Leakage-Resilient Anonymous Multi-Receiver Certificate-Based Key Encapsulation Scheme

Key encapsulation schemes in public key system (PKS) can be used to protect sensitive or private data. Unlike traditional PKS and identity-based PKS, certificate-based PKS (CB-PKS) not only avoids the establishment of complex public key infrastructures, but also does not encounter the key escrow problem. Anonymous multi-receiver certificate-based encryption (AMR-CBE) or anonymous multi-receiver certificate-based key encapsulation (AMR-CB-KE) scheme enables a sender to use multiple receivers' public keys to perform one-time encryption process for a message and send the encrypted ciphertext to these receivers, while these receivers do not know the other receiver's identity. However, the existing AMR-CBE and AMR-CB-KE schemes cannot resist side-channel attacks. Attackers with the ability of such attacks can continuously obtain part (several bits) of the secret keys and then calculate the complete secret keys. In such a case, such attacks make a cryptographic scheme (including AMR-CBE and AMR-CB-KE schemes) insecure. Leakage-resilient cryptography is an important research topic to resist side-channel attacks. In this paper, we propose the first leakage-resilient anonymous multi-receiver certificate-based key encapsulation (LR-AMR-CB-KE) scheme. Based on the discrete logarithm and hash function assumptions, we demonstrate the scheme has the indistinguishability of two ciphertexts against chosen ciphertext attacks (IND-CCA) and the anonymous indistinguishability of two identities against chosen ciphertext attacks (ANON-IND-CCA) for two types of attackers in CB-PKS settings.