Paper 2005/288

Direct Chosen Ciphertext Security from Identity-Based Techniques

Xavier Boyen, Qixiang Mei, and Brent Waters

Abstract

We describe a new encryption technique that is secure in the standard model against adaptive chosen ciphertext (CCA2) attacks. We base our method on two very efficient Identity-Based Encryption (IBE) schemes without random oracles due to Boneh and Boyen, and Waters. Unlike previous CCA2-secure cryptosystems that use IBE as a black box, our approach is endogenous, very simple, and compact. It makes direct use of the underlying IBE structure, and requires no cryptographic primitive other than the IBE scheme itself. This conveys several advantages. We achieve shorter ciphertext size than the best known instantiations of the other methods, and our technique is as efficient as the Boneh and Katz method (and more so than that of Canetti, Halevi, and Katz). Further, our method operates nicely on hierarchical IBE, and since it allows the validity of ciphertexts to be checked publicly, it can be used to construct systems with non-interactive threshold decryption. In this paper we describe two main constructions: a full encryption system based on the Waters adaptive-ID secure IBE, and a KEM based on the Boneh-Boyen selective-ID secure IBE. Both systems are shown CCA2-secure in the standard model, the latter with a tight reduction. We discuss several uses and extensions of our approach, and draw comparisons with other schemes that are provably secure in the standard model.

Note: Minor corrections in Table 1.

Metadata
Available format(s)
PDF PS
Category
Public-key cryptography
Publication info
Published elsewhere. An extended abstract is to appear in ACM CCS 2005.
Keywords
chosen ciphertext security
Contact author(s)
eprint @ boyen org
History
2006-06-07: last of 6 revisions
2005-08-27: received
See all versions
Short URL
https://ia.cr/2005/288
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2005/288,
      author = {Xavier Boyen and Qixiang Mei and Brent Waters},
      title = {Direct Chosen Ciphertext Security from Identity-Based Techniques},
      howpublished = {Cryptology ePrint Archive, Paper 2005/288},
      year = {2005},
      note = {\url{https://eprint.iacr.org/2005/288}},
      url = {https://eprint.iacr.org/2005/288}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.