Certificate-Based Encryption Resilient to Key Leakage

Certificate-based encryption (CBE) is an important class of public key encryption but the existing schemes are secure only under the premise that the decryption key (or private key) and master private key are absolutely secret. In fact, a lot of side channel attacks and cold boot attacks can leak secret information of a cryptographic system. In this case, the security of the cryptographic system is destroyed, so a new model called leakage-resilient (LR) cryptography is introduced to solve this problem. While some traditional public key encryption and identity-based encryption with resilient-leakage schemes have been constructed, as far as we know, there is no leakage-resilient scheme in certificate-based cryptosystems. This paper puts forward the first certificate-based encryption scheme which can resist not only the decryption key leakage but also the master secret key leakage. Based on composite order bilinear group assumption, the security of the scheme is proved by using dual system encryption. The relative leakage rate of key is close to 1/3

Forward-Secure Certificate-Based Encryption and its Generic Construction

Abstract—In this paper, we introduce a new asymmetric encryption paradigm called Forward-Secure Certificate-Based Encryption. It preserves the advantages of certificatebased encryption (CBE) such as implicit certificate and no private key escrow. At the same time it also inherits the properties of the forward-secure public key encryption. In a forward-secure CBE scheme, all users ’ private keys are updated at regular periods throughout the lifetime of the system; exposure of a user’s private key corresponding to a given time period does not enable an adversary to break the security of the ciphertext sent to this user for any prior time period. We first provide the formal definition for forwardsecure CBE and its security model. Then we propose a generic construction of forward-secure CBE and prove it to be secure against chosen plaintext attacks in the standard model. We also describe how this construction can be enhanced to achieve security against adaptive chosenciphertext attacks both in the standard model and in the random oracle model. Finally, a concrete forward-secure CBE scheme is constructed. Index Terms—asymmetric encryption, certificate-based encryption, forward-security, generic constructio