Journal of the Korea Institute of Information and Communication Engineering (한국정보통신학회논문지)

The Korea Institute of Information and Commucation Engineering (한국정보통신학회)
권호 표지
DOI QR코드

DOI QR Code

Certificateless Public Key Encryption Revisited: Security Model and Construction

무인증서 공개키 암호 기법의 재고: 안전성 모델 및 설계

  • Kim, Songyi (Graduate School of Information Security, Korea University) ;
  • Park, Seunghwan (Graduate School of Information Security, Korea University) ;
  • Lee, Kwangsu (Graduate School of Information Security, Korea University)
  • Received : 2016.04.27
  • Accepted : 2016.05.09
  • Published : 2016.06.30
Download PDF
⟨ Previous Next ⟩

Abstract

Certificateless public key cryptography is a technique that can solve the certificate management problem of a public key cryptosystem and clear the key escrow issue of ID-based cryptography using the public key in user ID. Although the studies were actively in progress, many existing schemes have been designed without taking into account the safety of the secret value with the decryption key exposure attacks. If previous secret values and decryption keys are exposed after replacing public key, a valid private key can be calculated by obtaining the partial private key corresponding to user's ID. In this paper, we propose a new security model which ensures the security against the key exposure attacks and show that several certificateless public key encryption schemes are insecure in the proposed security model. In addition, we design a certificateless public key encryption scheme to be secure in the proposed security model and prove it based on the DBDH(Decisional Bilinear Diffie-Hellman) assumption.

무인증서 공개키 암호(Certificateless Public Key Encryption scheme)는 사용자 ID를 공개키로 사용함으로써 공개키 암호 시스템의 인증서 관리 문제를 해결하고 ID기반 암호 기법의 키 위탁(key escrow) 문제를 해결할 수 있는 기술이다. 이에 대한 연구가 활발히 진행되었음에도 불구하고, 기존의 여러 무인증서 암호 기법들은 사용자가 선택한 비밀값과 복호화 키 노출 공격에 대한 안전성을 고려하지 않고 설계되었다. 비밀값과 복호화 키 노출 공격이란 한 번이라도 공개키가 교체된 이후 이전에 사용했던 비밀값과 복호화 키가 노출된다면 그로부터 ID에 대응하는 부분 개인키를 획득해 현재의 정당한 복호화 키를 연산할 수 있는 공격이다. 본 논문에서는 키 노출 공격에 대해 안전한 새로운 안전성 모델을 제안하고, 해당 안전성 모델에서 기존의 무인증서 공개키 암호 기법들이 안전하지 않음을 보인다. 또한, 제안한 모델에서 안전한 새로운 무인증서 공개키 암호 기법을 제시하고, DBDH(Decision Bilinear Diffie-Hellman) 가정을 기반으로 안전성을 증명한다.

Keywords

References

  1. A. Shamir, "Identity-Based Cryptosystems and Signature Schemes," in Proceedings of CRYPTO, vol. 196, pp. 47-53, 1985.
  2. S. S. Al-Riyami and K. G. Paterson, "Certificateless Public Key Cryptography," in Proceedings of ASIACRYPT, vol. 2894, pp. 452-473, Dec. 2003.
  3. S. S. Al-Riyami and K. G. Paterson, "A Generic Construction and Efficient Schemes," in Proceedings of Public Key Cryptography, vol. 3386, pp. 398-415, Jan. 2005.
  4. B. Libert and J. J. Quisquater, "On Constructing Certificateless Cryptosystems from Identity Based Encryption," in Proceedings of Public-Key Cryptography, vol. 3958, pp. 474-490, Apr. 2006.
  5. Z. Zhang and D. Feng, "Key Replacement Attack on a Certificateless Signature Scheme," in Proceedings of IACR Cryptology ePrint Archive, pp. 1-5, 2006.
  6. E. Fujisaki and T. Okamoto, "How to enhance the security of public-key encryption at minimum cost," in Proceedings of Public Key Cryptography, vol. 1560, pp. 53-68, Mar. 1999.
  7. Y. Shi and J. Li, "Provable Efficient Certificateless Public Key Encryption," in Proceedings of IACR Cryptology ePrint Archive, pp. 1-15, 2005.
  8. A. W. Dent, B. Libert and K. G. Paterson, "Certificateless Encryption Schemes Strongly Secure in the Standard Model," in Proceedings of Public-Key Cryptography, vol. 4939, pp. 344-359, Mar. 2008.
  9. H. Xiong, T. H. Yuen, C. Zhang, S. M. Yiu and Y. -J. He, "Leakage-resilient certificateless public key encryption," in Proceedings of ACM AsiaCCS, pp. 13-22, 2013.
  10. Y. Sun, F. Zhang, L. Shen and R. H. Deng, "Efficient revocable certificateless encryption against decryption key exposure," in Proceedings of IET information security, vol. 9, no. 3, pp. 158-166, May 2015.
  11. J. Baek, R. Safavi-Naini and W. Susilo, "Certificateless Public Key Encryption Without Pairing," in Proceedings of the 8th International Conference on Information Security, vol. 3650, pp. 134-148, Sep. 2005.
  12. J. Lai and W. Kou, "Self-Generated-Certificate Public Key Encryption Without Pairing," in Proceedings of Public-Key Cryptography, vol. 4450, pp. 476-489, Apr. 2007.
  13. D. Boneh, "The Decision Diffie-Hellman problem," in Algorithmic number theory, vol. 1423, pp. 48-63, Jun. 1998. https://doi.org/10.1007/BFb0054851
  14. D. Boneh and X. Boyen, "Efficient Selective-ID Secure Identity-Based Encryption Without Random Oracles," in Proceedings of EUROCRYPT, vol. 3027, pp. 223-238, May 2004.