Cryptanalysis and improvement of a certificateless encryption scheme in the standard model

Certificateless public key cryptography CL-PKC is an important type of public key cryptography, which effectively solves the inherent key escrow problem in identity-based public key cryptography. As the adversarial models in CL-PKC are relatively complex, designing efficient and secure certificateless encryption schemes in the standard model has been an interesting and challenging research topic. In this paper, we give cryptanalysis to an existing certificateless encryption scheme in the standard model. We show its insecurity by demonstrating two kinds of attacks. Then, we modify the original scheme to obtain a secure one. A rigorous security proof of the modified scheme is presented in the standard model based on the decisional bilinear Diffie-Hellman DBDH assumption and decisional truncated q-ABDHE assumption.

[1]  Vipul Goyal,et al.  Reducing Trust in the PKG in Identity Based Cryptosystems , 2007, CRYPTO.

[2]  Yi Mu,et al.  Malicious KGC attacks in certificateless cryptography , 2007, ASIACCS '07.

[3]  Pil Joong Lee,et al.  Generic Construction of Certificateless Encryption , 2004, ICCSA.

[4]  Paz Morillo,et al.  Breaking Yum and Lee Generic Constructions of Certificate-Less and Certificate-Based Encryption Schemes , 2006, EuroPKI.

[5]  Joseph K. Liu,et al.  Efficient Certificate-Based Encryption in the Standard Model , 2008, SCN.

[6]  Kenneth G. Paterson,et al.  CBE from CL-PKE: A Generic Construction and Efficient Schemes , 2005, Public Key Cryptography.

[7]  Dengguo Feng,et al.  On the Security of a Certificateless Public-Key Encryption , 2005, IACR Cryptol. ePrint Arch..

[8]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[9]  Paulo S. L. M. Barreto,et al.  Efficient and Provably-Secure Identity-Based Signatures and Signcryption from Bilinear Maps , 2005, ASIACRYPT.

[10]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[11]  Xiaoyun Wang,et al.  Certificateless Encryption Scheme Secure in Standard Model , 2009 .

[12]  Zhang Lei,et al.  Research on Certificateless Public Key Cryptography , 2011 .

[13]  Craig Gentry,et al.  Practical Identity-Based Encryption Without Random Oracles , 2006, EUROCRYPT.

[14]  Joseph K. Liu,et al.  Certificateless Public Key Encryption Secure against Malicious KGC Attacks in the Standard Model , 2007, IACR Cryptol. ePrint Arch..

[15]  Jean-Jacques Quisquater,et al.  On Constructing Certificateless Cryptosystems from Identity Based Encryption , 2006, Public Key Cryptography.

[16]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[17]  Byoungcheon Lee,et al.  Secure Key Issuing in ID-based Cryptography , 2004, ACSW.