Abstract
Mass surveillance and a lack of end-user encryption, coupled with a growing demand for key escrow under legal oversight and certificate authority security concerns, raise the question of the appropriateness of continued general dependency on PKI. Under this context, we examine Identity-Based Encryption (IBE) as an alternative to public-key encryption. Cascade encryption, or sequential multiple encryption, is the concept of layering encryption such that the ciphertext from one encryption step is the plaintext of the next. We describe CARIBE, a cascaded IBE scheme, for which we also provide a cascaded CCA security experiment, IND-ID-C.CCA, and prove its security in the computational model. CARIBE combines the ease-of-use of IBE with key escrow, limited to the case when the entire set of participating PKGs collaborate. Furthermore, we describe a particular CARIBE scheme, CARIBE-S, where the receiver is a self-PKG – one of the several PKGs included in the cascade. CARIBE-S inherits IND-ID-C.CCA from CARIBE, and avoids key escrow entirely. In essence, CARIBE-S offers the maximum flexibility of the IBE paradigm and gives the users complete control without the key escrow problem.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003). doi:10.1007/978-3-540-40061-5_29
Aranha, D.F., Gouvêa, C.P.L.: RELIC is an Efficient LIbrary for Cryptography. http://code.google.com/p/relic-toolkit/
Bellare, M., Desai, A., Pointcheval, D., Rogaway, P.: Relations among notions of security for public-key encryption schemes. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 26–45. Springer, Heidelberg (1998). doi:10.1007/BFb0055718
Bellare, M., Rogaway, P.: The security of triple encryption and a framework for code-based game-playing proofs. In: Vaudenay, S. (ed.) EUROCRYPT 2006. LNCS, vol. 4004, pp. 409–426. Springer, Heidelberg (2006). doi:10.1007/11761679_25
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. SIAM J. Comput. 32(3), 586–615 (2003)
Boyen, X.: A tapestry of identity-based encryption: practical frameworks compared. Int. J. Appl. Cryptogr. 1(1), 3–21 (2008)
Boyen, X., Waters, B.: Anonymous hierarchical identity-based encryption (without random oracles). In: Dwork, C. (ed.) CRYPTO 2006. LNCS, vol. 4117, pp. 290–307. Springer, Heidelberg (2006). doi:10.1007/11818175_17
Chatterjee, S., Sarkar, P.: Identity-Based Encryption. Springer Science & Business Media, Berlin (2011)
Chow, S.S.M.: Removing escrow from identity-based encryption. In: Jarecki, S., Tsudik, G. (eds.) PKC 2009. LNCS, vol. 5443, pp. 256–276. Springer, Heidelberg (2009). doi:10.1007/978-3-642-00468-1_15
Chow, S.S.M., Boyd, C., Nieto, J.M.G.: Security-mediated certificateless cryptography. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 508–524. Springer, Heidelberg (2006). doi:10.1007/11745853_33
Cocks, C.: An identity based encryption scheme based on quadratic residues. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, pp. 360–363. Springer, Heidelberg (2001). doi:10.1007/3-540-45325-3_32
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. SIAM J. Comput. 32(3), 586–615 (2003). Society for Industrial and Applied Mathematics
Dodis, Y., Katz, J.: Chosen-ciphertext security of multiple encryption. In: Kilian, J. (ed.) TCC 2005. LNCS, vol. 3378, pp. 188–209. Springer, Heidelberg (2005). doi:10.1007/978-3-540-30576-7_11
Even, S., Goldreich, O.: On the power of cascade ciphers. Technical report no. 275, Computer Science Department, Technion, Haifa, Israel, May 1983
Even, S., Goldreich, O.: On the power of cascade ciphers. In: Chaum, D. (ed.) Advances in Cryptology: Proceedings of CRYPTO 1983, pp. 43–50. Springer US, New York (1984)
Gaži, P., Maurer, U.: Cascade encryption revisited. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 37–51. Springer, Heidelberg (2009). doi:10.1007/978-3-642-10366-7_3
Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002). doi:10.1007/3-540-36178-2_34
Greenwald, G.: XKeyscore: NSA tool collects nearly everything a user does on the internet, 31 July 2013. http://www.theguardian.com/world/2013/jul/31/nsa-top-secret-program-online-data. Accessed 2 June 2015
Greenwald, G., MacAskill, E.: NSA Prism program taps in to user data of Apple, Google and others, 7 June 2013. http://www.theguardian.com/world/2013/jun/06/us-tech-giants-nsa-data. Accessed 2 June 2015
