Please use this identifier to cite or link to this item:
|Title:||Certificateless public key encryption: A new generic construction and two pairing-free schemes||Authors:||Yang, G.
Public key encryption
|Issue Date:||4-Mar-2011||Citation:||Yang, G., Tan, C.H. (2011-03-04). Certificateless public key encryption: A new generic construction and two pairing-free schemes. Theoretical Computer Science 412 (8-10) : 662-674. ScholarBank@NUS Repository. https://doi.org/10.1016/j.tcs.2010.10.025||Abstract:||The certificateless encryption (CLE) scheme proposed by Baek, Safavi-Naini and Susilo is computation-friendly since it does not require any pairing operation. Unfortunately, an error was later discovered in their security proof and so far the provable security of the scheme remains unknown. Recently, Fiore, Gennaro and Smart showed a generic way (referred to as the FGS transformation) to transform identity-based key agreement protocols to certificateless key encapsulation mechanisms (CL-KEMs). As a typical example, they showed that the pairing-free CL-KEM underlying Baek et al.'s CLE can be "generated" by applying their transformation to the FioreGennaro (FG) identity-based key agreement (IB-KA) protocol. In this paper, we show that directly applying the FioreGennaroSmart (FGS) transformation to the original FG IB-KA protocol in fact results in an insecure CL-KEM scheme against strong adversaries, we also give a way to fix the problem without adding any computational cost. The reason behind our attack is that the FGS transformation requires the underlying IB-KA protocol to be secure in a model that is stronger than the conventional security models where existing IB-KA protocols are proved secure, and the FG IB-KA protocol is in fact insecure in the new model. This motivates us to construct a new generic transformation from IB-KA protocols to CLE schemes. In the paper we present such a transformation which only requires the underlying IB-KA protocol to be secure in a security model that is weaker than the existing security models for IB-KA protocols. We illustrate our transformation by generating a new pairing-free CLE scheme that is obtained by directly applying our transformation to the original FG IB-KA protocol. © 2010 Elsevier B.V. All rights reserved.||Source Title:||Theoretical Computer Science||URI:||http://scholarbank.nus.edu.sg/handle/10635/111340||ISSN:||03043975||DOI:||10.1016/j.tcs.2010.10.025|
|Appears in Collections:||Staff Publications|
Show full item record
Files in This Item:
There are no files associated with this item.
checked on May 28, 2020
WEB OF SCIENCETM
checked on May 28, 2020
checked on May 30, 2020
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.