I'm currently finishing an essay on constructing a security solution focused on identity anonymity. However, I'm unclear about the formal definition of anonymity in the cryptography, as well as the proof methods used to establish it. Could anyone provide insights or resources on these topics? Thanks!
Asked
Active
Viewed 221 times
1 Answers
1
Bellare et al. introduced the anonymity security notion in the context of public key encryption. The security game is as follows.
- Challenger generates two keys pairs $(pk_i, sk_i) \gets PKE.Gen(1^{\lambda})$ for $i \in \{0,1\}$ and sends the public keys $pk_0, pk_1$ to the adversary.
- The adversary selects a message $m$ and sends it to the challenger.
- Challenger randomly picks a bit $b \gets \{0,1\}$, then encrypts the message as $ct \gets PKE.Enc(pk_b, m)$ and sends $ct$ to the adversary.
- Finally, the adversary outputs its guess $b' \in \{0,1\}$ and wins if $b = b'$.
Several studies on anonymity have been conducted in the context of Identity-Based Encryption (IBE), Hierarchical Identity-Based Encryption (HIBE) and Attribute-Based Encryption (ABE). You may refer to the work by Brakerski et al. which uses blind garbled circuits and blind batch encryption to achieve anonymity in the IBE setting.
Mahesh S R
- 1,786
- 1
- 5
- 22