Zhaohui Cheng,Liqun Chen,Li Ling,Richard Comley

DOI: https://doi.org/10.1007/978-3-540-73489-5_6

2007-01-01

Abstract:In 2003, Al-Riyami and Paterson introduced a new public key encryption paradigm called Certificateless Public Key Encryption (CL-PKE), which like Identity-Based Encryption (IBE) is certificatefree, and meanwhile which unlike IBE but similar to certificate-based encryption is key-escrow-free. In this paper, based on a heuristic observation on some existing IBE schemes and PKE schemes, we propose a general approach to build a CL-PKE solution, which makes use of a simple combination of an IBE scheme, a Diffie-Hellman type key establishment algorithm and a secure hash-function. Following this approach we construct two efficient concrete CL-PKE schemes and formally analyse their security in the random oracle model.

J. Li,X. Chen,H. Tian,C. Gao

DOI: https://doi.org/10.1504/ijahuc.2014.065156

2014-01-01

International Journal of Ad Hoc and Ubiquitous Computing

Abstract:Since the notion of attribute-based encryption (ABE) was proposed, it has been found a lot of important applications such as fine-grained access control. However, the issue of key exposure problem in ABE has been solved completely. This problem is formally addressed and formulated in this paper. More specifically, we propose a new key-insulated ABE (KI-ABE) scheme as a solution to the key exposure problem. The definition and security model of KI-ABE is proposed. Then, a KI-ABE scheme is presented, which is provably secure under the proposed model. The scheme is secure in the remaining time periods against an adversary who compromises the insecure device and obtains secret keys for the periods of its choice. Finally, we show that the scheme also supports user delegation, which is critical when one wants to delegate part of attributes (privileges) to others.

Jingwei Lu,Hongbo Li,Jianye Huang,Sha Ma,Man Ho Allen Au,Qiong Huang

DOI: https://doi.org/10.3390/info14030142

2023-01-01

Information

Abstract:Transforming data into ciphertexts and storing them in the cloud database is a secure way to simplify data management. Public key encryption with keyword search (PEKS) is an important cryptographic primitive as it provides the ability to search for the desired files among ciphertexts. As a variant of PEKS, certificateless public key authenticated encryption with keyword search (CLPAEKS) not only simplifies certificate management but also could resist keyword guessing attacks (KGA). In this paper, we analyze the security models of two recent CLPAEKS schemes and find that they ignore the threat that, upon capturing two trapdoors, the adversary could directly compare them and distinguish whether they are generated using the same keyword. To cope with this threat, we propose an improved security model and define the notion of strong trapdoor indistinguishability. We then propose a new CLPAEKS scheme and prove it to be secure under the improved security model based on the intractability of the DBDH problem and the DDH problem in the targeted bilinear group.

Bin Wu,Caifen Wang,Hailong Yao

DOI: https://doi.org/10.1371/journal.pone.0230722

IF: 3.7

2020-04-09

PLoS ONE

Abstract:With the rapid development of informatization, an increasing number of industries and organizations outsource their data to cloud servers, to avoid the cost of local data management and to share data. For example, industrial Internet of things systems and mobile healthcare systems rely on cloud computing's powerful data storage and processing capabilities to address the storage, provision, and maintenance of massive amounts of industrial and medical data. One of the major challenges facing cloud-based storage environments is how to ensure the confidentiality and security of outsourced sensitive data. To mitigate these issues, He et al. and Ma et al. have recently independently proposed two certificateless public key searchable encryption schemes. In this paper, we analyze the security of these two schemes and show that the reduction proof of He et al.'s CLPAEKS scheme is incorrect, and that Ma et al.'s CLPEKS scheme is not secure against keyword guessing attacks. We then propose a channel-free certificateless searchable public key authenticated encryption (dCLPAEKS) scheme and prove that it is secure against inside keyword guessing attacks under the enhanced security model. Compared with other certificateless public key searchable encryption schemes, this scheme has higher security and comparable efficiency.

Kaifeng Xiao,Xinjian Chen,Jianye Huang,Hongbo Li,Qiong Huang

DOI: https://doi.org/10.1016/j.csi.2023.103758

IF: 3.721

2024-01-01

Computer Standards & Interfaces

Abstract:When data security is facing growing threats, ordinary encryption techniques cannot meet the needs of comparing, sharing, and classifying data hidden in ciphertexts. At the same time, the advent of the quantum computing era has brought unprecedented challenges to traditional cryptography. Fortunately, a lattice-based PKEET scheme can solve the above problems. In this paper, we design a lattice-based PKE-DET scheme that can support the delegated tester function with satisfying anti-quantum computing security and resisting OMRA attacks. To the best of our knowledge, this is the first PKE-DET scheme that has both kinds of security at the same time. Under the standard model, we prove the security of the scheme based on the LWE hardness assumption. Compared with existing schemes, our scheme has many advantages, such as high security, delegated tester authorization, and small storage space.

