International Journal of Network Security, Vol.21, No.6, PP.930-936, Nov. 2019 (DOI: 10.6633/IJNS.201911 21(6).06) 930 Subgroup Operations in Identity Based Encryption Using Weil Pairing for Decentralized Networks N. Chaitanya Kumar, Abdul Basit, Priyadarshi Singh, and V. Ch. Venkaiah (Corresponding author: Abdul Basit) School of Computer and Information Sciences, University of Hyderabad Hyderabad-500046, India (Email: abdulmcajh@gmail.com) (Received June 10, 2018; Revised and Accepted Aug. 18, 2018; First Online Jan. 14, 2019) Abstract One of the drawbacks of the conventional public key sys- tems is that the sender must know the public key of the recipient in advance for the key setup and retrieval. This problem can be solved in Identity Based Encryption (IBE) by taking some identifier string (e.g. an e-mail or phone number, etc.) as the public key. When a user wants to send a message then he only has to know this iden- tifier string. The receiver requests the private key from a Trusted Third Party called PKG (Private Key Gener- ator) to decrypt the message. The job of the PKG can be decentralized using the Shamir secret sharing scheme. The Weil Pairing on the elliptic curve is suitable to imple- ment IBE, as it is based on bilinear maps between groups. In this paper, we propose a scheme that allows threshold decryption involving a subgroup of participants of the net- work. Keywords: Identity Based Encryption; Subgroup Opera- tions; Weil Pairing 1 Introduction Identity Based Encryption (IBE) will allow the sender to use the receiver’s identity in order to encrypt the message instead of using his public key. The usage of identity instead of public key has wide range of appli- cations. The identity based encryption system uses an arbitrary string as an identity. The identity based en- cryption system is first developed by Shamir in 1984 [20] to simplify the management of certificates in an e-mail system. For example, when A wants to send a mail to B at B123@company.com, A encrypts the message sim- ply by using B123@company.com. With this there is no need for A to obtain public key certificate of B. When B receives the mail then B contacts Private Key Generator (PKG) a third party organization and obtains the pri- vate key by authenticating himself. Finally, B can read the mail which was sent by A. Weil pairing is a mapping of two computational Diffie-Hellman groups where one group being hard. Initially Weil pairing was used to at- tack elliptic curve systems [17]. Later, Joux [11] designed a protocol using one round diffie-hellman key exchange among three parties and proved that weil pairing can also be used for good. Sakai et al. [19] also used weil pairing for the exchange of keys. Operations performed among the sub group of users belonging to a network and how they deal when a new user wants to be part of the net- work is known as Subgroup operations. Our proposed scheme demonstrates a protocol for subgroup operations and also decentralizes the job of PKG. The advantage of PKG being decentralized is that the communication be- comes secure, more reliable when compared to existing systems. It also allows the new users to have the same abilities as that of the initial users and each user has their share for the remaining life of the network. 2 Preliminaries 2.1 Shamir Secret Sharing The secret sharing mechanism shares the secret s among a group of participants P = {p 1 ,p 2 , ··· ,p n } of n parties by using a special figure called dealer. The dealer sends pri- vately the share of a secret to each party. Reconstruction process is adopted by the authorized subsets to extract the secret s from the given shares. The group of such authorized subsets are called as access structure. Shamir secret sharing scheme [21] uses the Lagrange’s interpola- tion polynomial to implement (t,n) access structure where t is the threshold value and n is the no.of participants. For example let us consider n participants, s is the secret, t is the threshold and the finite field is denoted by F p . Shamir secret sharing scheme has two phases namely: Distribu- tion and reconstruction [2]. In the construction phases shares are distributed to the users and in the reconstruc- tion phase the users compute the secret from their shares.