Article: On the relation among various security models for certificateless cryptography Journal: International Journal of Applied Cryptography (IJACT) 2008 Vol.1 No.2 pp.108 - 119 Abstract: Certificateless cryptography is a promising technology for solving the key escrow problem in identity-based cryptography. However, the lack of a unified set of definitions and security models currently hinders its progression as much effort has been put on refining the definitions and looking for an appropriate and practical security models. In this article, we aim to contribute on unifying the definitions and security models for Certificateless Encryption (CLE) schemes. First, we show that the original seven-algorithm definition is equivalent to a simplified five-algorithm definition. We believe that this simplified definition may lead to more compact and efficient implementations in practice and also help in the effort of standardisation of CLE. Secondly, we show that a CLE scheme cannot be both malicious Key Generation Center (KGC) secure and strongly secure in the standard model. Due to the practicality and attacking significance of malicious KGC security; and the uncertainty of how practical the strong security is, we, therefore, suggest constructing practical CLE schemes to be malicious KGC secure. Finally, we propose to formalise a new adversarial capability called partial key replacement attack into the security models and show that our generic scheme proposed recently is secure against this new type of attacks. Inderscience Publishers - linking academia, business and industry through research

Title: On the relation among various security models for certificateless cryptography

Authors: Qiong Huang, Duncan S. Wong

Addresses: Department of Computer Science, City University of Hong Kong, Hong Kong, China. ' Department of Computer Science, City University of Hong Kong, Hong Kong, China

Abstract: Certificateless cryptography is a promising technology for solving the key escrow problem in identity-based cryptography. However, the lack of a unified set of definitions and security models currently hinders its progression as much effort has been put on refining the definitions and looking for an appropriate and practical security models. In this article, we aim to contribute on unifying the definitions and security models for Certificateless Encryption (CLE) schemes. First, we show that the original seven-algorithm definition is equivalent to a simplified five-algorithm definition. We believe that this simplified definition may lead to more compact and efficient implementations in practice and also help in the effort of standardisation of CLE. Secondly, we show that a CLE scheme cannot be both malicious Key Generation Center (KGC) secure and strongly secure in the standard model. Due to the practicality and attacking significance of malicious KGC security; and the uncertainty of how practical the strong security is, we, therefore, suggest constructing practical CLE schemes to be malicious KGC secure. Finally, we propose to formalise a new adversarial capability called partial key replacement attack into the security models and show that our generic scheme proposed recently is secure against this new type of attacks.

Keywords: certificateless cryptography; certificateless encryption; security models; key escrow; identity-based cryptography; malicious key generation centre; KGC; partial key replacement attack.

DOI: 10.1504/IJACT.2008.021084

International Journal of Applied Cryptography, 2008 Vol.1 No.2, pp.108 - 119

Published online: 03 Nov 2008 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: On the relation among various security models for certificateless cryptography

Keep up-to-date