An Efficient Certificateless Encryption for Secure Data Sharing in Public Clouds

We propose a mediated certificateless encryption scheme without pairing operations for securely sharing sensitive information in public clouds. Mediated certificateless public key encryption (mCL-PKE) solves the key escrow problem in identity based encryption and certificate revocation problem in public key cryptography. However, existing mCL-PKE schemes are either inefficient because of the use of expensive pairing operations or vulnerable against partial decryption attacks. In order to address the performance and security issues, in this paper, we first propose a mCL-PKE scheme without using pairing operations. We apply our mCL-PKE scheme to construct a practical solution to the problem of sharing sensitive information in public clouds. The cloud is employed as a secure storage as well as a key generation center. In our system, the data owner encrypts the sensitive data using the cloud generated users’ public keys based on its access control policies and uploads the encrypted data to the cloud. Upon successful authorization, the cloud partially decrypts the encrypted data for the users. The users subsequently fully decrypt the partially decrypted data using their private keys. The confidentiality of the content and the keys is preserved with respect to the cloud, because the cloud cannot fully decrypt the information. We also propose an extension to the above approach to improve the efficiency of encryption at the data owner. We implement our mCL-PKE scheme and the overall cloud based system, and evaluate its security and performance. Our results show that our schemes are efficient and practical

Black-Box Constructions of Signature Schemes in the Bounded Leakage Setting

To simplify the certificate management procedures, Shamir introduced the concept of identity-based cryptography (IBC). However, the key escrow problem is inherent in IBC. To get rid of it, Al-Riyami and Paterson introduced in 2003 the notion of certificateless cryptography (CLC). However, if a cryptosystem is not perfectly implemented, adversaries would be able to obtain part of the system\u27s secret state via side-channel attacks, and thus may break the system. This is not considered in the security model of traditional cryptographic primitives. Leakage-resilient cryptography was then proposed to prevent adversaries from doing so. There are fruitful works on leakage-resilient encryption schemes, while there are not many on signature schemes in the leakage setting. In this work, we review the folklore generic constructions of identity-based signature and certificateless signature, and show that if the underlying primitives are leakage-resilient, so are the resulting identity-based signature scheme and certificateless signature scheme. The leakage rate follows the minimum one of the underlying primitives. We also show some instantiations of these generic constructions

Cryptanalysis of Certificateless Signcryption Schemes and an Efficient Construction Without Pairing

Certificateless cryptography introduced by Al-Riyami and Paterson eliminates the key escrow problem inherent in identity based cryptosystems. Even though building practical identity based signcryption schemes without bilinear pairing are considered to be almost impossible, it will be interesting to explore possibilities of constructing such systems in other settings like certificateless cryptography. Often for practical systems, bilinear pairings are considered to induce computational overhead. Signcryption is a powerful primitive that offers both confidentiality and authenticity to noteworthy messages. Though some prior attempts were made for designing certificateless signcryption schemes, almost all the known ones have security weaknesses. Specifically, in this paper we demonstrate the security weakness of the schemes in \cite{BF08}, \cite{DRJR08} and \cite{CZ08}. We also present the first provably secure certificateless signcryption scheme without bilinear pairing and prove it in the random oracle model

A supplement to Liu et al.\u27s certificateless signcryption scheme in the standard model

Recently, Liu et al. proposed the first certificateless signcryption scheme without random oracles and proved it was semantically secure in the standard model. However, Selvi et al. launched a fatal attack to its confidentiality by replacing users\u27 public keys, thus pointed out this scheme actually doesn\u27t reach the semantic security as claimed. In this paper, we come up with a rescue scheme based on Liu et al.\u27s original proposal. A Schnorr-based one-time signature is added to each user\u27s public key, which is used to resist Selvi et al.\u27s attack. In addition, according to the mistake made in Liu et al.\u27s security proof, we also show that our improvement is really secure in the standard model under the intractability of the decisional bilinear Diffie-Hellman assumption

Certificateless Signcryption without Pairing

Certificateless public key cryptography is receiving significant attention because it is a new paradigm that simplifies the traditional PKC and solves the inherent key escrow problem suffered by ID-PKC. Certificateless signcryption is one of the most important security primitives in CL-PKC. However, to the best of our knowledge, all constructions of certificateless signcryption (CLSC) in the literature are built from bilinear maps which need costly operations. In the paper, motivated by certificateless encryption schemes proposed in [3, 21], we present a pairing-free CLSC scheme, which is more efficient than all previous constructions

Certificateless Public Key Signature Schemes from Standard Algorithms

Certificateless public key cryptography (CL-PKC) is designed to have succinct public key management without using certificates at the same time avoid the key-escrow attribute in the identity-based cryptography. However, it appears difficult to construct CL-PKC schemes from standard algorithms. Security mechanisms employing self-certified key (also known as implicit certificate) can achieve same goals. But there still lacks rigorous security definitions for implicit-certificate-based mechanisms and such type of schemes were not analyzed formally and often found vulnerable to attacks later. In this work, we first unify the security notions of these two types of mechanisms within an extended CL-PKC formulation. We then present a general key-pair generation algorithm for CL-PKC schemes and use it with the key prefixing technique to construct certificateless public key signature (CL-PKS) schemes from standard algorithms. The security of the schemes is analyzed within the new model, and it shows that the applied technique helps defeat known-attacks against existing constructions. The resulting schemes could be quickly deployed based on the existing standard algorithm implementations. They are particularly useful in the Internet of Things (IoT) to provide security services such as entity authentication, data integrity and non-repudiation because of their low computation cost, bandwidth consumption and storage requirement

TOWARD CERTIFICATELESS SIGNCRYPTION SCHEME WITHOUT RANDOM ORACLES

Signcryption is a useful paradigm which simultaneously offers both the functions of encryption and signature in a single logic step. It would be interesting to make signcryption certificateless to ease the heavy burden of certificate management in traditional public key cryptography (PKC) and solve the key escrow problem in Identity-based public key cryptography (ID-PKC). Most certificateless signcryption (CL-SC) schemes are constructed in the random oracle model instead of the standard model. By exploiting Bellare and Shoup\u27s one-time signature, Hwang et al.\u27s certificateless encryption and Li et al.\u27s identity-based signcryption, this paper proposes a new CL-SC scheme secure in the standard model. It is proven that our CL-SC scheme satisfies semantic security and unforgeability against the outside adversary and malicious-but-passive key generation center (KGC) assuming the hardness of bilinear decision Diffie-Hellman (BDDH) and computational Diffie-Hellman (CDH) problems. Our security proofs do not depend on random oracles