eprint.iacr.org will be offline for approximately an hour for routine maintenance at 11pm UTC on Tuesday, April 16. We lost some data between April 12 and April 14, and some authors have been notified that they need to resubmit their papers.

Paper 2003/183

Certificate-Based Encryption and the Certificate Revocation Problem

Craig Gentry

Abstract

We introduce the notion of certificate-based encryption. In this model, a certificate -- or, more generally, a signature -- acts not only as a certificate but also as a decryption key. To decrypt a message, a keyholder needs both its secret key and an up-to-date certificate from its CA (or a signature from an authorizer). Certificate-based encryption combines the best aspects of identity-based encryption (implicit certification) and public key encryption (no escrow). We demonstrate how certificate-based encryption can be used to construct an efficient PKI requiring less infrastructure than previous proposals, including Micali's Novomodo, Naor-Nissim and Aiello-Lodha-Ostrovsky.

Note: This is a version of the Eurocrypt 2003 paper, identical except for this comment and a correction in Section 3.2. I'm posting it online to make it more widely available, particularly since a couple of recent works propose essentially the same idea.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Published elsewhere. Eurocrypt 2003
Contact author(s)
cgentry @ docomolabs-usa com
History
2003-09-06: received
Short URL
https://ia.cr/2003/183
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2003/183,
      author = {Craig Gentry},
      title = {Certificate-Based Encryption and the Certificate Revocation Problem},
      howpublished = {Cryptology ePrint Archive, Paper 2003/183},
      year = {2003},
      note = {\url{https://eprint.iacr.org/2003/183}},
      url = {https://eprint.iacr.org/2003/183}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.