An anonymous identity based encryption (anonymous IBE) scheme requires that an adversary can not determine the identity of the recipient from a ciphertext encrypted by the corresponding public key. The anonymity was formalized in previous works [1],[13], and this can be considered under chosen plaintext attack and adaptive chosen ciphertext attack, yielding two notions of security, ID-II-CPA and ID-II-CCA, where II denotes "indistinguishability of identities." However, how to obtain an ID-II-CCA secure anonymous IBE in the random oracle model is still a challenging problem. We firstly propose a new notion of plaintext awareness in the two identities setting, called PATI. Secondly, we prove that the IBE scheme is ID-II-CCA secure if it is PATI secure. Finally, we propose the first generic conversion for anonymous IBE from ID-II-CPA to ID-II-CCA in the random oracle model.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Changlu LIN, Yong LI, Qiupu ZHANG, Dingfeng YE, "Anonymous Identity Based Encryption with Plaintext Awareness in the Two Identities Setting" in IEICE TRANSACTIONS on Fundamentals,
vol. E91-A, no. 12, pp. 3828-3832, December 2008, doi: 10.1093/ietfec/e91-a.12.3828.
Abstract: An anonymous identity based encryption (anonymous IBE) scheme requires that an adversary can not determine the identity of the recipient from a ciphertext encrypted by the corresponding public key. The anonymity was formalized in previous works [1],[13], and this can be considered under chosen plaintext attack and adaptive chosen ciphertext attack, yielding two notions of security, ID-II-CPA and ID-II-CCA, where II denotes "indistinguishability of identities." However, how to obtain an ID-II-CCA secure anonymous IBE in the random oracle model is still a challenging problem. We firstly propose a new notion of plaintext awareness in the two identities setting, called PATI. Secondly, we prove that the IBE scheme is ID-II-CCA secure if it is PATI secure. Finally, we propose the first generic conversion for anonymous IBE from ID-II-CPA to ID-II-CCA in the random oracle model.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1093/ietfec/e91-a.12.3828/_p
Copy
@ARTICLE{e91-a_12_3828,
author={Changlu LIN, Yong LI, Qiupu ZHANG, Dingfeng YE, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Anonymous Identity Based Encryption with Plaintext Awareness in the Two Identities Setting},
year={2008},
volume={E91-A},
number={12},
pages={3828-3832},
abstract={An anonymous identity based encryption (anonymous IBE) scheme requires that an adversary can not determine the identity of the recipient from a ciphertext encrypted by the corresponding public key. The anonymity was formalized in previous works [1],[13], and this can be considered under chosen plaintext attack and adaptive chosen ciphertext attack, yielding two notions of security, ID-II-CPA and ID-II-CCA, where II denotes "indistinguishability of identities." However, how to obtain an ID-II-CCA secure anonymous IBE in the random oracle model is still a challenging problem. We firstly propose a new notion of plaintext awareness in the two identities setting, called PATI. Secondly, we prove that the IBE scheme is ID-II-CCA secure if it is PATI secure. Finally, we propose the first generic conversion for anonymous IBE from ID-II-CPA to ID-II-CCA in the random oracle model.},
keywords={},
doi={10.1093/ietfec/e91-a.12.3828},
ISSN={1745-1337},
month={December},}
Copy
TY - JOUR
TI - Anonymous Identity Based Encryption with Plaintext Awareness in the Two Identities Setting
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 3828
EP - 3832
AU - Changlu LIN
AU - Yong LI
AU - Qiupu ZHANG
AU - Dingfeng YE
PY - 2008
DO - 10.1093/ietfec/e91-a.12.3828
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E91-A
IS - 12
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - December 2008
AB - An anonymous identity based encryption (anonymous IBE) scheme requires that an adversary can not determine the identity of the recipient from a ciphertext encrypted by the corresponding public key. The anonymity was formalized in previous works [1],[13], and this can be considered under chosen plaintext attack and adaptive chosen ciphertext attack, yielding two notions of security, ID-II-CPA and ID-II-CCA, where II denotes "indistinguishability of identities." However, how to obtain an ID-II-CCA secure anonymous IBE in the random oracle model is still a challenging problem. We firstly propose a new notion of plaintext awareness in the two identities setting, called PATI. Secondly, we prove that the IBE scheme is ID-II-CCA secure if it is PATI secure. Finally, we propose the first generic conversion for anonymous IBE from ID-II-CPA to ID-II-CCA in the random oracle model.
ER -