IACR News item: 25 May 2020
Sanjam Garg, Romain Gay, Mohammad Hajiabadi
ePrint Report
Identity-based encryption (IBE) is a generalization of public-key encryption (PKE) by
allowing encryptions to be made to user identities. In this work, we seek to obtain IBE schemes that
achieve key-dependent-message (KDM) security with respect to messages that depend on the master
secret key. Previous KDM-secure schemes only achieved KDM security in simpler settings, in which
messages may only depend on user secret keys.
An important motivation behind studying master-KDM security is the application of this notion in
obtaining generic constructions of KDM-CCA secure PKE, a primitive notoriously difficult to realize.
We give the first IBE that achieves master-KDM security from standard assumptions in pairing groups.
Our construction is modular and combines techniques from KDM-secure PKE based from hash-proof
systems, together with IBE that admits a tight security proof in the multi-challenge setting, which
happens to be unexpectedly relevant in the context of KDM security. In fact, to the best of our
knowledge, this is the first setting where techniques developed in the context of realizing tightly secure
cryptosystems have led to a new feasibility result.
As a byproduct, our KDM-secure IBE, and thus the resulting KDM-CCA-secure PKE both enjoy a
tight security reduction, independent of the number of challenge ciphertexts, which was not achieved
before.
Additional news items may be found on the IACR news page.