Get 20M+ Full-Text Papers For Less Than $1.50/day. Start a 14-Day Trial for You or Your Team.

Learn More →

On the relation among various security models for certificateless cryptography

On the relation among various security models for certificateless cryptography Certificateless cryptography is a promising technology for solving the key escrow problem in identity-based cryptography. However, the lack of a unified set of definitions and security models currently hinders its progression as much effort has been put on refining the definitions and looking for an appropriate and practical security models. In this article, we aim to contribute on unifying the definitions and security models for Certificateless Encryption (CLE) schemes. First, we show that the original seven-algorithm definition is equivalent to a simplified five-algorithm definition. We believe that this simplified definition may lead to more compact and efficient implementations in practice and also help in the effort of standardisation of CLE. Secondly, we show that a CLE scheme cannot be both malicious Key Generation Center (KGC) secure and strongly secure in the standard model. Due to the practicality and attacking significance of malicious KGC security; and the uncertainty of how practical the strong security is, we, therefore, suggest constructing practical CLE schemes to be malicious KGC secure. Finally, we propose to formalise a new adversarial capability called partial key replacement attack into the security models and show that our generic scheme proposed recently is secure against this new type of attacks. http://www.deepdyve.com/assets/images/DeepDyve-Logo-lg.png International Journal of Applied Cryptography Inderscience Publishers

On the relation among various security models for certificateless cryptography

Download PDF
12 pages

Loading next page...
 
/lp/inderscience-publishers/on-the-relation-among-various-security-models-for-certificateless-d0I4oKNjDN
Publisher
Inderscience Publishers
Copyright
Copyright © Inderscience Enterprises Ltd. All rights reserved
ISSN
1753-0563
eISSN
1753-0571
DOI
10.1504/IJACT.2008.021084
Publisher site
See Article on Publisher Site

Abstract

Certificateless cryptography is a promising technology for solving the key escrow problem in identity-based cryptography. However, the lack of a unified set of definitions and security models currently hinders its progression as much effort has been put on refining the definitions and looking for an appropriate and practical security models. In this article, we aim to contribute on unifying the definitions and security models for Certificateless Encryption (CLE) schemes. First, we show that the original seven-algorithm definition is equivalent to a simplified five-algorithm definition. We believe that this simplified definition may lead to more compact and efficient implementations in practice and also help in the effort of standardisation of CLE. Secondly, we show that a CLE scheme cannot be both malicious Key Generation Center (KGC) secure and strongly secure in the standard model. Due to the practicality and attacking significance of malicious KGC security; and the uncertainty of how practical the strong security is, we, therefore, suggest constructing practical CLE schemes to be malicious KGC secure. Finally, we propose to formalise a new adversarial capability called partial key replacement attack into the security models and show that our generic scheme proposed recently is secure against this new type of attacks.

Journal

International Journal of Applied CryptographyInderscience Publishers

Published: Jan 1, 2008

There are no references for this article.