@article{oai:ipsj.ixsq.nii.ac.jp:00067735,
 author = {Peng, Yang and Goichiro, Hanaoka and Yang, Cui and Rui, Zhang and Nuttapong, Attrapadung and Kanta, Matsuura and Hideki, Imai and Peng, Yang and Goichiro, Hanaoka and Yang, Cui and Rui, Zhang and Nuttapong, Attrapadung and Kanta, Matsuura and Hideki, Imai},
 issue = {8},
 journal = {情報処理学会論文誌},
 month = {Aug},
 note = {Identity based encryption (Ιβε) schemes have been flourishing since the very beginning of this century. In Ιβε, proving the security of a scheme in the sense of IND-ID-CCA2 is widely believed to be sufficient to claim that the scheme is also secure in the senses of both SS-ID-CCA2 and NM-ID-CCA2. The justification for this belief is the relations among indistinguishability (IND), semantic security (SS) and non-malleability (NM). However these relations have been proved only for conventional public key encryption (ΡΚε) schemes in previous works. The fact is that Ιβε and ΡΚε have a difference of special importance, i.e., only in Ιβε can the adversaries perform a particular attack, namely, the chosen identity attack. In this paper we have shown that security proved in the sense of IND-ID-CCA2 is validly sufficient for implying security in any other sense in Ιβε. This is to say that the security notion, IND-ID-CCA2, captures the essence of security for all Ιβε schemes. To show this, we first formally defined the notions of security for Ιβε, and then determined the relations among IND, SS and NM in Ιβε, along with rigorous proofs. All of these results take the chosen identity attack into consideration., Identity based encryption (Ιβε) schemes have been flourishing since the very beginning of this century. In Ιβε, proving the security of a scheme in the sense of IND-ID-CCA2 is widely believed to be sufficient to claim that the scheme is also secure in the senses of both SS-ID-CCA2 and NM-ID-CCA2. The justification for this belief is the relations among indistinguishability (IND), semantic security (SS) and non-malleability (NM). However these relations have been proved only for conventional public key encryption (ΡΚε) schemes in previous works. The fact is that Ιβε and ΡΚε have a difference of special importance, i.e., only in Ιβε can the adversaries perform a particular attack, namely, the chosen identity attack. In this paper we have shown that security proved in the sense of IND-ID-CCA2 is validly sufficient for implying security in any other sense in Ιβε. This is to say that the security notion, IND-ID-CCA2, captures the essence of security for all Ιβε schemes. To show this, we first formally defined the notions of security for Ιβε, and then determined the relations among IND, SS and NM in Ιβε, along with rigorous proofs. All of these results take the chosen identity attack into consideration.},
 pages = {2417--2429},
 title = {Relations among Notions of Security for Identity Based Encryption Schemes},
 volume = {47},
 year = {2006}
}