Generic-group identity-based encryption: A tight impossibility result

Gili Schul-Ganz; Gil Segev

doi:10.4230/LIPIcs.ITC.2021.26

Generic-group identity-based encryption: A tight impossibility result

Gili Schul-Ganz^*
, Gil Segev^*

^*Corresponding author for this work

The Rachel and Selim Benin School of Engineering and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

8 Scopus citations

Abstract

Following the pioneering work of Boneh and Franklin (CRYPTO'01), the challenge of constructing an identity-based encryption scheme based on the Diffie-Hellman assumption remained unresolved for more than 15 years. Evidence supporting this lack of success was provided by Papakonstantinou, Rackoff and Vahlis (ePrint'12), who ruled out the existence of generic-group identity-based encryption schemes supporting an identity space of sufficiently large polynomial size. Nevertheless, the breakthrough result of Döttling and Garg (CRYPTO'17) settled this long-standing challenge via a non-generic construction. We prove a tight impossibility result for generic-group identity-based encryption, ruling out the existence of any non-trivial construction: We show that any scheme whose public parameters include npp group elements may support at most npp identities. This threshold is trivially met by any generic-group public-key encryption scheme whose public keys consist of a single group element (e.g., ElGamal encryption). In the context of algebraic constructions, generic realizations are often both conceptually simpler and more efficient than non-generic ones. Thus, identifying exact thresholds for the limitations of generic groups is not only of theoretical significance but may in fact have practical implications when considering concrete security parameters.

Original language	English
Title of host publication	2nd Conference on Information-Theoretic Cryptography, ITC 2021
Editors	Stefano Tessaro
Publisher	Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing
Pages	26:1-26:23
Number of pages	23
ISBN (Electronic)	9783959771979
DOIs	https://doi.org/10.4230/LIPIcs.ITC.2021.26
State	Published - 1 Jul 2021
Event	2nd Conference on Information-Theoretic Cryptography, ITC 2021 - Virtual, Bertinoro, Italy Duration: 23 Jul 2021 → 26 Jul 2021

Publication series

Name	Leibniz International Proceedings in Informatics, LIPIcs
Volume	199
ISSN (Print)	1868-8969

Conference

Conference	2nd Conference on Information-Theoretic Cryptography, ITC 2021
Country/Territory	Italy
City	Virtual, Bertinoro
Period	23/07/21 → 26/07/21

Bibliographical note

Publisher Copyright:
© 2021 Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing. All rights reserved.

Keywords

Generic-group model
Identity-based encryption

Access to Document

10.4230/LIPIcs.ITC.2021.26

Cite this

Schul-Ganz, G., & Segev, G. (2021). Generic-group identity-based encryption: A tight impossibility result. In S. Tessaro (Ed.), 2nd Conference on Information-Theoretic Cryptography, ITC 2021 (pp. 26:1-26:23). Article 26 (Leibniz International Proceedings in Informatics, LIPIcs; Vol. 199). Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing. https://doi.org/10.4230/LIPIcs.ITC.2021.26

@inproceedings{2775add84edd41e4817278d8c7924906,

title = "Generic-group identity-based encryption: A tight impossibility result",

abstract = "Following the pioneering work of Boneh and Franklin (CRYPTO'01), the challenge of constructing an identity-based encryption scheme based on the Diffie-Hellman assumption remained unresolved for more than 15 years. Evidence supporting this lack of success was provided by Papakonstantinou, Rackoff and Vahlis (ePrint'12), who ruled out the existence of generic-group identity-based encryption schemes supporting an identity space of sufficiently large polynomial size. Nevertheless, the breakthrough result of D{\"o}ttling and Garg (CRYPTO'17) settled this long-standing challenge via a non-generic construction. We prove a tight impossibility result for generic-group identity-based encryption, ruling out the existence of any non-trivial construction: We show that any scheme whose public parameters include npp group elements may support at most npp identities. This threshold is trivially met by any generic-group public-key encryption scheme whose public keys consist of a single group element (e.g., ElGamal encryption). In the context of algebraic constructions, generic realizations are often both conceptually simpler and more efficient than non-generic ones. Thus, identifying exact thresholds for the limitations of generic groups is not only of theoretical significance but may in fact have practical implications when considering concrete security parameters.",

keywords = "Generic-group model, Identity-based encryption",

author = "Gili Schul-Ganz and Gil Segev",

note = "Publisher Copyright: {\textcopyright} 2021 Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing. All rights reserved.; 2nd Conference on Information-Theoretic Cryptography, ITC 2021 ; Conference date: 23-07-2021 Through 26-07-2021",

