Authors: Yang Lu; Jiguo Li
Addresses: College of Computer and Information Engineering, HoHai University, No. 8, Focheng Xi Road, Jiangning District, Nanjing 211100, China ' College of Computer and Information Engineering, HoHai University, No. 8, Focheng Xi Road, Jiangning District, Nanjing 211100, China
Abstract: Certificate-based encryption is a useful primitive that combines identity-based encryption and traditional public key encryption while preserving some of their most attractive features. It not only simplifies the cumbersome certificate management in traditional public key encryption, but also overcomes the key escrow and distribution problems inherent in identity-based encryption. In this paper, we extend the concept of key encapsulation mechanism to the primitive of certificate-based encryption and introduce the notion of certificate-based key encapsulation mechanism. We propose two provably secure certificate-based key encapsulation mechanism schemes. We prove that one is chosen-ciphertext secure in the random oracle model and the other is chosen-ciphertext secure in the standard model. Performance analysis shows that the proposed schemes are quite efficient and practical.
Keywords: certificate-based encryption; key encapsulation; random oracle model; chosen ciphertext security; standard model; cryptography; security; certificate management; public key encryption; key escrow; identity-based encryption.
International Journal of Internet Protocol Technology, 2014 Vol.8 No.2/3, pp.96 - 106
Available online: 17 Dec 2014 *Full-text access for editors Access for subscribers Purchase this article Comment on this article