Paper 2010/141

A Reflection on the Security Proofs of Boneh-Franklin Identity-Based Encryption

Yu Chen

Abstract

Boneh and Franklin constructed the first practical Identity-Based Encryption scheme (BF-IBE) [1] and proved its security based on the computational Bilinear Diffie-Hellman assumption (CBDH) in 2001. The correct- ness of its security proof was long believed to be correct until in 2005, Galindo [2] noticed a flawed step in the original proof. In the same paper, Galindo provided a new proof with a looser security reduction. Shortly after- wards, Nishioka [3] improved Galindo’s proof to achieve a tighter security reduction. In the same year, Zhang and Imai [4] gave another proof of BF-IBE. Unfortunately, we find that none of their proofs is flawless. In this paper, besides identifying and fixing the lapses in previous proofs, we present two new proofs for the CCA security of BF-IBE. The first proof is proved via selective-identity security with imposing a natural constraint to the original scheme. The second proof is proved by directly reducing the security to a stronger assumption, namely the gap Bilinear Diffie-Hellman (GBDH) assumption.

Note: Correct some errors.