article

Efficient certificateless encryption withstanding attacks from malicious KGC without using random oracles

Authors:

Limin ShenAuthors Info & Claims

Security and Communication Networks, Volume 7, Issue 2

Pages 445 - 454

https://doi.org/10.1002/sec.826

Published: 01 February 2014 Publication History

Abstract

As the key generation center KGC in a certificateless cryptosystem is no longer fully trusted, for practical applications, a secure certificateless encryption CLE scheme should withstand malicious KGC attacks. In this paper, we investigate practical CLE schemes withstanding attacks from a malicious KGC without resorting to random oracles. At first, we show the insecurity of the CLE scheme ZW scheme presented by Zhang and Wang. Although ZW scheme was proved to be chosen ciphertext secure without using random oracles, we find that it cannot resist attacks from a malicious KGC. We show an attack that demonstrates a malicious KGC can easily decrypt a target ciphertext using chosen ciphertext attack. After that, we introduce a new efficient CLE scheme. We prove its CCA2 security without using random oracles. Our new scheme not only gets rid of the security drawbacks of ZW scheme but also keeps its most distinctive feature of a short public key length. The formal security proofs of the new scheme are presented without using random oracles assuming the hardness of the decisional truncated q-augmented bilinear Diffie-Hellman exponent q-ABDHE problem and the hardness of the decisional bilinear Diffie-Hellman problem. Copyright © 2013 John Wiley & Sons, Ltd.

References

[1]

Al-Riyami S, Paterson K. Certificateless public key cryptography, Advances in Cryptology-ASIACRYPT, LNCS 2894, Springer-Verlag, 2003; pp.452-473.

[2]

Shamir A. Identity-based cryptosystems and signature schemes, Advances in cryptology-CRYPTO, LNCS 196, Springer-Verlag, 1984; pp.47-53.

[3]

Boneh D, Franklin M. Identity-based encryption from the Weil pairing, Advances in CryptologyłCRYPTO, LNCS 2139, Springer-Verlag, 2001; pp.213-229.

[4]

Waters B. Efficient identity-based encryption without random oracles, Advances in CryptologyCEUROCRYPT, LNCS 3494, Springer-Verlag, 2005; pp.114-127.

Digital Library

[5]

Paterson K, Schuldt J. Efficient identity-based signatures secure in the standard model, Information Security and Privacy, LNCS 4058, Springer-Verlag, 2006; pp.207-222.

[6]

Gentry C. Practical identity-based encryption without random oracles, Advances in Cryptology-EUROCRYPT, LNCS 4004, Springer-Verlag, 2006; pp.445-464.

Digital Library

[7]

Dent A. A survey of certificateless encryption schemes and security models. International Journal of Information Security 2008; Volume 7: pp.349-377.

[8]

Al-Riyami S, Paterson K. CBE from CL-PKE: a generic construction and efficient schemes, Public Key Cryptography-PKC 2005, LNCS 3386, Springer-Verlag, 2005; pp.398-415.

[9]

Baek J, Safavi-Naini R, Susilo W. Certificateless public key encryption without pairing, Information Security 2005, LNCS 3650, Springer-Verlag, 2005; pp.134-148.

Digital Library

[10]

Bentahar K, Farshim P, Malone-Lee J, Smart N. Generic construction of identity-based and certificateless KEMs. Journal of Cryptology 2008; Volume 21: pp.178-199.

[11]

Cheng Z, Comle R. Efficient certificateless public key encryption. Report 2005, Cryptology ePrint Archive, 2005. "http://eprint.iacr.org/2005/012".

[12]

Huang X, Susilo W, Mu Y, Zhang F. On the security of certificateless signature schemes from Asiacrypt 2003, Cryptology and Network Security 2005, LNCS 3810, Springer-Verlag, 2005; pp.13-25.

[13]

Libert B, Quisquater JJ. On constructing certificateless cryptosystems from identity based encryption, Public Key Cryptography 2006, LNCS 3958, Springer-Verlag, 2006; pp.474-490.

Digital Library

[14]

Bellare M, Shoup S. Two-tier signatures, strongly unforgetable signatures, and Fiat-Shamir without random oracles, Public Key Cryptography-PKC 2007, LNCS 4450, Springer-Verlag, 2007; pp.201-216.

[15]

Yum D, Lee P. Generic Construction of Certificateless Signature, Information Security and Privacy, LNCS 3108, Springer-Verlag, 2004; pp.200-211.

