Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 426
Implementation of Identity Based Encryption For Data
Security in Cloud Environment
Sudha Jillella
M.Tech, Department of Computer Science
Jogaiah institute of technology and science
ABSTRACT
Identity based Public key encryption supports basic presentation of open key cryptography by
allowing a component's open key to be gotten from an optional recognizing evidence worth, for
instance, name or email address. The principal rational preferred standpoint of character based
cryptography is in gigantically decreasing the necessity for, and reliance on, open key
validations. Though some interesting character based frameworks have been made already, none
are great with noticeable open key encryption figurings.In addition, it is in a general sense hard
to oblige fine-grained dinial with character based cryptography. Intervened RSA (mRSA) is a
fundamental and sensible strategy for section a RSA private key between the customer and a
Security Mediator (SEM). Neither the customer nor the SEM can cheat each other since each
crypto-realistic operation (check or unscrambling) incorporates both sides. mRSA allows fast
and fine-grained control of customers' security benefits. In any case, mRSA still relies on upon
customary open key announcements to store and confer open keys. In this paper, we show
IB-mRSA, an essential variety of mRSA that joins identity based and intervened
cryptography.Under the arbitrary prophet model, IB-mRSA with OAEP is showed up as secure
(against adaptable picked ciphertext assault) as standard RSA with OAEP. Besides, IB-mRSA is
clear, practical, and culminate with current open key foundations.
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 427 Introduction
A safe server notwithstanding giving an
ensured establishment to empowering your
Web applications, and Web server arrange
expect an essential character in your Web
application's security. Gravely composed
server can instigate unapproved access. A
dismissed offer can make a supportive
discretionary section, while a disregarded
port can be an aggressor's front door.
Disregarded customer records can allow an
assailant to sneak past your obstructions
unnoticed. Understanding the threats to your
Web server and having the ability to
perceive proper countermeasures licenses
you to suspect various attacks and
supernatural occurrence the routinely
making amounts of aggressors. This system
gives bidirectional encryption of
correspondences between a customer and
server, which guarantees against listening
stealthily and upsetting and additionally
creating the substance of the correspondence
[1].
Much talking, this applies a sense surety
that one is relating with conclusively. The
site that I proposed to converse with
moreover securing that the substance of
correspondences between the customer and
the site can't be scrutinized or made by any
outsider. Secure Server Plus application has
mainly twofold login security. That is, in the
wake of checking into the application
customer gets a mystery key on his selected
Gmail-id. This mystery key must be inserted
in the appear confine showed up the wake of
checking into SSP Application. This
application has two functionalities,
Encryption and Decryption. Encoding is the
handiness in which the record to be
systematized over the mail in firstly isolated
in 4 a leveling of in byte course of action
and a while later encoded using
unmistakable encryption computations [2].
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 428 the beneficiary through Gmail At the
beneficiary end, He will download the
archives and using SSP Application
information as a bit of reports would be
unscrambled and mixed.
Client Security is likewise required in
cloud. By using assurance the cloud or
distinctive customers don't have the foggiest
thought with respect to the identity of the
other hub. The cloud can contain the center
point introduces the data in the cloud, and in
like path, to give advantages the cloud itself
is careful. The genuineness of the customer
who stores the information is likewise
bolstered. There is likewise a necessity for
law endorsement isolated from the specific
responses for surety security and safe house.
Various encryption frameworks have been
used to secure information on cloud to look
at the information while doing computations
on the data. By using Attribute based
encryption plot, the cloud gets figure
substance of the information and performs
computations on the figure substance and
gives the encoded estimation of the last
result to the center point then the customer
can decipher the result, in spite of the way
that the cloud does not comprehend what
information it has chipped at[3].
Distinctive strategies have been
prescribed to safeguard the data substance
assurance by strategy for affirmation
control. Identity based encryption (IBE) was
at first presented by Shamir, in which the
sender of a message can demonstrate a
character such that exclusive a beneficiary
with sorting out identity can unscramble it.
A couple of years sometime later, Fuzzy
Identity-Based Encryption is proposed,
which is by and large called Attribute-Based
Encryption (ABE). In such encryption think
up, an identity is seen as an arrangement of
clear attributes, and decoding is possible if a
decrypter's character has a few covers with
the one showed in the ciphertext.Ahead
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 429 [4], Key-Policy Attribute-Based Encryption
(KP-ABE) and Ciphertext-Policy
Attribute-Based Encryption (CP-ABE), are familiar
with express more expansive condition than
direct 'cover'. They are accomplices to each
unique as in the option of encryption system
(who can or can't translate the message) is
settled by various social affairs [5].
