New Certificateless Public Key Encryption Secure Against Malicious KGC Attacks in the Standard Model

Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10631)

Abstract

It is an interesting and challenging task to design an efficient certificateless encryption (CLE) scheme whose security can be proved without using random oracles. Although some CLE schemes claimed secure in the standard model have been available in the literature, we find most of the concrete constructions are in fact insecure. In this paper, we first demonstrate the insecurity of the CLE scheme introduced by Hwang and Liu in 2008. We show how a type II adversary breaks the indistinguishability of ciphertexts under chosen ciphertext attacks. We then propose a new concrete CLE scheme. Our new scheme can resist public key replacement attacks as well as malicious key generation center (KGC) attacks. We rigorously prove the security of our construction under the Decisional Bilinear Diffie-Hellman assumption in the standard model.

Keywords

Certificateless encryption scheme Malicious KGC attack Standard model 

Notes

Acknowledgments

This work was supported by National Science Foundation of China (Grant Nos. 61373158, 61472165 and 61732021), Guangdong Provincial Engineering Technology Research Center on Network Security Detection and Defence (Grant No. 2014B090904067), Guangdong Provincial Special Funds for Applied Technology Research and Development and Transformation of Important Scientific and Technological Achieve (Grant No. 2016B010124009), the Zhuhai Top Discipline–Information Security, Guangzhou Key Laboratory of Data Security and Privacy Preserving, Guangdong Key Laboratory of Data Security and Privacy Preserving.

References

  1. 1.
    Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003).  https://doi.org/10.1007/978-3-540-40061-5_29CrossRefGoogle Scholar
  2. 2.
    Al-Riyami, S.S., Paterson, K.G.: CBE from CL-PKE: a generic construction and efficient schemes. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 398–415. Springer, Heidelberg (2005).  https://doi.org/10.1007/978-3-540-30580-4_27CrossRefGoogle Scholar
  3. 3.
    Au, M., Chen, J., Liu, J., Mu, Y., Wong, D., Yang G.: Malicious KGC attacks in certificateless cryptography. In: Deng, R., Samarati, P. (eds.) ASIACCS 2007, pp. 302–311. ACM Press (2007)Google Scholar
  4. 4.
    Baek, J., Safavi-Naini, R., Susilo, W.: Certificateless public key encryption without pairing. In: Zhou, J., Lopez, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 134–148. Springer, Heidelberg (2005).  https://doi.org/10.1007/11556992_10CrossRefGoogle Scholar
  5. 5.
    Bellare, M., Shoup, S.: Two-tier signatures, strongly unforgeable signatures, and fiat-shamir without random oracles. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 201–216. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-71677-8_14CrossRefGoogle Scholar
  6. 6.
    Bentahar, K., Farshim, P., Malone-Lee, J., Smart, N.: Generic construction of identity-based and certificateless KEMs. Cryptology ePrint Archive: Report 2005/058 (2005). http://eprint.iacr.org/2005/058
  7. 7.
    Cheng, Z., Comley, R.: Efficient certificateless public key encryption. Cryptology ePrint Archive: Report 2005/012 (2005). http://eprint.iacr.org/2005/012
  8. 8.
    Dent, A.: A survey of certificateless encryption schemes and security models. Cryptology ePrint Archive, Report 2006/211 (2006)Google Scholar
  9. 9.
    Dent, A.W., Libert, B., Paterson, K.G.: Certificateless encryption schemes strongly secure in the standard model. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 344–359. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-78440-1_20CrossRefGoogle Scholar
  10. 10.
    Huang, X., Susilo, W., Mu, Y., Zhang, F.: On the security of certificateless signature schemes from Asiacrypt 2003. In: Desmedt, Y.G., Wang, H., Mu, Y., Li, Y. (eds.) CANS 2005. LNCS, vol. 3810, pp. 13–25. Springer, Heidelberg (2005).  https://doi.org/10.1007/11599371_2CrossRefGoogle Scholar
  11. 11.
    Huang, Q., Wong, D.S.: Generic certificateless encryption in the standard model. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 278–291. Springer, Heidelberg (2007).  https://doi.org/10.1007/978-3-540-75651-4_19CrossRefGoogle Scholar
  12. 12.
    Huang, Q., Wong, D.: Generic certificateless encryption secure against malicious-but-passive KGC attacks in the standard model. J. Comput. Sci. Technol. 25(4), 807–826 (2010)MathSciNetCrossRefGoogle Scholar
  13. 13.
    Hwang, Y., Liu, J.: Certificateless public key encryption secure against malicious KGC attacks in the standard model. J. Univ. Comput. Sci. 14(3), 463–480 (2008)MathSciNetMATHGoogle Scholar
  14. 14.
    Libert, B., Quisquater, J.-J.: On constructing certificateless cryptosystems from identity based encryption. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 474–490. Springer, Heidelberg (2006).  https://doi.org/10.1007/11745853_31CrossRefGoogle Scholar
  15. 15.
    Shen, L., Zhang, F., Li, S.: Cryptanalysis of a certificateless encryption scheme in the standard model. In: 4th International Conference on Intelligent Networking and Collaborative Systems, INCos 2012 (2012)Google Scholar
  16. 16.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005).  https://doi.org/10.1007/11426639_7CrossRefGoogle Scholar
  17. 17.
    Weng, J., Yao, G., Deng, R., Chen, M., Li, X.: Cryptanalysis of a certificateless signcryption scheme in the standard model. Inf. Sci. 181(3), 661–667 (2011)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Yum, D.H., Lee, P.J.: Generic construction of certificateless signature. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 200–211. Springer, Heidelberg (2004).  https://doi.org/10.1007/978-3-540-27800-9_18CrossRefGoogle Scholar
  19. 19.
    Yang, W., Zhang, F., Shen, L.: Efficient certificateless encryption withstanding attacks from malicious KGC without using random oracles. Secur. Commun. Netw. 7(2), 445–454 (2014)CrossRefGoogle Scholar
  20. 20.
    Zhang, G., Wang, X.: Certificateless encryption scheme secure in standard model. Tsinghua Sci. Technol. 14(4), 452–459 (2009)MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.College of Cyber Security/College of Information Science and TechnologyJinan UniversityGuangzhouChina
  2. 2.School of Computer Science and TechnologyNanjing Normal UniversityNanjingChina

Personalised recommendations