Ruyuan Zhang,Jiguo Li,Yang Lu,Jinguang Han,Yichen Zhang

DOI: https://doi.org/10.1016/j.ins.2022.03.081

IF: 8.1

2022-07-01

Information Sciences

Abstract:There exists a key escrow issue in ciphertext-policy attribute-based encryption (CP-ABE). The key generator center issues all users' secret keys and can decrypt each ciphertext by calculating the corresponding secret key. Besides, applying CP-ABE in data sharing environment also brings another challenging problem which is users' revocation. To resolve the above issues, we provide a key escrow-free CP-ABE scheme with the user revocation, which withstands collusion attack between malicious users and revoked users. In our scheme, a secret key is calculated utilizing a secure key issuing protocol between key authority (KA) and data user (DU). KA is unable to obtain DU's secret value and generate the complete secret key independently, which solves the key escrow issue. When a user revokes from the system, the secret keys of the unrevoked users require to be updated. We introduce a group manager (GM) to update the unrevoked users' group secret keys and generate a re-encryption key. The re-encryption technology is applied to prevent the revoked users from decrypting ciphertexts. Moreover, the decryption cloud server provider (D-CSP) executes most of decryption operations to decrease computation costs. The performance analysis indicates that our scheme is practical and efficient. The security of the presented scheme is reduced to divisible computable Diffie-Hellman (DCDH) assumption.

computer science, information systems

Hu Xiong,Qianhong Wu,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-24861-0_6

2011-01-01

Abstract:Certificateless authenticated key exchange (CL-AKE) protocols do not suffer from intricate certificate management or heavy trust reliance on a third party. Unfortunately, these advantages are partially counteracted in most CL-AKE protocols which require expensive pairing operations. This paper proposes a new CL-AKE protocol without requiring any pairing operation during the protocol execution, although a pairing map may be required to realize a Decisional Diffie-Hellman (DDH) oracle in the security proof. With implicit authentication, we illustrate modular proofs in a security model incorporating standard definitions of AKE protocols and certificateless cryptography. Analysis shows that our protocol is also efficient.

Manoj Kumar,Harsh Kumar Verma,Geeta Sikka

DOI: https://doi.org/10.1002/ett.3883

IF: 3.6

2020-03-22

Transactions on Emerging Telecommunications Technologies

Abstract:<p>Cloud‐edge (CE) is revolutionizing our modern world with a greater user experience through the Internet of Things (IoT). However, the edge devices, communication bridge between the cloud and users, are repeatedly exhibiting many security flaws which will inevitably lead to massive cyber attacks. Thus, providing a proper security, specifically, the confidentiality and authenticity of sensitive data become a prime focus for many of the researchers. In cryptography, certificateless signcryption (CLSC) is one of the recent public key techniques that meets the requirements of confidentiality and authenticity of sensitive data between parties with minimal overhead. This paper aims to present a new data sharing protocol where the safety of data is achieved through a new CLSC scheme. The proposed CLSC is designed using the bilinear pairing and modular exponentiation operations. Besides, the CLSC is secure based on the intractability of Diffie‐Hellman inversion (DHI) and bilinear‐DHI assumptions without considering the random oracle model (ROM). Performance assessment of proposed CLSC gives satisfactory results after comparing with other related CLSC schemes. Therefore, proposed CLSC can be installed in the cloud‐based edge‐IoT environment where both the authenticity and confidentiality with minimal computational overhead are the essential factors.</p>

telecommunications

Fei Li,Wei Gao,Yilei Wang,Xueli Wang

DOI: https://doi.org/10.4304/jcp.7.12.2987-2996

2012-01-01

Journal of Computers

Abstract:As the combination of certificateless encryption and threshold cryptography, the certificateless threshold decryption (CLTD) scheme can avoid both the single point of failure in the distributed networks and the inherent key escrow problem in identity-based cryptosystem. This paper presents a CLTD schemes from pairings. We use the Shamir secret sharing method to indirectly split the private keys in the group G into the shares in the finite field Zq. Our CLTD scheme succeed in involving much less pairing computation for generating or verifying decryption shares. The decryption share supports short length, fast generation and batch verification. Sharing the private key is completed by its holder himself without needing help from KGC. The security proof is provided in the random oracle model.

