The notion of chameleon hash function without key exposure plays an important role in designing secure chameleon signatures. However, all of the existing key-exposure free chameleon hash schemes are presented in the setting of certificate-based systems. In 2004, Ateniese and de Medeiros questioned whether there is an efficient construction for identity-based chameleon hashing without key exposure. In this paper, we propose the first identity-based chameleon hash scheme without key exposure based on the three-trapdoor mechanism, which provides an affirmative answer to the open problem. Moreover, we use the proposed chameleon hash scheme to design an identity-based chameleon signature scheme, which achieves all the desired security properties.