Malicious KGC attacks in certificateless cryptography
Identity-based cryptosystems have an inherent key escrow issue, that is, the Key Generation Center (KGC) always knows user secret key. If the KGC is malicious, it can always impersonate the user. Certificateless cryptography, introduced by Al-Riyami and Paterson in 2003, is intended to solve this pr...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | text |
| Language: | English |
| Published: |
Institutional Knowledge at Singapore Management University
2007
|
| Subjects: | |
| Online Access: | https://ink.library.smu.edu.sg/sis_research/7384 https://ink.library.smu.edu.sg/context/sis_research/article/8387/viewcontent/1229285.1266997.pdf |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Singapore Management University |
| Language: | English |
| id |
sg-smu-ink.sis_research-8387 |
|---|---|
| record_format |
dspace |
| spelling |
sg-smu-ink.sis_research-83872022-10-13T07:34:00Z Malicious KGC attacks in certificateless cryptography AU, Man Ho CHEN, Jing LIU, Joseph K. MU, Yi WONG, Duncan S. YANG, Guomin YANG, Guomin Identity-based cryptosystems have an inherent key escrow issue, that is, the Key Generation Center (KGC) always knows user secret key. If the KGC is malicious, it can always impersonate the user. Certificateless cryptography, introduced by Al-Riyami and Paterson in 2003, is intended to solve this problem. However, in all the previously proposed certificateless schemes, it is always assumed that the malicious KGC starts launching attacks (so-called Type II attacks) only after it has generated a master public/secret key pair honestly. In this paper, we propose new security models that remove this assumption for both certificateless signature and encryption schemes. Under the new models, we show that a class of certificateless encryption and signature schemes proposed previously are insecure. These schemes still suffer from the key escrow problem. On the other side, we also give new proofs to show that there are two generic constructions, one for certificateless signature and the other for certificateless encryption, proposed recently that are secure under our new models. 2007-03-01T08:00:00Z text application/pdf https://ink.library.smu.edu.sg/sis_research/7384 info:doi/10.1145/1229285.1266997 https://ink.library.smu.edu.sg/context/sis_research/article/8387/viewcontent/1229285.1266997.pdf http://creativecommons.org/licenses/by-nc-nd/4.0/ Research Collection School Of Computing and Information Systems eng Institutional Knowledge at Singapore Management University Information Security |
| institution |
Singapore Management University |
| building |
SMU Libraries |
| continent |
Asia |
| country |
Singapore Singapore |
| content_provider |
SMU Libraries |
| collection |
InK@SMU |
| language |
English |
| topic |
Information Security |
| spellingShingle |
Information Security AU, Man Ho CHEN, Jing LIU, Joseph K. MU, Yi WONG, Duncan S. YANG, Guomin YANG, Guomin Malicious KGC attacks in certificateless cryptography |
| description |
Identity-based cryptosystems have an inherent key escrow issue, that is, the Key Generation Center (KGC) always knows user secret key. If the KGC is malicious, it can always impersonate the user. Certificateless cryptography, introduced by Al-Riyami and Paterson in 2003, is intended to solve this problem. However, in all the previously proposed certificateless schemes, it is always assumed that the malicious KGC starts launching attacks (so-called Type II attacks) only after it has generated a master public/secret key pair honestly. In this paper, we propose new security models that remove this assumption for both certificateless signature and encryption schemes. Under the new models, we show that a class of certificateless encryption and signature schemes proposed previously are insecure. These schemes still suffer from the key escrow problem. On the other side, we also give new proofs to show that there are two generic constructions, one for certificateless signature and the other for certificateless encryption, proposed recently that are secure under our new models. |
| format |
text |
| author |
AU, Man Ho CHEN, Jing LIU, Joseph K. MU, Yi WONG, Duncan S. YANG, Guomin YANG, Guomin |
| author_facet |
AU, Man Ho CHEN, Jing LIU, Joseph K. MU, Yi WONG, Duncan S. YANG, Guomin YANG, Guomin |
| author_sort |
AU, Man Ho |
| title |
Malicious KGC attacks in certificateless cryptography |
| title_short |
Malicious KGC attacks in certificateless cryptography |
| title_full |
Malicious KGC attacks in certificateless cryptography |
| title_fullStr |
Malicious KGC attacks in certificateless cryptography |
| title_full_unstemmed |
Malicious KGC attacks in certificateless cryptography |
| title_sort |
malicious kgc attacks in certificateless cryptography |
| publisher |
Institutional Knowledge at Singapore Management University |
| publishDate |
2007 |
| url |
https://ink.library.smu.edu.sg/sis_research/7384 https://ink.library.smu.edu.sg/context/sis_research/article/8387/viewcontent/1229285.1266997.pdf |
| _version_ |
1770576328712519680 |