Yanli Ren,Shuozhong Wang,Xinpeng Zhang

DOI: https://doi.org/10.1016/j.camwa.2012.01.032

IF: 3.218

2013-01-01

Computers & Mathematics with Applications

Abstract:Parallel key-insulated encryption (PKIE) usually allows two independent helper keys to be alternately used in temporary secret key update operations. At least half of temporary secret keys would be exposed and at least half of ciphertexts could be decrypted if one of the helper keys is exposed. In this paper, we propose a new PKIE scheme with m helper keys, where m∈Z,m>2. If one of the helper keys is exposed, only 1/m temporary secret keys would be exposed and 1/m ciphertexts could be decrypted, so the new PKIE scheme can greatly decrease loss due to key-exposure. The scheme is provably secure without random oracles based on a bilinear group of composite order. Most important, the scheme is practical and much more efficient than the extended ones from the previous PKIE schemes.

Yanli Ren,Dawu Gu

DOI: https://doi.org/10.1016/j.jss.2009.07.046

IF: 3.5

2009-01-01

Journal of Systems and Software

Abstract:In order to mitigate the damages of key-exposure, key-insulated encryption introduces a helper key used to periodically update the decryption key. Under the usual circumstances, frequent updating increases the risk of helper key-exposure. Parallel key-insulated encryption (PKIE) supports frequent key updates without increasing the risk of helper key-exposure. In an identity-based cryptosystem, a private key generator (PKG) uses a master secret key to issue private keys to users based on their identities. In this paper, we propose a new identity-based parallel key-insulated encryption (IBPKIE) scheme which achieves IND-ID-KI-CCA2 security without random oracles. Our IBPKIE scheme has short public parameters and a tight reduction with an additive factor. Hierarchical identity-based cryptography was first proposed in 2002. It allows a root PKG to distribute workload by delegating private key generation and entity authentication tasks to lower-level PKGs. In this paper, we formalize the syntax and security model for a hierarchical identity-based parallel key-insulated encryption (HIBPKIE) scheme. We then propose an HIBPKIE scheme with constant size ciphertext, and prove that it achieves IND-ID-KI-CCA2 security without random oracles. To the best of our knowledge, this is the first HIBPKIE scheme up to now.

Yanli Ren,Shuozhong Wang,Xinpeng Zhang

DOI: https://doi.org/10.6138/jit.2011.12.4.13

2011-01-01

Abstract:The problem of key-exposure is an important issue in modern society due to the growing use of mobile devices. Weng et al. proposed an identity-based parallel key-insulated encryption (IBPKIE) scheme to solve the key-exposure problem in an identity-based cryptosystem. The scheme has long public parameters and a loose security reduction. Ren et al. presented a new IBPKIE scheme which had constant size public parameters and a tight reduction, and then extended it to a hierarchical IBPKIE (HIBPKIE) scheme. However, Wang et al. analyzed two schemes of Ren et al. and showed that they are not secure against chosen-plaintext attack. In this paper, we propose an improved IBPKIE scheme which achieves IND-ID-KI-CPA security without random oracles. Moreover, our scheme has short public parameters and a tight reduction. We then present an HIBPKIE scheme which achieves IND-sID-KI-CPA security without random oracles. In this scheme, the ciphertext size is independent of the level of the hierarchy in the HIBPKIE scheme.

Jian Weng,Shengli Liu,Kefei Chen,Changshe Ma

DOI: https://doi.org/10.1007/11941378_29

2006-01-01

Abstract:In this paper, we apply the parallel key-insulation mechanism to identity-based encryption (IBE) scenarios, and minimize the damage caused by key-exposure in IBE systems. We first formalize the definition and security notions for ID-based parallel key-insulated encryption (IBPKIE) systems, and then propose an IBPKIE scheme based on Water's IBE scheme. To the best of our knowledge, this is the first IBPKIE scheme up to now. Our scheme enjoys two attractive features: (i) it is provably secure without random oracles; (ii) it not only allows frequent key updating, but also does not increase the risk of helper key-exposure.

Xianhui Lu,Jiang Zhang

DOI: https://doi.org/10.1093/nsr/nwab090

IF: 20.6

2021-05-24

National Science Review

Abstract:The invention of public-key cryptography (PKC) by Diffie and Hellman in 1976 is one of two milestones marking the beginning of modern cryptography. The security of a PKC system requires that it should be infeasible to compute the private key from a given public key, which in turn is typically guaranteed by the difficulty in solving some cryptographic-friendly mathematical problems. Among those problems, the integer factorization and discrete logarithm problems play pivotal roles in the development of public-key cryptography. In particular, the assumption that there is no polynomial time (classical) algorithm that solves the above two problems constitutes the basis for the security of almost all currently used public-key cryptosystems, such as RSA and ElGamal. However, Shor [1] found an efficient quantum solving algorithm for the integer factorization and discrete logarithm problems in 1994, which would destroy the security basis for most real deployed PKC systems if large-scale quantum computers become available. The rapid development of quantum technology in recent years suggests that we are getting closer to the quantum crisis of current PKC systems.

multidisciplinary sciences

Libo He,Dongjie Yan,Hu Xiong,Zhiguang Qin

DOI: https://doi.org/10.3969/j.issn.1001-3695.2017.07.054

2017-01-01

Abstract:Certificateless public key encryption(CL-PKE) enjoys the attractive advantages of avoiding heavy certificate management overhead in public key infrastructure and solving the key-escrow in identity-based encryption.This paper combined the parallel key-insulated security notion with the CL-PKE scheme.By this approach,this paper proposed a certificateless parallel key-insulated public key encryption(CL-PKIE) scheme.The new scheme achieves the security requirements in the hostile practical environment by mitigating the problem of the key-leakage.This paper also gave the concrete construction of the CL-PKIE scheme and proved the CL-PKIE scheme was secure against IND-CCA2 attacks in the random oracle model.

Jian Weng,Ke-fei Chen,Xiang-xue Li,Sheng-li Liu,Wei-dong Qiu

DOI: https://doi.org/10.1007/s12204-008-0006-y

2008-01-01

Abstract:To minimize the damage caused by key-exposure in ID-based signatures, in ISPEC'06 Zhou et al (2006) proposed an ID-based key-insulated signature (IBKIS) scheme. However, their scheme is not strong key-insulated, i.e, if a user's helper is compromised, the adversary can derive all of this user's secret keys for any time period. Moreover, in practice, to alleviate the damage in case of key-exposure, secret keys in IBKIS schemes have to be updated at very short intervals, which will increase the risk of helper key-exposure. It is important to note that even for an IBKIS scheme with strong key-insulated security, once a user's helper and one of his secret keys are both compromised, the adversary can also derive all of this user's secret keys for any time period. Is it possible to allow frequent key-updates without increasing the risk of helper key-exposure in IBKIS systems? In this paper, we extend Hanaoka et al (2006) parallel key-insulated mechanism to ID-based signature scenarios, and present an ID-based parallel key-insulated signature (IBPKIS) scheme. Compared with Zhou et al (2006) IBKIS scheme, our scheme enjoys three attractive features: (i) it is strong key-insulated; (ii) it can allow frequent key-updates without increasing the risk of helper key-exposure, and over all, enhances the security of the system; (iii) even if one of a user's helpers and some of his secret keys are both exposed, it is impossible for an adversary to derive all of this user's secret keys.

