Paper 2006/122
Chosen-Ciphertext Secure Identity-Based Encryption in the Standard Model with short Ciphertexts
Eike Kiltz
Abstract
We describe a practical identity-based encryption scheme that is secure in the standard model against chosen-ciphertext (CCA2) attacks. Security is based on an assumption comparable to (but slightly stronger than) Bilinear Decisonal Diffie-Hellman (BDDH). A comparison shows that our construction outperforms all known identity-based encryption schemes in the standard model and its performance is even comparable with the one from the random-oracle based Boneh/Franklin IBE scheme. Our proposed IBE scheme has furthermore the property that it fulfills some notion of ``redundancy-freeness", i.e. the encryption algorithm is not only a probabilistic injection but also a surjection. As a consequence the ciphertext overhead is nearly optimal: to encrypt $k$ bit messages for $k$ bit identities and with $k$ bit randomness we get $3k$ bit ciphertexts to guarantee (roughly) $k$ bits of security.
Note: Note: parts of this unpublished pre-print appeared as follows: Eike Kiltz and Yevgeniy Vahlis. CCA2 Secure IBE: Standard Model Efficiency through Authenticated Symmetric Encryption. Proceedings of CT-RSA 2008. Full version available on Cryptology ePrint Archive: Report 2008/020.
Metadata
- Available format(s)
-
PDF
- Category
- Public-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- Chosen-ciphertext securityIdentity-Based EncryptionBilinear Maps
- Contact author(s)
- kiltz @ cwi nl
- History
- 2008-11-19: last of 5 revisions
- 2006-03-29: received
- See all versions
- Short URL
- https://ia.cr/2006/122
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2006/122,
author = {Eike Kiltz},
title = {Chosen-Ciphertext Secure Identity-Based Encryption in the Standard Model with short Ciphertexts},
howpublished = {Cryptology {ePrint} Archive, Paper 2006/122},
year = {2006},
url = {https://eprint.iacr.org/2006/122}
}
