OPTIMIZED IDENTITY-BASED ENCRYPTION FROMBILINEAR PAIRING FOR LIGHTWEIGHT DEVICES
ABSTRACT
Lightweight devices such as smart cards and RFID tags have a very limited hardware resource, which could be tooweak to cope with asymmetric-key cryptography. It would be desirable if the cryptographic algorithm could be optimized in orderto better use hardware resources. In this paper, we demonstrate how identity-based encryption algorithms from bilinear pairingcan be optimized so that hardware resources can be saved. We notice that the identity-based encryption algorithms from bilinearpairing in the literature must perform both elliptic curve group operations and multiplicative group operations, which consume alot of hardware resources. We manage to eliminate the need of multiplicative group operations for encryption. This is a significantdiscovery since the hardware structure can be simplified for implementing pairing-based cryptography. Our experimental resultsshow that our encryption algorithm saves up to 47% memory (27,239 RAM bits) in FPGA implementation.
EXISTING SYSTEM:
Many identity-based encryption schemes and their variant have been proposed since Boneh and Franklin proposedthe first secure and efficient IBE using bilinearpairings. Currently, IBE schemes can be constructedfrom a prime-order pairing a composite-order pairing or without anypairing A these constructions,IBE schemes based on elliptic curve cryptographyare much more efficient in computation andimplementation due to shorter group representationsespecially for high levels of security. For example, anelliptic curve group with 512-bit length can have 256bitsecurity, but the RSA modulus length for the samesecurity requires at least 15360. However,running the encryption algorithm for all pairing-basedIBE schemes requires not only the point multiplicationin the elliptic curve group but also the exponentiationin the multiplicative group.\
PROPOSED SYSTEM:
we propose a novel identity-basedencryption scheme, which is provably secure in therandom oracle model. For the optimization of hardwareimplementation, our encryption algorithm onlyrequires the single group Gfor all group operationsof encryption, while exponentiations in G1, pairingcomputations and group hashing operations are nolonger required. In comparison with other pairingbasedIBE schemes, our encryption algorithm savesthe computation of exponentiations in G.We compare traditional IBE schemes, IBE schemesTfrom trapdoor DL group, and our IBE scheme in Table1. We list the required operations associated withgroup operations for running the encryption algorithmand highlight the drawbacks of correspondingconstructions. It shows that traditional IBE schemesrequire at least two kinds of group operations in Gand G, and the trapdoor-group based IBE requiresthe additional primitive for group hash function. OurIBE scheme requires only operations in GTfor theencryption algorithm.
CONCLUSION
We have presented a novel identity-based encryptionscheme from bilinear pairings, aiming to reducethe hardware cost of lightweight resource. Itis provably secure against chosen-ciphertext attacksunder the q-DDSDH assumption in the random oraclemodel. In comparison with traditional pairing-basedIBE constructions, the encryption algorithm of our IBEscheme only requires group operations in G. Theother primitives associated with the pairing group(G1; G2; GT; e), such as exponentiations in Gandpairing computations are no longer required in theencryption part of scheme. The implementation resultshows that our encryption algorithm saves up to 47%memory (27,239 RAM bits) in FPGA implementation.Our IBE scheme is useful for those applications inwhich lightweight devices need to implement the IBEencryption algorithm with a less hardware cost.
REFERENCE:
- Vaudenay, “On privacy models for rfid,” in ASIACRYPT2007, ser. LNCS, K. Kurosawa, Ed., vol. 4833. Heidelberg:Springer, 2007, pp. 68–87.R. Chaves, G. Kuzmanov, L. Sousa, and S. Vassiliadis, “Costefficientsha hardware accelerators,” IEEE Trans. VLSI Syst.,vol. 16, no. 8, pp. 999–1008, 2008.J. Docherty and A. Koelmans, “A flexible hardware implementationof sha-1 and sha-2 hash functions,” in 2011 IEEEInternational Symposium on Circuits and Systems (ISCAS), 2011,pp. 1932–1935.D. Boneh and M. K. Franklin, “Identity-based encryption fromthe weil pairing,” in CRYPTO 2001, ser. LNCS, J. Kilian, Ed.,vol. 2139. Heidelberg: Springer, 2001, pp. 213–229.R. Sakai and M. Kasahara, “Id based cryptosystems withpairing on elliptic curve,” IACR Cryptology ePrint Archive, vol.2003, p. 54, 2003D. Boneh and X. Boyen, “Efficient selective-id secure identitybasedencryption without random oracles,” in EUROCRYPT2004, ser. LNCS, C. Cachin and J. Camenisch, Eds., vol. 3027.Heidelberg: Springer, 2004, pp. 223–238.B. Waters, “Efficient identity-based encryption without randomoracles,” in EUROCRYPT, ser. LNCS, R. Cramer, Ed., vol.3494. Heidelberg: Springer, 2005, pp. 114–127.C. Gentry, “Practical identity-based encryption without randomoracles,” in EUROCRYPT 2006, ser. LNCS, S. Vaudenay,Ed., vol. 4004. Heidelberg: Springer, 2006, pp. 445–464.