Jianhong Chen,Kefei Chen,Yongtao Wang,Xiangxue Li,Yu Long,Zhongmei Wan

DOI: https://doi.org/10.15388/informatica.2012.347

2012-01-01

Informatica

Abstract:Key-insulated cryptography is an important technique to protect private keys in identity-based (IB) cryptosytems. Despite the flurry of recent results on IB key-insulated encryption (IBKIE) and signature (IBKIS), a problem regarding the security and efficiency of practicing IBKIE and IBKIS as a joint IB key-insulated signature/encryption scheme with a common set of parameters and keys remains open. To deal with the above question, we propose an identity-based key-insulated signcryption (IBKISC) scheme. Compared with the Sign-then-Encrypt (StE) and Encrypt-then-Sign (EtS) using IBKIE and IBKIS in the standard model, our proposed IBKISC scheme is the fastest with the shortest ciphertext size.

J. Li,X. Chen,H. Tian,C. Gao

DOI: https://doi.org/10.1504/ijahuc.2014.065156

2014-01-01

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:Since the notion of attribute-based encryption (ABE) was proposed, it has been found a lot of important applications such as fine-grained access control. However, the issue of key exposure problem in ABE has been solved completely. This problem is formally addressed and formulated in this paper. More specifically, we propose a new key-insulated ABE (KI-ABE) scheme as a solution to the key exposure problem. The definition and security model of KI-ABE is proposed. Then, a KI-ABE scheme is presented, which is provably secure under the proposed model. The scheme is secure in the remaining time periods against an adversary who compromises the insecure device and obtains secret keys for the periods of its choice. Finally, we show that the scheme also supports user delegation, which is critical when one wants to delegate part of attributes (privileges) to others.

Jian Weng,Shengli Liu,Kefei Chen,Dong Zheng,Weidong Qiu

DOI: https://doi.org/10.1007/978-3-540-79263-5_13

2008-01-01

Abstract:With more and more cryptosystems being deployed on insecure environments such as mobile devices, key exposures appear to be unavoidable. This is perhaps the most devastating attack on a cryptosystem, since it typically means that security is entirely lost. This problem is especially hard to tackle in identity-based encryption (IBE) settings, where the public key is determined as a user's identity and is not desirable to be changed. In this paper, we extend Dodis et al.'s key-insulation idea and present a new paradigm named threshold key-insulation. The new paradigm not only greatly enhances the security of the system, but also provides flexibility and efficiency. To deal with the key-exposure problem in IBE settings, we further propose an identity-based threshold key-insulated encryption (IBTKIE) scheme. The proposed scheme is proved to be semantically secure without random oracles.

Jianhong Chen,Kun Yu,Yu Long,Kefei Chen

DOI: https://doi.org/10.1515/cait-2015-0039

2015-01-01

Cybernetics and Information Technologies

Abstract:To deal with the key-exposure protection problem in attribute-based signature systems, we extend the parallel key-insulated mechanism to attribute-based signature scenarios, and then introduce the primitive of an Attribute-Based Parallel Key-Insulated Signature ABPKIS. After formalizing the definition and security notions for ABPKIS, a concrete ABPKIS scheme is presented. The security of our proposed ABPKIS scheme can be proved on a standard model. According to our knowledge, this is the first ABPKIS scheme up to now. Moreover, this is also the first concrete attribute-based key-insulated signature construction supporting multi-helpers.

Li-Bo He,Dong-Jie Yan,Hu Xiong,Zhi-Guang Qin

DOI: https://doi.org/10.11989/jest.1674-862x.6052718

2018-01-01

Abstract:Certificateless encryption attracts a lot of attention so far by eliminating the key escrow problem in identity-based encryption and public key certificates in the traditional public key cryptography. By considering the threat from the key exposure, it is desirable to incorporate the idea of key-insulated cryptosystem into the certificateless encryption. In this paper, we have designed an efficient certificateless keyinsulated encryption（CL-KIE） scheme to achieve this goal. By our approach, the computational performance of our scheme has been improved significantly in terms of reduction on running time and storage. We also gave the security proof of the new CL-KIE scheme against the chosen plaintext attacks（CPAs） in the random oracle, considering the assumption of the computational Diffie-Hellman（CDH） problem.

