ArticlePDF Available

Secure Key Issuing in ID-based Cryptography

Authors:
Byoungcheon Lee at Joongbu University
Byoungcheon Lee
Colin Boyd
Colin Boyd
Colin Boyd
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Kwangjo Kim at Korea Advanced Institute of Science and Technology
Kwangjo Kim
Jeongmo Yang
Jeongmo Yang
Jeongmo Yang
  • This person is not on ResearchGate, or hasn't claimed this research yet.
Show all 5 authorsHide
Download full-text PDFDownload full-text PDF
Read full-text
Download citation

Abstract

ID-based cryptosystems have many advantages over PKI based cryptosystems in key distribution, but they also have an inherent drawback of key escrow problem, i.e. users' private keys are known to the key generation center (KGC). Therefore secure key issuing (SKI) is an important issue in ID-based cryptography. In multiple authority approach (Boneh & Franklin 2001, Chen et al. 2002), key generation function is distributed to multiple authorities. Keeping key privacy using user-chosen secret information (Gentry 2003, Al-Riyami & Paterson 2003) is a simple and e#cient solution, but it loses the advantages of ID-based cryptosystems.
downlo
ad.pdf
Content uploaded by Byoungcheon Lee
Author content
All content in this area was uploaded by Byoungcheon Lee on Dec 14, 2012
Content may be subject to copyright.
downlo
ad.pdf
Content uploaded by Byoungcheon Lee
Author content
All content in this area was uploaded by Byoungcheon Lee on Dec 14, 2012
Content may be subject to copyright.
A preview of the PDF is not available
... Thus the scheme obtains only trust level I and the problem of key escrow still remains. In the same year, Lee et al. [23] proposed a key issuing protocol, addressing the key escrow problem and secure channel requirement. In this protocol, a user's private key is issued by a key generation center, and its privacy is protected by multiple key privacy authorities (KPAs). ...
... However, the scheme suffers from the following attacks as pointed out by Gangishetti et al. [24]: (i) impersonation attack (can be done by any user) (ii) insider attack (can be done by any of the KPAs) (iii) Incompetency of KPAs. Moreover, Chunxiang et al. [25] have shown that a malicious KGC can successfully attack the Lee et al.'s protocol [23]to obtain users private keys. Gangishetti et al. [24] proposed a new key issuing protocol, which involves one KGC and n KPAs. ...
Analyzing the Key Escrow Problem in Identity Based Cryptography and Security Notions of Key Management Techniques
Research
Full-text available
  • Nov 2017
Identity-based cryptosystem has been the most active research area in cryptographic society. In such system, Public keys are some attribute of a user's identity, such as an email address, phone number, or social security number. ID-based cryptosystems have many advantages over PKI based cryptosystems in key distribution, but they also have an inherent drawback of key escrow problem, i.e. users' private keys are known to the key generation center (KGC). Therefore secure key issuing (SKI) is an important issue in ID-based cryptography (IBC). In this paper, we survey some important key issuing protocols in identity based cryptographic schemes and subsequently we analyze the key escrow problem in Identity based cryptosystems.
View
... Secure key issuing solutions Lee et al. [23] addressed the overhead of authenticating a single user multiple times by introducing the multiple autonomous key privacy authorities (KPAs) along with the single KGC, where KPA protects the user's private key sequentially, and KGC authenticates the user only once. Recently, Kumar et al. [10] extended scheme [23] and gave an efficient mechanism to generate an escrow-free key for the user and implement an IBE scheme in the ROM. ...
... Secure key issuing solutions Lee et al. [23] addressed the overhead of authenticating a single user multiple times by introducing the multiple autonomous key privacy authorities (KPAs) along with the single KGC, where KPA protects the user's private key sequentially, and KGC authenticates the user only once. Recently, Kumar et al. [10] extended scheme [23] and gave an efficient mechanism to generate an escrow-free key for the user and implement an IBE scheme in the ROM. Recently, Kumar et al. [24] discussed identitybased signcryption scheme, a variant of IBS and implemented a secure video-on-demand scheme and addressed the misbehavior of untrusted service. ...
