Efficient Identity-Based Encryption with Minimal Server Trust
Boneh and Franklin proposed one of the first constructions of the very elegant concept of identity-based encryption (IBE) two decades ago. Despite many research advances and its several potential applications, IBE has not achieved enough in real-life use. One likely reason is that it puts too much t...
Saved in:
| Published in | Proceedings - Symposium on Reliable Distributed Systems pp. 104 - 114 |
|---|---|
| Main Authors | , , , |
| Format | Conference Proceeding |
| Language | English |
| Published |
IEEE
30.09.2024
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 2575-8462 |
| DOI | 10.1109/SRDS64841.2024.00020 |
Cover
| Abstract | Boneh and Franklin proposed one of the first constructions of the very elegant concept of identity-based encryption (IBE) two decades ago. Despite many research advances and its several potential applications, IBE has not achieved enough in real-life use. One likely reason is that it puts too much trust in the key derivation server, also known as the IBE key escrow problem or the problem of reducing server trust in IBE schemes. Specifically, its PKG (private key generator) can implicitly decrypt all ciphertexts. In this paper, we propose a new approach to address the IBE key escrow/server trust problem: enhance IBE schemes by distributing key derivation across all receivers, and thus moving most or even all of the key derivation capability from the server to the decrypting receivers. Specifically, we target solutions with minimal server needs: either no central server or a repository server that only maintains a master public key of size independent of the number of users, but does not maintain any secret data or secret keys. Indeed, we show protocols based on well-known conventional IBE schemes, which work in a public parameter model (i.e., including neither a common reference string with private data kept by the server, nor a common random string model generated by a third party). Our main performance objective is to have no or minimal modification to the encryption algorithm, so as to make the resulting schemes usable for Internet of Things (IoT) applications and minimize any extra resource cost at encrypting sensors in this domain. No previous work achieved this performance goal in conjunction with minimal server needs before, and our solutions are optimal on our performance goal, while achieving essentially minimal server needs. The closest results from previous work consist of either replicating the key derivation server into many of which only a threshold is trusted, or of the recent notion of registration-based encryption, whose main performance goal is to reduce the number of receiver accesses to the server during key derivation. |
|---|---|
| AbstractList | Boneh and Franklin proposed one of the first constructions of the very elegant concept of identity-based encryption (IBE) two decades ago. Despite many research advances and its several potential applications, IBE has not achieved enough in real-life use. One likely reason is that it puts too much trust in the key derivation server, also known as the IBE key escrow problem or the problem of reducing server trust in IBE schemes. Specifically, its PKG (private key generator) can implicitly decrypt all ciphertexts. In this paper, we propose a new approach to address the IBE key escrow/server trust problem: enhance IBE schemes by distributing key derivation across all receivers, and thus moving most or even all of the key derivation capability from the server to the decrypting receivers. Specifically, we target solutions with minimal server needs: either no central server or a repository server that only maintains a master public key of size independent of the number of users, but does not maintain any secret data or secret keys. Indeed, we show protocols based on well-known conventional IBE schemes, which work in a public parameter model (i.e., including neither a common reference string with private data kept by the server, nor a common random string model generated by a third party). Our main performance objective is to have no or minimal modification to the encryption algorithm, so as to make the resulting schemes usable for Internet of Things (IoT) applications and minimize any extra resource cost at encrypting sensors in this domain. No previous work achieved this performance goal in conjunction with minimal server needs before, and our solutions are optimal on our performance goal, while achieving essentially minimal server needs. The closest results from previous work consist of either replicating the key derivation server into many of which only a threshold is trusted, or of the recent notion of registration-based encryption, whose main performance goal is to reduce the number of receiver accesses to the server during key derivation. |
