Identity-Based Encryption Protocols Using Bilinear Pairing

More documents

Recommendations

Info

Construction of (Hierarchical) Identity-Based Encryption Protocols Using Bilinear Pairing Thesis submitted to the Indian Statistical Institute in partial fulfillment of the requirements for the award of the degree of Doctor of Philosophy by Sanjit Chatterjee Applied Statistics Unit Indian Statistical Institute 203, B.T. Road, Kolkata 700108. INDIA e-mail: sanjit t@isical.ac.in under the supervision of Dr. Palash Sarkar Applied Statistics Unit Indian Statistical Institute 203, B.T. Road, Kolkata 700108. INDIA e-mail: palash@isical.ac.in
Page 1: Construction of (Hierarchical) Iden
Page 7: ACKNOWLEDGMENT This dissertation ma
Page 10 and 11: 4.2.1 The Tate Pairing . . . . . .
Page 13 and 14: Chapter 1 Introduction Science, it
Page 15 and 16: Shamir posed a challenge to the cry
Page 17 and 18: Detailed algorithms are presented i
Page 19 and 20: Chapter 2 Preliminaries In this cha
Page 21 and 22: advantage ɛ(κ) in solving the BDH
Page 23 and 24: Decisional Weak Bilinear Diffie-Hel
Page 25 and 26: 2.4.1 Hierarchical Identity-Based E
Page 27 and 28: Phase 2: A now issues additional qu
Page 29 and 30: Challenge: At this stage, A outputs
Page 31 and 32: it is assumed that, given a securit
Page 33 and 34: Note that, based on Pr[c = 0] = δ,
Page 35 and 36: 3.1.1 Hierarchical Identity-Based E
Page 37 and 38: 3.2 From Random Oracle to Standard
Page 39 and 40: Initialization: A commits to a targ
Page 41 and 42: Encrypt: To encrypt a message M ∈
Page 43 and 44: 3.4 HIBE with Shortened Ciphertext
Page 45 and 46: 1. Key-Gen(1 κ ) outputs (vk, sk).
Page 47 and 48: achieve CCA-security. Protocols suc
Page 49 and 50: efficient algorithm. In comparison,
Page 51 and 52: (−x, iy) ∈ IF p 2 ×IF p 2 with
Page 53 and 54:
The ultimate result is raised to th
Page 55 and 56:
P = (α, β) to obtain P ′ = −P
Page 57 and 58:
- Cost of Steps 1 and 2 in EncIdbl
Page 59 and 60:
Thus, for parallel version of pairi
Page 61 and 62:
Chapter 5 Identity-Based Encryption
Page 63 and 64:
Decrypt: Let C = (C 1 , C 2 , C 3 )
Page 65 and 66:
p − mk + x + ∑ l i=1 x iv i , J
Page 67 and 68:
Let abort be the event of the simul
Page 69 and 70:
Suppose, |p (l) | (resp. |G (l) 2 |
Page 71 and 72:
encryption of the message using the
Page 73 and 74:
If A is successful in forging the s
Page 75 and 76:
Chapter 6 Extending IBE to HIBE wit
Page 77 and 78:
Encrypt: Let v = (v 1 , . . . , v j
Page 79 and 80:
6.3.1 Security Reduction The securi
Page 81 and 82:
We require B j to be equal to cV j
Page 83 and 84:
Multiplying (6.3.7) by −1 and put
Page 85 and 86:
The probability is over the indepen
Page 87 and 88:
= = = [ h ∗ 1 ∧ Pr (1 + µ l )
Page 89 and 90:
Chapter 7 Generalization of the Sel
Page 91 and 92:
2. In the challenge stage, the adve
Page 93 and 94:
If h > 1, then we have proper HIBE.
Page 95 and 96:
sensitive identities like sysadmin.
Page 97 and 98:
Encrypt: Suppose a message M is to
Page 99 and 100:
plays the security game (h, n ′ )
Page 101 and 102:
Challenge Generation: The adversary
Page 103 and 104:
For u + 1 ≤ i ≤ h choose a rand
Page 105 and 106:
obtain an MR-IBE protocol which is
Page 107 and 108:
tuple (Q i,1 , . . . , Q i,ni ). Th
Page 109 and 110:
where n = ∑ h i=1 n i. Proof : We
Page 111 and 112:
Hence, This shows A = = ∑n i l=1
Page 113 and 114:
decreases. However, the security of
Page 115 and 116:
ɛ ≤ 2ɛ ′ /λ; t ′ = t + O(u
Page 117 and 118:
The security of FullccHIBE is based
Page 119 and 120:
a suitable large prime. It is an ea
Page 121 and 122:
Now, suppose in the challenge phase
Page 123 and 124:
Setup: Let 〈P 〉 = G 1 . Choose
Page 125 and 126:
Y i = α i P for some random α ∈
Page 127 and 128:
∑u ′ ( = γ cj P + vjY ∗ h−
Page 129 and 130:
Decrypt: To decrypt CT = (A, B, C)
Page 131 and 132:
Y h . So B can compute all these ˜
Page 133 and 134:
Setup: Let P be a generator of G 1
Page 135 and 136:
Phase 1: Suppose A asks for the pri
Page 137 and 138:
Chapter 10 Conclusion We conclude t
Page 139 and 140:
Table 10.1: Comparison of HIBE Prot
Page 141 and 142:
Bibliography [1] Michel Abdalla, Mi
Page 143 and 144:
[20] Dan Boneh and Matthew K. Frank
Page 145 and 146:
[43] Gerhard Frey, Michael Müller,
Page 147 and 148:
[68] Benoît Libert and Jean-Jacque
show all

Identity-Based Encryption Protocols Using Bilinear Pairing

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?