1 / 43

Boneh -Franklin Identity Based Encryption Scheme

Boneh -Franklin Identity Based Encryption Scheme . Parshuram Budhathoki Department of Mathematics Florida Atlantic University. 28 March, 2013. Motivation:. Alice wants to send a message to Bob. . Securely. Alice. Bob. Motivation:. Alice. Bob. Motivation:. Private Key Cryptography.

ayame
Download Presentation

Boneh -Franklin Identity Based Encryption Scheme

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Boneh-Franklin Identity Based Encryption Scheme Parshuram BudhathokiDepartment of Mathematics Florida Atlantic University 28 March, 2013 Graduate Student Seminar, Department of Mathematics, FAU

  2. Motivation: Alice wants to send a message to Bob. Securely Alice Bob Graduate Student Seminar, Department of Mathematics, FAU

  3. Motivation: Alice Bob Graduate Student Seminar, Department of Mathematics, FAU

  4. Motivation: Private Key Cryptography AES DES Alice Bob Graduate Student Seminar, Department of Mathematics, FAU

  5. Motivation: Private Key Cryptography • Limitation: • The Key-Distribution Problem. • Key Storage and Secrecy. • Problem in Open Systems. Alice Bob Graduate Student Seminar, Department of Mathematics, FAU

  6. Motivation: In 1976, Whitfield Diffie and Martin Hellman Public Key Cryptography Alice Bob Graduate Student Seminar, Department of Mathematics, FAU

  7. Motivation: Public Key Cryptography Public Key Private Key RSA Alice Bob Graduate Student Seminar, Department of Mathematics, FAU

  8. Motivation: Public Key Cryptography RSA Public Key AAAAB3NzaC1yc2EAAAABJQAAAQB/nAmOjTmezNUDKYvEeIRf2YnwM9/uUG1d0BYsc8/tRtx+RGi7N2lUbp728MXGwdnL9od4cItzky/zVdLZE2cycOa18xBK9cOWmcKS0A8FYBxEQWJ/q9YVUgZbFKfYGaGQxsER+A0w/fX8ALuk78ktP31K69LcQgxIsl7rNzxsoOQKJ/CIxOGMMxczYTiEoLvQhapFQMs3FL96didKr/QbrfB1WT6s3838SEaXfgZvLef1YB2xmfhbT9OXFE3FXvh2UPBfN+ffE7iiayQf/2XR+8j4N4bW30DiPtOQLGUrH1y5X/rpNZNlWW2+jGIxqZtgWg7lTy3mXy5x836Sj/6L Alice Bob Graduate Student Seminar, Department of Mathematics, FAU

  9. Motivation: Public Key Cryptography • Before starting communication: • Alice has to get Bob’s Public key • She has to verify that this Public Key is correct one. • So, she needs chain of certificates. Alice Graduate Student Seminar, Department of Mathematics, FAU

  10. Motivation: In 1984 Adi Shamir suggested Identity Based Cryptography Public Key email id : bob@fau.edu phone : 561297-0bob Address : 777 Glades Road Alice Bob Graduate Student Seminar, Department of Mathematics, FAU

  11. Motivation: In 1984 Adi Shamir suggested Identity Based Cryptography Public Key email id : bob@fau.edu phone : 561297-0bob Address : 777 Glades Road In 2001 Dan Boneh and Matthew Franklin proposed an encryption scheme. Alice Bob Graduate Student Seminar, Department of Mathematics, FAU

  12. Outline • Identity Based Cryptography • Pairing • Hash functions • Bilinear Diffie - Hellman problem. • BF encryption scheme. Graduate Student Seminar, Department of Mathematics, FAU

  13. Identity Based Cryptography Setup Extract Encryption Scheme 4. Encrypt 5. Decrypt Graduate Student Seminar, Department of Mathematics, FAU

  14. Identity Based Cryptography Encryption Scheme: Public Parameter Security Parameter Setup params Master Key Trust Authority Identity, Master Key, params 2. Extract Private Key Messageand params 3. Encrypt Ciphertext Private Key, Ciphertext, and params Message 4. Decrypt Graduate Student Seminar, Department of Mathematics, FAU

  15. Secure ID-based encryption scheme: GAME Challenger uses Setup algorithm to generates params and Master key Adversary Challenger Graduate Student Seminar, Department of Mathematics, FAU

  16. Secure ID-based encryption scheme: GAME params Master Key Adversary Challenger Graduate Student Seminar, Department of Mathematics, FAU

  17. Secure Id-based encryption scheme: GAME params Master Key • The Adversary issues m queries • - extraction query for < Idi > • - decryption query <Idi , Ci > Adversary Challenger Graduate Student Seminar, Department of Mathematics, FAU

  18. Secure Id-based encryption scheme: GAME params Master Key • The Adversary picks M0 , M1 and a public key ID • The Challenger picks a random b ∈ { 0, 1 } and sends • C = Encrypt( params , ID, Mb ) Adversary Challenger Graduate Student Seminar, Department of Mathematics, FAU

  19. Secure Id-based encryption scheme: GAME params Master Key • The Adversary issues m additional queries - extraction query < Idi > • - decryption query < Idi , Ci > Adversary Challenger Graduate Student Seminar, Department of Mathematics, FAU

  20. Secure Id-based encryption scheme: GAME params Master Key • The Adversary outputs b’ • The Adversary wins if b = b’ |P ( the adversary wins ) – 1/2| should be negligible. Adversary Challenger • Semantic security against an adaptive chosen ciphertext and Id attackIND-ID-CCA Graduate Student Seminar, Department of Mathematics, FAU

