Date of Submission


Date of Award


Institute Name (Publisher)

Indian Statistical Institute

Document Type

Doctoral Thesis

Degree Name

Doctor of Philosophy

Subject Name



Applied Statistics Unit (ASU-Kolkata)


Sarkar, Palash (ASU-Kolkata; ISI)

Abstract (Summary of the Work)

Public-key encryption (PKE) is an elegant solution to the fundamental problem of cryptography – secure communication between two parties over a public (insecure) channel. The basic idea is that every user A holds two keys – a public key (PKA) and a secret key (SKA). A user who wants to send a message to A encrypts it with PKA and sends the resulting ciphertext along the public channel. A, at the other end of the channel, decrypts the ciphertext using SKA and obtains the message. SKA is known to user A alone. Any third party intercepting data on the public channel cannot gain much information from the ciphertext provided it is computationally infeasible to retrieve SKA given PKA. Public keys corresponding to different users are stored in a publicly accessibly directory. A lot of public keys could be floating around in the directory. A central trusted authority produces certificates on these public keys to indicate which of these are genuine. A certificate essentially binds a key to a particular user. In a practical implementation of PKE, there should be efficient mechanisms to manage the large number of certificates present in the directory. Since the inception of the PKE notion in 1976, a huge body of work has emerged centered around the problem of constructing highly efficient and provably secure PKE systems. But the dominant and daunting task of certificate management had been the primary obstacle to a widespread deployment of PKE for quite some time.Identity-Based Encryption. The notion of identity-based encryption (IBE) was introduced by Shamir [145] in 1984. In an IBE system (depicted in Figure 1.1), the identity idA of a user A (for instance, A’s email address) itself is her public key. A does not generate her own secret key. Instead, a trusted centre called the private key generator (PKG) is responsible for creating and distributing secret keys corresponding to identities. The need for certification does not arise simply because the secret keys are communicated to the intended users over a secure authenticated channel. Another user B wanting to send a message secretly to A encrypts the message using idA. Encryption is done using the public parameters of the PKG PP available for download to any user. The ciphertext thus obtained is sent to A.Shamir [145] challenged cryptographers to design a practical IBE system. The search for such a system ended nearly 2 decades later with the ideas presented in three different works. Sakai, Ohgishiand Kasahara [142] presented an efficient scheme based on pairings over elliptic curves but without a formal security model or proof. Boneh and Franklin [25] first formalised the notion of IBE and defined an appropriate security model. They presented an efficient scheme based on pairings and further proved its security using random oracles. A parallel work by Cocks [59] proposed an IBE construction based on quadratic residuosity assumption. The three works and in particular that of Boneh and Franklin marked the beginning of a journey aimed at constructing IBE schemes that are both efficient and provably secure. The Boneh-Franklin IBE was constructed using bilinear pairings over elliptic curve groups. Pairings were first used in cryptographic constructions by Joux [99] for realising efficient single-round three-party group key agreement protocols. Following the seminal work of Boneh and Franklin, pairings turned out to be important tools for efficient constructions of a wide range of cryptographic primitives. Currently, most practical constructions of IBE and related primitives rely on pairings.


ProQuest Collection ID:

Control Number


Creative Commons License

Creative Commons Attribution 4.0 International License
This work is licensed under a Creative Commons Attribution 4.0 International License.


Included in

Mathematics Commons