Authors: Qiong Huang, Duncan S. Wong
Addresses: Department of Computer Science, City University of Hong Kong, Hong Kong, China. ' Department of Computer Science, City University of Hong Kong, Hong Kong, China
Abstract: Certificateless cryptography is a promising technology for solving the key escrow problem in identity-based cryptography. However, the lack of a unified set of definitions and security models currently hinders its progression as much effort has been put on refining the definitions and looking for an appropriate and practical security models. In this article, we aim to contribute on unifying the definitions and security models for Certificateless Encryption (CLE) schemes. First, we show that the original seven-algorithm definition is equivalent to a simplified five-algorithm definition. We believe that this simplified definition may lead to more compact and efficient implementations in practice and also help in the effort of standardisation of CLE. Secondly, we show that a CLE scheme cannot be both malicious Key Generation Center (KGC) secure and strongly secure in the standard model. Due to the practicality and attacking significance of malicious KGC security; and the uncertainty of how practical the strong security is, we, therefore, suggest constructing practical CLE schemes to be malicious KGC secure. Finally, we propose to formalise a new adversarial capability called partial key replacement attack into the security models and show that our generic scheme proposed recently is secure against this new type of attacks.
Keywords: certificateless cryptography; certificateless encryption; security models; key escrow; identity-based cryptography; malicious key generation centre; KGC; partial key replacement attack.
International Journal of Applied Cryptography, 2008 Vol.1 No.2, pp.108 - 119
Available online: 03 Nov 2008 *Full-text access for editors Access for subscribers Purchase this article Comment on this article