| Summary: | Identification schemes are used by machines to securely authenticate the identity of other machines or their users over computer networks. As conventional public key schemes require a trusted third party (TTP) or a public file to ensure the corresponding public key matches with the identity, identity-based cryptosystems emerged as a form of certificate-free system. The entity's identity is the public key itself, therefore eliminating the need for a TTP. The identity-based identification (IBI) scheme introduced by Kurosawa and Heng using their transform in 2004 remains as the only IBI derived from the Boneh-Lynn-Shacham (BLS) short signature scheme which has the advantage of shorter keys. We show tight security reduction against active and concurrent attackers (imp-aa/ca) on our scheme that is obtained from the same transform. As the transform will only produce schemes that are only secure against passive attackers (imp-pa), security against imp-aa/ca scheme relies on a strong One-More interactive assumption and therefore resulted in weak security. While the OR-proof method allows schemes secure against imp-pa to be secure against imp-aa/ca, the resulting security against imp-aa/ca will suffer from loose bounds in addition to the user secret keys being doubled in size. Our work avoids both OR-proof and strong interactive assumptions by showing an ad-hoc proof for our construction which utilizes the weaker well-studied co-computational Diffie-Hellman assumption and yet still has tight security against imp-aa/ca. We demonstrate the tight security of our scheme which allows usage of even shorter key sizes.
|
|---|