Escrow-Less Identity-Based Signature Scheme with Outsourced Protection in Cloud Computing
Article
Full-text available
  • Oct 2020
  • WIRELESS PERS COMMUN
The identity-based cryptosystem (IBC) outfits with the most beneficial key management procedures. The IBC is bounded to the small network system due to the internal key escrow problem, which leads to two other problems: key abusing and user slandering problems. Some solutions that address the key escrow problem are certificate-less cryptosystems and multiple authorities-based IBC. However, they are expensive in terms of computation or loss of the identity-based feature. This paper presents an escrow-less identity-based signature (EL-IBS) scheme, where we employ one key generation center that authenticates a user and many authorities that issue a protected private key share without user authentication. We also outsource the key protection overhead to the cloud privacy centers. We proved that the our EL-IBS scheme is existential unforgeable, key abusing and existential user slandering secured against adaptively chosen message attack under the random oracle model and the well-known computational Diffie–Hellman problem.
View
... an IBE scheme that was based on quadratic residue. In Lee et al. [7] proposed a new IBE scheme in which a private key is issued by a key generation center (KGC) and multiple key privacy authorities protect its privacy. Their scheme provides a secure channel in which a simple blinding technique is used for pairing-based cryptography. ...
Efficient Extended Chaotic Map-Based IBE for Industrial Environment
Article
Full-text available
  • Jan 2022
Identity-based encryption is a public key-based method of encryption that enables communicating identities to use some individual and unique information, such as their physical IP addresses and MAC addresses, to identify them and as public keys. The scheme does not require the extra device to store long-term public keys. So, it is convenient for use in practical applications, including smart industry and smart manufacturing. This study develops a novel, efficient, and secure identity-based encryption scheme using an extended Chebyshev chaotic map that has recently been demonstrated to outperform traditional cryptography, including modular exponential computations or scalar multiplications on elliptic curves. Besides demonstrating that the proposed scheme satisfies the security requirements of identity-based encryption, the simulation results of this study show that the proposed scheme requires less response time than related identity-based encryption schemes. Due to hardware limitations, not all industrial devices can load heavy computations. Therefore, the proposed identity-based encryption scheme outperforms related identity-based encryption approaches, and is suitable for industrial environment.
View
... The second approach to deal with the msk leakage problem is to adopt the Distributed Key Generation (DKG), by distributing the power of user private key generation among multiple parties rather than a single PKG. The n Key Privacy Authorities (KPAs) based scheme [19] and the n Trusted Authorities (TAs) based scheme [9] allow the n trusted parties to pick their secret keys freely. Both schemes are general methods applicable to all IBC schemes, but they are not compatible with the IBC algorithms after user private key generation (e.g., the encryption, signature and key agreement). ...
Distributed Key Generation for SM9-Based Systems
Chapter
Full-text available
  • Mar 2021
Identity-Based Cryptography (IBC) is a useful tool for the security of IoT devices, but securely deploying this cryptographic technique to the IoT systems is quite challenging. For instance, a leakage of the master secret key will result in the leakage of all IoT devices’ private keys. SM9 is the only approved IBC algorithm standard in China. It is critical to have mechanisms to protect the SM9 master secret keys. In this work, to reduce the risk of the master secret key leakage, we propose a (t, n)-threshold distributed private key generation scheme for SM9 with some techniques from multiparty computation. Our scheme is compatible with all the three SM9 sub-algorithms (i.e., the encryption, signature and key agreement). It is also provably secure and completely eliminates the single point of failures in SM9 that is concerned by the industry. The experimental analysis indicates that the proposed scheme is efficient, e.g., up to 1 million private key generation requests can be handled per day.
View
... This will eliminate the full dependency on KGC for generating public-private key pair [16]. The scheme tries to eliminate the inherent key escrow problem [18][19][20] and also aims to generate revocable public-private key pairs [16] Mediators [21], a semi-trusted third party, have also been used to address this problem. In this, mediators will help users in the decryption process by having a partial share of private keys in all users. ...