[16]

Yan Z, Zhang F, Yang W. Cryptanalysis to a certificateless threshold signature scheme. TELKOMNIKA Indonesian Journal of Elecrical Engineering 2012; Volume 10: pp.1496-1502.

[17]

Tso R, Huang X, Susilo W. Strongly secure certificateless short signatures. Journal of Systems and Software 2012; Volume 85: pp.1409-1417.

[18]

Dent A, Libert B, Paterson K. Certificateless encryption schemes strongly secure in the standard model, Public Key Cryptography-PKC, LNCS 4939, Springer-Verlag, 2008; pp.344-359.

[19]

Au M, Chen J, Liu J, Mu Y, Wong D, Yang G. Malicious KGC attacks in certificateless cryptography. Conference on Computer and Communications Security: Proceedings of the 2nd ACM symposium on Information, computer and communications security 2007; Volume 20: pp.302-311.

[20]

Huang Q, Wong D. Generic certificateless encryption in the standard model, Information and Computer Security, LNCS 4752, Springer-Verlag, 2007; pp.278-291.

[21]

Huang Q, Wong D. Generic certificateless encryption secure against malicious-but-passive KGC attacks in the standard model. Journal of Computer Seience and Technology 2010; Volume 25: pp.807-826.

[22]

Hwang Y, Liu J. Certificateless public key encryption secure against malicious KGC attacks in the standard model. Journal of Universal Computer Science 2008; Volume 14: pp.463-480.

[23]

Zhang G, Wang X. Certificateless encryption scheme secure in standard model. Tsinghua Science and Technology 2009; Volume 14: pp.452-459.

[24]

Shen L, Zhang F, Sun Y, et al. Cryptanalysis of a certificateless encryption scheme in the standard model, Advances in Intelligent Networking and Collaborative Systems INCoS; ISBN 978-0-7695-4808-1, IEEE Computer Society, 2012; pp.329-333.

[25]

Liu Z, Hu Y, Zhang X, Ma H. Certificateless signcryption scheme in the standard model. Information Sciences 2010; Volume 180: pp.452-464.

[26]

Weng J, Yao G, Deng R, Chen M, Li X. Cryptanalysis of a certificateless signcryption scheme in the standard model. Information Sciences 2011; Volume 181: pp.661-667.

[27]

Miao S, Zhang F, Li S, Mu Y. On security of a certificateless signcryption scheme. Information Sciences 2011; Volume 232: pp.475-481.

Cited By

Lu YLi J(2016)A provably secure certificate-based encryption scheme against malicious CA attacks in the standard modelInformation Sciences: an International Journal10.1016/j.ins.2016.08.082372:C(745-757)Online publication date: 1-Dec-2016
https://dl.acm.org/doi/10.1016/j.ins.2016.08.082

Efficient certificateless encryption withstanding attacks from malicious KGC without using random oracles
1. Security and privacy

Recommendations

Practical certificateless public key encryption in the standard model
NSS'12: Proceedings of the 6th international conference on Network and System Security

Certificateless public key cryptography was introduced to solve the key escrow problem in identity based cryptography without using public key certificates. In this paper, we investigate certificateless encryption (CLE) scheme whose security does not ...
Generic certificateless encryption secure against malicious-hut-passive KGC attacks in the standard model

Despite the large number of certificateless encryption schemes proposed recently, many of them have been found insecure under a practical attack, called malicious-but-passive KGC (Key Generation Center) attack. In this work we propose the first generic ...
Chosen Ciphertext Secure Certificateless Threshold Encryption in the Standard Model
Information Security and Cryptology

We propose the first secure Certificateless Threshold Encryption (CLTH-PKE) scheme against a malicious Key Generation Center (KGC) in the standard model. In this paper, we first define the new security model for CLTH-PKE. And then, we construct a new ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Security and Communication Networks

Security and Communication Networks Volume 7, Issue 2

February 2014

228 pages

ISSN:1939-0114

EISSN:1939-0122

Issue’s Table of Contents

Publisher

John Wiley & Sons, Inc.

United States

Publication History

Published: 01 February 2014

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

1
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 22 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

Lu YLi J(2016)A provably secure certificate-based encryption scheme against malicious CA attacks in the standard modelInformation Sciences: an International Journal10.1016/j.ins.2016.08.082372:C(745-757)Online publication date: 1-Dec-2016
https://dl.acm.org/doi/10.1016/j.ins.2016.08.082

View Options

View options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents