A provably secure certificate-based encryption scheme against malicious CA attacks in the standard model

Lu, Yang; Li, Jiguo

doi:10.1016/j.ins.2016.08.082

Cited by 17 publications

(9 citation statements)

References 46 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In practice, a CA possibly is untrusted and malicious. As shown in [27,35], it is very likely to compromise a target's message privacy or signature unforgeability without the knowledge of the corresponding secret key by injecting some malicious trapdoors into the system. In this paper, we demonstrate that Li et al's FS-CBS scheme [38] is insecure under the existential forgery attack from the malicious CA.…”

Section: Contributionsmentioning

confidence: 99%

“…In addition, CBC also addresses the key escrow and distribution problems. In recent years, CBC has attracted much attention in academic circle and a lot of cryptographic schemes [19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34][35][36] (includeing many certificate-based encryption (CBE) and certificate-based signature (CBS) schemes) have been proposed.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

Lu¹,

Li²

2019

KSII TIIS

View full text Add to dashboard Cite

Leakage of secret keys may be the most devastating problem in public key cryptosystems because it means that all security guarantees are missing. The forward security mechanism allows users to update secret keys frequently without updating public keys. Meanwhile, it ensures that an attacker is unable to derive a user's secret keys for any past time, even if it compromises the user's current secret key. Therefore, it offers an effective cryptographic approach to address the private key leakage problem. As an extension of the forward security mechanism in certificate-based public key cryptography, forward-secure certificate-based signature (FS-CBS) has many appealing merits, such as no key escrow, no secure channel and implicit authentication. Until now, there is only one FS-CBS scheme that does not employ the random oracles. Unfortunately, our cryptanalysis indicates that the scheme is subject to the security vulnerability due to the existential forgery attack from the malicious CA. Our attack demonstrates that a CA can destroy its existential unforgeability by implanting trapdoors in system parameters without knowing the target user's secret key. Therefore, it is fair to say that to design a FS-CBS scheme secure against malicious CAs without lying random oracles is still an unsolved issue. To address this problem, we put forward an enhanced FS-CBS scheme without random oracles. Our FS-CBS scheme not only fixes the security weakness in the original scheme, but also significantly optimizes the scheme efficiency. In the standard model, we formally prove its security under the complexity assumption of the square computational Diffie-Hellman problem. In addition, the comparison with the original FS-CBS scheme shows that our scheme offers stronger security guarantee and enjoys better performance.

show abstract

Section: Contributionsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

Lu¹,

Li²

2019

KSII TIIS

View full text Add to dashboard Cite

show abstract

“…It is worth mentioning that the user must employ both her/his private key and certificate to decrypt a ciphertext and sign a message. In the past, based on the certificate-based public-key settings, numerous cryptographic primitives have been proposed, such as certificatebased encryption [9], [10] and certificate-based signature [11], [12].…”

Section: Introductionmentioning

confidence: 99%

Leakage-Resilient Certificate-based Key Encapsulation Scheme Resistant to Continual Leakage

Tseng

Huang

et al. 2020

IEEE Open J. Comput. Soc.

View full text Add to dashboard Cite

In the past, the security of most public-key encryption or key encapsulation schemes is shown in an ideal model, where private keys, secret keys and random values are assumed to be absolutely secure to adversaries. However, this ideal model is not practical due to side-channel attacks in the sense that adversaries could gain partial information of these secret values involved in decryption operations by perceiving energy consumption or execution timing. In such a case, these schemes under the ideal model could suffer from side-channel attacks. Recently, leakage-resilient cryptography resistant to side-channel attacks is an emerging research topic. Certificatebased encryption (CBE) or certificate-based key encapsulation (CB-KE) schemes are a class of important public-key encryption. However, little work addresses the design of leakageresilient CBE (LR-CBE) or leakage-resilient CB-KE (LR-CB-KE) schemes. In this paper, we present the first LR-CB-KE scheme with overall unbounded leakage property which permits adversaries to continuously gain partial information of the system secret key of a trusted certificate authority (CA), the private keys and certificates of users, and random values. In the generic bilinear group model, formal security analysis is made to prove that the proposed LR-CB-KE scheme is secure against chosen ciphertext attacks.

show abstract

“…Since its invention, CBC has obsorbed great interest from the cryptography community and numerous CBC schemes have been published, including certificate-based encryption (e.g. [9,28,31,32,39,46]), certificate-based signature (e.g. [2,18,21,22,27,30]) and certificate-based signcryption (e.g.…”

Section: Introductionmentioning

confidence: 99%

An Efficient Certificate-Based Authenticated Key Agreement Protocol without Bilinear Pairing

Zhang

et al. 2017

ITC

Self Cite

View full text Add to dashboard Cite

An authenticated key agreement (AKA) protocol is extremely essential to secure communications over insecure public networks. It enables the communication parties to securely set up a shared session key in present of the malicious attackers. Certificate-based cryptography (CBC) is a novel public-key cryptographic primitive that has many attractive merits. It solves the certificate revocation problem in conventional public-key cryptography and the key-escrow problem in identity-based cryptography. Until now, four AKA protocols have been proposed in the setting of CBC. However, all of them adopt the costly bilinear pairings and are not suitable for the devices which have limited computing resources and battery power. Therefore, it is interesting and worthwhile to design a certificate-based AKA protocol without using the bilinear pairings. In this paper, we develop a pairing-free certificate-based AKA protocol. The proposed protocol is proven secure under the classic computational Diffie-Hellman assumption in the random oracle model. Compared with the previous pairing-based certificate-based AKA protocols, the proposed protocol enjoys obvious advantage in the computation efficiency.

show abstract

A provably secure certificate-based encryption scheme against malicious CA attacks in the standard model

Cited by 17 publications

References 46 publications

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

Leakage-Resilient Certificate-based Key Encapsulation Scheme Resistant to Continual Leakage

An Efficient Certificate-Based Authenticated Key Agreement Protocol without Bilinear Pairing

Contact Info

Product

Resources

About