In the KP-ABE, a ciphertext is associated
with a game-plan of characteristics, and a
private key is associated with a monotonic
access structure like a tree, which portrays
this present customer's personality (e.g. IIT
AND (Ph.D OR Master)). A customer can
unscramble the ciphertext if and just if the
way tree in his private key is satisfied by the
characters in the ciphertext. In whatever
claim, the encoding system is depicted in the
keys, so the Encrypter does not have full
control over the encoding access. He needs
to trust that the key generators issue keys
with the right structures to the privilege
customers[5].Besides, when a re-encryption
happens, an extensive bit of the customers in
the same structure must bear their private
keys, re-issued recollecting the last goal to
go to the re-encoded circles, and this method
causes immense issues in the usage. Of way,
those occasions and working cost are all
esteemed in the CP-ABE. In the CP-ABE,
ciphertexts are made with a passage
structure, which shows the encryption
approach, and private keys are made by
qualities[6] A customer can unravel the
ciphertext if and just if his characteristics in
the private key satisfy the section tree
displayed in the ciphertext. Thusly, the
Encrypter holds a total power about the
encoding system. Additionally, the starting
now issued private keys will never be
adjusted unless the whole system reboots.
In a average Public Key Encryption
(PKI) setting, a customer's open key is
expressly encoded in an open key
confirmation which is, basically, a
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 430 personality and the ensured open key. This
basic model requires general trust in
testament guarantors (Certification
Authorities or CAs). It has some surely
understood and vexatious symptoms, for
instance, the necessity for cross-space trust
and testament dissent [7]. The fundamental
issue, regardless, is the essential supposition
that all testaments are open, universal and,
consequently, immediately accessible to
anyone. We watch that this suspicion is not
by and large sensible, especially, in remote
(or any shortcoming slanted) systems where
system is sporadic. Interestingly, personality
based cryptography changes the method for
getting open keys by building an organized
mapping amongst characters and open
keys.Character based cryptography in this
way exceptionally diminishes the necessity
for, and reliance on, open key testaments
and certification powers. Generally
speaking, character based encryption and
personality based marks are useful
cryptographic instruments that empower
simple presentation of, as well as
transformation to, open key cryptography by
allowing an open key to be gotten from
subjective distinguishing proof values, for
instance, email addresses or phone numbers.
Meanwhile, personality based strategies
uncommonly revise key administration since
they diminish both: the necessity for, and,
the amount of, open key declarations [8].
Idea of Character based open
encryption developed a Boneh Franklin
Identity-Based Encryption structure
(BF-IBE) in perspective of Weil Pairing on
elliptic bends. BF-IBE speaks to an essential
improvement in cryptography. Before long,
a personality based RSA variety has stayed
slippery for the straightforward reason that a
RSA modulus n (a result of two substantial
primes) can not be securely shared among
various clients. Another conspicuous
downside of current personality based
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 431 support for fine-grained disavowal. Dissent
is consistently done through Certificate
Revocation Lists (CRLs) or near structures.
Nonetheless, IBE expects to disentangle
endorsement administration by getting open
keys from characters, which makes it
difficult to control clients' security
privileges[10].
In this paper, we propose a
straightforward character based
cryptosystem made on some Mediated RSA
(mRSA). mRSA is a practical and
RSA-great procedure for section a RSA private
key between the customer and the security
center person, called a SEM. Neither the
customer nor the SEM knows the
factorization of the RSA modulus and
neither can unravel/sign message without
the other's assistance. By righteousness of
requiring the customer to contact its SEM
for each unscrambling and additionally
signature operation, mRSA gives fast and
fine-grained repudiation of clients' security
benefits. Based on top of mRSA, IB-mRSA
mixes the elements of character based and
intervened cryptography moreover offers
some useful advantages. Like mRSA, it is
totally flawless with plain RSA. Aside from
the personality to-open key mapping, it
requires no exceptional programming for
imparting parties. IB-mRSA also permits
discretionary open key testaments which
encourages simple move to a customary
PKI. All the more generally, IB-mRSA can
be seen as a basic and helpful technique
between operable with standard present day
PKIs. Meanwhile, IB-mRSA offers security
commensurate to that of RSA, gave that a
SEM is not exchanged off. Specifically, it
can be demonstrated that, in the subjective
prophet display, IB-mRSA with OAEP is as
secure – against versatile picked ciphertext
assaults – as RSA with OAEP [11].
