Paper 2004/172

Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles

Dan Boneh and Xavier Boyen


We construct two efficient Identity Based Encryption (IBE) systems that are selective identity secure {\em without the random oracle model} in groups equipped with a bilinear map. Selective identity secure IBE is a slightly weaker security model than the standard security model for IBE. In this model the adversary must commit ahead of time to the identity that it intends to attack, whereas in the standard model the adversary is allowed to choose this identity adaptively. The first system is based on the decisional bilinear Diffie-Hellman assumption, and extends to give a selective identity Hierarchical IBE secure without random oracles. The second system is based on a related assumption called the bilinear Diffie-Hellman inversion assumption. Applications of either system include an efficient CCA2 public key cryptosystem that supports non-interactive threshold decryption in the standard model, and a simple and practical IBE system that remains secure against full adaptive-ID attacks, under some security penalty, without random oracles.

Note: Added: fast private key extraction, identity hashing without collision resistance, fully secure IBE, non-interactive threshold CCA2 cryptosystem, etc.

Available format(s)
Public-key cryptography
Publication info
Published elsewhere. An extended abstract appears in EUROCRYPT 2004.
identity-based encryptionprovable security
Contact author(s)
eprint @ boyen org
2004-12-08: last of 3 revisions
2004-07-21: received
See all versions
Short URL
Creative Commons Attribution


      author = {Dan Boneh and Xavier Boyen},
      title = {Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles},
      howpublished = {Cryptology ePrint Archive, Paper 2004/172},
      year = {2004},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.