Strongly secure certificateless key exchange without pairing

In certificateless cryptography, a user secret key is derived from two partial secrets: one is the identity-based secret key (corresponding to the user identity) generated by a Key Generation Center (KGC), and the other is the user selfgenerated secret key (corresponding to a user self-generated and...

Full description

Saved in:
Bibliographic Details
Main Authors: YANG, Guomin, TAN, Chik How
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2011
Subjects:
Online Access:https://ink.library.smu.edu.sg/sis_research/7417
https://ink.library.smu.edu.sg/context/sis_research/article/8420/viewcontent/1966913.1966924.pdf
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:In certificateless cryptography, a user secret key is derived from two partial secrets: one is the identity-based secret key (corresponding to the user identity) generated by a Key Generation Center (KGC), and the other is the user selfgenerated secret key (corresponding to a user self-generated and uncertified public key). Two types of adversaries are considered for certificateless cryptography: a Type-I adversary who can replace the user self-generated public key (in transmission or in a public directory), and a Type-II adversary who is an honest-but-curious KGC. In this paper, we present a formal study on certificateless key exchange (CLKE). We show that the conventional definition of TypeI and Type-II security may not be suitable for certificateless key exchange when considering the notion of forward secrecy which is important for key exchange protocols. We then present a new security model in which a single adversary (instead of Type-I and Type-II adversaries) is considered. We also construct a strongly secure certificateless key exchange protocol without expensive pairing operations. As far as we know, our proposed protocol is the first proven secure CLKE protocol without pairing.