New Security Proof for the Boneh-Boyen IBE: Tight Reduction in Unbounded Multi-Challenge Security

Nuttapong ATTRAPADUNG  Goichiro HANAOKA  Shota YAMADA  

IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences   Vol.E100-A   No.9   pp.1882-1890
Publication Date: 2017/09/01
Online ISSN: 1745-1337
DOI: 10.1587/transfun.E100.A.1882
Type of Manuscript: Special Section PAPER (Special Section on Discrete Mathematics and Its Applications)
Boneh-Boyen identity-based encryption,  tight security reduction,  multi-challenge security,  

Full Text: PDF(1.1MB)>>
Buy this Article

Identity-based encryption (IBE) is an advanced form of public key encryption and one of the most important cryptographic primitives. Of the many constructions of IBE schemes, the one proposed by Boneh and Boyen (in Eurocrypt 2004) is quite important from both practical and theoretical points of view. The scheme was standardized as IEEE P1363.3 and is the basis for many subsequent constructions. In this paper, we investigate its multi-challenge security, which means that an adversary is allowed to query challenge ciphertexts multiple times rather than only once. Since single-challenge security implies multi-challenge security, and since Boneh and Boyen provided a security proof for the scheme in the single-challenge setting, the scheme is also secure in the multi-challenge setting. However, this reduction results in a large security loss. Instead, we give tight security reduction for the scheme in the multi-challenge setting. Our reduction is tight even if the number of challenge queries is not fixed in advance (that is, the queries are unbounded). Unfortunately, we are only able to prove the security in a selective setting and rely on a non-standard parameterized assumption. Nevertheless, we believe that our new security proof is of interest and provides new insight into the security of the Boneh-Boyen IBE scheme.