International Association for Cryptologic Research

International Association
for Cryptologic Research


Paper: Relations Among Notions of Security for Identity Based Encryption Schemes

Nuttapong Attrapadung
Yang Cui
Goichiro Hanaoka
Hideki Imai
Kanta Matsuura
Peng Yang
Rui Zhang
Search ePrint
Search Google
Abstract: Identity based encryption (IBE) schemes have been flourishing since the very beginning of this century. In IBE it is widely believed that proving the security of a scheme in the sense of IND-ID-CCA2 is sufficient to claim the scheme is also secure in the senses of both SS-ID-CCA2 and NM-ID-CCA2. The justification for this belief is the relations among indistinguishability (IND), semantic security (SS) and non-malleability (NM). But these relations are proved only for conventional public key encryption (PKE) schemes in historical works. The fact is that between IBE and PKE, there exists a difference of special importance, i.e. only in IBE the adversaries can perform a particular attack, namely the chosen identity attack. This paper shows that security proved in the sense of IND-ID-CCA2 is validly sufficient for implying security in any other sense in IBE. This is to say the security notion, IND-ID-CCA2, captures the essence of security for all IBE schemes. To achieve this intention, we first describe formal definitions of the notions of security for IBE, and then present the relations among IND, SS and NM in IBE, along with rigorous proofs. All of these results are proposed with the consideration of the chosen identity attack.
  title={Relations Among Notions of Security for Identity Based Encryption Schemes},
  booktitle={IACR Eprint archive},
  keywords={foundations / security notions},
  note={ 13004 received 8 Aug 2005},
  author={Nuttapong Attrapadung and Yang Cui and Goichiro Hanaoka and Hideki Imai and Kanta Matsuura and Peng Yang and Rui Zhang},