TITLE:
Security Analysis of a Privacy-Preserving Identity-Based Encryption Architecture
AUTHORS:
Carlisle Adams
KEYWORDS:
Security Analysis, Identity-Based Encryption (IBE), Reducing Trust, Preserving Privacy, Honest-but-Curious Attacker, Malicious Attacker
JOURNAL NAME:
Journal of Information Security,
Vol.13 No.4,
October
12,
2022
ABSTRACT: Identity-Based Encryption (IBE) has seen limited adoption, largely due to
the absolute trust that must be placed in the
private key generator (PKG)—an authority that computes the private keys for all the users in the
environment. Several constructions have been proposed to reduce the trust
required in the PKG (and thus preserve the privacy of users), but these have
generally relied on unrealistic assumptions regarding non-collusion between
various entities in the system.
Unfortunately, these constructions have not significantly improved IBE adoption
rates in real-world environments. In this paper, we present a construction that reduces trust in the PKG without
unrealistic non-collusion assumptions. We achieve this by incorporating
a novel combination of digital credential
technology and bilinear maps, and making use of multiple randomly-chosen entities to complete certain tasks. The
main result and primary contribution of this paper are a thorough security analysis of this proposed
construction, examining the various entity
types, attacker models, and collusion opportunities in this environment. We
show that this construction can prevent, or at least mitigate, all considered attacks. We conclude that our
construction appears to be effective in
preserving user privacy and we hope that this construction and its
security analysis will encourage greater use of IBE in real-world environments.