Pan Yang,Hongbo Li,Jianye Huang,Hao Zhang,Man Ho Allen Au,Qiong Huang

DOI: https://doi.org/10.1016/j.future.2023.03.002

IF: 7.307

2023-01-01

Future Generation Computer Systems

Abstract:Public-key Authenticated Encryption with Keyword Search (PAEKS) is a cryptographic primitive that can resist inside keyword guessing attack (KGA). However, most of the previously proposed PAEKS frameworks suffered from certificate management problem and key escrow problem. Inspired by the ideas of certificate-based cryptography, we propose a secure-channel free certificateless searchable public key authenticated encryption with keyword search (SCF-CLPAEKS) scheme which sloves the key escrow problem in identity-based cryptosystems and the cumbersome certificate problem in conventional public key cryptosystems. Our scheme achieves security against keyword guessing attacks are performed by both inside and outside adversaries. Moreover, our scheme satisfies ciphertext indistinguishability (CI), trapdoor indistinguishability (TI), and designated testability simultaneously. The comparisons indicate that our SCF-CLPAEKS scheme enjoys a better performance compared with related schemes.

Hu Xiong,Zhong Chen,Zhiguang Qin

DOI: https://doi.org/10.1080/00207160.2011.568613

IF: 1.75

2011-01-01

International Journal of Computer Mathematics

Abstract:Key agreement protocols are multi-party protocols in which entities exchange public information allowing them to create a common secret key that is known only to those entities and which cannot be predetermined by any party. Key agreement can be achieved using a public key infrastructure or identity-based cryptography. However, the former suffers from a heavy certificate management burden, while the latter is subject to the so-called key escrow problem. Recently, the notion of certificateless public key cryptography (CL-PKC) was introduced to mitigate these limitations. In this paper, we introduce the notion of three-party authenticated key agreement into CL-PKC and propose a concrete certificateless three-party authenticated key agreement protocol. We show that the proposed protocol is secure (i.e. conforms to defined security attributes) while being efficient.

Huijun Zhu,Qingji Xue,Tianfeng Li,Dong Xie

DOI: https://doi.org/10.3390/e24030309

2022-02-22

Abstract:Public key encryption supporting equality test (PKEwET) schemes, because of their special function, have good applications in many fields, such as in cloud computing services, blockchain, and the Internet of Things. The original PKEwET has no authorization function. Subsequently, many PKEwET schemes have been proposed with the ability to perform authorization against various application scenarios. However, these schemes are incapable of traceability to the ciphertexts. In this paper, the ability of tracing to the ciphertexts is introduced into a PKEwET scheme. For the ciphertexts, the presented scheme supports not only the equality test, but also has the function of traceability. Meanwhile, the security of the proposed scheme is revealed by a game between an adversary and a simulator, and it achieves a desirable level of security. Depending on the attacker's privileges, it can resist OW-CCA security against an adversary with a trapdoor, and can resist IND-CCA security against an adversary without a trapdoor. Finally, the performance of the presented scheme is discussed.

Kui Ma,Yanwei Zhou,Ying Wang,Chunsheng Dong,Zhe Xia,Bo Yang,Mingwu Zhang

DOI: https://doi.org/10.1109/jsyst.2023.3269597

IF: 4.802

2023-01-01

IEEE Systems Journal

Abstract:The Internet of Things (IoT) is helpful in making people&#x27;s life more convenient and efficient. To ensure that the nodes within IoT can interact securely, a certificateless signature (CLS) can be used to protect message authentication in the IoT. Recently, some concrete constructions of CLS schemes have been proposed in the literature, but through our analyses, we demonstrate that some existing CLS schemes cannot keep their claimed security because of various security flaws. For example, a valid signature can be forged by any Type I adversary by replacing the corresponding user&#x27;s public key. In this article, we describe the security flaws that need to be addressed and introduce a novel CLS scheme without using bilinear mapping. The existential unforgeability in our proposed scheme can be proved based on the hardness of the elliptic curve discrete logarithm problem in the random oracle model. The comparison with existing CLS schemes shows that our scheme not only enjoys more security features but also is more efficient in computation. Moreover, we introduce an identity authentication protocol as the application of our proposed CLS scheme, which achieves mutual authentication and anonymity in communications.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

