Presentation is loading. Please wait.

Presentation is loading. Please wait.

Encryption Public-Key, Identity-Based, Attribute-Based.

Published byZachery Wilkinson Modified over 9 years ago

Similar presentations

Presentation on theme: "Encryption Public-Key, Identity-Based, Attribute-Based."— Presentation transcript:

1 Encryption Public-Key, Identity-Based, Attribute-Based

2 I. Public key encryption and security concepts Eve 2 Use encryption to prevent eavesdropping and achieve confidentiality.

3 Public key encryption 3 Bob  generates pair of public key pk B and secret key sk B  makes pk B public  decrypts with sk B Alice  encrypts message m with pk B  sends encrypted message/ciphertext c

4 Public-key encryption schemes 4

5 Negligible functions 5

6 Security concepts 6 Security concepts must specify  goals of adversary  resources of adversary  additional information available to adversary.  adversaries should learn almost nothing about plaintext given a ciphertext  adversaries will be probabilistic polynomial time algorithms.  adversaries known complete specifications of encryption schemes (Kerckhoff’s principle)  additional information formalized with chosen plaintext and chosen ciphertext attacks

7 The CPA game 7

8 8

9 CPA security 9

10 The CCA game 10

11 CCA security 11 Observation CPA security does not imply CCA security.

12 PKC and reality 12 Certification Authority (CA)

13 Certificates and certification authorities 13  require significant organizational and technical overhead  require complex data management  their complexity can become a threat to security

14 Public key vs. identity-based encryption 14  PKE requires special pairs of keys, not all bit strings can be public keys  in IBE every bit string or identity can be public key  identities can already be certified, e.g. passport numbers  may simplify necessary infrastructure  IBE introduced in 1984 by A. Shamir  first fully functional realization in 2001 by Boneh, Franklin  can be generalized to attribute-based encryption

15 Identity-based enryption 15 Private Key Generator

16 Identity-based enryption 16

17 Identity-based enryption 17 Private Key Generator

18 Security concepts 18 Security concepts must specify  goals of adversary  resources of adversary  additional information available to adversary.  adversaries should learn almost nothing about plaintext given a ciphertext  adversaries will be probabilistic polynomial time algorithms.  adversaries known complete specifications of encryption schemes (Kerckhoff’s principle)  additional information formalized with chosen plaintext and chosen ciphertext attacks

19 IBE security – additional requirements 19  adversaries should learn almost nothing about plaintext given a ciphertext  adversaries will be probabilistic polynomial time algorithms.  adversaries known complete specifications of encryption schemes (Kerckhoff’s principle)  additional information formalized with chosen plaintext and chosen ciphertext attacks  adversary may know private keys to many identities Challenge Exponentially (in n) many private keys depend on master secret msk of polynomial (in n) length.

20 The CPA game 20

21 The CCA game 21

22 IBE security 22

23 Power of PKG 23 Private Key Generator PKG is  very powerful  attractive target for attacks Possible solutions  secure protocols  distributed realization

24 PKG via secure protocols 24 Private Key Generator

25 Distributed PKG 25

26 Boneh-Franklin IBE and pairings 26  uses one basic primitive – bilinear pairings  concrete realization with groups on elliptic curves  examples are Weil, Tate, Eta, Ate pairing  but can be described with generic pairings  share this feature with most techniques in IBC

27 Boneh-Franklin IBE and pairings 27

28 Simplified Boneh-Franklin IBE 28

29 Boneh-Franklin IBE - correctness 29

30 Boneh-Franklin IBE 30

31 Boneh-Franklin IBE - correctness 31

Download ppt "Encryption Public-Key, Identity-Based, Attribute-Based."

Similar presentations

Boneh-Franklin Identity-based Encryption. 2 Symmetric bilinear groups G = ágñ, g p = 1 e: G G G t Bilinear i.e. e(u a, v b ) = e(u, v) ab Non-degenerate:

Boneh-Franklin Identity-based Encryption. 2 Symmetric bilinear groups G = ágñ, g p = 1 e: G G G t Bilinear i.e. e(u a, v b ) = e(u, v) ab Non-degenerate:
Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.

Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.
Probabilistic Public Key Encryption with Equality Test Duncan S. Wong Department of Computer Science City University of Hong Kong Joint work with Guomin.

Probabilistic Public Key Encryption with Equality Test Duncan S. Wong Department of Computer Science City University of Hong Kong Joint work with Guomin.
CS555Topic 191 Cryptography CS 555 Topic 19: Formalization of Public Key Encrpytion.

CS555Topic 191 Cryptography CS 555 Topic 19: Formalization of Public Key Encrpytion.
11 Provable Security. 22 Given a ciphertext, find the corresponding plaintext.

11 Provable Security. 22 Given a ciphertext, find the corresponding plaintext.
CIS 5371 Cryptography 3b. Pseudorandomness.

CIS 5371 Cryptography 3b. Pseudorandomness.
1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.

1 Introduction CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell.
RIKE Using Revocable Identities to Support Key Escrow in PKIs Nan Zhang, Jingqiang Lin, Jiwu Jing, Neng Gao State Key Laboratory of Information Security,

RIKE Using Revocable Identities to Support Key Escrow in PKIs Nan Zhang, Jingqiang Lin, Jiwu Jing, Neng Gao State Key Laboratory of Information Security,
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Certificateless encryption and its infrastructures Dr. Alexander W. Dent Information Security Group Royal Holloway, University of London.

Certificateless encryption and its infrastructures Dr. Alexander W. Dent Information Security Group Royal Holloway, University of London.
Identity Based Encryption

Identity Based Encryption
Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.

Co-operative Private Equality Test(CPET) Ronghua Li and Chuan-Kun Wu (received June 21, 2005; revised and accepted July 4, 2005) International Journal.
1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date : 2008-06-03.

1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date :
A Designer’s Guide to KEMs Alex Dent

A Designer’s Guide to KEMs Alex Dent
Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from

Asymmetric Cryptography part 1 & 2 Haya Shulman Many thanks to Amir Herzberg who donated some of the slides from
CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 2 Jonathan Katz.
Strongly Secure Certificateless Encryption Alexander W. Dent Information Security Group

Strongly Secure Certificateless Encryption Alexander W. Dent Information Security Group
1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 19,20, and 21: April 5, 10, and 12, 2007 Cryptographic Primitives.

1 CPSC156: The Internet Co-Evolution of Technology and Society Lectures 19,20, and 21: April 5, 10, and 12, 2007 Cryptographic Primitives.
CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 6 Jonathan Katz.
Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Overview of Cryptography and Its Applications Dr. Monther Aldwairi New York Institute of Technology- Amman Campus INCS741: Cryptography.

Similar presentations

Ads by Google