Improved Identity Based Encryption System (IIBES): A Mechanism for Eliminating the Key-Escrow Problem
Article
Full-text available
  • Feb 2021
A revolutionary change to public-key cryptography can be considered as an Identity Based Cryptography (IBC) in which identity of the receiver is being used as a public key for encrypting a message and Key Generation Centre (KGC). IBC will generate and distribute the private key to each user to decrypt a message. The thought behind presenting the scheme was to improve and reduce the complexity of certificate and key management, but it also gives rise to key escrow problem, access to encrypted information to unauthorized users. The paper represents Improved Identity-Based Encryption Scheme (IIBES) for Domain Name System (DNS) security which provides confidentiality and authentication through modified identity based encryption and identity based digital signatures. The IIBES comprises key revocation mechanism for non-revoked users and also eliminates key escrow problem. Thus, the IIBES aids to implement the identity-based cryptography more safely in reality and protects DNS against cache poisoning, spoofing attack and masquerade attack. Doi: 10.28991/esj-2021-01259 Full Text: PDF
View
Identity-Based Cryptography
Chapter
  • Jan 2012
Since computer systems and communication become each time more pervasive, information security takes attention, requiring guarantees for data authentication, integrity and confidentiality. Pervasive communication and computer systems intend to provide access to information and services anytime and anywhere, demanding cryptographic systems more practical and that consider the characteristics of emerging network paradigms, such as wireless communication, device constraints and mobility. Identity-Based Cryptography (IBC) is an asymmetric key cryptographic technology that employs as user’s public key any unique information related to the identity of the user. IBC efficiently manages keying material and provides an easy way to issue a pair of keys applying user information. However, it assumes the existence of a Trusted Third Party (TTP), called Private Key Generator (PKG), which is responsible for generating the corresponding user private key. Relying on a TTP and using an identity as the base of the scheme result in different weaknesses on the system, as the inherent key escrow problem. This chapter investigates those weaknesses, and it points out the stat-of-the-art of proposed solutions to avoid them. This chapter also provides an overview of Identity-Based Encryption (IBE), Identity-Based Signature (IBS) and Identity-Based Key Agreement (IBKA), emphasizing IBE due to being an open problem for many years. This chapter concludes highlighting IBC applications and future trends.
View
A Pairing-Less Identity-Based Blind Signature with Message Recovery Scheme for Cloud-Assisted Services
Chapter
  • Mar 2020
The rapid growing big data enforces many organizations to shift their data and services like digital right management, e-payment, and e-voting systems to the cloud. In such cloud-assisted services, the blind signature scheme could be one of the cryptographic tools, which provides the integrity of data and user anonymity. It allows the user to ask the signer for signing on message without disclosing any information about the content to the signer. Since several blind signature schemes have been proposed, but due to the expensive computation and bandwidth cost, they are impractical for the cloud-assisted as well as Internet-based environment. In this paper, we propose a new provable secure identity-based blind signature scheme with message recovery (IDBS-MR) using the elliptic curve cryptography. The proposed IDBS-MR scheme does not transmit the message with the signature while the message is recovered during verification round; hence it has the least message-signature length. The security analysis shows that the proposed IDBS-MR scheme is secured against existential forgery attack under the adaptive chosen message and ID attacks (EF-ID-CMA) under the assumption of solving the ECDL problem, and random oracle model (ROM) and achieves blindness property. The performance analysis shows that our scheme is efficient as compared to related existing schemes.
View
An efficient and secure identity based multiple signatures scheme based on RSA
Article
  • Nov 2019
Information security is one of the main concerns today. Digital signature plays an important role to ensure authentication, non-integrity and non-repudiation on a message. Digital signature can be computed using RSA, DSA and elliptic curve cryptography. It can be simple signature in which hash of the message is encrypted with the private key of the sender. This private key and corresponding public keys are generated by CA, and public key are bind in the digital certificate. Another approach is Identity Based (ID) signature in which private keys are generated by PKG and public key is derived from the user’s identity. This is also known as certificate less communication. In ID based signature, there is no need to transmit public key over unsecure channel. Public keys are efficiently derived from the receiver’s identity information such as name, email address, network address, IP address and now aadhar number. Email address can be forged by unauthorized persons. Today aadhar number is used as unique identity proof that can be used as ID to derive public key of the user. In this paper we have used aadhar number to propose an efficient and secure identity based multiple signature schemes using RSA. Proposed scheme is secure against forgery and public key replacement attack.
