TY - CHAP
T1 - Chosen-ciphertext security from identity-based encryption
AU - Canetti, Ran
AU - Halevi, Shai
AU - Katz, Jonathan
PY - 2004
Y1 - 2004
N2 - We propose a simple and efficient construction of a CCAsecure public-key encryption scheme from any CPA-secure identity-based encryption (IBE) scheme. Our construction requires the underlying IBE scheme to satisfy only a relatively "weak" notion of security which is known to be achievable without random oracles; thus, our results provide a new approach for constructing CCA-secure encryption schemes in the standard model. Our approach is quite different from existing ones; in particular, it avoids non-interactive proofs of "well-formedness" which were shown to underlie most previous constructions. Furthermore, applying our conversion to some recently-proposed IBE schemes results in CCA-secure schemes whose efficiency makes them quite practical. Our technique extends to give a simple and reasonably efficient method for securing any binary tree encryption (BTE) scheme against adaptive chosen-ciphertext attacks. This, in turn, yields more efficient CCA-secure hierarchical identity-based and forward-secure encryption schemes in the standard model.
AB - We propose a simple and efficient construction of a CCAsecure public-key encryption scheme from any CPA-secure identity-based encryption (IBE) scheme. Our construction requires the underlying IBE scheme to satisfy only a relatively "weak" notion of security which is known to be achievable without random oracles; thus, our results provide a new approach for constructing CCA-secure encryption schemes in the standard model. Our approach is quite different from existing ones; in particular, it avoids non-interactive proofs of "well-formedness" which were shown to underlie most previous constructions. Furthermore, applying our conversion to some recently-proposed IBE schemes results in CCA-secure schemes whose efficiency makes them quite practical. Our technique extends to give a simple and reasonably efficient method for securing any binary tree encryption (BTE) scheme against adaptive chosen-ciphertext attacks. This, in turn, yields more efficient CCA-secure hierarchical identity-based and forward-secure encryption schemes in the standard model.
KW - Chosen-ciphertext security
KW - Forward-secure encryption
KW - Identitybased encryption
KW - Public-key encryption
UR - http://www.scopus.com/inward/record.url?scp=35048852705&partnerID=8YFLogxK
U2 - 10.1007/978-3-540-24676-3_13
DO - 10.1007/978-3-540-24676-3_13
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.chapter???
AN - SCOPUS:35048852705
SN - 3540219358
SN - 9783540219354
T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
SP - 207
EP - 222
BT - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
A2 - Cachin, Christian
A2 - Camenisch, Jan
PB - Springer Verlag
ER -