Certificateless Public Key Encryption Revisited: Security Model and Construction

- Journal title : Journal of the Korea Institute of Information and Communication Engineering
- Volume 20, Issue 6, 2016, pp.1109-1122
- Publisher : The Korean Institute of Information and Commucation Engineering
- DOI : 10.6109/jkiice.2016.20.6.1109

Title & Authors

Certificateless Public Key Encryption Revisited: Security Model and Construction

Kim, Songyi; Park, Seunghwan; Lee, Kwangsu;

Kim, Songyi; Park, Seunghwan; Lee, Kwangsu;

Abstract

Certificateless public key cryptography is a technique that can solve the certificate management problem of a public key cryptosystem and clear the key escrow issue of ID-based cryptography using the public key in user ID. Although the studies were actively in progress, many existing schemes have been designed without taking into account the safety of the secret value with the decryption key exposure attacks. If previous secret values and decryption keys are exposed after replacing public key, a valid private key can be calculated by obtaining the partial private key corresponding to user's ID. In this paper, we propose a new security model which ensures the security against the key exposure attacks and show that several certificateless public key encryption schemes are insecure in the proposed security model. In addition, we design a certificateless public key encryption scheme to be secure in the proposed security model and prove it based on the DBDH(Decisional Bilinear Diffie-Hellman) assumption.

Keywords

Certificateless;Cryptography;Key Exposure Attack;Decision Bilinear Diffie-Hellman assumption;etc;

Language

Korean

References

1.

A. Shamir, "Identity-Based Cryptosystems and Signature Schemes," in Proceedings of CRYPTO, vol. 196, pp. 47-53, 1985.

2.

S. S. Al-Riyami and K. G. Paterson, "Certificateless Public Key Cryptography," in Proceedings of ASIACRYPT, vol. 2894, pp. 452-473, Dec. 2003.

3.

S. S. Al-Riyami and K. G. Paterson, "A Generic Construction and Efficient Schemes," in Proceedings of Public Key Cryptography, vol. 3386, pp. 398-415, Jan. 2005.

4.

B. Libert and J. J. Quisquater, "On Constructing Certificateless Cryptosystems from Identity Based Encryption," in Proceedings of Public-Key Cryptography, vol. 3958, pp. 474-490, Apr. 2006.

5.

Z. Zhang and D. Feng, "Key Replacement Attack on a Certificateless Signature Scheme," in Proceedings of IACR Cryptology ePrint Archive, pp. 1-5, 2006.

6.

E. Fujisaki and T. Okamoto, "How to enhance the security of public-key encryption at minimum cost," in Proceedings of Public Key Cryptography, vol. 1560, pp. 53-68, Mar. 1999.

7.

Y. Shi and J. Li, "Provable Efficient Certificateless Public Key Encryption," in Proceedings of IACR Cryptology ePrint Archive, pp. 1-15, 2005.

8.

A. W. Dent, B. Libert and K. G. Paterson, "Certificateless Encryption Schemes Strongly Secure in the Standard Model," in Proceedings of Public-Key Cryptography, vol. 4939, pp. 344-359, Mar. 2008.

9.

H. Xiong, T. H. Yuen, C. Zhang, S. M. Yiu and Y. -J. He, "Leakage-resilient certificateless public key encryption," in Proceedings of ACM AsiaCCS, pp. 13-22, 2013.

10.

Y. Sun, F. Zhang, L. Shen and R. H. Deng, "Efficient revocable certificateless encryption against decryption key exposure," in Proceedings of IET information security, vol. 9, no. 3, pp. 158-166, May 2015.

11.

J. Baek, R. Safavi-Naini and W. Susilo, "Certificateless Public Key Encryption Without Pairing," in Proceedings of the 8th International Conference on Information Security, vol. 3650, pp. 134-148, Sep. 2005.

12.

J. Lai and W. Kou, "Self-Generated-Certificate Public Key Encryption Without Pairing," in Proceedings of Public-Key Cryptography, vol. 4450, pp. 476-489, Apr. 2007.

13.

D. Boneh, "The Decision Diffie-Hellman problem," in Algorithmic number theory, vol. 1423, pp. 48-63, Jun. 1998.

14.

D. Boneh and X. Boyen, "Efficient Selective-ID Secure Identity-Based Encryption Without Random Oracles," in Proceedings of EUROCRYPT, vol. 3027, pp. 223-238, May 2004.