Cryptology ePrint Archive: Report 2021/033

Quantum-resistant Anonymous IBE with Traceable Identities

Zi-Yuan Liu and Yi-Fan Tseng and Raylin Tso and Masahiro Mambo and Yu-Chi Chen

Abstract: Identity-based encryption (IBE), introduced by Shamir in 1984, eliminates the need for public-key infrastructure. The sender can simply encrypt a message by using the recipient's identity (such as their email or IP address) without needing to look up the public key. In particular, when ciphertexts of an IBE scheme do not reveal the identity of the recipient, this scheme is known as an anonymous IBE scheme. Recently, Blazy et al. (ARES'19) analyzed the trade-off between public safety and unconditional privacy in anonymous IBE and introduced a new notion that incorporates traceability into anonymous IBE, called anonymous IBE with traceable identities (AIBET). However, their construction is based on the discrete logarithm assumption, which is insecure in the quantum era. In this paper, we first formalize the consistency of tracing key of the AIBET scheme to ensure that no adversary can obtain information with the use of wrong tracing keys. Subsequently, we present a generic formulation concept that can be used to transform structure-specific lattice-based anonymous IBE schemes into an AIBET scheme. Finally, we apply this concept to Katsumata and Yamada's compact anonymous IBE scheme (Asiacrypt'16) to obtain the first quantum-resistant AIBET scheme that is secure under the ring learning with errors assumption.

Category / Keywords: public-key cryptography / anonymous, identity-based encryption, lattice, traceable identity, quantum-resistant

Date: received 9 Jan 2021

Contact author: zyliu at cs nccu edu tw

Available format(s): PDF | BibTeX Citation

Version: 20210112:075605 (All versions of this report)

Short URL: ia.cr/2021/033


[ Cryptology ePrint archive ]