Cryptography Reference
In-Depth Information
Using k , the algorithm retrieves m .
4 ()
mcHk
(4.15)
Note: The Boneh-Boyen basic IBE scheme is vulnerable to chosen cipher-text attack.
4.3.3 Hierarchical Identity-Based Encryption Scheme
The computational cost of generating private keys can increase exponentially with the
increase in the number of end users requesting private keys. Therefore, a single PKG is
unfavorable in a large network. Furthermore, there is an additional cost of verifying the
identities of end users and establishing secure channels for transmission of private keys.
Hence, the motivation to adopt a hierarchical identity-based encryption (HIBE) scheme
is even stronger, as it allows the root PKG to delegate work to its lower-level PKGs
(Figure 4.13). The lower-level PKGs verify the authenticity of its users and distribute
private keys within their specified boundaries.
Horwitz and Lynn (2002) first introduced HIBE, and a fully functional HIBE sys-
tem was described by Gentry and Silverberg (2002). In this scheme, the root PKG gen-
erates private keys for its immediate lower-level PKGs, which in turn generate private
keys for their lower-level PKGs or end users. Moreover, HIBE reduces the possibility
of a total compromise of the network if any one of the intermediate PKG's private key
is compromised.
Bob
Alice
Figure 4.13. Hierarchical Identity-Based System
Search WWH ::




Custom Search