A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is
Lecture Notes in Computer Science
Key escrow is inherent in identity-based encryption (IBE). A curious key generation center (KGC) can simply generate the user's private key to decrypt a ciphertext. However, can a KGC still decrypt if it does not know the intended recipient of the ciphertext? We answer by formalizing KGC anonymous ciphertext indistinguishability (ACI − KGC). We find that all existing pairing-based IBE schemes without random oracles, whether receipt-anonymous or not, do not achieve KGC onewayness, a weakerdoi:10.1007/978-3-642-00468-1_15 fatcat:y3w6wwgdmrfbvhncy3rd3ecy7a