On the Impossibility of Basing Identity Based Encryption on Trapdoor Permutations

Abstract

We ask whether an Identity Based Encryption (IBE) sys-tem can be built from simpler public-key primitives. We show that there is no black-box construction of IBE from Trapdoor Permutations (TDP) or even from Chosen Ci-phertext Secure Public Key Encryption (CCA-PKE). These black-box separation results are based on an essential prop-erty of IBE, namely that an IBE system is able to compress exponentially many public-keys into a short public parame-ters string. 1