Certificateless Public Key Encryption Secure against Malicious KGC Attacks in the Standard Model

Yong Hwang; Joseph Liu; Sherman Chow

doi:10.3217/jucs-014-03-0463

JUCS - Journal of Universal Computer Science 14(3): 463-480, doi: 10.3217/jucs-014-03-0463

Certificateless Public Key Encryption Secure against Malicious KGC Attacks in the Standard Model

Yong Ho Hwang^‡, Joseph K. Liu^§, Sherman S.M. Chow^|

‡ Software Laboratories, Samsung Electronics Co., Ltd., Suwon, Republic of Korea§ Institute for Infocomm Research (I2R), Singapore| New York University, New York, United States of America

Corresponding author: Yong Hwang ( yongh.hwang@samsung.com )

This article is freely available under the J.UCS Open Content License.

Citation: Hwang YH, Liu JK, Chow SS.M (2008) Certificateless Public Key Encryption Secure against Malicious KGC Attacks in the Standard Model. JUCS - Journal of Universal Computer Science 14(3): 463-480. https://doi.org/10.3217/jucs-014-03-0463

Abstract

Recently, Au et al. [Au et al. 2007] pointed out a seemingly neglected security concern for certificateless public key encryption (CL-PKE) scheme, where a malicious key generation center (KGC) can compromise the confidentiality of the messages by embedding extra trapdoors in the system parameter. Although some schemes are secure against such an attack, they require random oracles to prove the security. In this paper, we first show that two existing CL-PKE schemes without random oracles are not secure against malicious KGC, we then propose the first CL-PKE scheme secure against malicious KGC attack, with proof in the standard model.

Keywords

certificateless encryption, malicious KGC attack, standard model