Continuous leakage-resilient certificate-based encryption

Li, Jiguo; Guo, Yuyan; Yu, Qihong; Lu, Yang; Zhang, Yichen; Zhang, Futai

doi:10.1016/j.ins.2016.03.032

Cited by 18 publications

(17 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 2018, Guo et al [34] proposed an efficient LR-CBE scheme, but it only allows adversaries to gain partial information of both the user's private key and certificate in the bounded leakage model. In the continuous leakage model, Li et al [35] proposed a new LR-CBE scheme. However, in their scheme, adversaries are allowed to gain only partial information of the user's private key and certificate, but random values involved in decryption phase and the CA's system secret key are disallowed to be leaked to adversaries.…”

Section: A Related Workmentioning

confidence: 99%

See 1 more Smart Citation

Leakage-Resilient Certificate-based Key Encapsulation Scheme Resistant to Continual Leakage

Tseng

Huang

et al. 2020

IEEE Open J. Comput. Soc.

View full text Add to dashboard Cite

In the past, the security of most public-key encryption or key encapsulation schemes is shown in an ideal model, where private keys, secret keys and random values are assumed to be absolutely secure to adversaries. However, this ideal model is not practical due to side-channel attacks in the sense that adversaries could gain partial information of these secret values involved in decryption operations by perceiving energy consumption or execution timing. In such a case, these schemes under the ideal model could suffer from side-channel attacks. Recently, leakage-resilient cryptography resistant to side-channel attacks is an emerging research topic. Certificatebased encryption (CBE) or certificate-based key encapsulation (CB-KE) schemes are a class of important public-key encryption. However, little work addresses the design of leakageresilient CBE (LR-CBE) or leakage-resilient CB-KE (LR-CB-KE) schemes. In this paper, we present the first LR-CB-KE scheme with overall unbounded leakage property which permits adversaries to continuously gain partial information of the system secret key of a trusted certificate authority (CA), the private keys and certificates of users, and random values. In the generic bilinear group model, formal security analysis is made to prove that the proposed LR-CB-KE scheme is secure against chosen ciphertext attacks.

show abstract

Section: A Related Workmentioning

confidence: 99%

“…According to the review above, the leakage models of these existing LR-CBE schemes [33], [34], [35] have several restrictions and do not offer complete leakage abilities of adversaries. In this paper, we first present a new continuous leakage model of LR-CB-KE schemes.…”

Section: B Contribution and Organizationmentioning

confidence: 99%

Leakage-Resilient Certificate-based Key Encapsulation Scheme Resistant to Continual Leakage

Tseng

Huang

et al. 2020

IEEE Open J. Comput. Soc.

View full text Add to dashboard Cite

show abstract

“…Many ABE schemes [29][30][31][32][33][34][35][36][37][38] were presented in various application domains, such as ABE with outsourced data decryption [29,30,37], ABE with efficient attribute revocation [31], ABE with full verifiability [30], ABE with keyword search function [29,31], traceable ABE [32,33], ABE with leakage resilience [34][35][36], auditable ABE [38], etc. In order to solve key escrow problem, Li et al [39,40] presented two certificate-based encryption schemes with leakage resilience. ABE schemes have wide application in cloud storage [41,42], mobile social networks [43] and smart grid [44].…”

Section: Related Workmentioning

confidence: 99%

Two-Party Attribute-Based Key Agreement Protocol with Constant-Size Ciphertext and Key

Zhang

2018

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

Based on mutual authentication, the session key is established for communication nodes on the open network. In order to satisfy fine-grained access control for cloud storage, the two-party attribute-based key agreement protocol (TP-AB-KA) was proposed. However, the existing TP-AB-KA protocol is high in the cost of computation and communication and is not unfit for application in a mobile cloud setting because mobile devices are generally resource constrained. To solve the above issue, we propose a TP-AB-KA protocol with constant-size ciphertext and key. Our TP-AB-KA protocol is provable security in the standard model. The concrete proof is given under the augmented multisequence of exponents' decisional Diffie-Hellman (aMSE-DDH) hypothesis in the attribute-based BJM model (AB-BJM). Compared with the existing TP-AB-KA protocols, the computation cost and communication cost of our protocol are largely reduced.

show abstract

“…In addition, CBC also addresses the key escrow and distribution problems. In recent years, CBC has attracted much attention in academic circle and a lot of cryptographic schemes [19][20][21][22][23][24][25][26][27][28][29][30][31][32][33][34][35][36] (includeing many certificate-based encryption (CBE) and certificate-based signature (CBS) schemes) have been proposed.…”

Section: Introductionmentioning

confidence: 99%

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

Lu¹,

Li²

2019

KSII TIIS

View full text Add to dashboard Cite

Leakage of secret keys may be the most devastating problem in public key cryptosystems because it means that all security guarantees are missing. The forward security mechanism allows users to update secret keys frequently without updating public keys. Meanwhile, it ensures that an attacker is unable to derive a user's secret keys for any past time, even if it compromises the user's current secret key. Therefore, it offers an effective cryptographic approach to address the private key leakage problem. As an extension of the forward security mechanism in certificate-based public key cryptography, forward-secure certificate-based signature (FS-CBS) has many appealing merits, such as no key escrow, no secure channel and implicit authentication. Until now, there is only one FS-CBS scheme that does not employ the random oracles. Unfortunately, our cryptanalysis indicates that the scheme is subject to the security vulnerability due to the existential forgery attack from the malicious CA. Our attack demonstrates that a CA can destroy its existential unforgeability by implanting trapdoors in system parameters without knowing the target user's secret key. Therefore, it is fair to say that to design a FS-CBS scheme secure against malicious CAs without lying random oracles is still an unsolved issue. To address this problem, we put forward an enhanced FS-CBS scheme without random oracles. Our FS-CBS scheme not only fixes the security weakness in the original scheme, but also significantly optimizes the scheme efficiency. In the standard model, we formally prove its security under the complexity assumption of the square computational Diffie-Hellman problem. In addition, the comparison with the original FS-CBS scheme shows that our scheme offers stronger security guarantee and enjoys better performance.

show abstract

Continuous leakage-resilient certificate-based encryption

Cited by 18 publications

References 16 publications

Leakage-Resilient Certificate-based Key Encapsulation Scheme Resistant to Continual Leakage

Leakage-Resilient Certificate-based Key Encapsulation Scheme Resistant to Continual Leakage

Two-Party Attribute-Based Key Agreement Protocol with Constant-Size Ciphertext and Key

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

Contact Info

Product

Resources

About