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 432 As the pervious studys, Brent Waters
propose a Multi-Authority Attribute-Based
Encryption (ABE) structure. In our
speculative record, any social issue can
transform into a constrain and there is no
prerequisite for any general coordination
other than the yield of a shrouded course of
action of run of the mill reference
parameters. A social occasion can basically
go around as an ABE control by hitting an
open key and issuing private keys to a
couple of customers that mirror their traits.A
customer can encode information with
respect to any boolean condition over
attributes issued from any picked set of
capacities. At long last, our structure does
not require any focal constrain. In working
up our system, our greatest specific obstacle
is to make it plan safe.Prior Attribute-Based
Encryption systems finished assention
resistance when the ABE structure control
"tied" together extraordinary parts
(addressing diverse tones) of a customer's
private key by randomizing the key.
Nevertheless, in our structure every part will
make from a possibly specific drive, where
we recognize no coordination between such
powers. We make new techniques to tie key
fragments together and thwart interest
attacks between customers with various
general identifiers [11]. They demonstrate
our system secure using the late twofold
structure encryption strategy where the
security check works by first changing over
the test ciphertext and private keys to a
semi-businesslike structure and a while later
fighting security.We acknowledge after a
late assortment of the twofold system
verification strategy as a result of Lewko
and Waters and gather our structure using
bilinear social affairs of composite
solicitation. We display security under close
static suppositions to the LW, paper in the
subjective prophetic model.
As demonstrated give a general structure to
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 433 encryption systems. Specifically, we get a
general encryption structure called spatial
encryption from which various systems with
a mix of properties take after. The ciphertext
size in every one of these structures is
autonomous of the measure of customers
included and is just three social undertaking
parts. Private key size creates with the
multifaceted way of the fabric.One
inspiration driving these results gives the
principle show HIBE system with short
ciphertexts. Broadcast HIBE deals with a
trademark issue doing with character based
mixed emails. [12].
Algorithm:
Setup→ The setup estimation takes no data
other than the specific security parameter. It
renders individuals when in doubt
parameters PK and a specialist key
MK.Encode (PK, M, A) →The encryption
calculation takes as data individuals all
things considered parameters PK, a message
M, and a passage structure An over the
universe of attributes.The check count will
encode M and deliver a ciphertext CT such
that exclusive a customer that holds a course
of action of characteristics that satisfies the
passageway structure will hold the capacity
to decode the message.We will expect that
the ciphertext certain contains A.Key
Generation (MK, S) → The key time
figuring takes as information the master key
MK and a game plan of characteristics S that
depict the key.It bears a private key
SK.Decode (PK, CT, SK) →The
unscrambling count takes as information the
all inclusive community parameters PK, a
ciphertext CT, which contains a passage
system An, and a private key SK, which is a
private key for a set S of qualities. For the
situation that the set S of qualities satisfies
the passageway structure A then the
computation will translate the ciphertext and
return a message M.
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 434 S ̃ ⊆ S. It moves over a secret key SK for the
game plan of S ̃ qualities S [13]. .
Especially we set develop the upside of the
record access, and we assessed an perfect
change to connect at one preferred
standpoint tree and rely on upon its assertion
parameter. At the point when all is said in
done, the calculation overhead of Li is much
higher than others in light of the way that
their framework incorporates various more
exponentiations and bilinear mappings in
light of the dedication. The
encryption/unscrambling under various file
sizes did not demonstrate colossal
differences when record sizes are significant
(≥20MB), in light of the way that the run
times are controlled by the symmetric
encryption (AES-256). Finally, however our
run times are plotted in light of the way that
the preferred standpoint creation is the extra
routine in our diagram.
ID-based Cryptosystems
The need to make accessible genuine
duplicates of substances 'open keys is a
critical downside to the use of open key
cryptography. The customary technique for
doing this is to use the all inclusive
community key frameworks, in which an
affirmation power (CA) issues a testament
which ties a customer's personality with
his/her open key. With ID-based
cryptosystems, this coupling is repetitive as
the character of the component would be
his/her open key (If not straightforwardly,
the all inclusive community key is gotten
from the personality). In ID-based PKC,
everyone's open Keys are destined by
information that interestingly distinguishes
them, for instance, their email address[14].
This thought extraordinary inspiration for
ID-based encryption was to disentangle
endorsement administration in email
frameworks. Each substance in the system
sends his/her personality to a trusted
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 435 (KGC), to get the private key. The private
key is figured using the private key of the
KGC and the personality of the customer.
