New Certificateless Public Key Encryption Secure Against Malicious KGC Attacks in the Standard Model

  • Wenjie Yang
  • Jian WengEmail author
  • Futai Zhang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10631)


It is an interesting and challenging task to design an efficient certificateless encryption (CLE) scheme whose security can be proved without using random oracles. Although some CLE schemes claimed secure in the standard model have been available in the literature, we find most of the concrete constructions are in fact insecure. In this paper, we first demonstrate the insecurity of the CLE scheme introduced by Hwang and Liu in 2008. We show how a type II adversary breaks the indistinguishability of ciphertexts under chosen ciphertext attacks. We then propose a new concrete CLE scheme. Our new scheme can resist public key replacement attacks as well as malicious key generation center (KGC) attacks. We rigorously prove the security of our construction under the Decisional Bilinear Diffie-Hellman assumption in the standard model.


Certificateless encryption scheme Malicious KGC attack Standard model 



This work was supported by National Science Foundation of China (Grant Nos. 61373158, 61472165 and 61732021), Guangdong Provincial Engineering Technology Research Center on Network Security Detection and Defence (Grant No. 2014B090904067), Guangdong Provincial Special Funds for Applied Technology Research and Development and Transformation of Important Scientific and Technological Achieve (Grant No. 2016B010124009), the Zhuhai Top Discipline–Information Security, Guangzhou Key Laboratory of Data Security and Privacy Preserving, Guangdong Key Laboratory of Data Security and Privacy Preserving.


  1. 1.
    Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003). Scholar
  2. 2.
    Al-Riyami, S.S., Paterson, K.G.: CBE from CL-PKE: a generic construction and efficient schemes. In: Vaudenay, S. (ed.) PKC 2005. LNCS, vol. 3386, pp. 398–415. Springer, Heidelberg (2005). Scholar
  3. 3.
    Au, M., Chen, J., Liu, J., Mu, Y., Wong, D., Yang G.: Malicious KGC attacks in certificateless cryptography. In: Deng, R., Samarati, P. (eds.) ASIACCS 2007, pp. 302–311. ACM Press (2007)Google Scholar
  4. 4.
    Baek, J., Safavi-Naini, R., Susilo, W.: Certificateless public key encryption without pairing. In: Zhou, J., Lopez, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 134–148. Springer, Heidelberg (2005). Scholar
  5. 5.
    Bellare, M., Shoup, S.: Two-tier signatures, strongly unforgeable signatures, and fiat-shamir without random oracles. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 201–216. Springer, Heidelberg (2007). Scholar
  6. 6.
    Bentahar, K., Farshim, P., Malone-Lee, J., Smart, N.: Generic construction of identity-based and certificateless KEMs. Cryptology ePrint Archive: Report 2005/058 (2005).
  7. 7.
    Cheng, Z., Comley, R.: Efficient certificateless public key encryption. Cryptology ePrint Archive: Report 2005/012 (2005).
  8. 8.
    Dent, A.: A survey of certificateless encryption schemes and security models. Cryptology ePrint Archive, Report 2006/211 (2006)Google Scholar
  9. 9.
    Dent, A.W., Libert, B., Paterson, K.G.: Certificateless encryption schemes strongly secure in the standard model. In: Cramer, R. (ed.) PKC 2008. LNCS, vol. 4939, pp. 344–359. Springer, Heidelberg (2008). Scholar
  10. 10.
    Huang, X., Susilo, W., Mu, Y., Zhang, F.: On the security of certificateless signature schemes from Asiacrypt 2003. In: Desmedt, Y.G., Wang, H., Mu, Y., Li, Y. (eds.) CANS 2005. LNCS, vol. 3810, pp. 13–25. Springer, Heidelberg (2005). Scholar
  11. 11.
    Huang, Q., Wong, D.S.: Generic certificateless encryption in the standard model. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 278–291. Springer, Heidelberg (2007). Scholar
  12. 12.
    Huang, Q., Wong, D.: Generic certificateless encryption secure against malicious-but-passive KGC attacks in the standard model. J. Comput. Sci. Technol. 25(4), 807–826 (2010)MathSciNetCrossRefGoogle Scholar
  13. 13.
    Hwang, Y., Liu, J.: Certificateless public key encryption secure against malicious KGC attacks in the standard model. J. Univ. Comput. Sci. 14(3), 463–480 (2008)MathSciNetzbMATHGoogle Scholar
  14. 14.
    Libert, B., Quisquater, J.-J.: On constructing certificateless cryptosystems from identity based encryption. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T. (eds.) PKC 2006. LNCS, vol. 3958, pp. 474–490. Springer, Heidelberg (2006). Scholar
  15. 15.
    Shen, L., Zhang, F., Li, S.: Cryptanalysis of a certificateless encryption scheme in the standard model. In: 4th International Conference on Intelligent Networking and Collaborative Systems, INCos 2012 (2012)Google Scholar
  16. 16.
    Waters, B.: Efficient identity-based encryption without random oracles. In: Cramer, R. (ed.) EUROCRYPT 2005. LNCS, vol. 3494, pp. 114–127. Springer, Heidelberg (2005). Scholar
  17. 17.
    Weng, J., Yao, G., Deng, R., Chen, M., Li, X.: Cryptanalysis of a certificateless signcryption scheme in the standard model. Inf. Sci. 181(3), 661–667 (2011)MathSciNetCrossRefGoogle Scholar
  18. 18.
    Yum, D.H., Lee, P.J.: Generic construction of certificateless signature. In: Wang, H., Pieprzyk, J., Varadharajan, V. (eds.) ACISP 2004. LNCS, vol. 3108, pp. 200–211. Springer, Heidelberg (2004). Scholar
  19. 19.
    Yang, W., Zhang, F., Shen, L.: Efficient certificateless encryption withstanding attacks from malicious KGC without using random oracles. Secur. Commun. Netw. 7(2), 445–454 (2014)CrossRefGoogle Scholar
  20. 20.
    Zhang, G., Wang, X.: Certificateless encryption scheme secure in standard model. Tsinghua Sci. Technol. 14(4), 452–459 (2009)MathSciNetCrossRefGoogle Scholar

Copyright information

© Springer International Publishing AG, part of Springer Nature 2018

Authors and Affiliations

  1. 1.College of Cyber Security/College of Information Science and TechnologyJinan UniversityGuangzhouChina
  2. 2.School of Computer Science and TechnologyNanjing Normal UniversityNanjingChina

Personalised recommendations