Forward-Secure Certificate-Based Encryption and its Generic Construction

In this paper, we introduce a new asymmetric encryption paradigm called Forward-Secure Certificate-Based Encryption. It preserves the advantages of certificate-based encryption (CBE) such as implicit certificate and no private key escrow. At the same time it also inherits the properties of the forward-secure public key encryption. In a forward-secure CBE scheme, all users’ private keys are updated at regular periods throughout the lifetime of the system; exposure of a user’s private key corresponding to a given time period does not enable an adversary to break the security of the ciphertext sent to this user for any prior time period. We first provide the formal definition for forward-secure CBE and its security model. Then we propose a generic construction of forward-secure CBE and prove it to be secure against chosen plaintext attacks in the standard model. We also describe how this construction can be enhanced to achieve security against adaptive chosen-ciphertext attacks both in the standard model and in the random oracle model. Finally, a concrete forward-secure CBE scheme is constructed.

[1]  Jonathan Katz,et al.  Chosen-Ciphertext Security from Identity-Based Encryption , 2004, SIAM J. Comput..

[2]  Yang Lu,et al.  Constructing Efficient Certificate-based Encryption with Paring , 2009, J. Comput..

[3]  Tatsuaki Okamoto,et al.  How to Enhance the Security of Public-Key Encryption at Minimum Cost , 1999, Public Key Cryptography.

[4]  Kenneth G. Paterson,et al.  CBE from CL-PKE: A Generic Construction and Efficient Schemes , 2005, Public Key Cryptography.

[5]  Kenneth G. Paterson,et al.  Certificateless Public Key Cryptography , 2003 .

[6]  Zhenfu Cao,et al.  A Certificate-Based Proxy Cryptosystem with Revocable Proxy Decryption Power , 2007, INDOCRYPT.

[7]  Craig Gentry,et al.  Certificate-Based Encryption and the Certificate Revocation Problem , 2003, EUROCRYPT.

[8]  Paul C. van Oorschot,et al.  Authentication and authenticated key exchanges , 1992, Des. Codes Cryptogr..

[9]  W. Marsden I and J , 2012 .

[10]  Yang Lu,et al.  Generic Construction of Certificate-Based Encryption in the Standard Model , 2009, 2009 Second International Symposium on Electronic Commerce and Security.

[11]  Paz Morillo,et al.  Improved certificate-based encryption in the standard model , 2008, J. Syst. Softw..

[12]  Joseph K. Liu,et al.  Efficient Certificate-Based Encryption in the Standard Model , 2008, SCN.

[13]  Ross J. Anderson,et al.  Two remarks on public key cryptology , 2002 .

[14]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[15]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[16]  Tatsuaki Okamoto,et al.  Secure Integration of Asymmetric and Symmetric Encryption Schemes , 1999, Journal of Cryptology.

[17]  Jonathan Katz,et al.  Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity-Based Encryption , 2005, CT-RSA.

[18]  Mihir Bellare,et al.  Random oracles are practical: a paradigm for designing efficient protocols , 1993, CCS '93.

[19]  이필중 Identity-based Cryptography in Public Key Management , 2004 .

[20]  Mihir Bellare,et al.  Relations among Notions of Security for Public-Key Encryption Schemes , 1998, IACR Cryptol. ePrint Arch..

[21]  Carlisle M. Adams,et al.  X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP , 1999, RFC.

[22]  Je Hong Park,et al.  Is it possible to have CBE from CL-PKE? , 2005, IACR Cryptol. ePrint Arch..

[23]  Mihir Bellare,et al.  Forward-Security in Private-Key Cryptography , 2003, CT-RSA.

[24]  Christoph G. Günther,et al.  An Identity-Based Key-Exchange Protocol , 1990, EUROCRYPT.

[25]  Yang Lu,et al.  Threshold Certificate-Based Encryption: Definition and Concrete Construction , 2009, 2009 International Conference on Networks Security, Wireless Communications and Trusted Computing.

[26]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[27]  Jonathan Katz,et al.  A Forward-Secure Public-Key Encryption Scheme , 2003, Journal of Cryptology.

[28]  Ran Canetti,et al.  The random oracle methodology, revisited , 2000, JACM.

[29]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[30]  Yang Lu,et al.  Generic Construction of Certificate-Based Encryption , 2008, 2008 The 9th International Conference for Young Computer Scientists.

[31]  Paz Morillo,et al.  Breaking Yum and Lee Generic Constructions of Certificate-Less and Certificate-Based Encryption Schemes , 2006, EuroPKI.