Efficient constructions of certificate-based key encapsulation mechanism

Certificate-based encryption is a useful primitive that combines identity-based encryption and traditional public key encryption while preserving some of their most attractive features. It not only simplifies the cumbersome certificate management in traditional public key encryption, but also overcomes the key escrow and distribution problems inherent in identity-based encryption. In this paper, we extend the concept of key encapsulation mechanism to the primitive of certificate-based encryption and introduce the notion of certificate-based key encapsulation mechanism. We propose two provably secure certificate-based key encapsulation mechanism schemes. We prove that one is chosen-ciphertext secure in the random oracle model and the other is chosen-ciphertext secure in the standard model. Performance analysis shows that the proposed schemes are quite efficient and practical.