Paper 2002/072

Authenticated Identity-Based Encryption

Ben Lynn

Abstract

Suppose Alice wishes to send a message to Bob using an identity-based encryption scheme (recall such a scheme is a public key cryptosystem where any string is a valid public key), but desires integrity as well as security. In other words, Alice wants Bob to know that only she could have sent the message. Furthermore, suppose she does not want the non-repudiation property that would necessarily be present if she simply used an identity-based signature scheme i.e. she does not want Bob to be able to prove to a third party that she is the sender. We augment the system of Boneh and Franklin to allow communication with integrity without nonrepudiation. We formalize notions of security and integrity for our scheme, and show that new encryption and decryption algorithms are more efficient, despite being equally secure and authenticated.

Metadata
Available format(s)
PDF PS
Category
Public-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
blynn @ cs stanford edu
History
2002-06-07: received
Short URL
https://ia.cr/2002/072
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2002/072,
      author = {Ben Lynn},
      title = {Authenticated Identity-Based Encryption},
      howpublished = {Cryptology ePrint Archive, Paper 2002/072},
      year = {2002},
      note = {\url{https://eprint.iacr.org/2002/072}},
      url = {https://eprint.iacr.org/2002/072}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.