Forward-secure certificate-based encryption and its generic construction

被引：2

作者：

Lu Y. ^{[1
]}

Li J. ^{[1
]}

机构：

[1] College of Computer and Information Engineering, Hohai University Nanjing, Jiangsu Province

来源：

Journal of Networks | 2010年 / 5卷 / 05期

关键词：

Asymmetric encryption; Certificate-based encryption; Forward-security; Generic construction;

D O I：

10.4304/jnw.5.5.527-534

中图分类号：

学科分类号：

摘要：

In this paper, we introduce a new asymmetric encryption paradigm called Forward-Secure Certificate-Based Encryption. It preserves the advantages of certificate-based encryption (CBE) such as implicit certificate and no private key escrow. At the same time it also inherits the properties of the forward-secure public key encryption. In a forward-secure CBE scheme, all users' private keys are updated at regular periods throughout the lifetime of the system; exposure of a user's private key corresponding to a given time period does not enable an adversary to break the security of the ciphertext sent to this user for any prior time period. We first provide the formal definition for forward-secure CBE and its security model. Then we propose a generic construction of forward-secure CBE and prove it to be secure against chosen plaintext attacks in the standard model. We also describe how this construction can be enhanced to achieve security against adaptive chosen-ciphertext attacks both in the standard model and in the random oracle model. Finally, a concrete forward-secure CBE scheme is constructed. © 2010 ACADEMY PUBLISHER.

引用

页码：527 / 534

页数：7

共 29 条

[1] Shamir A., Identity-based cryptosystems and signature schemes, In Advances In Cryptology-crypto, pp. 47-53, (1984)
[2] Boneh D., Franklin M., Identity-based encryption from the Weil pairing, In Advances In Crptology-crypto, pp. 213-229, (2001)
[3] Al-Riyami S.S., Paterson K.G., Certificateless public key cryptography, In Advances In Cryptology-asiacrypt, pp. 452-473, (2003)
[4] Al-Riyami S.S., Paterson K.G., Cbe From Cl-pke: A Generic Construction and Efficient Schemes, pp. 398-415, (2005)
[5] Gentry C., Certificate-based Encryption and the Certificate Revocation Problem, In Advances In Cryptology-eurocrypt, pp. 272-293, (2003)
[6] Housley R., Polk W., Ford W., Solo D., Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (crl) Profile, (2002)
[7] Myers M., Ankney R., Malpani A., Galperin S., Adams C., X.509 Internet Public Key Infrastructure Online Certificate Status Protocol-ocsp, (1999)
[8] Yum D.H., Lee P.J., Identity-based Cryptography In Public Key Management, pp. 71-84, (2004)
[9] Galindo D., Morillo P., Rafols C., Breaking Yum and Lee Generic Constructions of Certificate-less and Certificate-based Encryption Schemes, pp. 81-91, (2006)
[10] Galindo D., Morillo P., Rafols C., Improved Certificate-based Encryption in the Standard Model, Journal of Systems and Software, Elsevier, 81, 7, pp. 1218-1226, (2008)

← 1 2 3 →