Skip to main content
Log in

Generic Certificateless Encryption Secure Against Malicious-but-Passive KGC Attacks in the Standard Model

  • Regular Paper
  • Published:
Journal of Computer Science and Technology Aims and scope Submit manuscript

Abstract

Despite the large number of certificateless encryption schemes proposed recently, many of them have been found insecure under a practical attack, called malicious-but-passive KGC (Key Generation Center) attack. In this work we propose the first generic construction of certificateless encryption, which can be proven secure against malicious-but-passive KGC attacks in the standard model. In order to encrypt a message of any length, we consider the KEM/DEM (key encapsulation mechanism/data encapsulation mechanism) framework in the certificateless setting, and propose a generic construction of certificateless key encapsulation mechanism (CL-KEM) secure against malicious-but-passive KGC attacks in the standard model. It is based on an identity-based KEM, a public key encryption and a message authentication code. The high efficiency of our construction is due to the efficient implementations of these underlying building blocks, and is comparable to Bentahar et al.’s CL-KEMs, which have only been proven secure under the random oracle model with no consideration of the malicious-but-passive KGC attack. We also introduce the notion of certificateless tag-based KEM (CL-TKEM), which is an extension of Abe et al.’ s work to the certificateless setting. We show that an efficient CL-TKEM can be constructed by modifying our CL-KEM scheme. We also show that with a CL-TKEM and a data encapsulation mechanism secure under our proposed security model, an efficient certificateless hybrid encryption can be constructed by applying Abe et al.'s transformation in the certificateless setting.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Huang Q, Wong D S. Generic certificateless key encapsulation mechanism. In Proc. ACISP 2007, Townsville, Australia, July 2–4, 2007, pp.215–229.

  2. Huang Q, Wong D S. Generic certificateless encryption in the standard model. In Proc. IWSEC 2007, Nara, Japan, Oct. 29–31, 2007, pp.278–291.

  3. Shamir A. Identity-based cryptosystems and signature schemes. In Proc. CRYPTO 1984, Santa Barbara, USA, Aug. 16–20, 1984, pp.47–53.

  4. Al-Riyami S S, Paterson K G. Certificateless public key cryptography. In Proc. ASIACRYPT 2003, Taipei, China, Nov. 30-Dec. 4, 2003, pp.452–473.

  5. Yum D H, Lee P J. Generic construction of certificateless signature. In Proc. ACISP 2004, Sydney, Australia, July 13–14, 2004, pp.200–211.

  6. Huang X, Susilo W, Mu Y, Zhang F. On the security of certificateless signature schemes from Asiacrypt 2003. In Proc. CANS 2005, Xiamen, China, Oct. 31-Nov. 3, 2005, pp.13–25.

  7. Libert B, Quisquater J J. On constructing certificateless cryptosystems from identity based encryption. In Proc. PKC 2006, New York, USA, April 24–26, 2006, pp.474–490.

  8. Hu B C, Wong D S, Zhang Z, Deng X. Key replacement attack against a generic construction of certificateless signature. In Proc. ACISP 2006, Melbourne, Australia, July 3–5, 2006, pp.235–246.

  9. Au M H, Chen J K, Liu J K, Mu Y, Wong D S, Yang G. Malicious KGC attacks in certificateless cryptography. In Proc. ASIACCS 2007, Singapore, Mar. 20–22, 2007, pp.302–311.

  10. Liu J K, Au M H, Susilo W. Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model. In Proc. ASIACCS 2007, Singapore, Mar. 20–22, 2007, pp.302–311.

  11. Yum D H, Lee P J. Generic construction of certificateless encryption. In Proc. ICCSA 2004, Assisi, Italy, May 14–17, 2004, pp.802–811.

  12. Bellare M, Rogaway P. Random oracles are practical: A paradigm for designing efficient protocols. In Proc. the First ACM Conference on Computer and Communications Security, Fairfax, USA, Nov. 3–5, 1993, pp.62–73.