Horwitz, J., Lynn, B.: Toward hierarchical identity-based encryption. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, pp. 466–481. Springer, Heidelberg (2002). doi:10.1007/3-540-46035-7_31
Hurd, W., Lieu, T.W.: Congressman Lieu Letter to FBI Director Comey on Encryption “Backdoor” Proposal, 1 June 2015. https://lieu.house.gov/media-center/. Accessed 2 June 2015
IACR: IACR Statement on Mass Surveillance: Copenhagen Resolution, 14 May 2014. http://www.iacr.org/misc/statement-May2014.html. Accessed 2 June 2015
Joux, A.: Introduction to Identity-Based Cryptography. Identity- Based Cryptography (2009)
Joye, M., Neven, G.: Identity-Based Cryptography, vol. 2. IOS Press, Amsterdam (2009)
Kate, A., Goldberg, I.: Distributed private-key generators for identity-based cryptography. In: Garay, J.A., Prisco, R. (eds.) SCN 2010. LNCS, vol. 6280, pp. 436–453. Springer, Heidelberg (2010). doi:10.1007/978-3-642-15317-4_27
Katz, J., Lindell, Y.: Introduction to Modern Cryptography. CRC Press, Boca Raton (2014)
Leavitt, N.: Internet security under attack: the undermining of digital certificates. Computer 44(12), 17–20 (2011)
Lynn, B.: PBC library manual 0.5.11 (2006)
Mao, W.: Modern Cryptography: Theory and Practice. Prentice Hall PTR, Upper Saddle River (2004)
Maurer, M., Massey, J.: Cascade ciphers: the importance of being first. J. Cryptol. 6(1), 55–61 (1993). Springer
Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system. Consulted 1(2012), 28 (2008)
National Institute of Standards and Technology. http://www.nist.gov/. Accessed 2 June 2015
Paterson, K.G., Srinivasan, S.: Security and anonymity of identity-based encryption with multiple trusted authorities. In: Galbraith, S.D., Paterson, K.G. (eds.) Pairing 2008. LNCS, vol. 5209, pp. 354–375. Springer, Heidelberg (2008). doi:10.1007/978-3-540-85538-5_23
Popov, V., Kurepkin, I., Leontiev, S.: RFC 4357: Additional Cryptographic Algorithms for Use with GOST 28147–89, GOST R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 Algorithms, January 2006
Sakai, R., Ohgishi, K., Kasahara, M.: Cryptosystems based on pairing. In: The 2000 Symposium on Cryptography and Information Security, Okinawa, Japan, pp. 135–148 (2000)
Scott, M.; MIRACL - Multiprecision Integer and Rational Arithmetic C/C++ Library (2007)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakley, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985). doi:10.1007/3-540-39568-7_5
Stein, W., Joyner, D.; Sage: system for algebra and geometry experimentation. Commun. Comput. Algebra (SIGSAM Bull.) (2005). http://sage.sourceforge.net
Tessaro, S.: Security amplification for the cascade of arbitrarily weak PRPs: tight bounds via the interactive hardcore lemma. In: Ishai, Y. (ed.) TCC 2011. LNCS, vol. 6597, pp. 37–54. Springer, Heidelberg (2011). doi:10.1007/978-3-642-19571-6_3
The PARI Group: Bordeaux. PARI/GP version 2.7.0 (2014). http://pari.math.u-bordeaux.fr/
Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt: a usability evaluation of PGP 5.0. In: Usenix Security, vol. 1999 (1999)
Yao, D., Fazio, N., Dodis, Y., Lysyanskaya, A.: ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption. In: Proceedings of the 11th ACM conference on Computer and communications security, pp. 354–363. ACM (2004)
Yuen, T.H., Susilo, W., Mu, Y.: How to construct identity-based signatures without the key escrow problem. Int. J. Inf. Secur. 9(4), 297–311 (2010)
Acknowledgements
We would like to thank the anonymous reviewers of Mycrypt 2016 for their valuable comments and suggestions.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
A Scheme Comparison
A Scheme Comparison
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Hale, B., Carr, C., Gligoroski, D. (2017). CARIBE: Cascaded IBE for Maximum Flexibility and User-Side Control. In: Phan, RW., Yung, M. (eds) Paradigms in Cryptology – Mycrypt 2016. Malicious and Exploratory Cryptology. Mycrypt 2016. Lecture Notes in Computer Science(), vol 10311. Springer, Cham. https://doi.org/10.1007/978-3-319-61273-7_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-61273-7_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-61272-0
Online ISBN: 978-3-319-61273-7
eBook Packages: Computer ScienceComputer Science (R0)