year = "2021",

month = jul,

day = "1",

doi = "10.4230/LIPIcs.ITC.2021.26",

language = "אנגלית",

series = "Leibniz International Proceedings in Informatics, LIPIcs",

publisher = "Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing",

pages = "26:1--26:23",

editor = "Stefano Tessaro",

booktitle = "2nd Conference on Information-Theoretic Cryptography, ITC 2021",

address = "גרמניה",

}

Schul-Ganz, G & Segev, G 2021, Generic-group identity-based encryption: A tight impossibility result. in S Tessaro (ed.), 2nd Conference on Information-Theoretic Cryptography, ITC 2021., 26, Leibniz International Proceedings in Informatics, LIPIcs, vol. 199, Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing, pp. 26:1-26:23, 2nd Conference on Information-Theoretic Cryptography, ITC 2021, Virtual, Bertinoro, Italy, 23/07/21. https://doi.org/10.4230/LIPIcs.ITC.2021.26

Generic-group identity-based encryption: A tight impossibility result. / Schul-Ganz, Gili; Segev, Gil.
2nd Conference on Information-Theoretic Cryptography, ITC 2021. ed. / Stefano Tessaro. Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing, 2021. p. 26:1-26:23 26 (Leibniz International Proceedings in Informatics, LIPIcs; Vol. 199).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Generic-group identity-based encryption

T2 - 2nd Conference on Information-Theoretic Cryptography, ITC 2021

AU - Schul-Ganz, Gili

AU - Segev, Gil

PY - 2021/7/1

Y1 - 2021/7/1

N2 - Following the pioneering work of Boneh and Franklin (CRYPTO'01), the challenge of constructing an identity-based encryption scheme based on the Diffie-Hellman assumption remained unresolved for more than 15 years. Evidence supporting this lack of success was provided by Papakonstantinou, Rackoff and Vahlis (ePrint'12), who ruled out the existence of generic-group identity-based encryption schemes supporting an identity space of sufficiently large polynomial size. Nevertheless, the breakthrough result of Döttling and Garg (CRYPTO'17) settled this long-standing challenge via a non-generic construction. We prove a tight impossibility result for generic-group identity-based encryption, ruling out the existence of any non-trivial construction: We show that any scheme whose public parameters include npp group elements may support at most npp identities. This threshold is trivially met by any generic-group public-key encryption scheme whose public keys consist of a single group element (e.g., ElGamal encryption). In the context of algebraic constructions, generic realizations are often both conceptually simpler and more efficient than non-generic ones. Thus, identifying exact thresholds for the limitations of generic groups is not only of theoretical significance but may in fact have practical implications when considering concrete security parameters.

AB - Following the pioneering work of Boneh and Franklin (CRYPTO'01), the challenge of constructing an identity-based encryption scheme based on the Diffie-Hellman assumption remained unresolved for more than 15 years. Evidence supporting this lack of success was provided by Papakonstantinou, Rackoff and Vahlis (ePrint'12), who ruled out the existence of generic-group identity-based encryption schemes supporting an identity space of sufficiently large polynomial size. Nevertheless, the breakthrough result of Döttling and Garg (CRYPTO'17) settled this long-standing challenge via a non-generic construction. We prove a tight impossibility result for generic-group identity-based encryption, ruling out the existence of any non-trivial construction: We show that any scheme whose public parameters include npp group elements may support at most npp identities. This threshold is trivially met by any generic-group public-key encryption scheme whose public keys consist of a single group element (e.g., ElGamal encryption). In the context of algebraic constructions, generic realizations are often both conceptually simpler and more efficient than non-generic ones. Thus, identifying exact thresholds for the limitations of generic groups is not only of theoretical significance but may in fact have practical implications when considering concrete security parameters.

KW - Generic-group model

KW - Identity-based encryption

UR - https://www.scopus.com/pages/publications/85115318443

U2 - 10.4230/LIPIcs.ITC.2021.26

DO - 10.4230/LIPIcs.ITC.2021.26

M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???

AN - SCOPUS:85115318443

T3 - Leibniz International Proceedings in Informatics, LIPIcs

SP - 26:1-26:23

BT - 2nd Conference on Information-Theoretic Cryptography, ITC 2021

A2 - Tessaro, Stefano

PB - Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing

Y2 - 23 July 2021 through 26 July 2021

ER -

Schul-Ganz G, Segev G. Generic-group identity-based encryption: A tight impossibility result. In Tessaro S, editor, 2nd Conference on Information-Theoretic Cryptography, ITC 2021. Schloss Dagstuhl- Leibniz-Zentrum fur Informatik GmbH, Dagstuhl Publishing. 2021. p. 26:1-26:23. 26. (Leibniz International Proceedings in Informatics, LIPIcs). doi: 10.4230/LIPIcs.ITC.2021.26

Generic-group identity-based encryption: A tight impossibility result

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this