We propose simple and efficient CCA-secure public-key encryption schemes (i.e., schemes secure against adaptive chosen-ciphertext attacks) based on any identity-based encryption (IBE) scheme. Our constructions have ramifications of both theoretical and practical interest. First, our schemes give a new paradigm for achieving CCA-security; this paradigm avoids “proofs of well-formedness ” that have been shown to underlie previous constructions. Second, instantiating our construction using known IBE constructions we obtain CCA-secure encryption schemes whose performance is competitive with the most efficient CCA-secure schemes to date. Our techniques extend naturally to give an efficient method for securing IBE schemes (even hierarchical ones) against adaptive chosen-ciphertext attacks. Coupled with previous work, this gives the first efficient constructions of CCA-secure IBE schemes.

Recently, Canetti, Halevi, and Katz showed a general method for constructing CCA-secure encryption schemes from identity-based encryption schemes in the standard model. We improve the efficiency of their construction, and show two specific instantiations of our resulting scheme which offer the most efficient encryption (and, in one case, key generation) of any CCA-secure encryption scheme to date.

Identity-based encryption (IBE) is a special asymmetric encryption method where a public encryption key can be an arbitrary identifier and the corresponding private decryption key is created by binding the identifier with a system's master secret. In 2003 Sakai and Kasahara proposed a new IBE scheme, which has the potential to improve performance.

Identity-based cryptography uses pairing functions,which are sophisticated bilinear maps defined on elliptic curves.Computing pairings efficiently in software is presently a relevant research topic. Since such functions are very complex and slow in software, dedicated hardware (HW) implementations are worthy of being studied, but presently only very preliminary research is available. This work affords the problem of designing parallel dedicated HW architectures, i.e.,co-processors, for the Tate pairing, in the case of the Duursma-Lee algorithm in characteristic 3. Formal scheduling methodologies are applied to carry out an extensive exploration of the architectural solution space, evaluating the obtained structures by means of different figures of merit such as computation time, circuit area and combinations thereof.Comparisons with the (few) existing proposals are carried out, showing that a large space exists for the efficient parallelHW computation of pairings. Keywords: Area-time tradeoff, parallelism, scheduling, Tate pairing 1

Abstract. Sakai et. al in 2000 produced a method of construction identity based public/private key pairs using pairings on elliptic curves. In 2001, using the same key construction as Sakai et. al., Boneh and Franklin presented the first efficient and provably secure identity-based encryption scheme. In 2003 Sakai and Kasahara proposed another method of constructing identity based keys, also using pairings, which has the potential to improve performance. Later, Chen and Cheng gave a provably secure identity based scheme using this second construction. Both the Boneh–Franklin scheme and the scheme based on the second construction are not true hybrid encryption schemes in the traditional of the public key KEM/DEM approach. To address this issue, Bentahar et. al. extended the idea of key encapsulation mechanism to the identity based setting and presented three constructions in line with the original Sakai et. al. method of constructing identity based keys. In this paper we present another ID-KEM based on the second method of constructing identity based keys and prove its security. The new scheme has a number of advantages over all previous ID-based encryption schemes. 1

Abstract. We examine security protocols for the Grid Security Infrastructure (GSI) version 2 and identify a weakness of poor scalability as a result of GSI’s authentication framework requiring heavy interactions between a user-side client machine and resource suppliers. We improve the GSI architecture and protocols by proposing an alternative authentication framework for GSI, which uses dynamic public/private key pairs to avoid frequent communications to a significant extent. The improvement to the GSI security protocols is enabled by a novel application of an emerging cryptographic technique from bilinear pairings.

Binary tree encryption (BTE), a relaxation of hierarchical identity-based encryption (HIBE), has recently emerged as a useful and intriguing primitive. On the one hand, the definition of security for BTE is sufficiently "weak" that -- in contrast to HIBE -- constructions of BTE in the standard model are known. On the other hand, BTE is sufficiently powerful that it yields a number of applications which are important from both a theoretical and a practical point of view. This survey presents...

In this paper, we formulate a new theoretical problem, namely the reliable broadcast problem in unknown fixedidentity networks. This problem arises in the context of developing decentralized security mechanisms in a specificclass of distributed systems: Consider an undirected graph G connecting n nodes where each node is aware of only its neighbors but not of the entire graph. Additionally, each node has a unique identity and cannot fake its identity to its neighbors. Assume that k among the n nodes act in an adversarial manner and the remaining n-k are good nodes. Under what constraints does there exist a distributed algorithm # that enables every good node v to reliably broadcast a message m(v) to all other good nodes in G? While good nodes follow the algorithm #, an adversary can additionally discard messages, generate spurious messages or collude with other adversaries.

Abstract—Certificateless cryptosystems were proposed by Al-Riyami and Paterson in 2003 [1] to solve problems of public key cryptosystems based on PKI and based on identity. Up to now, various types of certificateless cryptographic primitives as encryption functions, signature schemes, key agreement protocols and etc, have been designed. But to the best of our knowledge, multiple-key agreement protocols have not been proposed based on certificateless cryptosystem yet. So in this paper we propose a certificateless authenticated multiple-key agreement protocol with bilinear pairings.