To protect signing rights against the compromise of secret key, the key-insulated signature (KIS) has attracted a lot of attention from the industry and academia. It would be interesting to investigate the notion of KIS in the certificateless public key cryptography (CL-PKC) environment to solve the problem of certificate management and key escrow simultaneously. To capture the seeming neglected attack mounted by the malicious key generation center (KGC), a stronger security model for the CL-PKC should be considered. In this paper, we first show that the only known CL-KIS scheme is vulnerable against malicious KGC attack, and then propose the first CL-KIS scheme secure against malicious KGC attack, with security proof in the standard model.
This is a preview of subscription content, access via your institution.
Buy single article
Instant access to the full article PDF.
Tax calculation will be finalised during checkout.
Subscribe to journal
Immediate online access to all issues from 2019. Subscription will auto renew annually.
Tax calculation will be finalised during checkout.
Al-Riyami SS, Paterson KG (2003) Certificateless public key cryptography. In: Advances in Cryptology-ASIACRYPT 2003, LNCS 2849. Springer, Berlin Heidelberg, pp 452–473
Ateniese G, Blanton M, Kirsch J (2007) Secret handshakes with dynamic and fuzzy matching. In: Proceedings of the 14th annual network and distributed system security symposium-NDSS, vol 2, pp 159–177
Au MH, Chen J, Mu Y et al (2007) Malicious KGC attacks in certificateless cryptography. ACM symposium on Information, computer and communications security (ASIACCS’2007), pp 302–311
Balfanz D, Durfee G, Shankar N et al (2003) Secret handshakes from pairing-based key agreements. In: IEEE symposium on security and privacy, pp 180–196
Bao F, Deng RH, Zhu H (2003) Variations of Diffie-Hellman problem. In: 5th International conference on information and communication security-ICICS 2003, LNCS 2836. Springer, Berlin Heidelberg, pp 301–312
Boneh D, Franklin M (2001) Identity-based encryption from the weil pairing. Advances in Cryptology-CRYPTO 2001, LNCS 2139. Springer, Berlin Heidelberg, pp 213–229
Canetti R, Goldreich O, Halevi S (1998) The random oracle methodology, revisited. In: Proceedings 30th annual symposium on theory of computing (STOC’98), pp 209–218
Canetti R, Halevi S, Katz J (2003) A forward-secure public-key encryption scheme. Advances in Cryptology-EUROCRYPT 2003, LNCS 2656, pp 255–271
Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inf Theory 22(6):644–654
Dodis Y, Katz J, Xu S, YungM(2002) Strong key-insulated public key cryptosystems. Advances in Cryptology-Eurocrypt’ 02, LNCS 2332. Springer, Berlin Heidelberg, pp 65–82
Dodis Y, Katz J, Xu S, Yung M (2003) Strong key-insulated signature scheme. In: Proceedings of PKC, LNCS 2567. Springer, Berlin Heidelberg, pp 130–144
Du H, Li J, Zhang Y, Li T, Zhang Y (2012) Certificate-based key-insulated signature. In: 3rd International conference on data and knowledge Engineering-ICDKE 2012, LNCS 7696. Springer, Berlin Heidelberg, pp 206–220
He D, Chen J, Hu J (2011) An ID-based proxy signature schemes without bilinear pairings. Ann Telecommun 66(11–12):657–662
Itkis G, Reyzin L (2001) Forward-secure signatures with optimal signing and verifying. Advances in Cryptology-CRYPTO’ 01, LNCS 2139. Springer, Berlin Heidelberg New York , pp 499–514
Itkis G (2002) Intrusion-resilient signature: generic constructions, or defeating a strong adversary with minimal assumption. In: SCN’ 02, LNCS 2576. Springer, Berlin Heidelberg New York, pp 102–118
Li J, Du H, Zhang Y, Li T, Zhang Y (2014) Provably secure certificate-based key-insulated signature scheme. Concurrency and Computation: Practice and Experience 26(8):546–1560
Liu JK, Au MH, Susilo W (2007) Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model. In: 2nd ACM symposium on information, computer and communications security (ASIACCS 2007), pp 273–283
Miller CK (1999) Multicast networking and applications. Addison Wesley, Reading
Ohtake G, Hanaoka G, Ogawa K (2006) Provider authentication for bidirectional broadcasting service with fixed verification key. In: 2008 International symposium on information theory and its applications-ISITA 2006, pp 155–160
Ohtake G, Hanaoka G, Ogawa K (2008) An efficient strong key-insulated signature scheme and its application. In: 5th European PKI workshop: theory and Practice-EuroPKI 2008, LNCS 5057. Springer, Berlin Heidelberg New York, pp 150–165
Paterson KG, Schuldt JCN (2006) Efficient identity-based signatures secure in the standard model. In: 11th Australasian conference on information security and privacy (ACISP 2006), LNCS 4058. Springer, Berlin Heidelberg, pp 207–222
Shamir A (1984) Identity-based cryptosystems and signature schemes. Advances in Cryptology-CRYPTO 1984, LNCS 196. Springer, Berlin Heidelberg, pp 47–53
Shao Z (2012) Verifiably encrypted short signatures from bilinear maps. Ann Telecommun 67(9-10):437–445
Shim K-A (2014) On the security of verifiably encrypted signature schemes in a multi-user setting. Ann Telecommun 69(11–12): 585–591
Tiwari N, Padhye S, He D (2013) Efficient ID-based multiproxy multisignature without bilinear maps in ROM. Ann Telecommun 68(3-4):231–237
Wan Z, Lai X, Weng J et al (2009) Certificateless key-insulated signature without random oracles. J Zhejiang Univ (Sci) A 10(12):1790–1800
Waters B (2005) Efficient identity based encryption without random oracles. Advances in Cryptology-EUROCRYPT 2005, LNCS 3494. Springer, Berlin Heidelberg, pp 114–127
Weng J, Liu S, Chen K, Li X (2006) Identity-based key-insulated signature with secure key-updates. In: 2nd SKLOIS conference on information security and cryptology (Inscrypt 2006), LNCS 4318, pp 13–26
Xiong H, Wu S, Li F, Qin Z (2015) Compact leakage-free ID-based signature scheme with applications to secret handshakes. Wirel Pers Commun 80(4):1671–1685
Xu S, Yung M (2004) K-anonymous secret handshakes with reusable credentials. In: Proceedings of the 11th ACM conference on computer and communications security-ACM CCS 2004, pp 158–167
Yu J, Kong F, Cheng X et al (2012) Intrusion-resilient identity-based signature: security definition and construction. J Syst Softw 85(2):382–391
Zhou Y, Cao Z, Chai Z (2006) Identity based key insulated signature. In: 2nd International conference on information security practice and experience (ISPEC 2006), LNCS 3903, pp 226–234
This research was supported by the National Natural Science Foundation of China General Projects Grant No. 61272029, 61003230, 61370026 and 61202445, Fundamental Research Funds for the Central Universities under Grant No. ZYGX2013J073, Applied Basic Research Program of Sichuan Province under Grant No. 2014JY0041, and the MOE key Laboratory for Transportation Complex Systems Theory and Technology, School of Traffic and Transportation, Beijing Jiaotong University. The authors also gratefully acknowledge the helpful comments and suggestions of the reviewers, which have improved the presentation.
About this article
Cite this article
Chen, Y., Xu, W. & Xiong, H. Strongly secure certificateless key-insulated signature secure in the standard model. Ann. Telecommun. 70, 395–405 (2015). https://doi.org/10.1007/s12243-015-0461-z
- Certificateless cryptosystem
- Key-insulated signature
- Malicious-but-passive KGC attack
- Standard model