For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
Security Analysis of a Multi-Receiver Identity-Based Key Encapsulation Mechanism
Jong Hwan PARK Dong Hoon LEE
IEICE TRANSACTIONS on Fundamentals of Electronics, Communications and Computer Sciences
Publication Date: 2009/01/01
Online ISSN: 1745-1337
Print ISSN: 0916-8508
Type of Manuscript: LETTER
Category: Cryptography and Information Security
key distribution, identity-based key encapsulation, multi-receiver setting,
Full Text: PDF(78.5KB)>>
In INDOCRYPT 2006, Chatterjee and Sarkar suggested a multi-receiver identity-based key encapsulation mechanism that is secure in the full model without random oracles. Until now, it has been believed that their scheme is the only one to provide such a security feature, while achieving sub-linear size ciphertext. In this letter, we show that their scheme is insecure in the sense that any revoked user can retrieve a message encryption key, even without colluding with other revoked users. Our attack comes from an analysis of a publicly computable surjective function used in the scheme.