  21. Pairing e(P,Q) Range Domain Domain Domain P e V G G G1 Domain Asymmetric Q Symmetric G2 Graduate Student Seminar, Department of Mathematics, FAU

  22. Pairing Let (G,+) and (V, ∙ ) denote cyclic groups of prime order q , P ∈ G, a generator of G and a pairing e: G x G V isa map which satisfies the followingproperties: Bilinearity : ∀ P, Q , R ∈ G we have e(P+R, Q)= e(P,Q) e(R,Q) and e(P, R+Q)= e(P,R) e(P,Q) 2) Non-degeneracy : There exists P, Q ∈ G such that e(P,Q) ≠1. e is efficiently computable. Graduate Student Seminar, Department of Mathematics, FAU

  23. Pairing Important property of bilinearity: ∀ P, R ∈ G and any integer n we have e(nP, R) = e(P + P + … + P, R ) = e(P, R) e(P, R) … e(P, R) = e(P, R)n = e( P, nR) Graduate Student Seminar, Department of Mathematics, FAU

  24. Hash Functions: Range H(x) H Fixed size Domain No Inverse x Any size Graduate Student Seminar, Department of Mathematics, FAU

  25. Hash Function: • One way transformation • Input := Any size, Output:= Fixed size • H(x1) ≠ H(x2) for x1 ≠ x2 ,Collision free Graduate Student Seminar, Department of Mathematics, FAU

  26. Bilinear Diffie-Hellman Problem: Let G1 and G2 be two groups of prime order q. Let e: G1 × G1 G2 be a pairing and let P be a generator of G1. The BDH problem in <G1 , G2 , e > is a computation of e(P, P ) abc , by using <P, aP, bP, cP > for some a, b, c ∈ Z*q Graduate Student Seminar, Department of Mathematics, FAU

  27. Identity Based Encryption Scheme : Alice Graduate Student Seminar, Department of Mathematics, FAU

  28. Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, H1 , H2 , … > Public Alice Graduate Student Seminar, Department of Mathematics, FAU

  29. Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, H1 , H2 , … > Bob Alice Graduate Student Seminar, Department of Mathematics, FAU

  30. Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, H1 , H2 , … > bob@fau.edu Trust Authority Bob Graduate Student Seminar, Department of Mathematics, FAU

  31. Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, H1 , H2 , … > Trust Authority Bob Graduate Student Seminar, Department of Mathematics, FAU

  32. Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, H1 , H2 , … > Bob Graduate Student Seminar, Department of Mathematics, FAU

  33. Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, H1 , H2 , … > Any One Bob Graduate Student Seminar, Department of Mathematics, FAU

  34. Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, n, H1 , H2 > Bob Graduate Student Seminar, Department of Mathematics, FAU

  35. BF Identity based encryption scheme : params : <G1 , G2 ,P, Ppub ,q, e, n, H1 , H2 > Master Key:= s ∈ Z*q k ∈ Z+ Setup Ppub = sP Trust Authority Assume H1 : {0,1}* G1* and H2 : G2 {0,1}n Message space = {0,1}n Ciphertext space = G1* × {0, 1}n Graduate Student Seminar, Department of Mathematics, FAU

  36. BF Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub ,q, e, n, H1 , H2 > Encrypt To encrypt message M Compute QID = H1 ( ID) choose random r ∈ Z*q Ciphertext C := < rP , M ⨁ H2 (grID ) > Where gID = e( QID , Ppub ) ∈ G2* Alice Graduate Student Seminar, Department of Mathematics, FAU

  37. BF Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, q, n, H1 , H2 > C := < rP , M ⨁ H2 (grID ) > Bob Alice Graduate Student Seminar, Department of Mathematics, FAU

  38. BF Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, n,q, H1 , H2 > bob@fau.edu C Trust Authority Bob Graduate Student Seminar, Department of Mathematics, FAU

  39. BF Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, q, n, H1 , H2 > Extract After getting ID ∈{0,1}* Compute QID = H1 ( ID ) ∈G1* Private Key = dID = s QID bob@fau.edu Trust Authority Graduate Student Seminar, Department of Mathematics, FAU

  40. BF Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, q, n, H1 , H2 > dbob@fau.edu Extract Trust Authority Bob Graduate Student Seminar, Department of Mathematics, FAU

  41. BF Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, q, n, H1 , H2 > Decrypt Let C = <U, V>, then by using private key dID :V ⨁ H2 ( e(dID , U) = M dbob@fau.edu C := < rP , M ⨁ H2 (grID ) > Bob Graduate Student Seminar, Department of Mathematics, FAU

  42. BF Identity Based Encryption Scheme : params : <G1 , G2 ,P, Ppub , e, q, n, H1 , H2 > Correctness of Decryption H2 ( e(dID , U) = H2 ( e ( s H1 ( ID ) , rP)) = H2 ( e(H1 (ID) , P)sr ) = H2 ( e( H1 (ID) , sP)r ) = H2 ( (gID )r ) dbob@Fau.edu C := < rP , M ⨁ H2 (grID ) > V ⨁ H2 ( e(dID , U) = M ⨁ H2 ( (gID )r ) ⨁ H2 ( (gID )r ) = M Bob Graduate Student Seminar, Department of Mathematics, FAU

  43. Thank You Graduate Student Seminar, Department of Mathematics, FAU

More Related