Notes on a provably-secure certificate-based encryption against malicious CA attacks.

Information Sciences(2018)

Cited 7|Views39
No score
Certificate-based encryption (CBE) is a very useful cryptographic primitive which not only simplifies the certificate management in traditional public-key encryption, but also solves the key escrow problem inherent in identity-based encryption. How to construct a provably-secure CBE scheme without using random oracles has been attracting the attentions of the research community. Recently, Lu et al. introduced a CBE scheme and claimed that their scheme is secure against adaptive chosen ciphertext attacks even considering a malicious certification authority (CA). In this paper, we demonstrate that a chosen ciphertext attacker can easily distinguish the challenge ciphertext generated by the challenger according to their security model. Further, the CA can trivially decrypt any entity’s ciphertext without knowing the entity’s secret key. In addition, we also point out that their security proof has some flaws and give a new CBE scheme secure against malicious CA attacks in the standard model.
Translated text
Key words
Certificate-based encryption,Certification authority attack,Chosen ciphertext attack,Malicious CA attack,Bilinear pairings,Standard model
AI Read Science
Must-Reading Tree
Generate MRT to find the research sequence of this paper
Chat Paper
Summary is being generated by the instructions you defined