Certificateless Public Key Encryption Revisited: Security Model and Construction

무인증서 공개키 암호 기법의 재고: 안전성 모델 및 설계

  • Received : 2016.04.27
  • Accepted : 2016.05.09
  • Published : 2016.06.30


Certificateless public key cryptography is a technique that can solve the certificate management problem of a public key cryptosystem and clear the key escrow issue of ID-based cryptography using the public key in user ID. Although the studies were actively in progress, many existing schemes have been designed without taking into account the safety of the secret value with the decryption key exposure attacks. If previous secret values and decryption keys are exposed after replacing public key, a valid private key can be calculated by obtaining the partial private key corresponding to user's ID. In this paper, we propose a new security model which ensures the security against the key exposure attacks and show that several certificateless public key encryption schemes are insecure in the proposed security model. In addition, we design a certificateless public key encryption scheme to be secure in the proposed security model and prove it based on the DBDH(Decisional Bilinear Diffie-Hellman) assumption.


Certificateless;Cryptography;Key Exposure Attack;Decision Bilinear Diffie-Hellman assumption;etc


  1. A. Shamir, "Identity-Based Cryptosystems and Signature Schemes," in Proceedings of CRYPTO, vol. 196, pp. 47-53, 1985.
  2. S. S. Al-Riyami and K. G. Paterson, "Certificateless Public Key Cryptography," in Proceedings of ASIACRYPT, vol. 2894, pp. 452-473, Dec. 2003.
  3. S. S. Al-Riyami and K. G. Paterson, "A Generic Construction and Efficient Schemes," in Proceedings of Public Key Cryptography, vol. 3386, pp. 398-415, Jan. 2005.
  4. B. Libert and J. J. Quisquater, "On Constructing Certificateless Cryptosystems from Identity Based Encryption," in Proceedings of Public-Key Cryptography, vol. 3958, pp. 474-490, Apr. 2006.
  5. Z. Zhang and D. Feng, "Key Replacement Attack on a Certificateless Signature Scheme," in Proceedings of IACR Cryptology ePrint Archive, pp. 1-5, 2006.
  6. E. Fujisaki and T. Okamoto, "How to enhance the security of public-key encryption at minimum cost," in Proceedings of Public Key Cryptography, vol. 1560, pp. 53-68, Mar. 1999.
  7. Y. Shi and J. Li, "Provable Efficient Certificateless Public Key Encryption," in Proceedings of IACR Cryptology ePrint Archive, pp. 1-15, 2005.
  8. A. W. Dent, B. Libert and K. G. Paterson, "Certificateless Encryption Schemes Strongly Secure in the Standard Model," in Proceedings of Public-Key Cryptography, vol. 4939, pp. 344-359, Mar. 2008.
  9. H. Xiong, T. H. Yuen, C. Zhang, S. M. Yiu and Y. -J. He, "Leakage-resilient certificateless public key encryption," in Proceedings of ACM AsiaCCS, pp. 13-22, 2013.
  10. Y. Sun, F. Zhang, L. Shen and R. H. Deng, "Efficient revocable certificateless encryption against decryption key exposure," in Proceedings of IET information security, vol. 9, no. 3, pp. 158-166, May 2015.
  11. J. Baek, R. Safavi-Naini and W. Susilo, "Certificateless Public Key Encryption Without Pairing," in Proceedings of the 8th International Conference on Information Security, vol. 3650, pp. 134-148, Sep. 2005.
  12. J. Lai and W. Kou, "Self-Generated-Certificate Public Key Encryption Without Pairing," in Proceedings of Public-Key Cryptography, vol. 4450, pp. 476-489, Apr. 2007.
  13. D. Boneh, "The Decision Diffie-Hellman problem," in Algorithmic number theory, vol. 1423, pp. 48-63, Jun. 1998.
  14. D. Boneh and X. Boyen, "Efficient Selective-ID Secure Identity-Based Encryption Without Random Oracles," in Proceedings of EUROCRYPT, vol. 3027, pp. 223-238, May 2004.


Grant : The Types of employment contract to support master's degree in Information Security, A study of a public-key authentication framework for internet entities with hierarchical identities

Supported by : KISA(Korea Internet Security Agency), Institute for Information & communications Technology Promotion(IITP)