Results 1 
5 of
5
Towards BlackBox Accountable Authority IBE with Short Ciphertexts and Private Keys
, 2008
"... Abstract. At Crypto’07, Goyal introduced the concept of Accountable Authority IdentityBased Encryption as a convenient tool to reduce the amount of trust in authorities in IdentityBased Encryption. In this model, if the Private Key Generator (PKG) maliciously redistributes users’ decryption keys, ..."
Abstract

Cited by 10 (2 self)
 Add to MetaCart
Abstract. At Crypto’07, Goyal introduced the concept of Accountable Authority IdentityBased Encryption as a convenient tool to reduce the amount of trust in authorities in IdentityBased Encryption. In this model, if the Private Key Generator (PKG) maliciously redistributes users’ decryption keys, it runs the risk of being caught and prosecuted. Goyal proposed two constructions: the first one is efficient but can only trace wellformed decryption keys to their source; the second one allows tracing obfuscated decryption boxes in a model (called weak blackbox model) where cheating authorities have no decryption oracle. The latter scheme is unfortunately far less efficient in terms of decryption cost and ciphertext size. In this work, we propose a new construction that combines the efficiency of Goyal’s first proposal with a very simple weak blackbox tracing mechanism. Our scheme is described in the selectiveID model but readily extends to meet all security properties in the adaptiveID sense, which is not known to be true for prior blackbox schemes. Keywords. Identitybased encryption, traceability, efficiency. 1
Full Security: Fuzzy Identity Based Encryption
"... Abstract. At EUROCRYPT 2005, Sahai and Waters presented the Fuzzy Identity Based Encryption (FuzzyIBE) which could be used for biometrics and attributebased encryption in the selectiveidentity model. When a secure FuzzyIBE scheme in the selectiveidentity model is transformed to full identity mo ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract. At EUROCRYPT 2005, Sahai and Waters presented the Fuzzy Identity Based Encryption (FuzzyIBE) which could be used for biometrics and attributebased encryption in the selectiveidentity model. When a secure FuzzyIBE scheme in the selectiveidentity model is transformed to full identity model it exist an exponential loss of security. In this paper, we use the CPA secure Gentry's IBE (exponent inversion IBE) to construct the first Fuzzy IBE that is fully secure without random oracles. In addition, the same technique is used to the modification of CCA secure Gentry's IBE which introduced by Kiltz and Vahlis to get the CCA secure Fuzzy IBE in the fullidentity model.
FAULT ATTACKS ON PAIRINGBASED PROTOCOLS REVISITED
"... Abstract. Several papers have studied fault attacks on computing a pairing value e(P,Q), where P is a public point and Q is a secret point. In this paper, we observe that these attacks are in fact effective only on a small number of pairingbased protocols, and that too only when the protocols are i ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Abstract. Several papers have studied fault attacks on computing a pairing value e(P,Q), where P is a public point and Q is a secret point. In this paper, we observe that these attacks are in fact effective only on a small number of pairingbased protocols, and that too only when the protocols are implemented with specific symmetric pairings. We demonstrate the effectiveness of the fault attacks on a publickey encryption scheme, an identitybased encryption scheme, and an oblivious transfer protocol when implemented with a symmetric pairing derived from a supersingular elliptic curve with embedding degree 2. 1.
On the Impossibility of Strong Encryption over ...
"... We give two impossibility results regarding strong encryption over an infinite enumerable domain. The first one relates to statistically secure onetime encryption. The second one relates to computationally secure encryption resisting adaptive chosen ciphertext attacks in streaming mode with bounded ..."
Abstract
 Add to MetaCart
(Show Context)
We give two impossibility results regarding strong encryption over an infinite enumerable domain. The first one relates to statistically secure onetime encryption. The second one relates to computationally secure encryption resisting adaptive chosen ciphertext attacks in streaming mode with bounded resources: memory, time delay or output length. Curiously, both impossibility results can be achieved with either finite or continuous domains. The latter result explains why known CCAsecure cryptosystem constructions require at least two passes to decrypt a message with bounded resources.
Towards Practical BlackBox Accountable Authority IBE: Weak BlackBox Traceability with Short Ciphertexts and Private Keys
"... Abstract. At Crypto’07, Goyal introduced the concept of Accountable Authority IdentityBased Encryption (AIBE) as a convenient tool to reduce the amount of trust in authorities in IdentityBased Encryption. In this model, if the Private Key Generator (PKG) maliciously redistributes users ’ decry ..."
Abstract
 Add to MetaCart
(Show Context)
Abstract. At Crypto’07, Goyal introduced the concept of Accountable Authority IdentityBased Encryption (AIBE) as a convenient tool to reduce the amount of trust in authorities in IdentityBased Encryption. In this model, if the Private Key Generator (PKG) maliciously redistributes users ’ decryption keys, it runs the risk of being caught and prosecuted. Goyal proposed two constructions: the first one is efficient but can only trace wellformed decryption keys to their source; the second one allows tracing obfuscated decryption boxes in a model (called weak blackbox model) where cheating authorities have no decryption oracle. The latter scheme is unfortunately far less efficient in terms of decryption cost and ciphertext size. The contribution of this paper is to describe a new construction that combines the efficiency of Goyal’s first proposal with a simple weak blackbox tracing mechanism. The proposed scheme is the first AIBE that meets all security properties (although traceability is only guaranteed in the weak blackbox model) in the adaptiveID sense.