KSII Transactions on Internet and Information Systems (TIIS)

Korean Society for Internet Information (한국인터넷정보학회)
권호 표지
DOI QR코드

DOI QR Code

Certificate-Based Encryption Scheme without Pairing

  • Yao, Ji (College of Computer and Information Engineering, Hohai University) ;
  • Li, Jiguo (College of Computer and Information Engineering, Hohai University) ;
  • Zhang, Yichen (College of Computer and Information Engineering, Hohai University)
  • Received : 2013.03.12
  • Accepted : 2013.05.31
  • Published : 2013.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

Certificate-based cryptography is a new cryptographic primitive which eliminates the necessity of certificates in the traditional public key cryptography and simultaneously overcomes the inherent key escrow problem suffered in identity-based cryptography. However, to the best of our knowledge, all existed constructions of certificate-based encryption so far have to be based on the bilinear pairings. The pairing calculation is perceived to be expensive compared with normal operations such as modular exponentiations in finite fields. The costly pairing computation prevents it from wide application, especially for the computation limited wireless sensor networks. In order to improve efficiency, we propose a new certificate-based encryption scheme that does not depend on the pairing computation. Based on the decision Diffie-Hellman problem assumption, the scheme's security is proved to be against the chosen ciphertext attack in the random oracle. Performance comparisons show that our scheme outperforms the existing schemes.