  13. Li X, Chen K, Sun L. Certificateless signature and proxy signature schemes from bilinear pairings. Lithuanian Mathematical Journal, 2005, 45(1): 76–83.

    Article  MathSciNet  MATH  Google Scholar 

  14. Cramer R, Shoup V. Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J. Computing, 2003, 33(1): 167–226.

    Article  MathSciNet  MATH  Google Scholar 

  15. Shoup V. ISO 18033-2: An emerging standard for public-key encryption (committee draft), June 2004, http://shoup.net/iso/.

  16. Shoup V. Using hash functions as a hedge against chosen ciphertext attack. In Proc. EUROCRYPT 2000, Bruges, Belgium, May 14–18, 2000, pp.275–288.

  17. Dent A. A designer's guide to KEMs. In Proc. Int. Workshop on Cryptography and Codings 2003, Versailles, France, Mar. 24–28, 2003, pp.133–151.

  18. Abe M, Gennaro R, Kurosawa K, Shoup V. Tag-KEM/DEM: A new framework for hybrid encryption and a new analysis of Kurosawa-Desmedt KEM. In Proc. EUROCRYPT 2005, Aarhus, Denmark, May 22–26, 2005, pp.128–146.

  19. Bentahar K, Farshim P, Malone-Lee J, Smart N P. Generic constructions of identity-based and certificateless KEMs. Journal of Cryptology, 2008, 21(2): 178–199.

    Article  MathSciNet  MATH  Google Scholar 

  20. Chen L, Cheng Z, Malone-Lee J, Smart N. Efficient ID-KEM based on the Sakai-Kasahara key construction. IEE Proc. Information Security, Mar. 2006, 153(1): 19–26.

    Article  Google Scholar 

  21. Abe M, Cui Y, Imai H, Kiltz E. Efficient hybrid encryption from ID-based encryption. Cryptology ePrint Archive, Report 2007/023, 2007.

  22. Kurosawa K, Desmedt Y. A new paradigm of hybrid encryption scheme. In Proc. the CRYPTO 2004, Santa Barbara, USA, Aug. 15–19, 2004, pp.426–442.

  23. Herranz J, Hofheinz D, Kiltz E. The Kurosawa-Desmedt key encapsulation is not chosen-ciphertext secure. Cryptology ePrint Archive, Report 2005/207, 2005.

  24. Sakai R, Kasahara M. ID based cryptosystems with pairing on elliptic curve. Cryptology ePrint Archive, Report 2003/054, 2003.

  25. Shoup V, Gennaro R. Secure threshold cryptosystems against chosen ciphertext attack. Journal of Cryptology, 2002, 15(2): 75–96.

    MathSciNet  MATH  Google Scholar 

  26. MacKenzie P, Reiter M K, Yang K. Alternatives to non-malleability: Definitions, constructions, and applications. In Proc. TCC 2004, Cambridge, USA, Feb. 19–21, 2004, pp.171–190.

  27. Kiltz E. Chosen-ciphertext security from tag-based encryption. In Proc. TCC 2006, New York, USA, Mar. 4–7, 2006, pp.581–600.

  28. Canetti R, Goldreich O, Halevi S. The random oracle methodology, revisited. In Proc. STOC 1998, Dallas, USA, May 23–26, 1998, pp.209–218.

  29. Waters B. Efficient identity-based encryption without random oracles. In Proc. EUROCRYPT 2005, Aarhus, Denmark, May 22–26, 2005, pp.114–127.

  30. Gentry C. Practical identity-based encryption without random oracles. In Proc. EUROCRYPT 2006, St. Petersburg, Russia, May 28-June 1, 2006, pp.445–464.

  31. Kiltz E, Galindo D. Direct chosen-ciphertext secure identity-based key encapsulation without random oracles. In Proc. ACISP 2006, Melbourne, Australia, Jul. 3–5, 2006, pp.336–347.

  32. Cramer R, Shoup V. A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack. In Proc. CRYPTO 98, Santa Barbara, USA, Aug. 22–27, 1998, pp.13–25.

