New security notions for identity based encryption

by Sriramkrishnan Srinivasan

RHUL-MA-2011-3

Abstract:

We study extended security notions for Identity Based
Encryption (IBE) in settings where multiple Trusted Authorities
(TAs) share some common parameters, as distinct from most
existing research considering a single TA that issues keys to
users in a system. We extend current notions of security for
IBE to the multi-TA setting, and in addition, formalize the
notion of TA anonymity. We study the security properties of
natural multi-TA analogues of existing IBE schemes in both the
Random Oracle Model (ROM) and the Standard Model with respect
to these new notions. We give a modified multi-TA version of a
Fujisaki-Okamoto transform (in the ROM), and multi-TA versions
of the Canetti-Halevi-Katz and Boneh-Katz transforms (in the
Standard Model), which are used to build strong cryptographic
schemes, from schemes meeting weaker notions of security. Using
our new ideas, we also give the first generic methods to
construct Key Private Public Key Encryption schemes in the
Standard model.

We consider the applications of IBE schemes that not only share
common parameters, but in addition share additional public
parameters in such a way that a ciphertext created for an
identity and a particular TA can be read by a recipient with
the same identity, but with a private key issued by another TA.
This gives us extensions to the basic IBE primitive which
enable flexible and secure communications in coalition
environments.

We also present an extended security model for Identity Based
Non Interactive Key Distribution (ID-NIKD). In addition, we
present a transform that takes an IDNIKD scheme that is secure
in this extended security model and satisfies some mild
technical conditions, and produces an IND-ID-CPA secure IBE
scheme. These results shed light on the relationships between
existing ID-NIKD and IBE schemes.