Cryptology ePrint Archive: Report 2008/466

Combined (identity-based) public key schemes

Maria Isabel Gonzalez Vasco and Florian Hess and Rainer Steinwandt

Abstract: Consider a scenario in which parties use a public key encryption scheme and a signature scheme with a single public key/private key pair---so the private key sk is used for both signing and decrypting. Such a simultaneous use of a key is in general considered poor cryptographic practice, but from an efficiency point of view looks attractive.

We offer security notions to analyze such violations of key separation. For both the identity- and the non-identity-based setting, we show that---although being insecure in general---for schemes of interest the resulting combined (identity-based) public key scheme can offer strong security guarantees.

Category / Keywords: public-key cryptography / combined public key scheme, identity-based cryptography, key separation

Date: received 3 Nov 2008, last revised 3 Feb 2009

Contact author: rsteinwa at fau edu

Available formats: Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Version: 20090204:005001 (All versions of this report)

Discussion forum: Show discussion | Start new discussion