Future work

We note that all existing privacy-preserving (or anonymous) IBBE or MIBE schemes were constructed in the random oracle model [36, 37]. Although the constructions based on the random oracle model can offer better performance, the resulting schemes could be insecure when random oracles are instantiated with some

concrete hash functions [46]. Up to date, no privacy-preserving IBBE or MIBE schemes without random oracle model are proposed. This is an interesting problem to construct a provably secure privacy-preserving IBBE or MIBE scheme in the standard model (without random oracle model). In addition, to our best knowledge, no existing MIBE or IBBE schemes with/without random oracle model are secure in the adaptive-ID model.

We leave it as an open problem.

BIBLIOGRAPHY

[1] Fiat A, Naor M. Broadcast encryption. In Proceedings of Crypto'93, LNCS 773, 1994; 480-491.

[2] Naor D, Naor M, Lotspiech J. Revocation and tracing schemes for stateless receivers.

In Proceedings of Crypto'01, LNCS 2139, 2001; 41-62.

[3] Dodis Y, Fazio N. Public key broadcast encryption for stateless receivers. In Proceedings of DRM’2002, LNCS 2696, 2002; 61-80.

[4] Boneh D, Gentry C, Waters B. Collusion resistant broadcast encryption with short ciphertexts and private keys. In Proceedings of Crypto'05, LNCS 3621, 2005; 258-275.

[5] Bellare M, Boldyreva A, Micali S. Public-key encryption in a multi-user setting:

security proofs and improvements. In Proceedings of Eurocrypt’00, LNCS 1807, 2000; 259-274.

[6] Kurosawa K. Multi-recipient public-key encryption with shortened ciphertext. In Proceedings of PKC2002, LNCS 2274, 2002; 48-63.

[7] Bellare M, Boldyreva A, Pointcheval D. Multi-recipient encryption schemes:

security notions and randomness re-use. In Proceedings of PKC2003, LNCS 2567, 2003; 85-99.

[8] ElGamal T. A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Transactions on Information Theory 1985; 31(4): 469-472.

[9] Shamir A. Identity-based cryptosystems and signature schemes. In Proceedings of Crypto'84, LNCS 196, 1985; 47-53.

[10] Boyen X, Waters B. Anonymous hierarchical identity-based encryption (without random oracles). In Proceedings of Crypto'06, LNCS 4117, 2006; 290-307.

[11] Fan CI, Huang LY, Ho PH. Anonymous multireceiver identity-based encryption.

IEEE Transactions on Computers 2010; 59 (9): 1239-1249.

[12] Chien HY. Improved anonymous multi-receiver identity-based encryption. The Computer Journal 2012; 55 (4): 439-446.

[13] Hur J, Park C, Hwang SO. Privacy-preserving identity-based broadcast encryption.

Information Fusion 2011; (in press), doi:10.1016/j.inffus.2011.03.003.

[14] Boneh D, Franklin M. Identity-based encryption from the Weil pairing. In Proceedings of Crypto'01, LNCS 2139, 2001; 213-229.

[15] Boneh D, Franklin M. Identity-based encryption from the Weil pairing. SIAM J. of Computing 2003; 32 (3): 586-615.

[16] Zhong S, Chen, T. An efficient identity-based protocol for private matching.

International Journal of Communication Systems 2011; 24(4): 543–552.

[17] Han K, Yeun CY, Shon T, Park J, Kim K. A scalable and efficient key escrow model for lawful interception of IDBC-based secure communication. International Journal of Communication Systems 2011; 24(4): 461–472.

[18] Tseng YM, Wu TY, Wu JD. An efficient and provably secure ID-based signature scheme with batch verifications. International Journal of Innovative Computing, Information and Control 2009; 5 (11): 3911-3922.

[19] Chuang YH, Tseng YM. Towards generalized ID-based user authentication for mobile multi-server environment. International Journal of Communication Systems 2012; 25(4): 447-460.

[20] He D, Chen J, Hu J. A pairing-free certificateless authenticated key agreement protocol. International Journal of Communication Systems 2012; 25(2): 221-230.

[21] Chen L, Cheng Z, Smart NP. Identity-based key agreement protocols from pairings.

International Journal of Information Security 2007; 6(4): 213-241.

[22] Wu TY, Tseng YM. An efficient user authentication and key exchange protocol for mobile client-server environment. Computer Networks 2010; 54 (9): 1520-1530.

