New Certificateless Public Key Encryption Secure Against Malicious KGC Attacks in the Standard Model
It is an interesting and challenging task to design an efficient certificateless encryption (CLE) scheme whose security can be proved without using random oracles. Although some CLE schemes claimed secure in the standard model have been available in the literature, we find most of the concrete constructions are in fact insecure. In this paper, we first demonstrate the insecurity of the CLE scheme introduced by Hwang and Liu in 2008. We show how a type II adversary breaks the indistinguishability of ciphertexts under chosen ciphertext attacks. We then propose a new concrete CLE scheme. Our new scheme can resist public key replacement attacks as well as malicious key generation center (KGC) attacks. We rigorously prove the security of our construction under the Decisional Bilinear Diffie-Hellman assumption in the standard model.
KeywordsCertificateless encryption scheme Malicious KGC attack Standard model
This work was supported by National Science Foundation of China (Grant Nos. 61373158, 61472165 and 61732021), Guangdong Provincial Engineering Technology Research Center on Network Security Detection and Defence (Grant No. 2014B090904067), Guangdong Provincial Special Funds for Applied Technology Research and Development and Transformation of Important Scientific and Technological Achieve (Grant No. 2016B010124009), the Zhuhai Top Discipline–Information Security, Guangzhou Key Laboratory of Data Security and Privacy Preserving, Guangdong Key Laboratory of Data Security and Privacy Preserving.
- 3.Au, M., Chen, J., Liu, J., Mu, Y., Wong, D., Yang G.: Malicious KGC attacks in certificateless cryptography. In: Deng, R., Samarati, P. (eds.) ASIACCS 2007, pp. 302–311. ACM Press (2007)Google Scholar
- 6.Bentahar, K., Farshim, P., Malone-Lee, J., Smart, N.: Generic construction of identity-based and certificateless KEMs. Cryptology ePrint Archive: Report 2005/058 (2005). http://eprint.iacr.org/2005/058
- 7.Cheng, Z., Comley, R.: Efficient certificateless public key encryption. Cryptology ePrint Archive: Report 2005/012 (2005). http://eprint.iacr.org/2005/012
- 8.Dent, A.: A survey of certificateless encryption schemes and security models. Cryptology ePrint Archive, Report 2006/211 (2006)Google Scholar
- 15.Shen, L., Zhang, F., Li, S.: Cryptanalysis of a certificateless encryption scheme in the standard model. In: 4th International Conference on Intelligent Networking and Collaborative Systems, INCos 2012 (2012)Google Scholar