Enter escrow is innate in ID-based
frameworks since the KGC knows all the
private keys. For various reasons, this makes
execution of the advancement a great deal
less requesting, and conveys some extra
information security advantages. ID-based
PKC (ID-PKC) remained a speculative
thought until were proposed. A bit of the
issues to be tended to contrast the ID-based
frameworks and the customary PKI
maintained open key cryptography [15].
Identity-Based Public Key Cryptography
One of the troubles characteristic in running
a PKI is in the overseeing of the testament
and related key. Personality – and thusly
identifier – based cryptography was made as
a strategy for vanquishing this issue. The
arrangement gave a stamp figuring, however
couldn't be used for encryption. It is just
generally that a powerful character based
encryption structure was proposed [16].
The inside contrast between an ID-PKC and
a Conventional unbalanced calculation in
the technique for delivering the keys. The
distinction is identifiable in two ways:
As said above, in both the stamp and
encryption variations, individuals when
all is said in done keys are created
from transparently identifiable
information. This permits a
customer A to create general society
key of another customer B without
doing a request in an inventory or
approach B for a copy of their
key.
Because of the science that support the
calculations, the generation of the
private key requires the
learning of a specialist mystery that is
held by the Trusted Authority (TA),
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 436 Recently, it has been seen that a personality
require not be the fundamental determinant
of a customer's open key. For instance,
information, for instance, the customer's
position inside an association, the
authenticity time period for the keys, et
cetera can be joined into the data used to
induce the key match. This outcomes in the
more extensive thought of identifier-based
open key cryptography.
Since the TA is straightforwardly
responsible for the time of the private key in
an ID-PKC instrument, there is an inherent
escrow office in the structure. This could
possibly be charming. This strengths an
adjustment in the part of the trusted outsider
inside the system. In a PKI, the CA is
concerned with tolerating the realness of the
information present in the statement, while,
in an ID-PKC the TA is specifically
responsible for making and disseminating all
keying material inside the structure [16].
There is likewise the prerequisite that TA
and customer can set up a free secure
channel for the dispersion of private key
material. This channel needs to secure both
the realness and secrecy of the private key.
Despite the way that using a customer's
lifestyle as the base for their key match is
outstandingly captivating, it doesn't come
without results. The two standard issues that
will affect the discourse in the rest of this
paper are according to the accompanying:
Adapting to the items of common skills
of execution are not inconsequential. If
we take renouncement as an illustration,
since we can't deny a man's character,
there is a prerequisite for additional
commitment to the key time process. If
we fuse authenticity dates, key use, thus
on then a push toward more extensive
usage of distinguishing information
results, driving really to identifier-based
cryptography. We will return to denial
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 437 The believability of the information that
is used as the character or identifier is
presently dire to the security of the
structure. In a PKI, the statement should
show the realness of distinguishing
information. In ID-PKC, in light of the
way that a private key may be delivered
after general society key, the TA won't
not have endorsed the realness of the
information relating to the key match
going before the all inclusive
community key's use. For instance, A
might use information it supposes is
honest to goodness to make an open key
for B, yet the information An
utilizations could either relate to the
wrong B, or may be thoroughly invalid
as indicated by the TA.
Figure 1: System Architecture
Identity-Based mRSA:
The essential part of character based
encryption is the sender's ability to scramble
messages using individuals when all is said
in done key got from the recipient's
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 438 character can be the beneficiary's email
address, customer id or any quality
outstanding to the recipient; basically, a
subjective string. To process the encryption
key, a gainful (and open) mapping limit KG
must be set as of now. This limit must be an
adjusted mapping from character strings to
open keys. The central thought behind
character based mRSA is the usage of a
solitary normal RSA modulus n for all
clients inside a structure (or territory). This
modulus is open and contained in a system
wide endorsement issued, of course, by
some Certificate Authority (CA). To
scramble a message for a specific recipient
(Bob), the sender (Alice) first registers
eBob=KG(IDBob) where IDBob is the
recipient's personality quality, for instance,
Bob's email address [17].Starting there, the
paire (eBob,n) is managed as a plain RSA
open key and typical RSA encryption is
performed. On Bob's side, the unraveling
system is indistinguishable to that of mRSA.
