Cryptology ePrint Archive: Report 2009/355

Asynchronous Distributed Private-Key Generators for Identity-Based Cryptography

Aniket Kate and Ian Goldberg

Abstract: An identity-based encryption (IBE) scheme can greatly reduce the complexity of sending encrypted messages over the Internet. However, an IBE scheme necessarily requires a private-key generator (PKG), which can create private keys for clients, and so can passively eavesdrop on all encrypted communications. Although a distributed PKG has been suggested as a way to mitigate this problem for Boneh and Franklin's IBE scheme, the security of this distributed protocol has not been proven and the proposed solution does not work over the asynchronous Internet. Further, a distributed PKG has not been considered for any other IBE scheme.

In this paper, we design distributed PKG setup and private key extraction protocols in an asynchronous communication model for three important IBE schemes; namely, Boneh and Franklin's IBE, Sakai and Kasahara's IBE, and Boneh and Boyen's BB1-IBE. We give special attention to the applicability of our protocols to all possible types of bilinear pairings and prove their IND-ID-CCA security in the random oracle model. Finally, we also perform a comparative analysis of these protocols and present recommendations for their use.

Category / Keywords: public-key cryptography / Asynchronous communication model, Identity-based encryption (IBE), Private-key generator (PKG), Distributed key generation (DKG)

Date: received 17 Jul 2009, last revised 23 Jul 2010

Contact author: akate at cs uwaterloo ca

Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation

Note: This is an extended version of our paper appearing in 7th Conference on Security and Cryptography for Networks (SCN 2010).

Version: 20100723:210612 (All versions of this report)

Short URL: ia.cr/2009/355

Discussion forum: Show discussion | Start new discussion