You Zhao,Mingyan Yan,Kaien Yan,Juyan Li

DOI: https://doi.org/10.3390/math12111706

IF: 2.4

2024-05-31

Mathematics

Abstract:Team score orienteering, a challenging and interesting sport, is gradually becoming known by the majority of sports enthusiasts. Integrating team score orienteering with the Internet can enhance the interactive experience for athletes. However, this integration increases the risk of the leakage of the athletes' information. In order to protect the privacy of athletes, it is necessary to employ encryption. Therefore, this paper proposes an efficient lattice-based revocable certificateless public key encryption (RCL-PKE) scheme with decryption key exposure resistance (DKER). The adoption of certificateless encryption not only avoids the complex certificate management required for traditional public key encryption, but also addresses the key escrow problem of identity-based encryption, thereby significantly ensuring data security and privacy. Furthermore, the revocable mechanism enables the organizing committee to flexibly manage the athletes' qualification for competitions, and DKER can effectively prevent the leakage of decryption keys, which further enhances data security. The constructed RCL-PKE scheme was proven to be IND-CPA secure under the learning with errors (LWE) assumption. Experiments indicated that the proposed RCL-PKE scheme had lower computation and communication costs, making it particularly suitable for team score orienteering.

mathematics

Kaibin Huang,Raylin Tso,Yu-Chi Chen,Wangyu Li,Hung-Min Sun

DOI: https://doi.org/10.1007/978-3-319-11698-3_45

2014-01-01

Abstract:We proposed a new public key encryption scheme with equality test (PKEET), which stands for a public key encryption scheme with comparable ciphertext. The equivalence among ciphertext under PKEET schemes can be verified without decryption. In some PKEET algorithms like Tang's AoN-PKEET, which is called authorization-based PKEET, the equality test functionality is restricted to some authorized users: only users who own authorities are able to perform equality test functions. For the best of our knowledge, the authorities of all existing authorization-based PKEET schemes are valid for all ciphertext encrypted under the same public key. Accurately, we propose a CBA-PKEET scheme following Tang's AoN-PKEET scheme, which means a PKEET scheme with ciphertext-binded authorities (CBA). Each ciphertext-binded authority is valid for a specific ciphertext, rather than all ciphertext encrypted under the same public key. Then, we compare the features and efficiency between our CBA-PKEET and some existing authorization-based PKEET schemes. Finally, the security of CBA-PKEET is proved in the random oracle model based on the some hard problems.

Weifeng Long,Jiwen Zeng,Yaying Wu,Yan Gao,Hui Zhang

DOI: https://doi.org/10.3390/electronics13081449

IF: 2.9

2024-04-12

Electronics

Abstract:With superior computing power and efficient data collection capability, Internet of Medical Things (IoMT) significantly improves the accuracy and convenience of medical work. As most communications are over open networks, it is critical to encrypt data to ensure confidentiality before uploading them to cloud storage servers (CSSs). Public key encryption with keyword search (PEKS) allows users to search for specific keywords in ciphertext and plays an essential role in IoMT. However, PEKS still has the following problems: 1. As a semi-trusted third party, the CSSs may provide wrong search results to save computing and bandwidth resources. 2. Single-keyword searches often produce many irrelevant results, which is undoubtedly a waste of computing and bandwidth resources. 3. Most PEKS schemes rely on bilinear pairings, resulting in computational inefficiencies. 4. Public key infrastructure (PKI)-based or identity-based PEKS schemes face the problem of certificate management or key escrow. 5. Most PEKS schemes are vulnerable to offline keyword guessing attacks, online keyword guessing attacks, and insider keyword guessing attacks. We present a certificateless verifiable and pairing-free conjunctive public keyword searchable encryption (CLVPFC-PEKS) scheme. An efficiency analysis shows that the performance advantage of the new scheme is far superior to that of the existing scheme. More importantly, we provide proof of security under the standard model (SM) to ensure the reliability of the scheme in practical applications.

engineering, electrical & electronic,computer science, information systems,physics, applied

