Improved Identity Based Encryption System (IIBES): A Mechanism for Eliminating the Key-Escrow Problem

A revolutionary change to public-key cryptography can be considered as an Identity Based Cryptography (IBC) in which identity of the receiver is being used as a public key for encrypting a message and Key Generation Centre (KGC). IBC will generate and distribute the private key to each user to decrypt a message. The thought behind presenting the scheme was to improve and reduce the complexity of certificate and key management, but it also gives rise to key escrow problem, access to encrypted information to unauthorized users. The paper represents Improved Identity-Based Encryption Scheme (IIBES) for Domain Name System (DNS) security which provides confidentiality and authentication through modified identity based encryption and identity based digital signatures. The IIBES comprises key revocation mechanism for non-revoked users and also eliminates key escrow problem. Thus, the IIBES aids to implement the identitybased cryptography more safely in reality and protects DNS against cache poisoning, spoofing attack and masquerade attack.


1-Introduction
Now a days with the increasing use of Internet, the Domain Name System (DNS) has become the crucial part of Internet [1] and there is a need to secure DNS as server vulnerabilities exist in today's world [2]. DNS provides mapping of IP addresses (random, hard-to-remember numbers) to host names (easier to remember and disseminate) [1,3]. But, DNS doesn't include any security mechanism to provide confidentiality and authentication to the data transferred through DNS transaction [3]. DNSSEC protocol is designed to provide authenticity and integrity to the data transferred by DNS through the use of public key encryption algorithms, but it is not fully deployed [4].
Shamir introduced an idea of Identity (ID) based on public key system to get rid of the disadvantage of certificate management for traditional public-key cryptography in which certificates are used to map the identities and public keys to perform the encryption process [5][6][7][8][9]. User's identity like E-mail address, social security number, or name is being used as the public key of user in an ID-based public key system [5,[8][9][10]]. An Identity Based Encryption (IBE) scheme uses key authority, sender, and receiver to accomplish encryption and decryption process [11]. To encrypt and decrypt a message, the sender makes use of the receiver's identity id as the public key and the receiver uses his secret key skid respectively [11]. In an IBE scheme, sender makes use of receiver's identity as a public key [12] which simplifies the key management process as it does not require to ask for the authenticated public key from key authority [11].
An IBE scheme simplifies the key management process, as the sender uses the receiver's identity as a public key [12], there is no need to ask for the authenticated public key from key authority [11].
In the BF-IBE system, there are two main roles i.e. Private Key Generator (PKG) and user that all are on the same level. Users will authenticate themselves to PKG to get their corresponding private keys which are generated by PKG [5,13]. Though IBE provides a great advantage over traditional Public Key Infrastructure (PKI), an efficient key revocation mechanism will be needed to perform key revocation process periodically [14,15]. When the private key of the user gets compromised, one more problem of revoking the user exists in an existing ID-based encryption system [7,14,16]. BF has also tried to solve the issue by suggesting that users should periodically renew their private key through KGC whether the private key of the user has been compromised or not [16]. The suggested solution has the disadvantage of increasing load on KGC with the increase in the number of users as the scheme contains only one KGC for generating the private key of the user [16].
After this, a numerous literature has been published on ID-based cryptography to overcome the disadvantage of BF-IBE System [5]. Boldyreva et al. (2008) [17] introduced an IBE scheme in which KGC only generates partial publicprivate key pair. From that partial public-private key pair, users will generate their public-private key pair by use of common secret which is known by them. This will eliminate the full dependency on KGC for generating public-private key pair [16]. The scheme tries to eliminate the inherent key escrow problem [18][19][20] and also aims to generate revocable public-private key pairs [16] Mediators [21], a semi-trusted third party, have also been used to address this problem. In this, mediators will help users in the decryption process by having a partial share of private keys in all users. But, the solution is not adopted widely as in the proposed solution, mediators stop working if the identity of the user gets revoked [16].
In this paper, we tried to provide security to DNS by use of IBE and also tried to address the solution for key revocation and key escrow problem in existing IBE by the use of shared secret and sub KGC. The structure of the remaining paper is as per following: Theoretical background associated to IIBES is explained in section 2. Section 3 provides detailed description and working of IIBES. In section 4, results and discussion for IIBES is presented. Conclusion is presented in Section 5.

2-1-Algorithm to Select sKGC
To select sKGC modified KUNode algorithm [22] will be used. In that, 'selected' parameter is initially set to false for all sKGC. Then a random number has been generated and sKGC from 1 to n is being selected. Also, 'selected' parameter is set to true (Only for time duration T i.e. single session). After that, sKGC is being revoked by using a modified KUNode algorithm. i.e. set the parameter selected to false. This process will get repeated to select sKGC.

2-2-Modified KUNode Algorithm
Initially, sKGCs will have the value false for the parameter selected and are allocated as leaf node η to a complete binary tree. A period T, the user revokes sKGC for a set KUNode(BT, SL, T).
A binary tree /bt, sKGC list SL, and time T are given as input to the algorithm and a set of nodes will be produced as output. The algorithm can be described as follows: Left and right child of a non-leaf node η are denoted by ηleft and ηright respectively. All sKGCs are allocated as the leaf node. If an sKGC (assigned to η) is revoked on time T, at that point (η, T) ∈ SL. Path(η) indicates the set of nodes on the path from η to root. KUNode can be described as follows: To understand KUNode(BT,SL,T), refer the below figure. Let a sub KGC u3 (assigned to x10) be revoked as shown in example. Then, X = Path(x10) = {x10, x5, x2, root = x1}, and Y ={x3, x4, x11}. Intuitively, all sub KGC except u3, have a node x ∈ Y that is contained in the set of nodes on the path from their assigned node to root: e.g., x4 for u1 and u2, x11 for u4, and x3 for u5, u6, u7, and u8, whereas Y ∩ Path(x10) = ∅.

