Efficient certificateless encryption withstanding attacks from malicious KGC without using random oracles

Authors

  • Wenjie Yang,

    1. School of Computer Science and Technology, Nanjing Normal University, Nanjing, China
    Search for more papers by this author
  • Futai Zhang,

    Corresponding author
    1. School of Computer Science and Technology, Nanjing Normal University, Nanjing, China
    2. Jiangsu Engineering Research Center on Information Security and Privacy Protection Technology, Nanjing, China
    • Correspondence: Futai Zhang, School of Computer Science and Technology, Nanjing Normal University, Nanjing, China.

      E-mail: zhangfutai@njnu.edu.cn

    Search for more papers by this author
  • Limin Shen

    1. School of Computer Science and Technology, Nanjing Normal University, Nanjing, China
    2. Jiangsu Engineering Research Center on Information Security and Privacy Protection Technology, Nanjing, China
    Search for more papers by this author

ABSTRACT

As the key generation center (KGC) in a certificateless cryptosystem is no longer fully trusted, for practical applications, a secure certificateless encryption (CLE) scheme should withstand malicious KGC attacks. In this paper, we investigate practical CLE schemes withstanding attacks from a malicious KGC without resorting to random oracles. At first, we show the insecurity of the CLE scheme (ZW scheme) presented by Zhang and Wang. Although ZW scheme was proved to be chosen ciphertext secure without using random oracles, we find that it cannot resist attacks from a malicious KGC. We show an attack that demonstrates a malicious KGC can easily decrypt a target ciphertext using chosen ciphertext attack. After that, we introduce a new efficient CLE scheme. We prove its CCA2 security without using random oracles. Our new scheme not only gets rid of the security drawbacks of ZW scheme but also keeps its most distinctive feature of a short public key length. The formal security proofs of the new scheme are presented without using random oracles assuming the hardness of the decisional truncated q-augmented bilinear Diffie-Hellman exponent (q-ABDHE) problem and the hardness of the decisional bilinear Diffie–Hellman problem. Copyright © 2013 John Wiley & Sons, Ltd.

Ancillary