We push that using the same modulus by
numerous clients in a common RSA setting
is absolutely shaky. It is subject to a
insignificant assault whereby any one using
one's data of a solitary key-combine – can
essentially consider the modulus and register
the other customer's private key. In any case,
in the present setting, we make a basic
presumption that:
All through the lifetime of the system, the
enemy can't exchange off a SEM.
Unmistakably, without this suspicion,
IB-mRSA would offer no security what soever:
a solitary SEM soften up consolidated with
the trade off of one and only customer's key
offer would realize the deal of all clients'
(for that SEM) private keys. The IB-mRSA
supposition is somewhat more grounded
than its mRSA accomplice. Survey that, in
mRSA, each client has an other RSA setting,
i.e., a unique modulus. Thusly, to exchange
off a given customer a enemy needs to break
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 439 now swing to the point by point portrayal of
the IB-mRSA arrange.
We understood IB-mRSA for the
motivations behind experimentation and
affirmation. The thing is made out of three
sections:
1. CA and Admin Utilities: zone
endorsement, customer key time,
(discretionary) statement issuance and
disavowal interface.
2. SEM daemon: SEM process
3.Customer libraries: IB-mRSA customer capacities open by means of an API.
The code is based on top of the outstanding
OpenSSL library. OpenSSL fuses countless
capacities and substantial calculating
primitives. Notwithstanding being beneficial
and accessible on numerous normal
hardware and programming stages,
OpenSSL sticks to the basic PKCS
principles and is in the all inclusive
community space. The SEM daemon and the
CA/Admin utilities are completed on Linux,
while the customer libraries are accessible
on both Linux and Windows stages. In the
instatement stage, a CA introduces the space
wide cryptographic setting, specifically (n,
p, q, p',q') and chooses a mapping limit
(presently defaulting to MD5) for all zone
customers. For each customer, two
structures are sent out: 1) SEM
bundle,which incorporates the SEM's
half-key dSEM i, and 2) customer assemble,
which incorporates dui and the entire server
pack. The server pack is in PKCS#7 [17]
position, which is on a very basic level a
RSA envelope set apart by the CA and
encoded with the SEM's open key. The
customer pack is in PKCS#12 design, which
is a typical key envelope also set apart by
the CA and scrambled with the customer
supplied key which can be a pre-set key, a
secret key or a pass-expression.
(A client is not anticipated that would have
an earlier open key.) After issuance, each
out-of-Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 440 band design to the fitting customer. Before
attempting any IB-mRSA exchanges, the
customer should first translate and check the
gathering. An alternate utility venture is
suited this reason. With it, the pack is
decoded with the customer supplied key, the
CA's stamp is checked, and, finally, the
customer's half-key are evacuated and set
away locally. To unscramble a message, the
customer begins with sending an IB-mRSA
ask for, with the SEM gather piggybacked.
The SEM first check the status of the
customer.
Just when the customer is esteemed t
obe a honest to goodness customer, does the
SEM system the solicitation using the pack
contained in that. As said some time
recently, to scramble a message for an
IB-mRSA, that customer's space endorsement
should be obtained [18]. Transport and
administration of space testaments is
thought to be done in a way like that of run
of the mill endorsement, e.g., by means of
LDAP or DNS.
Conclusion:
Despite the way that investigation
enthusiasm for ID-PKC is astoundingly
solid right now, it is a respectably new
advancement in contrast with PKI. In our
article, we have attempted to investigate
what isolates ID-PKC from PKI. Our
fundamental judgment, in reality made with
regards to almost no business association of
ID-PKC frameworks, is that there is by no to
isolate the two. Possibly the basic
information while choosing whether to grasp
PKI or ID-PKC is the diverse way in which
the two advances typically deliver and
affirm rights and keys. Similarly as with
symmetric and hilter kilter cryptography, the
focal elements when picking amongst PKI
and ID-PKC are inclined to be
environmental. This effect of the limitations
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 441 more vital given that there doesn't seem, by
all accounts, to be such a solid isolating
component as the ability to give non-denial
is amongst symmetric and topsy-turvy
cryptography.
The paper portrays the IB-mRSA, a
commonsense and secure character based
encryption orchestrate. It is perfect with
standard RSA encryption and offers
fine-grained control (denail) of clients security
benefits. Two or three issues stay for future
work. It is indistinct whether IB-mRSA can
be demonstrated secure under the standard
model (our contention uses the self-assertive
prophet setting). Also, we require a more
formal investigation of semantic security.
Another issue identifies with IB-mRSA
execution. Using a hash restrain with respect
to open key mapping makes encryption
more costly than RSA since individuals all
things considered sort is discretionary (and
on the run of the mill bit of the bits are set).