  33. Huang Q,, Wong D S, Li J, Zhao Y. Generic transformation from weakly to strongly unforgeable signatures. Journal of Computer Science and Technology, March 2008, 23(2): 240–252.

    Article  MathSciNet  Google Scholar 

  34. Bellare M, Shoup S. Tow-tier signatures, strongly unforgeable signatures, and Fiat-Shamir without random oracles. In Proc. PKC 2007, Beijing, China, Apr. 16–20, 2007, pp.201–216.

  35. Stinson D R. Universal hashing and authentication codes. Designs, Codes, and Cryptography, 1994, 4(4): 369–380.

    Article  MathSciNet  MATH  Google Scholar 

  36. Wegman M N, Carter J L. New hash functions and their use in authentication and set equality. Journal of Computer and System Sciences, 1981, 22(3): 265–279.

    Article  MathSciNet  MATH  Google Scholar 

  37. Baek J, Safavi-Naini R, Susilo W. Certificateless public key encryption without pairing. In Proc. ISC 2005, Singapore, Sept. 20–23, 2005, pp.134–148.

  38. Hu B C, Wong D S, Zhang Z, Deng X. Certificateless signature: A new security model and an improved generic construction. Designs, Codes, and Cryptography, 2007, 42(2): 109–126.

    Article  MathSciNet  MATH  Google Scholar 

  39. Dent A W. A survey of certificateless encryption schemes and security models. Cryptology ePrint Archive, Report 2006/211, 2007.

  40. Dodis Y, Katz J. Chosen-ciphertext security of multiple encryption. In Proc. TCC 2005, Cambridge, USA, Feb. 10–12, 2005, pp.188–209.

  41. Dent A W. A note on game hopping proofs. Cryptology ePrint Archive, Report 2006/260, 2006.

  42. Even S, Goldreich O, Micali S. On-line/off-line digital signatures. J. Cryptology, 1996, 9(1): 35–67.

    Article  MathSciNet  MATH  Google Scholar 

  43. Goldreich O. Foundations of Cryptography, Volume II, Basic Applications. Cambridge University Press, 2004.

  44. Boneh D, Boyen X. Short signatures without random oracles. In Proc. EUROCRYPT 2004, Interlaken, Switzerland, May 20–24, 2004, pp.416–432.

  45. Boneh D, Katz J. Improved efficiency for CCA-secure cryptosystems built using identity-based encryption. In Proc. CT-RSA 2005, San Francisco, USA, Feb. 14–18, 2004, pp.87–103.

  46. Boneh D, Canetti R, Halevi S, Katz J. Chosen-ciphertext security from identity-based encryption. SIAM J. Computing, 2006, 36(5): 915–942.

    MathSciNet  Google Scholar 

  47. May T. Timed-release crypto. Manuscript, 1993, http://www.hks.net.cpunks/cpunks-0/1560.html.

  48. Mao W. Timed release cryptography. In Proc. SAC 2001, Toronto, Canada, Mar. 11–14, 2001, pp.342–357.

  49. Chalkias K, Hristu-Varsakelis D, Stephanides G. Improved anonymous timed-release encryption. In Proc. ESORICS 2007, Dresden, Germany, Sept. 24–26, 2007, pp.311–326.

  50. Chow S S M, Roth V, Rieffel E G. General certificateless encryption and timed-release encryption. In Proc. SCN 2008, Amalfi, Italy, Sept. 10–12, 2008, pp.126–143.

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Qiong Huang.

Additional information

The work described in this paper was supported by CityU under Grant No. 7002362.

A preliminary version of this paper appears in IWSEC 2007[1] and ACISP 2007[2].

Rights and permissions

Reprints and permissions

About this article

Cite this article

Huang, Q., Wong, D.S. Generic Certificateless Encryption Secure Against Malicious-but-Passive KGC Attacks in the Standard Model. J. Comput. Sci. Technol. 25, 807–826 (2010). https://doi.org/10.1007/s11390-010-9367-4

Download citation

  • Received:

  • Revised:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11390-010-9367-4

Keywords

Navigation