Abstract
Certificateless public key encryption can be classified into two types, namely, CLE and \({\tt CLE}^{\dag}\), both of which were introduced by Al-Riyami and Paterson in Asiacrypt 2003. Most works about certificateless public key encryption belong to CLE, where the partial secret key is uniquely determined by an entity’s identity. In \({{\tt CLE}}^{\dag}\), an entity’s partial secret key is not only determined by the identity information but also by his/her (partial) public key. Such techniques can enhance the resilience of certificateless public key encryption against a cheating KGC. In this paper, we first formalize the security definitions of \({{\tt CLE}}^{\dag}\). After that, we demonstrate the gap between the security model of \({{\tt CLE}}^{\dag}\) and CLE, by showing the insecurity of a \({{\tt CLE}}^{\dag}\) scheme proposed by Lai and Kou in PKC 2007. We give an attack that can successfully break the indistinguishability of their \({\tt CLE}^{\dag}\) scheme, although their scheme can be proved secure in the security model of CLE. Therefore, it does not suffice to consider the security of \({\tt CLE}^{\dag}\) in the security model of CLE. Finally, we show how to secure Lai-Kou’s scheme by providing a new scheme with the security proof in the model of \({\tt CLE}^{\dag}\).
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)
Al-Riyami, S.S., Paterson, K.: Certificateless Public Key Cryptography. Cryptology ePrint Archive, Report 2003/126 (2003)
Au, M.H., Chen, J., Liu, J.K., Mu, Y., Wong, D.S., Yang, G.: Malicious KGC Attack in Certificateless Cryptography. In: ACM Symposium on Information, Computer and Communications Security (AisaCCS 2007), pp. 302–311. ACM Press, New York (2007)
Baek, J., Safavi-Naini, R., Susilo, W.: Certificateless public key encryption without pairing. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 134–148. Springer, Heidelberg (2005)
Boneh, D., Franklin, M.: Identity-based encryption from the weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Dent, A.W.: A Survey of Certificateless Encryption Schemes and Security Models. Cryptology ePrint Archive, Report 2006/211 (2006)
Dent, A.W., Libert, B., Paterson, K.G.: Certificateless Encryption Schemes Strongly Secure in the Standard Model. Cryptology ePrint Archive, Report 2007/121 (2007)
Galindo, D., Morillo, P., Ràfols, C.: Breaking yum and lee generic constructions of certificate-less and certificate-based encryption schemes. In: Atzeni, A.S., Lioy, A. (eds.) EuroPKI 2006. LNCS, vol. 4043, pp. 81–91. Springer, Heidelberg (2006)
Girault, M.: Self-certified public keys. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 490–497. Springer, Heidelberg (1991)
Huang, Q., Wong, D.S.: Generic certificateless encryption in the standard model. In: Miyaji, A., Kikuchi, H., Rannenberg, K. (eds.) IWSEC 2007. LNCS, vol. 4752, pp. 278–291. Springer, Heidelberg (2007)
Lai, J., Kou, W.: Self-generated-certificate public key encryption without pairing. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 476–489. Springer, Heidelberg (2007)
Libert, B., Quisquater, J.: On Constructing Certificateless Cryptosystems from Identity based Encryption. In: Yung, M., Dodis, Y., Kiayias, A., Malkin, T.G. (eds.) PKC 2006. LNCS, vol. 3958, pp. 474–490. Springer, Heidelberg (2006)
Liu, J.K., Au, M.H., Susilo, W.: Self-Generated-Certificate Public Key Cryptography and Certificateless Signature/Encryption Scheme in the standard Model. In: ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS 2007), pp. 273–283. ACM Press, New York (2007)
Schnorr, C.P.: Efficient Signature Generation by Smart Cards. Journal of Cryptology 4(3), 161–174 (1991)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Sun, Y., Zhang, F.T., Baek, J.: Strongly secure certificateless public key encryption without pairing. In: Bao, F., Ling, S., Okamoto, T., Wang, H., Xing, C. (eds.) CANS 2007. LNCS, vol. 4856, pp. 194–208. Springer, Heidelberg (2007)
Yum, D.H., Lee, P.J.: Generic construction of certificateless encryption. In: Laganá, A., Gavrilova, M.L., Kumar, V., Mun, Y., Tan, C.J.K., Gervasi, O. (eds.) ICCSA 2004. LNCS, vol. 3043, pp. 802–811. Springer, Heidelberg (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wang, X.a., Huang, X., Yang, X. (2009). Further Observations on Certificateless Public Key Encryption. In: Yung, M., Liu, P., Lin, D. (eds) Information Security and Cryptology. Inscrypt 2008. Lecture Notes in Computer Science, vol 5487. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-01440-6_18
Download citation
DOI: https://doi.org/10.1007/978-3-642-01440-6_18
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-01439-0
Online ISBN: 978-3-642-01440-6
eBook Packages: Computer ScienceComputer Science (R0)