Email this article Efficient and Generic Construction of Certification-Based Encryption in the Standard Model Based on the NIZK Proof System
Abstract
Certificate-based encryption (CBE) is a new public key encryption paradigm which combines traditional PKI-based public-key encryption (PKE) and identity-based encryption (IBE), and preserves some of their most attractive features. CBE provides an efficient implicit certificate mechanism and allows a periodical update of certificate status. It eliminates third-party queries for the certificate status and simplifies the certificate revocation problem in the traditional PKI, while it solves the key escrow problem and the key distribution problem inherent in IBE. In this paper, we propose a new generic construction of CBE schemes from PKE and IBE, and prove it to be CCA-secure in the standard model. In our construction, we use an efficient one-time simulation-sound adaptive NIZK proof system as the security enhancing building block to guarantee the CCA-security of the generated CBE schemes. When compared to the previous method, the security requirements of the primitive encryption schemes in our construction are much weaker and the performance of the generated CBE schemes from our construction is much more efficient.
Keywords
References
S. S. Al-Riyami and K.G. Paterson, “Certificateless Public Key Cryptography,” Proc. Advances in Cryptology - ASIACRYPT 2003, LNCS 2894, pp.452–473, Springer-Verlag, 2003.
http://dx.doi.org/10.1007/978-3-540-40061-5_29
S. S. Al-Riyami and K.G. Paterson, “CBE from CL-PKE: A Generic Construction and Efficient Schemes,” Proc. PKC 2005, LNCS 3386, pp. 398-415, Springer-Verlag, 2005. M. Bellare, A. Desai, D. Pointcheval, and P. Rogaway, “Relations among Notions of Security for Public-Key Encryption Schemes,” Proc. Advances in Cryptology - Crypto’98, LNCS 1462, pp. 26-45, Springer-Verlag, 1998. M. Bellare and P. Rogaway, “Random Oracles are Practical: A Paradigm for Designing Efficient Protocols,” Proc. 1st ACM Conference on Communications and Computer Security, pp. 62-73, ACM, 1993. D. Boneh and M. Franklin, “Identity-based Encryption from the Weil Pairing,” Proc. Advances in Cryptology - CRYPTO ’01, LNCS 2139, pp. 213–229, Springer-Verlag, 2001. D. Boneh and J. Katz, “Improved Efficiency for CCA-Secure Cryptosystems Built Using Identity Based Encryption,” Proc. RSA - Cryptographers’ Track 2005, LNCS 3376, pp. 87-103, Springer-Verlag, 2005.
R. Canetti, O. Goldreich, and S. Halevi, “The Random Oracle Methodology, Revisited,” Proc. STOC’98, 1998, pp.209-218.
http://dx.doi.org/10.1145/276698.276741
Y. Dodis and J. Katz, “Chosen-Ciphertext Security of Multiple Encryption,” Proc. TCC 2005, LNCS 3378, pp. 188-209, Springer-Verlag, 2005. E. Fujisaki and T. Okamoto, “Secure Integration of Asymmetric and Symmetric Encryption Schemes,” Proc. Advances in Cryptology-CRYPTO’99, LNCS 1666, pp. 537–554, Springer-Verlag, 1999. E. Fujisaki and T. Okamoto, “How to Enhance the Security of Public-Key Encryption at Minimum Cost,” Proc. Public Key Cryptography - PKC’99, LNCS 1560, pp. 53–68, Springer-Verlag, 1999. D. Galindo, P. Morillo, and C. Ràfols, “Breaking Yum and Lee generic constructions of certificate-Less and certificate-based encryption schemes,” Proc. EuroPKI 2006, LNCS 4043, pp.81-91, Springer-Verlag, 2006.
D. Galindo, P. Morillo, and C. Ràfols, “Improved Certificate-Based Encryption in the Standard Model,” Journal of Systems and Software, vol.81(7), pp.1218-1226, 2008.
http://dx.doi.org/10.1016/j.jss.2007.09.009
C. Gentry, “Certificate-Based Encryption and the Certificate Revocation Problem,” Proc. Advances in Cryptology - EUROCRYPT 2003, LNCS 2656, pp. 272-293, Springer-Verlag, 2003. B.G. Kang and J.H. Park, “Is it possible to have CBE from CL-PKE?” Cryptology ePrint Archive, Report 2005/431.
Y. Lindell, “A Simpler Construction of CCA2 Secure Public Key Encryption under General Assumptions,” Journal of Cryptology, 19(3), pp. 359-377, 2006.
http://dx.doi.org/10.1007/s00145-005-0345-x
Y. Lu, J. Li, and J. Xiao, “Applying the Fujisaki-Okamoto Conversion to Certificate-Based Encryption,” Proc. 2008 International Symposium on Electronic Commerce and Security, pp. 296-300, IEEE CS, 2008.
http://dx.doi.org/10.1109/ISECS.2008.61
Y. Lu, J. Li and J. Xiao, “Generic Construction of Certificate-Based Encryption,” Proc. the 9th International Conference for Young Computer Scientists, pp.1518-1594, IEEE CS, 2008.
Y. Lu, J. Li and J. Xiao, "Constructing Efficient Certificate-Based Encryption with Paring," Journal of Computers, vol.4(1), pp.19-26, 2009.
http://dx.doi.org/10.4304/jcp.4.1.19-26
J. K. Liu and J. Zhou, “Efficient Certificate-Based Encryption in the Standard Model,” Proc. SCN 2008, LNCS 5229, pp.144-155, Springer-Verlag, 2008.
P. Morillo and C. Ràfols, “Certificate-Based Encryption without Random Oracles,” Cryptology ePrint Archive, Report 2006/12. A. Shamir, “Identity-Based Cryptosystems and Signature Schemes,” Proc. Advances in Cryptology- CRYPTO’84, LNCS 196, pp. 47-53, Springer-Verlag, 1984. D.H. Yum and P.J. Lee, “Identity-Based Cryptography in Public Key Management,” Proc. EuroPKI 2004, LNCS 3093, pp.71-84, Springer-Verlag, 2004.
Full Text: PDF