# Master-Thesis

## Identity Based Encryption: Security Notions and New IBE Schemes Based On Sakai-Kasahara's Key Construction

In this master's thesis, the security notions of Public Key Encryption (PKE) and Identity Based Encryption (IBE) are investigated including the setting for the multi-receiver case, where example schemes that are secure in the sense of indistinguishability are analysed. Additionally, two new generic constructions based on a OW-PCA key encapsulation mechanism (KEM) are designed, both of which can be used in public key setting in order to transform a OW-PCA KEM to an IND-CCA secure PKE scheme. Thus, by applying the generic construction on any KEM presenting such a weak level of security as being OW-PCA, one can obtain a cryptosystem providing the strongest level (IND-CCA) of security in ROM.

Furthermore, two new IBE schemes based on the Sakai-Kasahara's key construction are described and proven to be secure in the sense of IND-ID-CCA and depending on the difficulty of GAP Problems. The first proof requires a new assumption called Generalized *k-BCAA1'*, which is weaker than the k-BDHI assumption that is used in the proof of another IBE scheme based on the Sakai-Kasahara's key construction (SK-IBE). The new scheme is more efficient by requiring one less hash function and its proof is described for selective and full identity attack models both being tighter than SK-IBE. The second new IBE scheme is based on the difficulty of the GAP k-BDHI problem, where k-BDHI assumption is a more standard computational assumption. Again, the reduction of the new scheme is tighter than SK-IBE in full identity attack model.

Thus, both of the schemes are efficient and have direct proofs, without any reduction to intermediate schemes resulting in a more readable proof. The tightness of the new schemes are roughly ε/q_{1}, whereas the tightness of SK-IBE is roughly ε/q_{1}^{3} (or ε/q_{1}^{2} in the modified version) due to the Fujisaki-Okamoto transformation applied to SK-IBE.