Download presentation

Presentation is loading. Please wait.

Published byZachery Wilkinson Modified about 1 year ago

1
Encryption Public-Key, Identity-Based, Attribute-Based

2
I. Public key encryption and security concepts Eve 2 Use encryption to prevent eavesdropping and achieve confidentiality.

3
Public key encryption 3 Bob generates pair of public key pk B and secret key sk B makes pk B public decrypts with sk B Alice encrypts message m with pk B sends encrypted message/ciphertext c

4
Public-key encryption schemes 4

5
Negligible functions 5

6
Security concepts 6 Security concepts must specify goals of adversary resources of adversary additional information available to adversary. adversaries should learn almost nothing about plaintext given a ciphertext adversaries will be probabilistic polynomial time algorithms. adversaries known complete specifications of encryption schemes (Kerckhoff’s principle) additional information formalized with chosen plaintext and chosen ciphertext attacks

7
The CPA game 7

8
8

9
CPA security 9

10
The CCA game 10

11
CCA security 11 Observation CPA security does not imply CCA security.

12
PKC and reality 12 Certification Authority (CA)

13
Certificates and certification authorities 13 require significant organizational and technical overhead require complex data management their complexity can become a threat to security

14
Public key vs. identity-based encryption 14 PKE requires special pairs of keys, not all bit strings can be public keys in IBE every bit string or identity can be public key identities can already be certified, e.g. passport numbers may simplify necessary infrastructure IBE introduced in 1984 by A. Shamir first fully functional realization in 2001 by Boneh, Franklin can be generalized to attribute-based encryption

15
Identity-based enryption 15 Private Key Generator

16
Identity-based enryption 16

17
Identity-based enryption 17 Private Key Generator

18
Security concepts 18 Security concepts must specify goals of adversary resources of adversary additional information available to adversary. adversaries should learn almost nothing about plaintext given a ciphertext adversaries will be probabilistic polynomial time algorithms. adversaries known complete specifications of encryption schemes (Kerckhoff’s principle) additional information formalized with chosen plaintext and chosen ciphertext attacks

19
IBE security – additional requirements 19 adversaries should learn almost nothing about plaintext given a ciphertext adversaries will be probabilistic polynomial time algorithms. adversaries known complete specifications of encryption schemes (Kerckhoff’s principle) additional information formalized with chosen plaintext and chosen ciphertext attacks adversary may know private keys to many identities Challenge Exponentially (in n) many private keys depend on master secret msk of polynomial (in n) length.

20
The CPA game 20

21
The CCA game 21

22
IBE security 22

23
Power of PKG 23 Private Key Generator PKG is very powerful attractive target for attacks Possible solutions secure protocols distributed realization

24
PKG via secure protocols 24 Private Key Generator

25
Distributed PKG 25

26
Boneh-Franklin IBE and pairings 26 uses one basic primitive – bilinear pairings concrete realization with groups on elliptic curves examples are Weil, Tate, Eta, Ate pairing but can be described with generic pairings share this feature with most techniques in IBC

27
Boneh-Franklin IBE and pairings 27

28
Simplified Boneh-Franklin IBE 28

29
Boneh-Franklin IBE - correctness 29

30
Boneh-Franklin IBE 30

31
Boneh-Franklin IBE - correctness 31

Similar presentations

© 2017 SlidePlayer.com Inc.

All rights reserved.

Ads by Google