SA-IBE: A Secure and Accountable Identity-based Encryption Scheme

In an Identity-Based Encryption (IBE) scheme, an users public key can be derived from his identity directly, which eliminates the cost of the certificate management in Public Key Infrastructure (PKI) systems. However, the IBE has the key escrow issue, that is, the trusted Private Key Generator (PKG), can decrypt the users ciphertexts and leak their secret keys. To solve this issue, most existing schemes either can only solve part of the key escrow problem, or need a secure key distribution channel and complicated identification schemes causing great performance cost. This paper proposes a Secure and Accountable Identity-Based Encryption (SA-IBE) scheme, in which users initial secret key is issued by the PKG, and then its privacy is consolidated parallel by multiple Key Privacy Authorities (KPAs), so that no single authority can get the users secret key or message. In addition, an efficient and accountable single PKG identification scheme is designed, and the blinding technique is used to remove the secure channel for the key distribution. Based on the standard Diffie-Hellman assumption, it is proved that SA-IBE can efficiently address the key escrow issue while ensures its security and the accountability of the system identification.