2-3-Algorithm to Deliver Shared Secret
Following Shamir's secret sharing algorithm [23] will be used to deliver shared secret in IIBES:  Figure 2 shows the system flow of proposed system (IIBES). The Send_Query procedure generates DNS query ID and encrypts the ID using the public key of local server. Also, it brings the NS from the URL and transmits Query (NS and encrypted ID) to DNS server. The Receive_Query procedure searches the database for the NS when Query (ID and NS)arrives.; if found, it fetches the IP and decrypts the ID using the private key of local server. The Send_Response procedure encrypts the IP using the public key of client and transmits Response (ID, NS, and encrypted IP). The Receive_Response procedure compares the received ID with the stored ID when response (ID, NS and encrypted IP) arrives; if they are the same, it will decrypt the IP using the private key of client. This paper tries to improve and eliminate some flaws from the BF-IBE scheme. The solution to the key escrow problem has been addressed by introducing a set of subkey generation centers (sKGC), a trusted third party. The sender can choose any of the existing sKGCs by using the modified KUNode algorithm which has been explained in section 2 [22]. sKGC is responsible to generate a shared secret (random number and offset) which will be delivered to the sender and receiver by using Shamir's secret sharing algorithm as explained in section 2 [23,24]. The receiver's location will be provided to sKGC by the sender itself. To accomplish encryption and decryption process, both sender and receiver uses shared secret. To resolve key revocation problem, nonce has been used in shared secret. The user has to revoke his/her shared secret after the nonce gets expired. The IIBES also makes use of the Adi Shamir's digital signature algorithm to provide authenticity [25]. Figure 3 shows working of IIBES i.e. how the shared secret will be shared among two users by the use of sKGC. The IIBES tries to overcome the inherent key escrow problem of BF-IBE scheme and tries to provide better key revocation mechanism than RIBE scheme [16] by use of modified KUNode algorithm to select sKGC, by introducing the use of a nonce in shared secret and by use of Adi Shamir's secret sharing algorithm to deliver shared secret. IIBES also provides digital signature to prove authenticity of the user. In IIBES, we are going to use modified Shamir's signature scheme. Key Generation part is divided into two parts.

Figure 3. Improved IBE System without Key-Escrow Problem (IIBES).
The first part is generating master public-private key pair as below: Master public keyan RSA public key (n, e) Where, n = pq (p and q are two large primes) and e is an arbitrary integer which is less than n and relatively prime to (p-1)*(q-1) Master Private Keyan RSA private key (n, d) d = e −1 mod (p-1)*(q-1) The second part is the generation of client public-private key pair as below: The public key for the user -his identity:

ID = MAC address || Shared Secret
Where a Shared secret is a random number and offset with a nonce.
The private key for the user: We assumed that all Local DNS and Client have computed the public-private key pair and the public key of all others are known to Local DNS and Client. When the client browses any website, NS of that will be provided by the client. Generated query ID for our request will get encrypted and will be sent to the Local DNS as shown in Figure 4(a) by use of Equation 1: tC = rc e mod n sc=[SIdc*rc H(tc,Id1) ] mod n EId1 = (sc, tc) (1) Here (e, n) is a master public key, H() is a hash function (SHA-2 256), rc is a random number and Id1 is query Id i.e. message to be encrypted.
On receiving a request from client, Local DNS search respective IP for requested NS in database/file. If IP is found for requested NS, Local DNS encrypt the searched IP to send it to client as shown in Figure 4   On receiving a message from Local DNS, the Client will match ID1 retrieve from Local DNS with Id1 which it has. If matched, the client will verify the signature by computing a new signature as seen in Equation 4: s e = [ IDL * tL H(tL,Id1) ] mod n (4) Using received IP address, client browses the website.

4-Results and Discussions
This section represents the generated outcome for the IIBES. The IIBES has been implemented using JAVA programming language. Figure 5 shows the generated publicprivate key pair for client and server using IIBES. The figure also displays value of random number, offset and nonce generated by sKGC. Execution time for generating public private key pair has also been displayed in the figure. Client encrypts the query id by using public key of server. Also, he/she performs digital signature by using his/her private key to provide authentication. Server will decrypt the IP by using private key and also verifies the signature by using client's public key. Upon finding the match for requested IP address, server encrypts the IP address and sends that encrypted IP address to the client with its signature. After verifying the signature, client browses website by using received IP address as shown in Figure 6.

5-Conclusion
With the increasing use of Internet, there is a need of security system or protocol for the data transferred by DNS which can provide confidentiality, integrity and authenticity. IBE continues to increase in popularity over public key encryption as it reduces the overhead for certificate management by use of identity of users as public key. But, IBE system has its drawback like key escrow and key revocation problem. In this paper, a new scheme IIBES has been proposed in order to provide security to DNS using IBE. The IIBES provides confidentiality and authentication by use of IBE and IBS respectively for the data transferred by DNS. The IIBES significantly improves the key escrow and key revocation problem of IBE system by use of sKGC and shared secret with nonce. The IIBES can be compared with various candidate algorithms for different IBE elements to discover optimal performance in future. The IIBES also intended to be extended in terms of security attacks.

6-1-Data Availability Statement
The data presented in this study are available in article.

6-2-Funding
The author(s) received no financial support for the research, authorship, and/or publication of this article.

6-3-Conflicts of Interest
The author declares that there is no conflict of interests regarding the publication of this manuscript. In addition, the ethical issues, including plagiarism, informed consent, misconduct, data fabrication and/or falsification, double publication and/or submission, and redundancies have been completely observed by the authors.