Implicit and Explicit Certificates-Based Encryption Scheme

  • Tomasz Hyla
  • Witold Maćków
  • Jerzy Pejaś
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8838)


Certificate-based encryption (CBE) combines traditional public-key encryption and certificateless encryption. However, it does suffer to the Denial of Decryption (DoD) attack called by Liu and Au. To capture this attack, they introduced a new paradigm called self-generated-certificate public key cryptography. In this paper we show that the problem of DoD attack can be solved with a new implicit and explicit certificates-based public key cryptography paradigm. More importantly, we propose a concrete implicit and explicit certificate-based encryption (IE-CBE) scheme that defends against DoD attack. This new scheme is enhanced version of CBE scheme and preserves all its advantages, i.e., every user is given by the trusted authority an implicit certificate as a part of a private key and generates his own secret key and corresponding public key. In addition, in the IE-CBE scheme trusted authority has to generate an explicit certificate for a user with some identity and a public key. We prove that our scheme is IND-CCA2 and DoD-Free secure in the random oracle model as hard is to solve p-BDHI and k-CCA problems.


Pairing based cryptography implicit certificate explicit certificate encryption scheme random oracle model 


  1. 1.
    Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  2. 2.
    Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  3. 3.
    Chen, L., Cheng, Z.: Security proof of Sakai-Kasahar’s identity-based encryption scheme. In: Smart, N.P. (ed.) Cryptography and Coding 2005. LNCS, vol. 3796, pp. 442–459. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Sakai, R., Kasahara, M.: ID based cryptosystems with pairing on elliptic curve. Cryptology ePrint Archive, Report 2003/054 (2003)Google Scholar
  5. 5.
    Chow, S.S.M.: Certificateless Encryption. In M. Joye and G. Neven (Eds.) Identity-Based Cryptography, pp. 135-155. IOS Press, (2009) Google Scholar
  6. 6.
    Liu, J., Au, K., Susilo, M.H.: W.: Self-Generated-Certificate Public Key Cryptography and certificateless signature/encryption scheme in the standard model: Extended abstract. In: Bao, F., Miller, S. (eds.) ASIACCS 2007, pp. 273–283. ACM Press (2007)Google Scholar
  7. 7.
    Gentry, G.: Certificate-based encryption and the certificate revocation problem. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 272–293. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  8. 8.
    Lai, J., Kou, W.: Self-generated-certificate public key encryption without pairing. In: Okamoto, T., Wang, X. (eds.) PKC 2007. LNCS, vol. 4450, pp. 476–489. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Dent, A.W.: A Brief Introduction to Certificateless Encryption Schemes and Their Infrastructures. In: Martinelli, F., Preneel, B. (eds.) EuroPKI 2009. LNCS, vol. 6391, pp. 1–16. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  10. 10.
    Baek, J., Safavi-Naini, R., Susilo, W.: Certificateless public key encryption without pairing. In: Zhou, J., López, J., Deng, R.H., Bao, F. (eds.) ISC 2005. LNCS, vol. 3650, pp. 134–148. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  11. 11.
    Au, M., Chen, H., Liu, J., Mu, J.K., Wong, Y., Yang, D.S., Malicious, G.: KGC Attacks in Certificateless Cryptography. In: ASIACCS, pp. 302–311 (2007)Google Scholar
  12. 12.
    Lu, Y., Li, J.: Constructing Efficient Certificate-based Encryption with Paring. Journal of Computers 4(1) (January 2009)Google Scholar
  13. 13.
    Mitsunari, S., Sakai, R., Kasahara, M.: A new traitor tracing. IEICE Transactions E85-A(2), 481–484 (2002)Google Scholar
  14. 14.
    Boneh, D., Boyen, X.: Efficient selective-ID secure identity-based encryption without random oracles. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 223–238. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  15. 15.
    Lynn, B.: On the implementation of pairing-based cryptosystems. PhD Thesis. Stanford University (2007)Google Scholar
  16. 16.
    Zhang, F., Safavi-Naini, R., Susilo, W.: An efficient signature scheme from bilinear pairings and its applications. In: Bao, F., Deng, R., Zhou, J. (eds.) PKC 2004. LNCS, vol. 2947, pp. 277–290. Springer, Heidelberg (2004)CrossRefGoogle Scholar
  17. 17.
    Hyla, T., Pejaś, J.: A practical certificate and identity based encryption scheme and related security architecture. In: Saeed, K., Chaki, R., Cortesi, A., Wierzchoń, S. (eds.) CISIM 2013. LNCS, vol. 8104, pp. 190–205. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  18. 18.
    Hyla, T., Pejaś, J.: Certificate-Based Encryption Scheme with General Access Structure. In: Cortesi, A., Chaki, N., Saeed, K., Wierzchoń, S. (eds.) CISIM 2012. LNCS, vol. 7564, pp. 41–55. Springer, Heidelberg (2012)CrossRefGoogle Scholar

Copyright information

© IFIP International Federation for Information Processing 2014

Authors and Affiliations

  • Tomasz Hyla
    • 1
  • Witold Maćków
    • 1
  • Jerzy Pejaś
    • 1
  1. 1.Faculty of Computer Science and Information TechnologyWest Pomeranian University of Technology, SzczecinPoland

Personalised recommendations