Certificate-based encryption resilient to key leakage

Yu, Qihong; Li, Jiguo; Zhang, Yichen; Wu, Wei; Huang, Xinyi; Xiang, Yang

doi:10.1016/j.jss.2015.05.066

Cited by 43 publications

(19 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Based on certificate-based public-key settings, little work addresses the design of leakage-resilient certificate-based encryption (LR-CBE) or leakage-resilient certificate-based key encapsulation (LR-CB-KE) schemes. In 2016, the first LR-CBE scheme was proposed by Yu et al [33]. In their LR-CBE scheme, adversaries are allowed to gain partial information of both the CA's system secret key in the certificate generation phase and the user's private key and certificate in the decryption phase.…”

Section: A Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Leakage-Resilient Certificate-based Key Encapsulation Scheme Resistant to Continual Leakage

Tseng

Huang

et al. 2020

IEEE Open J. Comput. Soc.

View full text Add to dashboard Cite

In the past, the security of most public-key encryption or key encapsulation schemes is shown in an ideal model, where private keys, secret keys and random values are assumed to be absolutely secure to adversaries. However, this ideal model is not practical due to side-channel attacks in the sense that adversaries could gain partial information of these secret values involved in decryption operations by perceiving energy consumption or execution timing. In such a case, these schemes under the ideal model could suffer from side-channel attacks. Recently, leakage-resilient cryptography resistant to side-channel attacks is an emerging research topic. Certificatebased encryption (CBE) or certificate-based key encapsulation (CB-KE) schemes are a class of important public-key encryption. However, little work addresses the design of leakageresilient CBE (LR-CBE) or leakage-resilient CB-KE (LR-CB-KE) schemes. In this paper, we present the first LR-CB-KE scheme with overall unbounded leakage property which permits adversaries to continuously gain partial information of the system secret key of a trusted certificate authority (CA), the private keys and certificates of users, and random values. In the generic bilinear group model, formal security analysis is made to prove that the proposed LR-CB-KE scheme is secure against chosen ciphertext attacks.

show abstract

Section: A Related Workmentioning

confidence: 99%

“…According to the review above, the leakage models of these existing LR-CBE schemes [33], [34], [35] have several restrictions and do not offer complete leakage abilities of adversaries. In this paper, we first present a new continuous leakage model of LR-CB-KE schemes.…”

Section: B Contribution and Organizationmentioning

confidence: 99%

Leakage-Resilient Certificate-based Key Encapsulation Scheme Resistant to Continual Leakage

Tseng

Huang

et al. 2020

IEEE Open J. Comput. Soc.

View full text Add to dashboard Cite

show abstract

“…In addition, CBC also addresses the key escrow and distribution problems. In recent years, CBC has attracted much attention in academic circle and a lot of cryptographic schemes [19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34][35][36] (includeing many certificate-based encryption (CBE) and certificate-based signature (CBS) schemes) have been proposed.…”

Section: Introductionmentioning

confidence: 99%

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

Lu¹,

Li²

2019

KSII TIIS

View full text Add to dashboard Cite

Leakage of secret keys may be the most devastating problem in public key cryptosystems because it means that all security guarantees are missing. The forward security mechanism allows users to update secret keys frequently without updating public keys. Meanwhile, it ensures that an attacker is unable to derive a user's secret keys for any past time, even if it compromises the user's current secret key. Therefore, it offers an effective cryptographic approach to address the private key leakage problem. As an extension of the forward security mechanism in certificate-based public key cryptography, forward-secure certificate-based signature (FS-CBS) has many appealing merits, such as no key escrow, no secure channel and implicit authentication. Until now, there is only one FS-CBS scheme that does not employ the random oracles. Unfortunately, our cryptanalysis indicates that the scheme is subject to the security vulnerability due to the existential forgery attack from the malicious CA. Our attack demonstrates that a CA can destroy its existential unforgeability by implanting trapdoors in system parameters without knowing the target user's secret key. Therefore, it is fair to say that to design a FS-CBS scheme secure against malicious CAs without lying random oracles is still an unsolved issue. To address this problem, we put forward an enhanced FS-CBS scheme without random oracles. Our FS-CBS scheme not only fixes the security weakness in the original scheme, but also significantly optimizes the scheme efficiency. In the standard model, we formally prove its security under the complexity assumption of the square computational Diffie-Hellman problem. In addition, the comparison with the original FS-CBS scheme shows that our scheme offers stronger security guarantee and enjoys better performance.

show abstract

“…Recently, Li et al provided a provably secure identity‐based encryption resilient to post‐challenge continuous auxiliary inputs leakage. In order to solve key escrow problem in IBE, Yu et al presented leakage‐resilient certificate‐based encryption scheme.…”

Section: Introductionmentioning

confidence: 99%

Hierarchical attribute‐based encryption with continuous auxiliary inputs leakage

Guo

Zhang

et al. 2016

Security Comm Networks

Self Cite

View full text Add to dashboard Cite

The continuous auxiliary inputs leakage is more strong side-channel attacks. In this article, we first propose a continuous auxiliary inputs leakage model for the hierarchical attribute-based encryption scheme. Under the security model, an adversary has ability to gain partial updated master keys and updated secret keys continually by certain leakage attacks. Moreover, a resilient-leakage hierarchical attribute-based encryption scheme is constructed. The security proof for this scheme is provided under the standard model. Furthermore, we give the performance comparison between our scheme and relevant scheme.

show abstract

Certificate-based encryption resilient to key leakage

Cited by 43 publications

References 11 publications

Leakage-Resilient Certificate-based Key Encapsulation Scheme Resistant to Continual Leakage

Leakage-Resilient Certificate-based Key Encapsulation Scheme Resistant to Continual Leakage

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

Hierarchical attribute‐based encryption with continuous auxiliary inputs leakage

Contact Info

Product

Resources

About