Identity-Based Encryption on RSA Without Pairings and Key Escrow

We propose a new construction of identity-based encryption without key escrow over the tradition RSA cryptosystems. The security of our scheme follows from the decisional Diffie-Hellman assumption and the difficulty of Modular inversion hidden number problem with error (MIHNPwE), which can be seen as a generalization of the modular inversion hidden number problem. We give an analysis on the hardness of MIHNPwE by lattice techniques. In our construction, we generate each user's partial private key in the form of an MIHNPwE instance. The hardness of MIHNPwE provides our scheme with resistance against key-collusion attacks from any number of traitors. Our prototype implementation of the proposed scheme shows that it can be more computation efficient and easy-to-implementation than the influential pairing-friendly elliptic-curve based IBE scheme.