Keywords

References

  1. C. Gentry, "Certificate-based encryption and the certificate revocation problem," in Proc. of Eurocrypt 2003, LNCS 2656, pp. 272-293, 2003. http://dx.doi.org/10.1007/3-540-39200-9_17
  2. D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, W. Polk, "Internet X.509 public key infrastructure certificate and certificate revocation list (CRL) profile," RFC 5280, IETF, 2008. www.ietf.org/rfc/rfc5280.txt
  3. M. Myers, R. Ankney, A. Malpani, S. Galperin, and C. Adams, "X.509 Internet public key infrastructure online certificate status protocol - OCSP," RFC 2560, IETF, 1999. www.ietf.org/rfc/rfc2560.txt
  4. D. Boneh, M. Franklin, "Identity-based encryption from the weil pairing," in Proc. of Crypto 2001, LNCS 2139, pp.213-229, 2001. http://dx.doi.org/10.1007/3-540-44647-8_13
  5. D. H. Yum, P. J. Lee, "Identity-based cryptography in public key management," in Proc. of EuroPKI 2004, LNCS 3093, pp.71-84, 2004. http://link.springer.com/chapter/10.1007%2F978-3-540-25980-0_6
  6. Y. Dodis, J. Katz, "Chosen-ciphertext security of multiple encryption," in Proc. of TCC 2005, LNCS 3378, pp.188-209, 2005. http://dx.doi.org/10.1007/978-3-540-30576-7_11
  7. D. Galindo, P. Morillo, C. Ràfols, "Breaking Yum and Lee generic construction of certificate-less and certificate-based encryption schemes," in Proc. of EuroPKI 2006, LNCS 4043, pp.81-91, 2006. dl.acm.org/citation.cfm?id=2107430
  8. Y. Lu, J. G. Li, J. M. Xiao, "Generic construction of certificate-based encryption," in Proc. of 9th International Conference for Young Computer Scientists, IEEE CS, pp.1589-1594, 2008. http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=4709210
  9. E. Fujisaki, T. Okamoto, "Secure integration of asymmetric and symmetric encryption schemes," in Proc. of Crypto 1999, LNCS 1666, pp. 537-554, 1999. http://link.springer.com/chapter/ 10.1007/3-540-48405-1_34#page-1
  10. E. Fujisaki, T. Okamoto, "How to enhance the security of public-key encryption at minimum cost," in Proc. of PKC 1999, LNCS 1560, pp. 53-68, 1999. dl.acm.org/citation.cfm?id=746447
  11. B.G. Kang, J.H. Park, "Is it possible to have CBE from CL-PKE," in Proc. of Cryptology ePrint Archive, Report 2005/431. https://eprint.iacr.org/2005/431.pdf
  12. S. S. Al-Riyami, K. G. Paterson, "CBE from CL-PKE: A generic construction and efficient schemes," in Proc. of PKC 2005, LNCS 3386, pp.398-415, 2005. http://dx.doi.org/10.1007/978-3-540-30580-4_27
  13. Y. Lu, J. G. Li, J. M. Xiao, "Constructing efficient certificate-based encryption with pairing," Journal of Computers, vol. 4, no.1, pp.19-26, 2009. http://dx.doi.org/10.4304/jcp.4.1.19-26
  14. R. Sakai, M. Kasahara, "ID based cryptosystems with pairing on elliptic curve," in Proc. of Cryptology ePrint Archive, Report 2003/054. https://eprint.iacr.org/2003/054.pdf
  15. L. Chen, Z. Cheng, "Security proof of Sakai-Kasahara's identity-based encryption scheme," in Proc. of Cryptography and Coding 2005, LNCS 3796, pp. 442-459, 2005. http://link.springer.com/chapter/10.1007%2F978-3-540-30580-4_27
  16. T. ElGamal, "A public key cryptosystem and a signature scheme based on discrete logarithms," in Proc. of Crypto 1984, LNCS 196, pp. 10-18, 1985. dl.acm.org/citation.cfm?id=19480
  17. Y. Lu, "An efficient and provably secure certificate-based encryption scheme," in Proc. of ICTMF 2011, CCIS 164, pp. 54-61, 2011. http://dx.doi.org/10.1007/978-3-642-24999-0_8
  18. B. G. Kang, J. H. Park, S. G. Hahn, "A certificate-based signature scheme," in Proc. of CT-RSA, LNCS 2964, pp. 99-111, 2004. http://dx.doi.org/10.1007/978-3-540-24660-2_8
  19. J. G. Li, X. Y. Huang, Y. Mu, W. Susilo, and Q. H. Wu, "Certificate-based signature: security model and efficient construction," in Proc. of EuroPKI'07, LNCS 4582, pp.110-125, 2007. http://link.springer.com/chapter/10.1007/978-3-540-73408-6_8#page-1
  20. J. G. Li, X. Y. Huang, Y. Mu, W. Susilo, and Q. H. Wu, "Constructions of certificate-based signature secure against key replacement attacks," Journal of Computer Security, vol.18, no.3, pp.421-449, 2010. dl.acm.org/citation.cfm?id=1835403 https://doi.org/10.3233/JCS-2009-0366
  21. J. G. Li, X. Y. Huang, Y. C. Zhang, L. Z. Xu, "An efficient short certificate-based signature scheme," Journal of Systems and Software, vol.85, no.2, pp.314-322, 2012. http://dx.doi.org/10.1016/j.jss.2011.08.014
  22. J. G. Li, X. Y. Huang, M. X. Hong, Y. C. Zhang, "Certificate-based signcryption with enhanced security features," Computers and Mathematics with Applications, vol.64, no.6, 1587-1601, 2012. http://dx.doi.org/10.1016/j.camwa.2012.01.006
  23. R. Canetti, O. Goldreich, S. Halevi, "The random oracle methodology, revisited," Journal of the ACM, Vol. 51(4), pp. 557-594, 2004. http://dx.doi.org/10.1145/1008731.1008734
  24. B. Waters, "Efficient identity-based encryption without random oracles," in Proc. of Eurocrypt 2005, LNCS 3494, pp.114-127, 2005. http://dx.doi.org/10.1007/11426639_7
  25. P. Morillo, C. Ràfols, "Certificate-based encryption without random oracles," in Proc. of Cryptology ePrint Archive, Report 2006/12. https://eprint.iacr.org/2006/012.pdf
  26. D. Boneh, J. Katz, "Improved efficiency for CCA-secure cryptosystems built using identity-based encryption," in Proc. of CT-RSA 2005, LNCS 3376, pp. 87-103, 2005. http://dx.doi.org/10.1007/978-3-540-30574-3_8
  27. D. Galindo, P. Morillo, C. Ràfols, "Improved certificate-based encryption in the standard model," Journal of Systems and Software, vol. 81, pp. 1218-1226, 2008. http://dx.doi.org/10.1016/j.jss.2007.09.009
  28. J.K. Liu, J. Zhou, "Efficient certificate-based encryption in the standard model," in Proc. of SCN 2008, LNCS 5229, pp. 144-155, 2008. dl.acm.org/citation.cfm?id=1432982
  29. C. Gentry, "Practical identity-based encryption without random oracles," in Proc. of Eurocrypt 2006, LNCS 4004, pp. 445-464, 2006. http://dx.doi.org/10.1007/11761679_27
  30. Y. Lu, J. G. Li, "Generic construction of certificate-based encryption in the standard model," in Proc. of Electronic Commerce and Security 2009, IEEE CS, Vol.1, pp. 25-29, 2009. dl.acm.org/citation.cfm?id=1606750.1607193
  31. MIRACL, "Multiprecision integer and rational arithmetic C/C++ library". http://indigo.ie/mscott/
  32. J. G. Li, Z. W. Wang, Y. C. Zhang, "Provably secure certificate-based signature scheme without pairings," Information Sciences, vol. 233, no. 6, pp. 313-320, 2013. http://dx.doi.org/10.1016/j.ins.2013.01.013

Cited by

  1. Provably Secure Certificate-Based Signcryption Scheme without Pairings vol.8, pp.7, 2013, https://doi.org/10.3837/tiis.2014.07.020
  2. Computational Analytics of Client Awareness for Mobile Application Offloading with Cloud Migration vol.8, pp.11, 2013, https://doi.org/10.3837/tiis.2014.11.014
  3. Efficient certificate‐based encryption schemes without pairing vol.9, pp.18, 2016, https://doi.org/10.1002/sec.1703
  4. Enhanced Certificate-Based Encryption Scheme without Bilinear Pairings vol.10, pp.2, 2013, https://doi.org/10.3837/tiis.2016.02.024
  5. Efficient certificate-based encryption and hierarchical certificate-based encryption schemes in the standard model vol.35, pp.6, 2013, https://doi.org/10.3233/jifs-169838