Generic Construction of Certificate Based Encryption from Certificateless Encryption Revisited

Certificateless public key encryption (CLE) and certificate based encryption (CBE) are two novel public key cryptographic primitives requiring no authenticity verification of the recipient\u27s public key. Both of them are motivated to simultaneously solve the heavy certificate management problem inherent in the traditional public key encryption (PKE) and the key escrow problem inherent in the identity-based encryption (IBE). It is an attractive cryptographic task to formally explore the relation between CBE and CLE. In 2005, Al-Riyami and Paterson proposed one general conversion from CLE to CBE. Shortly later, Kang and Park pointed out a flaw in the security proof of Al-Riyami-Paterson conversion. In 2012, Wu et al. proposed another generic conversion from CLE to CBE. Compared with Al-Riyami-Paterson conversion, Wu et al.\u27s method can be proved secure, but it has to additionally involve collision resistant hash functions. It remains an open problem whether the generic conversion due to Al-Riyami and Paterson, which is very neat, is provably secure. We aim to solve this open problem. First, we formalize CLE\u27s new security model, featured by introducing a new security property overlooked by previous security models. With this new security model as the basic technique, we succeed in proving that the Al-Riyami-Paterson generic conversion from CLE to CBE is secure, if the CLE scheme is secure in our new security model. A concrete provably secure CBE scheme is presented to demonstrate the application of our result

A Heterogeneous Systems Public Key Encryption with Equality Test in Smart City

Smart cities have been identified as areas which are urbanized and utilize diverse types of electronic data collection sensors that are used to oversee resources and assets efficiently. Smart meters are a unit of smart cities and they collect information about users and their consumption patterns. Consequently, the Internet of Things (IoT) being at a steady evolution has prompted multiple users into having their data collected from smart meters, stored on cloud servers. This is a way of saving costs and time involved in accessing the data. In spite of that, the cloud-assisted IoT faces privacy and security issues. This is as a result of the cloud servers possessing an untrusted nature. Due to this, it is essential for the data accumulated from the smart meters be encrypted hitherto outsourcing it to the cloud server. However, having encrypted data in the cloud server leads to a complication when it comes to accessing the data. For users who are on a different public key system, it becomes illogical for the users to first download the entire data on the cloud in order to access the required data. Therefore to resolve this issue, a heterogeneous systems public key encryption with equality test (HS-PKE-ET) scheme was proposed. The HS-PKE-ET scheme integrates certificateless public cryptography with equality test (CLC-ET) with the public key encryption with equality test (PKI-ET). This scheme allows an authorized cloud server to determine if two encryptions encrypted within heterogeneous systems possess equivalent messages. Basing on the random oracle model, the proposed scheme’s security is stated under the bilinear Diffie-Hellman assumption together with the computational Diffie-Hellman assumption. Ultimately the size of storage, computation complexities and properties with other related works are focused on and illustrations indicate our proposed scheme reflects a good performance

Further Observations on Certificate-Base Encryption and its Generic Construction from Certificateless Public Key Encryption

Certificate-based encryption (CBE) is a new asymmetric encryption paradigm which was introduced to solve the certificate management problem in traditional public key encryption (PKI). It combines PKE and identity-based encryption (IBE) while preserving some of their most attractive features. CBE provides an efficient implicit certificate mechanism which eliminates the third-party queries and simplifies the certificate revocation problem in the traditional PKI. It also solves the key escrow problem and key distribution problem inherent in IBE. In this paper, we introduce the key replacement attack and the malicious-but-passive certifier attack into CBE, and define a class of new security models for CBE under different security levels according to the power of the adversaries against CBE. Our new security models are more elaborated and stronger compared with other existing ones. Then, we propose a generic construction of CBE from certificateless public key encryption and prove its security under the proposed security models in the standard model. We also show a concrete conversion using the proposed generic construction

Cryptanalysis and improvement of an efficient certificateless signature scheme

In traditional digital signature schemes, certificates signed by a trusted party are required to ensure the authenticity of the public key. In Asiacrypt 2003, the concept of certificateless signature scheme was introduced. The advantage of certificate-less public key cryptography successfully eliminates the necessity of certificates in the traditional public key cryptography and simultaneously solves the inherent key escrow problem suffered in identity-based cryptography. Recently, Yap et al. proposed an efficient certificateless signature scheme and claimed that their scheme is existentially unforgeable in the random oracle model. In this paper, we show that the certificateless signature scheme proposed by Yap et al. is insecure against public key replacement attacks. Furthermore, we propose an improved certificateless signature scheme, which is existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model and provide the security proof of the proposed scheme

Black-Box Constructions of Signature Schemes in the Bounded Leakage Setting

To simplify the certificate management procedures, Shamir introduced the concept of identity-based cryptography (IBC). However, the key escrow problem is inherent in IBC. To get rid of it, Al-Riyami and Paterson introduced in 2003 the notion of certificateless cryptography (CLC). However, if a cryptosystem is not perfectly implemented, adversaries would be able to obtain part of the system\u27s secret state via side-channel attacks, and thus may break the system. This is not considered in the security model of traditional cryptographic primitives. Leakage-resilient cryptography was then proposed to prevent adversaries from doing so. There are fruitful works on leakage-resilient encryption schemes, while there are not many on signature schemes in the leakage setting. In this work, we review the folklore generic constructions of identity-based signature and certificateless signature, and show that if the underlying primitives are leakage-resilient, so are the resulting identity-based signature scheme and certificateless signature scheme. The leakage rate follows the minimum one of the underlying primitives. We also show some instantiations of these generic constructions

Pairing-based cryptosystems and key agreement protocols.

For a long time, pairings on elliptic curves have been considered to be destructive in elliptic curve cryptography. Only recently after some pioneering works, particularly the well-known Boneh-Franklin identity-based encryption (IBE), pairings have quickly become an important tool to construct novel cryptographic schemes. In this thesis, several new cryptographic schemes with pairings are proposed, which are both efficient and secure with respect to a properly defined security model, and some relevant previous schemes are revisited. IBE provides a public key encryption mechanism where a public key can be an arbitrary string such as an entity identifier and unwieldy certificates are unnecessary. Based on the Sakai-Kasahara key construction, an IBE scheme which is secure in the Boneh-Franklin IBE model is constructed, and two identity-based key encapsulation mechanisms are proposed. These schemes achieve the best efficiency among the existing schemes to date. Recently Al-Riyami and Paterson introduced the certificateless public key encryption (CL-PKE) paradigm, which eliminates the need of certificates and at the same time retains the desirable properties of IBE without the key escrow problem. The security formulation of CL-PKE is revisited and a strong security model for this type of mechanism is defined. Following a heuristic approach, three efficient CL-PKE schemes which are secure in the defined strong security model are proposed. Identity-based two-party key agreement protocols from pairings are also investigated. The Bellare-Rogaway key agreement model is enhanced and within the model several previously unproven protocols in the literature are formally analysed. In considering that the user identity may be sensitive information in many environments, an identity-based key agreement protocol with unilateral identity privacy is proposed

Cryptanalysis of a certificateless aggregate signature scheme

Recently, Nie et al. proposed a certificateless aggregate signature scheme. In the standard security model considered in certificateless cryptography, we are dealing with two types of adversaries. In this paper, we show that Nie et al.\u27s scheme is insecure against the adversary of the first type. In other words, although they claimed that their proposed scheme is existentially unforgeable against adaptive chosen message attack considering the adversaries in certificateless settings, we prove that such a forgery can be done