Identity-based cryptosystems and signature schemes
Proceedings of CRYPTO 84 on Advances in cryptology
Random oracles are practical: a paradigm for designing efficient protocols
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Certificateless signature: a new security model and an improved generic construction
Designs, Codes and Cryptography
Malicious KGC attacks in certificateless cryptography
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Generic certificateless key encapsulation mechanism
ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Generic certificateless encryption in the standard model
IWSEC'07 Proceedings of the Security 2nd international conference on Advances in information and computer security
Certificateless public key encryption without pairing
ISC'05 Proceedings of the 8th international conference on Information Security
On constructing certificateless cryptosystems from identity based encryption
PKC'06 Proceedings of the 9th international conference on Theory and Practice of Public-Key Cryptography
Key replacement attack against a generic construction of certificateless signature
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
Certificateless Threshold Ring Signature
Information Sciences: an International Journal
Hi-index | 0.00 |
Certificateless cryptography is a promising technology for solving the key escrow problem in identity-based cryptography. However, the lack of a unified set of definitions and security models currently hinders its progression as much effort has been put on refining the definitions and looking for an appropriate and practical security models. In this article, we aim to contribute on unifying the definitions and security models for Certificateless Encryption (CLE) schemes. First, we show that the original seven-algorithm definition is equivalent to a simplified five-algorithm definition. We believe that this simplified definition may lead to more compact and efficient implementations in practice and also help in the effort of standardisation of CLE. Secondly, we show that a CLE scheme cannot be both malicious Key Generation Center (KGC) secure and strongly secure in the standard model. Due to the practicality and attacking significance of malicious KGC security; and the uncertainty of how practical the strong security is, we, therefore, suggest constructing practical CLE schemes to be malicious KGC secure. Finally, we propose to formalise a new adversarial capability called partial key replacement attack into the security models and show that our generic scheme proposed recently is secure against this new type of attacks.