Junzuo Lai,Robert H. Deng,Shengli Liu,Weidong Kou

DOI: https://doi.org/10.1007/978-3-642-11925-5_10

2010-01-01

Abstract:Boneh, Canetti, Halevi, and Katz showed a general method for constructing CCA-secure public key encryption (PKE) from any selective-ID CPA-secure identity-based encryption (IBE) schemes. Their approach treated IBE as a black box. Subsequently, Boyen, Mei, and Waters demonstrated how to build a direct CCA-secure PKE scheme from the Waters IBE scheme, which is adaptive-ID CPA secure. They made direct use of the underlying IBE structure, and required no cryptographic primitive other than the IBE scheme itself. However, their scheme requires long public key and the security reduction is loose. In this paper, we propose an efficient PKE scheme employing identity-based techniques. Our scheme requires short public key and is proven CCA-secure in the standard model (without random oracles) with a tight security reduction, under the Decisional Bilinear Diffie-Hellman (DBDH) assumption. In addition, we show how to use our scheme to construct an efficient threshold public key encryption scheme and a public key encryption with non-interactive opening (PKENO) scheme.

Jian Weng,Shengli Liu,Kefei Chen,Xiangxue Li

DOI: https://doi.org/10.1007/11937807_2

2006-01-01

Abstract:Standard identity-based (ID-based) signature schemes typically rely on the assumption that secret keys are kept perfectly secure. However, with more and more cryptographic primitives are deployed on insecure devices (e.g. mobile devices), key-exposure seems inevitable. This problem is perhaps the most devastating attack on a cryptosystem since it typically means that security is entirely lost. To minimize the damage caused by key-exposure in ID-based signatures scenarios, Zhou et al. [32] applied Dodis et al.'s key-insulation mechanism [12] and proposed an ID-based key-insulated signature (IBKIS) scheme. However, their scheme is not strong key-insulated, i.e, if an adversary compromises the helper key, he can derive all the temporary secret keys and sign messages on behalf the legitimate user. In this paper, we re-formalize the definition and security notions for IBKIS schemes, and then propose a new IBKIS scheme with secure key-updates. The proposed scheme is strong key-insulated and perfectly key-insulated. Our scheme also enjoys desirable properties such as unbounded number of time periods and random-access key-updates.

Xin Sun,Jiajia Han,Bang Lv,Changhua Sun,Cheng Zeng

DOI: https://doi.org/10.1371/journal.pone.0312690

IF: 3.7

2024-10-31

PLoS ONE

Abstract:With the rise of the Internet of things, the limitations of traditional PKI certificate authentication technology have progressively emerged. Hence, identity-based public key algorithms have been proposed. In this paper, we propose a new approach to generate an identity key, named identity public key (IPK). IPK identity key generation protocol is based on SM2 elliptic curve cryptography and random matrix theory. It builds upon the concept of combined public key (CPK) and resolves the linear collusion issue of CPK as well as the authenticity verification problem of the declared public key of the simplified TF-CPK by enhancing the identity mapping approach. Another main aim of this paper is to prove the security of the IPK identity key generation protocol. Roughly speaking, we verify the security of each part of the private key and the security of the composite private key. We also increase the function and performance comparison with other schemes, such as IBC(SM9) and TF-CPK. Our scheme has the lowest computation cost, which demonstrates its rationality.

