Further Observations on Certificateless Public Key Encryption

  • Authors:

  • Xu An Wang;Xinyi Huang;Xiaoyuan Yang

  • Affiliations:

  • Key Laboratory of Information and Network Security, Engineering College of Chinese Armed Police Force, P.R. China;Centre for Computer and Information Security Research School of Computer Science & Software Engineering, University of Wollongong, Australia;Key Laboratory of Information and Network Security, Engineering College of Chinese Armed Police Force, P.R. China

  • Venue:
  • Information Security and Cryptology
  • Year:
  • 2009

Quantified Score

Hi-index 0.00

Visualization

Abstract

Certificateless public key encryption can be classified into two types, namely, CLE and ${\tt CLE}^{\dag}$, both of which were introduced by Al-Riyami and Paterson in Asiacrypt 2003. Most works about certificateless public key encryption belong to CLE , where the partial secret key is uniquely determined by an entity's identity. In ${{\tt CLE}}^{\dag}$, an entity's partial secret key is not only determined by the identity information but also by his/her (partial) public key. Such techniques can enhance the resilience of certificateless public key encryption against a cheating KGC. In this paper, we first formalize the security definitions of ${{\tt CLE}}^{\dag}$. After that, we demonstrate the gap between the security model of ${{\tt CLE}}^{\dag}$ and CLE , by showing the insecurity of a ${{\tt CLE}}^{\dag}$ scheme proposed by Lai and Kou in PKC 2007. We give an attack that can successfully break the indistinguishability of their ${\tt CLE}^{\dag}$ scheme, although their scheme can be proved secure in the security model of CLE . Therefore, it does not suffice to consider the security of ${\tt CLE}^{\dag}$ in the security model of CLE . Finally, we show how to secure Lai-Kou's scheme by providing a new scheme with the security proof in the model of ${\tt CLE}^{\dag}$.