Abstract
Certificateless Public Key Cryptography (CL-PKC) enjoys a number of features of Identity-Based Cryptography (IBC) while without having the problem of key escrow. However, it does suffer from an attack where the adversary, Carol, replaces Alice's public key by someone's public key so that Bob, who wants to send an encrypted message to Alice, uses Alice's identity and other's public key as the inputs to the encryption function. As a result, Alice cannot decrypt the message while Bob is unaware of this. We call it Denial-of-Decryption (DoD) Attack as its nature is similar to the well known Denial-of-Service (DoS) Attack. Based on CL-PKC, we propose a new paradigm called Self-Generated-Certificate Public Key Cryptography (SGC-PKC) that captures the DoD Attack. We also provide a generic construction of a self-generated-certificate public key encryption scheme in the standard model. Our generic construction uses certificateless signature and certificateless encryption as the building block. In addition, we further propose a certificateless signature and a certificateless encryption scheme with concrete implementation that are all provably secure in the standard model, which are the first in the literature regardless of the generic constructions by Yum and Lee which may contain security weaknesses as pointed out by others. We believe these concrete implementations are of independent interest.
Original language | English |
---|---|
Title of host publication | Proceedings of the 2nd ACM Symposium on Information, Computer and Communications Security |
Place of Publication | New York NY USA |
Publisher | Association for Computing Machinery (ACM) |
Pages | 273-283 |
Number of pages | 11 |
ISBN (Electronic) | 1595935746 |
ISBN (Print) | 9781595935748 |
DOIs | |
Publication status | Published - 2007 |
Externally published | Yes |
Event | ACM Symposium on Information, Computer and Communications Security 2007 - Singapore, Singapore Duration: 20 Mar 2007 → 22 Mar 2007 Conference number: 2nd https://dl.acm.org/doi/proceedings/10.1145/1229285 |
Conference
Conference | ACM Symposium on Information, Computer and Communications Security 2007 |
---|---|
Abbreviated title | AsiaCCS 2007 |
Country/Territory | Singapore |
City | Singapore |
Period | 20/03/07 → 22/03/07 |
Internet address |
Keywords
- Certificateless encryption
- Certificateless signature