2014 | OriginalPaper | Chapter
Jhanwar-Barua’s Identity-Based Encryption Revisited
Authors : Ibrahim Elashry, Yi Mu, Willy Susilo
Published in: Network and System Security
Publisher: Springer International Publishing
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
In FOCS’07, Boneh, Gentry and Hamburg presented an identity-based encryption (IBE) system (BasicIBE) based on the quadratic residuosity (QR) assumption. A BasicIBE encryption of an
l
-bit message has a short ciphertext of log
2
N
+ 2
l
bits where N is a Blum integer. However, it is not time-efficient due to solving
l
+ 1 equations in the form
$Rx^{2}+Sy^{2}\equiv1\pmod N$
. Jhanwar and Barua presented a variant of BasicIBE in which the encryptor only solves
$2\sqrt{l}$
such equations. The decryptor decrypts the message without solving any such equations. In addition, the decryption key is decreased to only one element in ℤ
N
. However, the ciphertext size increases from a single element to
$2\sqrt{l}$
elements in ℤ
N
. In this paper, we revisit the Jhanwar-Barua (JB) system and review its security. We prove that this system is not IND-ID-CPA secure and present a solution to the security flaw of this system. We also point out a flaw in the security proof of the JB system and propose two different security proofs for the fixed system. We prove that it has the same security as the original BasicIBE system.