Accountable Authority Identity-Based Encryption with Public Traceability
Conference Proceeding Article
At Crypto’07, Goyal introduced the notion of accountable authority identity-based encryption (A-IBE) in order to mitigate the inherent key escrow problem in identity-based encryption, and proposed two concrete constructions. In an A-IBE system, if the private key generator (PKG) distributes a decryption key or produces an unauthorized decryption box for a user maliciously, it runs the risk of being caught and sued in the court of law with the help of a tracing algorithm. Subsequent efforts focused on constructions of A-IBE schemes with enhanced security. In these A-IBE constructions, the tracing algorithm needs to take a user’s decryption key as input. If the user lost his key or is deliberately uncooperative in court, then we cannot implicate the PKG or the user. An interesting open problem left by Goyal et al. at CCS’08 is to consider the possibility of tracing a decryption box using only a public tracing key, or with the assistance of a tracing authority. In this paper, we address this problem positively. We first extend the original model of A-IBE to accommodate public traceability, and then propose an A-IBE scheme in the new model. To the best of our knowledge, the proposed scheme is the first A-IBE with public traceability.
Information Security and Trust
Topics in Cryptology - CT-RSA 2013: The Cryptographers’ Track at the RSA Conference 2013, San Francisco,CA, February 25-March 1: Proceedings
City or Country
San Francisco, CA
LAI, Junzuo; DENG, Robert H.; ZHAO, Yunlei; and Weng, Jian.
Accountable Authority Identity-Based Encryption with Public Traceability. (2013). Topics in Cryptology - CT-RSA 2013: The Cryptographers’ Track at the RSA Conference 2013, San Francisco,CA, February 25-March 1: Proceedings. 7779, 324-342. Research Collection School Of Information Systems.
Available at: http://ink.library.smu.edu.sg/sis_research/1943