1 research outputs found
Further observations on certificateless public key encryption
Certificateless public key encryption can be classified into two types, namely, CLE and CLE †, both of which were introduced by Al-Riyami and Paterson in Asiacrypt 2003. Most works about certificateless public key encryption belong to CLE, where the partial secret key is uniquely determined by an entity’s identity. In CLE †, an entity’s partial secret key is not only determined by the identity information but also by his/her (partial) public key. Such techniques can enhance the resilience of certificateless public key encryption against a cheating KGC. In this paper, we first formalize the security definitions of CLE †. After that, we demonstrate the gap between the security model of CLE †and CLE, by showing the insecurity of a CLE †scheme proposed by Lai and Kou in PKC 2007. We give an attack that can successfully break the indistinguishability of their CLE †scheme, although their scheme can be proved secure in the security model of CLE. Therefore, it does not suffice to consider the security of CLE †in the security model of CLE. Finally, we show how to secure Lai-Kou’s scheme by providing a new scheme with the security proof in the model of CLE â€