Presentation is loading. Please wait.

Presentation is loading. Please wait.

Identity Based Encryption

Published byArlene Palmer Modified over 5 years ago

Similar presentations

Presentation on theme: "Identity Based Encryption"— Presentation transcript:

1 Identity Based Encryption
Cosc 6111/6121 Presentation York University Dusty Phillips November 8, 2005

2 Overview Review Public Key Encryption
Introduce Identity Based Encryption Identity Based Encryption Basics Examples Algorithm Details

3 Public Key Encryption Setup Algorithm creates two randomized keys
One key made public, one made secret Encrypt with public, Decrypt with secret Problems: Public Key Distribution Key is long random string

4 Introduction to IBE Proposed by Adi Shamir in 1984
Viable Design in 2001 by Boneh and Franklin Public Key is arbitrary string (ie: ) Third party server distributes private keys Advantages: Memorable public key Encryption before key generation

5 IBE Basics Four Algorithms Setup Extract
Generates master key for PKG Generates public parameters Extract Extracts private key for arbitrary public key Run on PKG Encrypt with arbitrary public key and parameters Decrypt with PKG-generated private key

6 Encryption Example PKG calls setup to create
master secret key s – kept secret parameters params – made public Alice sending encrypted message to Bob Alice gets params from PKG (if necessary) Encrypt message M using params and Bob's ID

7 Decryption Example Bob receives cyphertext C
Bob retrieves params from PKG (if necessary) Bob authenticates to PKG (if necessary) PKG runs extract on ID Returns private key d Bob applies d and params to C and gets M

8 Setup Algorithm Secret key s is a random integer (< q)
Public params are: q: a random prime G1, G2: Two groups, order q e: Bilinear map G1 × G1 → G2 P: Random generator of G1 Ppub created by s⋅P H1, H2: Crypto hashes: string → G1, G2 → string

9 The Bilinear Map e: G1 × G1 → G2
Definition of Bilinear: e(aP,bQ) = e(P,Q)ab a,b are integers P,Q ∈ G1 e(P,Q), e(aP,bQ) ∈ G2 Other definitions map that satisfies the distributive law map is a linear combination in both directions

10 Extraction Given a string public key ID Hash ID to Q ∈ G1 using H1
PKG has master key s return private key d = s⋅Q

11 Encryption Given string public key ID, message M
Hash ID to Q ∈ G1 using H1 Map (Q, Ppub) to g ∈ G2 using e Choose random integer r < q Hash gr to a string X using H2 return ciphertext C = (r⋅P, M ⊕ X) = (U, V)

12 Decryption Given a private key d and ciphertext, C=(U,V)
Map (d,U) to x ∈ G2 using e Hash x to a string X using H2 Return M = X ⊕ V

13 Why It Works Cryptography seems like magic!
In encryption, M is xor'd with hash of gr In decryption, V is xor'd with hash of e(d, U) If gr = e(d, U) then xoring the xor gives original

14 e(d, U) = gr In extraction, d is set to s⋅Q
In encryption U is set to r⋅P So e(d, U) = e(s⋅Q, r⋅P) By bilinearity of e: e(d,U) = e(Q,P)sr In encryption, g is set to e(Q, Ppub) In setup, Ppub is set to s⋅P So gr = e(Q, s⋅P)r By bilinearity of e: gr = e(Q,P)sr

15 References D. Boneh, M. Franklin, B. Lynn, M. Pauker, R. Kacker, G. Tsudik. "IBE Secure " D. Boneh, M. Franklin. "Identity-Based Encryption from the Weil Pairing" SIAM Journal of Computing. Vol 32, No 3. pp "Group Theory." "Elliptic Curves" R. Dean. "Elements of Abstract Algebra" `1966. John Wiley & Sons, Inc.

Download ppt "Identity Based Encryption"

Similar presentations

Boneh-Franklin Identity-based Encryption. 2 Symmetric bilinear groups G = ágñ, g p = 1 e: G G G t Bilinear i.e. e(u a, v b ) = e(u, v) ab Non-degenerate:

Boneh-Franklin Identity-based Encryption. 2 Symmetric bilinear groups G = ágñ, g p = 1 e: G G G t Bilinear i.e. e(u a, v b ) = e(u, v) ab Non-degenerate:
An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.

An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.
Encryption Public-Key, Identity-Based, Attribute-Based.

Encryption Public-Key, Identity-Based, Attribute-Based.
CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.

CS 483 – SD SECTION BY DR. DANIYAL ALGHAZZAWI (4) Information Security.
YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.

YSLInformation Security -- Public-Key Cryptography1 Elliptic Curve Cryptography (ECC) For the same length of keys, faster than RSA For the same degree.
95-712 OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.

OOP/Java1 Public Key Crytography From: Introduction to Algorithms Cormen, Leiserson and Rivest.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Identity Based Encryption

Identity Based Encryption
1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date : 2008-06-03.

1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date :
Overview of Cryptography Oct. 29, 2002 Su San Im CS Dept. EWU.

Overview of Cryptography Oct. 29, 2002 Su San Im CS Dept. EWU.
Identity-based authenticated key agreement protocol based on Weil pairing N.P.Smart ELECTRONICS LETTERS 20 th June 2002 vol.38 No13 p.630-632 Present by.

Identity-based authenticated key agreement protocol based on Weil pairing N.P.Smart ELECTRONICS LETTERS 20 th June 2002 vol.38 No13 p Present by.
Public Key Cryptography

Public Key Cryptography
Public Encryption: RSA

Public Encryption: RSA
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.

8: Network Security8-1 Symmetric key cryptography symmetric key crypto: Bob and Alice share know same (symmetric) key: K r e.g., key is knowing substitution.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
An Efficient Identity-based Cryptosystem for

An Efficient Identity-based Cryptosystem for
RSA Implementation. What is Encryption ? Encryption is the transformation of data into a form that is as close to impossible as possible to read without.

RSA Implementation. What is Encryption ? Encryption is the transformation of data into a form that is as close to impossible as possible to read without.
Cryptography: RSA & DES Marcia Noel Ken Roe Jaime Buccheri.

Cryptography: RSA & DES Marcia Noel Ken Roe Jaime Buccheri.
Cyrtographic Security Identity-based Encryption 1Dennis Kafura – CS5204 – Operating Systems.

Cyrtographic Security Identity-based Encryption 1Dennis Kafura – CS5204 – Operating Systems.

Similar presentations

Ads by Google