multidisciplinary sciences

Siyue Dong,Zhen Zhao,Baocang Wang,Wen Gao,Shanshan Zhang

DOI: https://doi.org/10.3390/electronics13071256

IF: 2.9

2024-03-29

Electronics

Abstract:Public key encryption with equality test (PKEET) is a cryptographic primitive that enables a tester to determine whether two ciphertexts encrypted with same or different public keys have been generated from the same message without decryption. Previous studies extended PKEET to public key encryption with designated-position fuzzy equality test (PKE-DFET), enabling testers to verify whether plaintexts corresponding to two ciphertexts are equal while ignoring specific bits at designated positions. In this work, we have filled the research gap in the identity-based encryption (IBE) cryptosystems for this primitive. Furthermore, although our authorization method is the all-or-nothing (AoN) type, it overcomes the shortcomings present in the majority of AoN-type authorization schemes. In our scheme, equality tests can only be performed between a ciphertext and a given plaintext. Specifically, even if a tester acquires multiple AoN-type authorizations, it cannot conduct unpermitted equality tests between users. This significantly reduces the risk of user privacy leaks when handling sensitive information in certain scenarios, while still retaining the flexible and simple characteristics of AoN-type authorizations. We use the Chinese national cryptography standard SM9-IBE algorithm to provide the concrete construction of our scheme, enhancing the usability and security of our scheme, while making deployment more convenient. Finally, we prove that our scheme achieves F-OW-ID-CCA security when the adversary has the trapdoor of the challenge ciphertext, and achieves IND-ID-CCA security when the adversary does not have the trapdoor of the challenge ciphertext.

engineering, electrical & electronic,computer science, information systems,physics, applied

Zhen Liu,Duncan S. Wong,Jack Poon

DOI: https://doi.org/10.1145/2897845.2897849

2016-01-01

Abstract:In Identity-Based Encryption (IBE) system, the Private Key Generator (PKG) holds the master secret key and is responsible for generating private keys for the users. This incurs the key-escrow problem, i.e. the PKG can decrypt any user' any ciphertexts without any possible detection. Also, compromising the master secret key will enable an adversary to do anything to the whole system, and having the master secret key be unavailable implies that new users cannot obtain private keys from the PKG, and existing users cannot get their private keys back from the PKG when they lost them. To address the key-escrow problem and protect the master secret key as much as possible with strong security and availability, distributed PKG protocols supporting threshold policy have been adopted in some IBE schemes. In this paper, we propose a distributed PKG protocol that supports the policy to be any monotonic access structures. Also, we propose the first distributed PKG protocol that supports the dynamic changes of the PKGs and the policy, while remaining the master secret key unchanged. The two protocols do not need any third party acting as a trusted dealer to present, and the master secret key should never be generated or resided in any one single site. The protocols are applicable to a generic IBE template, which covers many existing important IBE schemes. When applied to this generic type of IBE schemes, the two distributed PKG protocols do not affect the encryption and decryption algorithms, and only each user knows his own private key.

Zy Le,Oy Yi,J Ford,F Makedon

DOI: https://doi.org/10.1007/978-3-540-30144-8_24

2004-01-01

Abstract:In key-insulated cryptography, there are many private keys with different indexes and a single, fixed public key. When the trust model includes multiple Certification Authorities (CAs), it can be used to shorten the verification path and mitigate the damage caused by the compromise of a CA's private key. Existing work requires that the total number of CAs be fixed and that a trusted keystore store all private keys. This paper presents a hierarchical key-insulated signature scheme, called HKI, which converts existing key-insulated methods to a hierarchical scheme. Our scheme allows the system to repeatedly generate a new private key for a new CA and also provides two important features, namely a shortened verification path and mitigated damage. By basing our approach on a general key-insulated scheme, we have made it possible to take advantage of any future improvements in computation complexity, key length, or robustness in current key-insulated methods.

Yanli Ren,Shuozhong Wang,Xinpeng Zhang,Zhenxing Qian

DOI: https://doi.org/10.1109/mines.2010.96

2010-01-01

Abstract:Anonymous identity-based encryption systems can be used to protect users’ privacy and construct Public key Encryption with Keyword Search (PEKS) schemes where the ciphertext does not leak the identity of the recipient. Currently, there is no anonymous IBE scheme that is fully secure under simple assumptions without random oracles. In this paper, we propose an anonymous IBE scheme using the approach of Dual System Encryption. The scheme is fully secure without random oracles based on decisional bilinear Diffie-Hellman (BDH) and linear assumptions, and the security reduction is tight. These two assumptions are simple and our scheme is more secure than the previous anonymous IBE schemes.