We have to break down elective mapping
capacities that can make more "successful"
RSA types.
REFERENCES:
1. Lewko, A., & Waters, B. (2011).
Decentralizing attribute-based
encryption. In Advances in Cryptology–
EUROCRYPT 2011 (pp. 568-588).
Springer Berlin Heidelberg.
2. Boneh, D., & Hamburg, M. (2008).
Generalized identity based and broadcast
encryption schemes. In Advances in
Cryptology-ASIACRYPT 2008 (pp.
455-470). Springer Berlin Heidelberg.
3. Waters, B. (2011). Ciphertext-policy
attribute-based encryption: An
expressive, efficient, and provably
secure realization. In Public Key
Cryptography–PKC 2011 (pp. 53-70).
Springer Berlin Heidelberg.
4. Hajny, J., & Malina, L. (2012).
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 442 with practical revocation on smart-cards
(pp. 62-76). Springer Berlin Heidelberg.
5. Li, J., Huang, Q., Chen, X., Chow, S. S.,
Wong, D. S., & Xie, D. (2011, March).
Multi-authority ciphertext-policy
attribute-based encryption with
accountability. In Proceedings of the 6th
ACM Symposium on Information,
Computer and Communications Security
(pp. 386-390). ACM.
6. Li, J., Ren, K., Zhu, B., & Wan, Z.
(2009). Privacy-aware attribute-based
encryption with user accountability. In
Information Security (pp. 347-362).
Springer Berlin Heidelberg.
7. Camenisch, J., Neven, G., & Rückert, M.
(2012). Fully anonymous attribute
tokens from lattices. In Security and
Cryptography for Networks (pp. 57-75).
Springer Berlin Heidelberg.
8. Shahandashti, S. F., & Safavi-Naini, R.
(2009). Threshold attribute-based
signatures and their application to
anonymous credential systems. In
Progress in Cryptology–
AFRICACRYPT 2009 (pp. 198-216).
Springer Berlin Heidelberg.
9. O. Baudron, D. Pointcheval, and J.
Stern. Extended notions of security for
multicast public key cryptosystems. In
27th International Colloquium on
Automata, Languages and Programming
(ICALP ’2000), number 1853 in Lecture
Notes in Computer Science.
Springer-Verlag, Berlin Germany, July 2000.
10.M. Bellare, A. Boldyreva, and S. Micali.
Public-key encryption in a multi-user
setting: Security proofs and
improvements. In Preneel, pages 259–
274.
11.M. Bellare, A. Desai, D. Pointcheval,
and P. Rogaway. Relations among
notions of security for public-key
encryption schemes. In H. Krawczyk,
editor, Advances in Cryptology –
Available online: http://edupediapublications.org/journals/index.php/IJR/ P a g e | 443 Notes in Computer Science, pages 26–
45. International Association for
Cryptologic Research, Springer-Verlag,
Berlin Germany, 1998.
12.M. Bellare and P. Rogaway. Optimal
asymmetric encryption — how to
encrypt with RSA. In A.D. Santis,
editor, Advances in Cryptology –
EUROCRYPT ’94, number 950 in
Lecture Notes in Computer Science,
pages 92–111. International Association
for Cryptologic Research,
Springer-Verlag, Berlin Germany, 1995.
13.D. Boneh, X. Ding, and G. Tsudik.
Identity based encryption using mediated
rsa. In 3rd Workshop on Information
Security Application, Jeju Island, Korea,
Aug. 2002. KIISC.
14.D. Boneh, X. Ding, G. Tsudik, and C.M.
Wong. A method for fast revocation of
public key certificates and security
capabilities. In 10th USENIX Security
Symposium, Washington, D.C., Aug.
2001. USENIX.
15.D. Boneh and M. Franklin.
Identity-based encryption from the Weil Pairing.
In Kilian, pages 213–229.
16.J.-S. Coron and D. Naccache. Security
analysis of the gennaro-halevi-rabin
signature scheme. In Preneel, pages 91–
101.
17.E.Fujisaki,T.Okamoto,D.Pointcheval,an
dJ.Stern. RSA-OAEP is secure under the
rsa assumption. In Kilian, pages 260–
274.
18.R. Ganesan. Augmenting kerberos with
pubic-key cryptography. In T. Mayfield,
editor, Symposium on Network and
Distributed Systems Security, San
Diego, Cal-ifornia, Feb. 1995. Internet
