Degree Name

Doctor of Philosophy


School of Computer Science and Software Engineering - Faculty of Informatics


Pairing-based cryptography is an active research area in cryptography in the last decade. Pairings are bilinear mappings defined over cyclic groups wherein the discrete logarithm problem is hard. The bilinear property of pairings enables researchers to solve open problems like the construction of practical identity-based encryption, or short signatures without random oracles. Pairings can also be used to construct new cryptographic primitives.

This thesis contributes to the pairing-based cryptography in three areas. Firstly, we show that pairings can be used to construct efficient and provably secure digital signature schemes. We give the first convertible undeniable signatures without random oracles, and the first concrete sanitisable signatures without random oracles. We also construct a new signature primitive called concinnous signatures, which is designed to facilitate fair exchange of digital signatures without any trusted third party.

Secondly, we analyse the identity-based cryptosystems which extensively use pairings. We mainly focus on the key escrow problem of identity-based cryptography. We propose the notion of escrow-free identity-based signatures. Furthermore, we discuss the impossibility of ideal escrow-free identity-based encryption. After that, we investigate the best defence against the key escrow problem of identity-based encryption. We categorise the existing solutions into preventive measure and blaming mechanism. In the category of preventive measure, we propose the notion of fully anonymous identity- based encryption. In the category of blaming mechanism, we also construct a new accountable-authority identity-based encryption.

Finally, we construct new cryptographic primitives and frameworks using pairings. We give new instantiations and applications of lossy trapdoor function. We give a new cryptographic primitive called two-tier trapdoor functions. From two-tier trapdoor functions, we construct a new encryption primitive called two-tier encryption. It is a generalisation of a number of encryption schemes, including identity-based encryption. We also propose a cryptographic treatment of publish/subscribe systems.

02Whole.pdf (1990 kB)