Xueqiao Liu,Hongbo Li,Guomin Yang,Willy Susilo,Joseph Tonien,Qiong Huang

DOI: https://doi.org/10.1007/978-3-030-31919-9_7

2019-01-01

Abstract:Certificateless Public-key Authenticated Encryption with Keyword Search (CLPAEKS) is derived from the Public-key Authenticated Encryption with Keyword Search (PAEKS) and simultaneously combines the features of the Public Key Cryptography (CLPKC). In a CLPAEKS scheme, the ciphertext is designed to meet the need for both confidentiality and authentication, i.e., on one hand, the ciphertext is the encryption of the keyword; on the other hand, adversaries are incapable of generating a valid ciphertext without the owner's private key. He et al. formalized security models for CLPAEKS and proposed a CLPAEKS scheme. However, we find their models are incomplete to capture the security requirements for CLPAEKS and re-formalize the security requirements for CLPAEKS in terms of trapdoor privacy and ciphertext indistinguishability. Besides, we point out that their scheme is vulnerable to the Keyword Guessing Attack (KGA) by a malicious receiver, which is not considered in their security model. Then we modify He et al.'s scheme and prove that the new scheme meets the new security requirements.

Shweta Agrawal,Fuyuki Kitagawa,Ryo Nishimaki,Shota Yamada,Takashi Yamakawa

DOI: https://doi.org/10.48550/arXiv.2302.11663

2023-04-06

Abstract:We introduce the notion of public key encryption with secure key leasing (PKE-SKL). Our notion supports the leasing of decryption keys so that a leased key achieves the decryption functionality but comes with the guarantee that if the quantum decryption key returned by a user passes a validity test, then the user has lost the ability to decrypt. Our notion is similar in spirit to the notion of secure software leasing (SSL) introduced by Ananth and La Placa (Eurocrypt 2021) but captures significantly more general adversarial strategies. In more detail, our adversary is not restricted to use an honest evaluation algorithm to run pirated software. Our results can be summarized as follows: 1. Definitions: We introduce the definition of PKE with secure key leasing and formalize security notions. 2. Constructing PKE with Secure Key Leasing: We provide a construction of PKE-SKL by leveraging a PKE scheme that satisfies a new security notion that we call consistent or inconsistent security against key leasing attacks (CoIC-KLA security). We then construct a CoIC-KLA secure PKE scheme using 1-key Ciphertext-Policy Functional Encryption (CPFE) that in turn can be based on any IND-CPA secure PKE scheme. 3. Identity Based Encryption, Attribute Based Encryption and Functional Encryption with Secure Key Leasing: We provide definitions of secure key leasing in the context of advanced encryption schemes such as identity based encryption (IBE), attribute-based encryption (ABE) and functional encryption (FE). Then we provide constructions by combining the above PKE-SKL with standard IBE, ABE and FE schemes.

Quantum Physics,Cryptography and Security

Man Ho Au,Jing Chen,Joseph K. Liu,Yi Mu,Duncan S. Wong,Guomin Yang

DOI: https://doi.org/10.1145/1229285.1266997

2006-01-01

Abstract:ABSTRACTIdentity-based cryptosystems have an inherent key escrow issue, that is, the Key Generation Center (KGC) always knows user secret key. If the KGC is malicious, it can always impersonate the user. Certificateless cryptography, introduced by Al-Riyami and Paterson in 2003, is intended to solve this problem. However, in all the previously proposed certificateless schemes, it is always assumed that the malicious KGC starts launching attacks (so-called Type II attacks) only after it has generated a master public/secret key pair honestly. In this paper, we propose new security models that remove this assumption for both certificateless signature and encryption schemes. Under the new models, we show that a class of certificateless encryption and signature schemes proposed previously are insecure. These schemes still suffer from the key escrow problem. On the other side, we also give new proofs to show that there are two generic constructions, one for certificateless signature and the other for certificateless encryption, proposed recently that are secure under our new models.

Rui Guo,Qiaoyan Wen,Huixian Shi,Zhengping Jin,Hua Zhang

DOI: https://doi.org/10.1155/2014/980274

IF: 1.43

2014-01-01

Mathematical Problems in Engineering

Abstract:Certificateless cryptography aims at combining the advantages of public key cryptography and identity based cryptography to avoid the certificate management and the key escrow problem. In this paper, we present a novel certificateless public key encryption scheme on the elliptic curve over the ring, whose security is based on the hardness assumption of Bilinear Diffie-Hellman problem and factoring the large number as in an RSA protocol. Moreover, since our scheme requires only one pairing operation in decryption, it is significantly more efficient than other related schemes. In addition, based on our encryption system, we also propose a protocol to protect the confidentiality and integrity of information in the scenario of Internet of Things with constrained resource nodes.

engineering, multidisciplinary,mathematics, interdisciplinary applications