eprint.iacr.org/
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the Weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Cha, J.C., Cheon, J.H.: An identity-based signature from gap Diffie-Hellman groups. Cryptology ePrint Archive, Report 2002/018 (2002), http://eprint.iacr.org/
Chen, L., Kudla, C.: Identity based authenticated key agreement from pairings. Cryptology ePrint Archive, Report 2002/184 (2002), http://eprint.iacr.org/
Cocks, C.: An identity based encryption scheme based on quadratic residues. In: Proc. 8th IMA Int. Conf. Cryptography and Coding, pp. 26–28 (2001)
Feige, U., Fiat, A., Shamir, A.: A digital signature scheme secure against adaptive chosen-message attacks. SIAM J. Computing 17(2), 281–308 (1988)
Feige, U., Fiat, A., Shamir, A.: Zero-knowledge proofs of identity. J. Cryptology 1, 77–94 (1988)
Fiat, A., Shamir, A.: How to prove yourself: Practical solutions to identification and signature problems. In: Odlyzko, A.M. (ed.) CRYPTO 1986. LNCS, vol. 263, pp. 186–194. Springer, Heidelberg (1987)
Galbraith, S.D., Harrison, K., Soldera, D.: Implementing the Tate pairing. Technical Report HPL-2002-23, HP Laboratories Bristol (2002)
Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. Cryptology ePrint Archive, Report 2002/056 (2002), http://eprint.iacr.org/
Hess, F.: Exponent group signature schemes and efficient identity based signature schemes based on pairings. Cryptology ePrint Archive, Report 2002/012 (2002), http://eprint.iacr.org/
Horwitz, J., Lynn, B.: Toward hierarchical identity-based encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 466–481. Springer, Heidelberg (2002)
Joux, A.: A one round protocol for tripartite Diffie-Hellman. In: Bosma, W. (ed.) ANTS 2000. LNCS, vol. 1838, pp. 294–385. Springer, Heidelberg (2000)
Libert, B., Quisquater, J.-J.: New identity based signcryption schemes based on pairings. Cryptology ePrint Archive, Report 2003/023 (2003), http://eprint.iacr.org/
Lynn, B.: Authenticated identity-based encryption. Cryptology ePrint Archive, Report 2002/072 (2002), http://eprint.iacr.org/
Malone-Lee, J.: Identity-based signcryption. Cryptology ePrint Archive, Report 2002/098 (2002), http://eprint.iacr.org/
Paterson, K.G.: ID-based signatures from pairings on elliptic curves. Cryptology ePrint Archive, Report 2002/004 (2002), http://eprint.iacr.org/
Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairings. In: Proc. SCIS 2000, Okinawa, Japan, pp. 26–28 (2000)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Smart, N.P.: An identity based authenticated key agreement protocol based on the Weil pairing. Cryptology ePrint Archive, Report 2001/111 (2001), http://eprint.iacr.org/
Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. J. Cryptology 13, 361–396 (2000)
Zheng, Y.: Digital signcryption or how to achieve cost (Signature & encryption) < < cost(Signature) + cost(Encryption). In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 165–179. Springer, Heidelberg (1997)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Boyen, X. (2003). Multipurpose Identity-Based Signcryption. In: Boneh, D. (eds) Advances in Cryptology - CRYPTO 2003. CRYPTO 2003. Lecture Notes in Computer Science, vol 2729. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45146-4_23
Download citation
DOI: https://doi.org/10.1007/978-3-540-45146-4_23
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40674-7
Online ISBN: 978-3-540-45146-4
eBook Packages: Springer Book Archive