8 research outputs found
Cryptographic Schemes based on Elliptic Curve Pairings
This thesis introduces the concept of certificateless public key
cryptography (CLPKC). Elliptic curve pairings are then used to
make concrete CL-PKC schemes and are also used to make other
efficient key agreement protocols.
CL-PKC can be viewed as a model for the use of public key cryptography
that is intermediate between traditional certificated PKC and ID-PKC.
This is because, in contrast to traditional public key cryptographic
systems, CL-PKC does not require the use of certificates to guarantee
the authenticity of public keys. It does rely on the use of a trusted
authority (TA) who is in possession of a master key. In this
respect, CL-PKC is similar to identity-based public key
cryptography (ID-PKC). On the other hand, CL-PKC does not suffer
from the key escrow property that is inherent in ID-PKC.
Applications for the new infrastructure are discussed.
We exemplify how CL-PKC schemes can be constructed by constructing
several certificateless public key encryption schemes and
modifying other existing ID based schemes. The lack of
certificates and the desire to prove the schemes secure in the
presence of an adversary who has access to the master key or has
the ability to replace public keys, requires the careful
development of new security models. We prove that some of our
schemes are secure, provided that the Bilinear Diffie-Hellman
Problem is hard.
We then examine Joux’s protocol, which is a one round, tripartite
key agreement protocol that is more bandwidth-efficient than any
previous three-party key agreement protocol, however, Joux’s protocol
is insecure, suffering from a simple man-in-the-middle attack. We
show how to make Joux’s protocol secure, presenting several tripartite,
authenticated key agreement protocols that still require only one round
of communication. The security properties of the new protocols are
studied. Applications for the protocols are also discussed
Certificateless Public Key Cryptography
This paper introduces the concept of certificateless public key cryptography (CL-PKC). In contrast to traditional public key cryptographic systems, CL-PKC does not require the use of certificates to guarantee the authenticity of public keys. It does rely on the use of a trusted third party (TTP) who is in possession of a master key. In these respects, CL-PKC is similar to identity-based public key cryptography (ID-PKC). On the other hand, CL-PKC does not suffer from the key escrow property that seems to be inherent in ID-PKC. Thus CL-PKC can be seen as a model for the use of public key cryptography that is intermediate between traditional certificated PKC and ID-PKC. We make concrete the concept of CL-PKC by introducing certificateless public key encryption (CL-PKE), signature and key exchange schemes. We also demonstrate how hierarchical CL-PKC can be supported. The schemes are all derived from pairings on elliptic curves. The lack of certificates and the desire to prove the schemes secure in the presence of an adversary who has access to the master key requires the careful development of new security models. For reasons of brevity, the focus in this paper is on the security of CL-PKE. We prove that our CL-PKE scheme is secure in a fully adaptive adversarial model, provided that an underlying problem closely related to the Bilinear Diffie-Hellman Problem is hard
CBE from CL-PKE: A generic construction and efficient scheme
Abstract. We present a new Certificateless Public Key Encryption (CL-PKE) scheme whose security is proven to rest on the hardness of the Bilinear Diffie-Hellman Problem (BDHP) and that is more efficient than the original scheme of Al-Riyami and Paterson. We then give an analysis of Gentry’s Certificate Based Encryption (CBE) concept, repairing a number of problems with the original definition and security model for CBE. We provide a generic conversion showing that a secure CBE scheme can be constructed from any secure CL-PKE scheme. We apply this result to our new efficient CL-PKE scheme to obtain a CBE scheme that improves on the original scheme of Gentry