Research On The Key Escrow Problem In Identity Based Cryptosystem

Identity-based cryptography (IBC) simplifies the key management process which is a heavy burden in traditional certificate-based cryptosystems, and it has been a hot topic in modern cryptography. However, the key escrow problem is an inherent limitation of IBC, which seriously sets back its rapid development and large-scale application. This dissertation studies on how to solve its drawback of the key escrow problem in IBC and how to design signcryption schemes in identity-based or certificateless cryptosystem, certificateless proxy multi-signature scheme and certificateless multi-proxy signature scheme, which are provably secure in random oracle model or standard model. The major contributions of the dissertation are as follows:1. Based on the scheme proposed by Barreto et al. in ASIACRYPT 2005, an identity-based signcryption scheme in multiple Private Key Generator (PKG) environment is proposed, which mitigates the problems referred to users'private keys escrow and distribution in single PKG system. For security of the scheme, it is proved to satisfy the properties of message confidentiality and existential signature-unforgeability, assuming the intractability of the -Strong Diffie-Hellman problem and the q-Bilinear Diffie-Hellman Inversion problem. For efficiency, compared with the state-of-the-art signcryption schemes of the same kind, our proposal needs less pairing computations and is shown to be the most efficient, identity-based signcryption scheme for multiple PKGs up to date.2. Yu et al. proposed the first identity based signcryption (IBSC) scheme without random oracles and proved it was semantically secure in the standard model. However, in this paper, it is found that their scheme actually doesn't reach the semantic security as they claimed. To make up for this defect, an improved IBSC scheme is proposed. In our improvement, a random string is embedded into the signcrypted message during executing instructions of the signcryption algorithm. Assuming the intractability of the Decisional Bilinear Diffie-Hellman (DBDH) problem, it is proven to be semantically secure without random oracles. Besides, the existential unforgeability security of our IBSC scheme is also discussed which is shown to be not weaker than that of Yu et al.'s. Therefore, our proposal is really a provably-secure IBSC scheme in the standard model.3. Liu et al. proposed the first certificateless signcryption scheme without random oracles and proved it was semantically secure in the standard model. However, Selvi et al. launched a fatal attack to its confidentiality by replacing users' public keys, thus pointed out this scheme actually doesn't reach the semantic security as claimed. In this paper, a rescue scheme is presented based on Liu et al.'s original proposal. A Schnorr-based one-time signature is added to each user's public key, which is used to resist Selvi et al.'s attack. In addition, according to the mistake made in Liu et al.'s security proof, it is shown that our improvement is really secure in the standard model under the intractability of the DBDH assumption.4. A generic construction and a formal security model of certificateless proxy multi-signature (CLPMS) are defined. A CLPMS scheme is also proposed, which is proven to be existentially unforgeable against adaptively chosen warrant attacks and chosen message and identity attacks in the random oracle model under the computational Diffie-Hellman (CDH) assumption.5. A generic construction and a formal security model of certificateless multi-proxy signature (CLMPS) are firstly defined. A concrete CLMPS scheme is also proposed, which is proven to be existentially unforgeable against adaptively chosen warrant attacks and chosen message and identity attacks in the random oracle model under the CDH assumption.