Leakage-Resilient Revocable Identity-Based Signature with Cloud Revocation Authority

Wu, Jui-Di; Tseng, Yuh‐Min; Huang, Sen–Shan; Tsai, Tung-Tso

doi:10.15388/20-infor406

Cited by 7 publications

(5 citation statements)

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In contrast, in the continual leakage model, adversaries may continually get leaked information of secret keys for each invocation of cryptographic scheme/protocol. Indeed, the continual leakage model is more accredited (Galindo and Virek, 2013;Wu et al, 2019Wu et al, , 2020Tseng et al, 2020;Hsieh et al, 2020;Tsai et al, 2021) and it consists of four properties as follows:…”

Section: Related Workmentioning

confidence: 99%

Leakage-Resilient Revocable Certificateless Encryption with an Outsourced Revocation Authority

Tseng¹,

Huang²,

Tsai³

et al. 2022

Informatica

Self Cite

View full text Add to dashboard Cite

To resolve both certificate management and key escrow problems, a certificateless public-key system (CLPKS) has been proposed. However, a CLPKS setting must provide a revocation mechanism to revoke compromised users. Thus, a revocable certificateless public-key system (RCLPKS) was presented to address the revocation issue and, in such a system, the key generation centre (KGC) is responsible to run this revocation functionality. Furthermore, a RCLPKS setting with an outsourced revocation authority (ORA), named RCLPKS-ORA setting, was proposed to employ the ORA to alleviate the KGC’s computational burden. Very recently it was noticed that adversaries may adopt side-channel attacks to threaten these existing conventional public-key systems (including CLPKS, RCLPKS and RCLPKS-ORA). Fortunately, leakage-resilient cryptography offers a solution to resist such attacks. In this article, the first leakage-resilient revocable certificateless encryption scheme with an ORA, termed LR-RCLE-ORA scheme, is proposed. The proposed scheme is formally shown to be semantically secure against three types of adversaries in the RCLPKS and RCLPKS-ORA settings while resisting side-channel attacks. In the proposed scheme, adversaries are allowed to continually extract partial ingredients of secret keys participated in various computational algorithms of the proposed scheme while retaining its security.

show abstract

Section: Related Workmentioning

confidence: 99%

Leakage-Resilient Revocable Certificateless Encryption with an Outsourced Revocation Authority

Tseng¹,

Huang²,

Tsai³

et al. 2022

Informatica

Self Cite

View full text Add to dashboard Cite

show abstract

“…Galindo and Vivek [31] and Wu et al [32] give CLR signature schemes under the general bilinear group assumption. It is generally considered that the bilinear group model is weaker than the standard model.…”

Section: Leakage-resilient Signaturementioning

confidence: 99%

“…References [18,19,32] construct continuous leakageresilient signature schemes, respectively. In these schemes, the relative leakage rate of the private key is very small.…”

Section: Leakage Performance and Comparisonsmentioning

confidence: 99%

See 1 more Smart Citation

Fully Secure ID-Based Signature Scheme with Continuous Leakage Resilience

Yu¹,

Ji³

2022

Security and Communication Networks

View full text Add to dashboard Cite

The side channel attacks will lead to the destruction of the security of the traditional cryptographic scheme. Leakage-resilient identity-based signature has attracted great attention. Based on the dual system encryption technology, we construct an identity-based signature scheme that can resist continuous private key leakage. In the standard model, the security of the scheme is proved. The key points of our leakage-resilient signature scheme are as follows: (1) The private key can be extended according to the security requirements. In other words, when the leakage is serious, we can select a bigger value n, where n is a parameter related to the leakage rate. (2) An elaborate key update algorithm makes the scheme resist continuous leakage attacks. Furthermore, the updated private key has the same distribution as the previous private key. (3) The proposed scheme is fully secure in the standard model rather than in the random oracle model or in the general group model. In order to achieve this goal, we use dual system encryption technology. Thus, the security of the constructed scheme does not depend on the number of queries of the attacker.

show abstract

“…To resist such leakage attacks, researchers offer leakage-resilient cryptography as a solution. In the past, numerous leakage-resilient signature (LRS) schemes (Galindo and Virek, 2013;Wu et al, 2019;Tseng et al, 2020;Wu et al, 2020b), leakage-resilient encryption (LRE) schemes (Kiltz and Pietrzak, 2010;Galindo et al, 2016;Wu et al, 2018Wu et al, , 2020aTseng et al, 2022), and leakage-resilient authenticated key agreement protocols (Tseng et al, 2021;Peng et al, 2021;Tsai et al, 2022) under various PKS settings have been published in the literature.…”

Section: Introductionmentioning

confidence: 99%

Fully Continuous Leakage-Resilient Certificate-Based Signcryption Scheme for Mobile Communications

Tseng¹,

Tsai²,

Huang³

2022

Informatica

View full text Add to dashboard Cite

Due to the popularity of mobile communication, many computing devices are exposed to remote environments without physical protection so that these devices easily suffer from leakage attacks (e.g., side-channel attacks). Under such leakage attacks, when a computing device performs some cryptographic algorithm, an adversary may acquire partial bits of secret keys participated in this cryptographic algorithm. To resist leakage attacks, researchers offer leakage-resilient cryptography as a solution. A signcryption scheme combines signing and encrypting processes to simultaneously provide both authentication and confidentiality, which is an important cryptographic primitive. Indeed, many leakage-resilient signcryption schemes under various public key system (PKS) settings were proposed. Unfortunately, these schemes still have two shortcomings, namely, bounded leakage resilience and conditionally continuous leakage resilience. In this paper, a “fully” continuous leakage-resilient certificate-based signcryption (FCLR-CBSC) scheme is proposed. Security analysis is formally proved to show that our scheme possesses both authentication and confidentiality against two types of adversaries in the certificate-based PKS setting. Performance analysis and simulation experience show that our scheme is suited to run on both a PC and a mobile device.

show abstract

Leakage-Resilient Revocable Identity-Based Signature with Cloud Revocation Authority

Cited by 7 publications

References 27 publications

Leakage-Resilient Revocable Certificateless Encryption with an Outsourced Revocation Authority

Leakage-Resilient Revocable Certificateless Encryption with an Outsourced Revocation Authority

Fully Secure ID-Based Signature Scheme with Continuous Leakage Resilience

Fully Continuous Leakage-Resilient Certificate-Based Signcryption Scheme for Mobile Communications

Contact Info

Product

Resources

About