Accountable identity-based encryption with distributed private key generators
Distributed private key generators (PKGs) in identity-based encryption (IBE) is a viable approach to mitigate the inherent key escrow problem, where the user's private key is generated by multiple PKGs, and hence, there is no single PKG can impersonate the user. Nevertheless, these PKGs can still collude to generate a user's private key and auction it without the risk of being caught. In the traditional IBE setting, accountable IBE can identify the creator of a pirated private key between the user and the PKG. Unfortunately, the similar problem in IBE with distributed PKGs remains an open research problem. To fill this gap, we concentrate on adding accountability to IBE with distributed PKGs. Specifically, we propose the formal definition of A-IBE with distributed PKGs (A-dIBE) and the corresponding security models. Subsequently, we present a concrete construction with the corresponding security proof. This cryptographic primitive enjoys the advantages of both the IBE with distributed PKGs and A-IBE. Specifically, it distributes the power to multiple PKGs, while preserving the traceability that could give a convincing judgment to identify the suspect between the user and the PKGs. Furthermore, our construction could be easily extended to achieve IND-ID-CCA security and the revocation of the PKGs is efficient.