[23] Tsai, JL, Wu TC, Tsai KY. New dynamic ID authentication scheme using smart cards. International Journal of Communication Systems 2010; 23(12): 1449–1462.

[24] Wu TY, Tseng YM, Yu CW. A secure ID-based authenticated group key exchange protocol resistant to insider attacks. Journal of Information Science and Engineering 2011; 27 (3): 915-932.

[25] Wang L, Wu CK. Efficient identity-based multicast scheme from bilinear pairing.

IEE Proc. Comm. 2005; 152 (6): 877-882.

[26] Lee JW, Hwang YH, Lee PJ. Efficient pubic key broadcast encryption using identifier of receivers. In Proceedings of ISPEC 2006, LNCS 3903, 2006; 153-164.

[27] Yang C, Cheng X, Ma W, Wang X. A new ID-based broadcast encryption scheme.

In Proceedings of Autonomic and Trusted Computing 2006, LNCS 4158, 2006;

487-492.

[28] Delerablee C., Identity-based broadcast encryption with constant size ciphertexts and private keys. In Proceedings of ASIACRYPT 2007, LNCS 4833, 2007; 200-215.

[29] Ren Y, Gu D. Fully CCA2 secure identity-based broadcast encryption without random oracles. Information Processing Letters 2009; 109 (11): 527-533.

[30] Wang XA, Weng J, Yang X, Yang Y. Cryptanalysis of an identity based broadcast encryption scheme without random oracles. Information Processing Letters 2011;

111 (10): 461-464.

[31] Baek J, Safavi-Naini R, Susilo W. Efficient multi-receiver identity-based encryption and its application to broadcast encryption. In Proceedings of PKC 2005, LNCS 3386, 2005; 380-397.

[32] Chatterjee S, Sarkar P. Multi-receiver identity-based key encapsulation with

shortened ciphertext. In Proceedings of INDOCRYPT 2006, LNCS 4329, 2006;

394-408.

[33] Park JH, Kim KT, Lee DH. Cryptanalysis and improvement of a multi-receiver identity-based key encapsulation at INDOCRYPT’06. In Proceedings of ASIACCS '08, 2008; 373-380.

[34.] Okamoto T, Pointcheval D. REACT: Rapid enhanced-security asymmetric cryptosystem transform. In Proceedings of CT-RSA 2001, LNCS 2020, 2001; 159-174.

[35] Okamoto T, Pointcheval D. The gap-problems: a new class of problems for the security of cryptographic schemes. In Proceedings of PKC 2001, LNCS 1992, 2001;

104-118.

[36] Bellare M, Rogaway P. Random oracles are practical: a paradigm for designing efficient protocols. In Proceedings of CCS’93, 1993; 62-73.

[37] Canetti R, Goldreich O, Halevi S. The random oracle methodology, revisited.

Journal of ACM 2004; 51(4): 557-594.

[38] Galbraith S, Paterson K, Smart NP. Pairings for cryptographers. Discrete Applied Mathematics 2008; 156(16): 3113-3121.

[39] Wu TY, Tseng YM. An ID-based mutual authentication and key exchange protocol for low-power mobile devices. The Computer Journal 2010; 53 (7): 1062-1070.

[40] Canetti R, Halevi S, Katz J. A forward-secure public-key encryption scheme. In Proceedings of Eurocrypt 2003, LNCS 2656, 2003; 255-271.

[41] Fujisaki E, Okamoto T. Secure integration of asymmetric and symmetric encryption schemes. In Proceedings of Crypto '99, LNCS 1666, 1999; 537-554.

[42] Knuth D. The Art of Computer Programming, Volume 2: Seminumerical Algorithms. Third Edition. Addison-Wesley, 1997.

[43] Scott M. Computing the Tate pairing. In Proceedings of CT-RSA05, 2005; 293-304.

[44] Scott M, Costigan N, Abdulwahab W. Implementing cryptographic pairings on smartcards. Cryptology ePrint Archive, Report 2006/144, 2006.

[45] Cao X, Zeng X, Kou W, Hu L. Identity-based anonymous remote authentication for value-added services in mobile networks. IEEE Trans. Veh. Technol. 2009; 58 (7):

3508-3517.

[46] Bellare M, Boldyreva A, Palacio A. An uninstantiable random oracle model scheme for a hybrid encryption problem. In Proceedings of Eurocrypt’04, LNCS 3027, 2004; 171 188.