self-decryption paradox in identity based encryption

Alex Ideal

6/15/24, 11:34 AM

In the paper Dual system encryption: realizing fully secure IBE and HIBE under simple assumption (free PDF), the authors said "there is an apparent paradox in this strategy since it seems that the reduction algorithm could simply answer the challenge ciphertext". In the paper An efficient IBE scheme with tight security reduction in the random oracle model, the authors said "Nevertheless, a private key for ID* is not helpful to decrypt challenge ciphertext, which is necessary for solving the so called self-decryption paradox".

I do not know the meaning of "self-decryption paradox" here. I think there is no restriction for the simulator to both generate the secret key for ID* and the challenge ciphertext for ID*. Thus I do not understand those points in the above papers. Could someone explain it to me?

0 + 1

provable-security

identity-based-encryption

fgrieu

6/15/24, 12:00 PM

In [New chosen-ciphertext secure identity-based encryption with tight security reduction to the bilinear Diffie–Hellman problem](https://doi.org/10.1016/j.ins.2015.07.011), J. H. Park, K. Lee and D. H. Lee give more explanations on what that call the "self-decryption paradox". I'm not quite getting it, thus will abstain from answering.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: self-decryption paradox in identity based encryption

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.