| Author | Liang, Yuan Di Crescenzo, Giovanni Patni, Zahir Wang, Haining |
| Author_xml | – sequence: 1 givenname: Yuan surname: Liang fullname: Liang, Yuan email: yl6194@vt.edu organization: Virginia Tech,Blacksburg,VA,USA,24061 – sequence: 2 givenname: Giovanni surname: Di Crescenzo fullname: Di Crescenzo, Giovanni email: gdicrescenzo@peratonlabs.com organization: Peraton Labs,Basking Ridge,NJ,USA,07920 – sequence: 3 givenname: Haining surname: Wang fullname: Wang, Haining email: hnw@vt.edu organization: Virginia Tech,Blacksburg,VA,USA,24061 – sequence: 4 givenname: Zahir surname: Patni fullname: Patni, Zahir email: zahir.patni@peratonlabs.com organization: Peraton Labs,Basking Ridge,NJ,USA,07920 |
| BookMark | eNotjstOwzAUBQ0Cibb0D7rwDyRcv50FCygBKhUhkbKuHOdaGBW3cgIof08RbM5sRqMzJWdpn5CQBYOSMaiumpe7RksrWcmByxIAOJyQeWUqKwRTAkCYUzLhyqjCSs0vyLTv338tYc2EXNchRB8xDXTVHTcOY3HreuxonXweD0PcJ_odhzf6FFP8cDvaYP7CTDf5sx8uyXlwux7n_5yR1_t6s3ws1s8Pq-XNuojM6KHgAYxqW8QAnWWeoULfSueVs2iN9xql9p3rHIDkjHulhDJgBDesCsYLMSOLv25ExO0hH4_kccvAglZGix_l-ktt |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IH CBEJK RIE RIO |
| DOI | 10.1109/SRDS64841.2024.00020 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan (POP) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Xplore: IEL IEEE Proceedings Order Plans (POP) 1998-present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Xplore: IEL url: https://proxy.k.utb.cz/login?url=https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9798331530037 |
| EISSN | 2575-8462 |
| EndPage | 114 |
| ExternalDocumentID | 10806576 |
| Genre | orig-research |
| GroupedDBID | 6IE 6IF 6IH 6IK 6IL 6IM 6IN AAJGR AAWTH ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IPLJI M43 OCL RIE RIL RIO RNS |
| ID | FETCH-LOGICAL-i176t-2f075bbeef0d81c1e5ecb4ac5a8e87cc6e46cdada004212c553570732719f7c33 |
| IEDL.DBID | RIE |
| IngestDate | Wed Aug 27 02:30:39 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i176t-2f075bbeef0d81c1e5ecb4ac5a8e87cc6e46cdada004212c553570732719f7c33 |
| PageCount | 11 |
| ParticipantIDs | ieee_primary_10806576 |
| PublicationCentury | 2000 |
| PublicationDate | 2024-Sept.-30 |
| PublicationDateYYYYMMDD | 2024-09-30 |
| PublicationDate_xml | – month: 09 year: 2024 text: 2024-Sept.-30 day: 30 |
| PublicationDecade | 2020 |
| PublicationTitle | Proceedings - Symposium on Reliable Distributed Systems |
| PublicationTitleAbbrev | SRDS |
| PublicationYear | 2024 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0020387 |
| Score | 2.2718546 |
| Snippet | Boneh and Franklin proposed one of the first constructions of the very elegant concept of identity-based encryption (IBE) two decades ago. Despite many... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 104 |
| SubjectTerms | Data models Encryption Identity-based encryption Internet of Things Protocols Public key Receivers Reliability Sensors Servers |
| Title | Efficient Identity-Based Encryption with Minimal Server Trust |
| URI | https://ieeexplore.ieee.org/document/10806576 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjZ1LSwMxEICD7clTfVR8k4PXtLvZbDZ7VVuK0CK2hd5KHhNY1K2U7aH-end2t1UEwVvIIQkZJjNJ5psh5C5w1nkbGca1E0xoGTMdpZKB9tJEJk4CjzTyeCJHc_G0iBcNrF6xMABQBZ9BD5vVX75b2Q0-lfUxHk6WDnKLtBIla1hrf7vCf9iGjQuDtD99eZxKoQTeATlmyA6wpPePCiqVARl2yGQ3dR038trbFKZnP39lZfz32o5I95vVo897K3RMDiA_IZ1dsQba6O4pwTzFWUU_0gbO3bL70oQ5OsjteludHBRfZek4y7N3_UbxGClHmCGV0SXz4WD2MGJN7QSWhYksGPelL2AMgA-cCm0IMVgjtI21ApVYK0FI67TTqLUht3EclXJJIp6EqU9sFJ2Rdr7K4ZzQUCkXpF5x41IBsnQwpNCB0z7lnoMSF6SL27H8qNNjLHc7cflH_xU5RJHUQRfXpF2sN3BTWvbC3FYS_QI_OKQy |
| linkProvider | IEEE |
| linkToHtml | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwjZ1LTwIxEIAbxYOe8IHxbQ9eC7vdttu9qhBUIEYg4Ub6mCZEXQxZDvjr3e4uaExMvDU9tE0n05m2880gdBNYY52JNKHKMsKU4ERFiSCgnNCR5nHgPI3cH4jumD1O-KSC1QsWBgCK4DNo-mbxl2_nZumfylo-Hk7kDvI22uGMMV7iWpv7lf-Jrei4MEhaw5f7oWCS-Vsg9TmyA1_U-0cNlcKEdOposJ68jBx5bS4z3TSfv_Iy_nt1-6jxTevh540dOkBbkB6i-rpcA6609wj5TMWzgn_EFZ67Ire5EbO4nZrFqjg7sH-Xxf1ZOntXb9gfJPkII89lNNC40x7ddUlVPYHMwlhkhLrcG9AawAVWhiYEDkYzZbiSIGNjBDBhrLLK621IDedRLpk4onGYuNhE0TGqpfMUThAOpbRB4iTVNmEgchdDMBVY5RLqKEh2ihp-O6YfZYKM6Xonzv7ov0a73VG_N-09DJ7O0Z4XTxmCcYFq2WIJl7mdz_RVId0vCdKnfw |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=Proceedings+-+Symposium+on+Reliable+Distributed+Systems&rft.atitle=Efficient+Identity-Based+Encryption+with+Minimal+Server+Trust&rft.au=Liang%2C+Yuan&rft.au=Di+Crescenzo%2C+Giovanni&rft.au=Wang%2C+Haining&rft.au=Patni%2C+Zahir&rft.date=2024-09-30&rft.pub=IEEE&rft.eissn=2575-8462&rft.spage=104&rft.epage=114&rft_id=info:doi/10.1109%2FSRDS64841.2024.00020&rft.externalDocID=10806576 |