Certiflcateless Public Key Cryptography

Thispaperintroducestheconceptof certiflcateless public key cryptography(CL-PKC). Incontrasttotraditionalpublickeycryptographicsystems,CL-PKCdoesnotrequirethe use of certiflcates to guarantee the authenticity of public keys. It does rely on the use of a trusted third party (TTP) who is in possession of a master key. In these respects, CL-PKC is similar to identity-based public key cryptography (ID-PKC). On the other hand,CL-PKCdoesnotsufierfromthekeyescrowpropertythatseemstobeinherentin ID-PKC. Thus CL-PKC can be seen as a model for the use of public key cryptography that is intermediate between traditional certiflcated PKC and ID-PKC. We make concrete the concept of CL-PKC by introducing certiflcateless public key encryption (CL-PKE), signature and key exchange schemes. We also demonstrate how hierarchical CL-PKC can be supported. The schemes are all derived from pairings on elliptic curves. The lack of certiflcates and the desire to prove the schemes secure in the presenceofanadversarywhohasaccesstothemasterkeyrequiresthecarefuldevelopment of new security models. For reasons of brevity, the focus in this paper is on the security of CL-PKE. We prove that our CL-PKE scheme is secure in a fully adaptive adversarial model,providedthatanunderlyingproblemcloselyrelatedtotheBilinearDi‐e-Hellman Problem is hard.

[1]  Peter Gutmann,et al.  PKI: It's Not Dead, Just Resting , 2002, Computer.

[2]  Theodoulos Garefalakis,et al.  Public key infrastructure in mobile systems , 2002 .

[3]  Florian Hess,et al.  Efficient Identity Based Signature Schemes Based on Pairings , 2002, Selected Areas in Cryptography.

[4]  Nigel P. Smart,et al.  AN IDENTITY BASED AUTHENTICATED KEY AGREEMENT PROTOCOL BASED ON THE WEIL PAIRING , 2001 .

[5]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[6]  Kwangjo Kim,et al.  ID-Based Blind Signature and Ring Signature from Pairings , 2002, ASIACRYPT.

[7]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[8]  Daniel R. Simon,et al.  Non-Interactive Zero-Knowledge Proof of Knowledge and Chosen Ciphertext Attack , 1991, CRYPTO.

[9]  Craig Gentry,et al.  Hierarchical ID-Based Cryptography , 2002, ASIACRYPT.

[10]  Jung Hee Cheon,et al.  An Identity-Based Signature from Gap Diffie-Hellman Groups , 2003, Public Key Cryptography.

[11]  Mihir Bellare,et al.  Relations among Notions of Security for Public-Key Encryption Schemes , 1998, IACR Cryptol. ePrint Arch..

[12]  Tatsuaki Okamoto,et al.  Secure Integration of Asymmetric and Symmetric Encryption Schemes , 1999, CRYPTO.

[13]  Shahrokh Saeednia,et al.  A note on Girault's self-certified model , 2003, Inf. Process. Lett..

[14]  Moni Naor,et al.  Non-malleable cryptography , 1991, STOC '91.

[15]  Paulo S. L. M. Barreto,et al.  Efficient Algorithms for Pairing-Based Cryptosystems , 2002, CRYPTO.

[16]  Paulo S. L. M. Barreto,et al.  Constructing Elliptic Curves with Prescribed Embedding Degrees , 2002, SCN.

[17]  Steven D. Galbraith,et al.  Supersingular Curves in Cryptography , 2001, ASIACRYPT.

[18]  Nigel P. Smart Access Control Using Pairing Based Cryptography , 2003, CT-RSA.

[19]  Hovav Shacham,et al.  Short Signatures from the Weil Pairing , 2001, J. Cryptol..

[20]  Charles Adams,et al.  Understanding Public-Key Infra-structure: Concepts, Standards, and Deployment Con-siderations , 1999 .

[21]  Steven D. Galbraith,et al.  Implementing the Tate Pairing , 2002, ANTS.