Cryptology ePrint Archive: Report 2004/258

Escrow-Free Encryption Supporting Cryptographic Workflow

S.S. Al-Riyami and J. Malone-Lee and N.P. Smart

Abstract: Since Boneh and Franklin published their seminal paper on identity based encryption (IBE) using the Weil pairing , there has been a great deal of interest in cryptographic primitives based on elliptic-curve pairings. One particularly interesting application has been to control access to data, via possibly complex policies. In this paper we continue the research in this vein. We present an encryption scheme such that the receiver of an encrypted message can only decrypt if it satisfies a particular policy chosen by the sender at the time of encryption. Unlike standard IBE, our encryption scheme is escrow free in that no key-issuing authority (or colluding set of key-issuing authorities) is able to decrypt ciphertexts itself. In addition we describe a security model for the scenario in question and provide proofs of security for our scheme (in the random oracle model).

Category / Keywords: cryptographic protocols / pairings

Date: received 7 Oct 2004, last revised 5 May 2005

Contact author: nigel at cs bris ac uk

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20050505:081520 (All versions of this report)

Short URL: ia.cr/2004/258

Discussion forum: Show discussion | Start new discussion