View
Efficient and Provably Secure Multi-receiver Signcryption Scheme for Multicast Communication in Edge Computing
Article
  • Oct 2019
With the popularity of edge computing, edge nodes are connected with IoT devices to process and analyze IoT-created data, and feedback corresponding results to users, devices or data centers. In the edge computing environment, multicast is a typical communication pattern to support data transmitting between edges and devices. It allows the sender to send messages to multiple receivers in one broadcast message. To construct a secure multicast channel, the primary issue is to ensure the privacy and credibility of the transmitted message in the open wireless communication. Then, another essential issue for multicast channels is receiver anonymity, i.e., only the sender knows the receivers’ identities. Also, efficiency and provable security are critical in scheme design. In this paper, we design a certificateless multi-message and multi-receiver signcryption (CLMMSC) scheme by using the elliptic curve cryptography. To facilitate lightweight deployment, we adapt the certificateless mechanism to reduce system operation and maintenance costs. Then, through security proofs, we demonstrate that the proposed scheme can achieve the expected security properties. The performance analysis shows that the proposed scheme has lower communication costs than previous CLMMSC schemes.
View
An Energy Efficient Integrated Framework For Secure Routing And Key Management In Mobile Ad-Hoc Networks
Article
Full-text available
  • Oct 2019
MANETs) are being very trendy these days and used in a number of applications where security is challange like military operations or other sensitive projects, whereby if the network is compromised then the outcomes can be terrible. It would not be easy task to apply energy efficient and reliable routing in MANETs, because it will not be possible to recharge / replace a battery of mobile node. To take full benefit of the lifetime of nodes, traffic should be routed in a way that energy usage also should be minimized. A lot of security proposal have came which address different protocol stack but no scheme is fully integrated with respect of energy and security. The proposed integrated approach based on Identity cryptography which belongs to the class of pair wise cryptography, addresses all the concerns like secure routing and key management as well as energy.It is a general method for providing routing security and can be applied to any routing protocols.
View
View
View
View
Certificateless public key cryptography
Conference Paper
  • Jan 2003
  • Lect Notes Comput Sci
This paper introduces and makes concrete the concept of certificateless public key cryptography (CL-PKC), a model for the use of public key cryptography which avoids the inherent escrow of identity-based cryptography and yet which does not require certificates to guarantee the authenticity of public keys. The lack of certificates and the presence of an adversary who has access to a master key necessitates the careful development of a new security model. We focus on certificateless public key encryption (CL-PKE), showing that a concrete pairing-based CL-PKE scheme is secure provided that an underlying problem closely related to the Bilinear Diffie-Hellman Problem is hard.
View
View
View
View
Cryptography from Pairings: A Snapshot of Current Research
Article
  • Dec 2002
  • Inform Secur Tech Rep
Recently there has been an explosion of interest in the use of pairings on elliptic curves in cryptography. We provide a self-contained snapshot of current research in this area. Our aim is to give the reader unfamiliar with the subject a briefing on the key ideas and trends along with pointers to further literature.
View
Efficient Identity Based Signature Schemes Based on Pairings
Conference Paper
  • Feb 2003
We develop an efficient identity based signature scheme based on pairings whose security relies on the hardness of the Diffie-Hellman problem in the random oracle model. We describe how this scheme is obtained as a special version of a more general generic scheme which yields further new provably secure identity based signature schemes if pairings are used. The generic scheme also includes traditional public key signature schemes.We further discuss issues of key escrow and the distribution of keys to multiple trust authorities. The appendix contains a brief description of the relevant properties of supersingular elliptic curves and the Weil and Tate pairings.
View
Identity-Based Encryption from the Weil Pairing
Conference Paper
  • Aug 2001
We propose a fully functional identity-based encryption scheme (IBE). The scheme has chosen ciphertext security in the random oracle model assuming an elliptic curve variant of the computational Diffie-Hellman problem. Our system is based on the Weil pairing. We give precise definitions for secure identity based encryption schemes and give several applications for such systems.
View