An Efficient and Provably Secure Certificateless Key Insulated Encryption with Applications to Mobile Internet

Certificateless encryption (CLE) alleviates the heavy certificate management in traditional public key encryption and the key escrow problem in the ID-based encryption simultaneously. Current CLE schemes assumed that the user’s secret key is absolutely secure. Unfortunately, this assumption is too strong in case the CLE is deployed in the hostile setting and the leakage of the secret key is inevitable. In this paper, we present a new concept called a certificateless key insulated encryption scheme(CL-KIE). We argue that this is an important cryptographic primitive that can be used to achieve key-escrow free and keyexposure resilience. We also present an efficient CL-KIE scheme based on bilinear pairing. After that, the security of our scheme is proved under the Bilinear Diffie-Hellman assumption in the random oracle model. Further, the potential applications of CL-KIE is also briefly illustrated.

[1]  Limin Shen,et al.  Efficient certificateless encryption withstanding attacks from malicious KGC without using random oracles , 2014, Secur. Commun. Networks.

[2]  Junji Shikata,et al.  Unconditionally Secure Key Insulated Cryptosystems: Models, Bounds and Constructions , 2002, ICICS.

[3]  Guang Yang,et al.  Mitigating Key Escrow in Attribute-Based Encryption , 2015, Int. J. Netw. Secur..

[4]  Kenneth G. Paterson,et al.  Certificateless Encryption Schemes Strongly Secure in the Standard Model , 2008, Public Key Cryptography.

[5]  Hideki Imai,et al.  Parallel Key-Insulated Public Key Encryption , 2006, Public Key Cryptography.

[6]  N. Ravi Shankar,et al.  A New Modular Multiplication Method in Public Key Cryptosystem , 2013, Int. J. Netw. Secur..

[7]  Jean-Jacques Quisquater,et al.  On Constructing Certificateless Cryptosystems from Identity Based Encryption , 2006, Public Key Cryptography.

[8]  V. P. Jagathy Raj,et al.  Practical Implementation of a Secure Email System Using Certificateless Cryptography and Domain Name System , 2016, Int. J. Netw. Secur..

[9]  Gene Itkis,et al.  SiBIR: Signer-Base Intrusion-Resilient Signatures , 2002, CRYPTO.

[10]  Wei Chen,et al.  An ID-based online/offline signature scheme without random oracles for wireless sensor networks , 2012, Personal and Ubiquitous Computing.

[11]  Carl Youngblood,et al.  An Introduction to Identity-based Cryptography , 2006 .

[12]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[13]  Joonsang Baek,et al.  Certificateless Public Key Encryption Without Pairing , 2005, ISC.

[14]  Bo Zhu,et al.  Key-Insulated Encryption Based Key Pre-distribution Scheme for WSN , 2009, ISA.

[15]  Mihir Bellare,et al.  Protecting against key-exposure: strongly key-insulated encryption with optimal threshold , 2005, Applicable Algebra in Engineering, Communication and Computing.

[16]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[17]  Hui Li,et al.  Short-ciphertext and BDH-based CCA2 secure certificateless encryption , 2010, Science China Information Sciences.

[18]  Chunxiang Xu,et al.  A Practical Forward-Secure Public-Key Encryption Scheme with Untrusted Update , 2015, Int. J. Netw. Secur..

[19]  Li Ling,et al.  General and Efficient Certificateless Public Key Encryption Constructions , 2007, Pairing.

[20]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[21]  Taher El Gamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, IEEE Trans. Inf. Theory.