Leakage-Resilient Revocable Certificateless Encryption with an Outsourced Revocation Authority

Tseng, Yuh-Min; Huang, Sen-Shan; Tsai, Tung-Tso; Chuang, Yun-Hsin; Hung, Ying-Hao

doi:10.15388/22-INFOR474

Informatica

Leakage-Resilient Revocable Certificateless Encryption with an Outsourced Revocation Authority

Volume 33, Issue 1 (2022), pp. 151–179

Yuh-Min Tseng Sen-Shan Huang Tung-Tso Tsai Yun-Hsin Chuang Ying-Hao Hung

https://doi.org/10.15388/22-INFOR474

Pub. online: 24 January 2022 Type: Research Article

Open Access

Received
1 March 2021

Accepted
1 January 2022

Published
24 January 2022

Abstract

To resolve both certificate management and key escrow problems, a certificateless public-key system (CLPKS) has been proposed. However, a CLPKS setting must provide a revocation mechanism to revoke compromised users. Thus, a revocable certificateless public-key system (RCLPKS) was presented to address the revocation issue and, in such a system, the key generation centre (KGC) is responsible to run this revocation functionality. Furthermore, a RCLPKS setting with an outsourced revocation authority (ORA), named RCLPKS-ORA setting, was proposed to employ the ORA to alleviate the KGC’s computational burden. Very recently it was noticed that adversaries may adopt side-channel attacks to threaten these existing conventional public-key systems (including CLPKS, RCLPKS and RCLPKS-ORA). Fortunately, leakage-resilient cryptography offers a solution to resist such attacks. In this article, the first leakage-resilient revocable certificateless encryption scheme with an ORA, termed LR-RCLE-ORA scheme, is proposed. The proposed scheme is formally shown to be semantically secure against three types of adversaries in the RCLPKS and RCLPKS-ORA settings while resisting side-channel attacks. In the proposed scheme, adversaries are allowed to continually extract partial ingredients of secret keys participated in various computational algorithms of the proposed scheme while retaining its security.

References

Abdalla, M., Belaid, S., Fouque, P. (2013). Leakage-resilient symmetric encryption via re-keying. In: CHES’13, LNCS, Vol. 8086, pp. 471–488.

Akavia, A., Goldwasser, S., Vaikuntanathan, V. (2009). Simultaneous hardcore bits and cryptography against memory attacks. In: TCC’09, LNCS, Vol. 5444, pp. 474–495.

Al-Riyami, S.S., Paterson, K.G. (2003). Certificateless public key cryptography. In: ASIACRYPT’03, LNCS, Vol. 2894, pp. 452–473.

Alwen, J., Dodis, Y., Wichs, D. (2009). Leakage-resilient public-key cryptography in the bounded-retrieval model. In: CRYPTO’09, LNCS, Vol. 5677, pp. 36–54.

Boneh, D., Franklin, M. (2001). Identity-based encryption from the Weil pairing. In: CRYPTO’01, LNCS, Vol. 2139, pp. 213–229.

Boneh, D., Boyen, X., Goh, E.J. (2005). Hierarchical identity-based encryption with constant size ciphertext. In: EUROCRYPT, LNCS, Vol. 3494, pp. 440–456.

Brakerski, Z., Kalai, Y.T., Katz, J., Vaikuntanathan, V. (2010). Cryptography resilient to continual memory leakage. In: 51st Annual IEEE Symposium on Foundations of Computer Science. IEEE Press, pp. 501–510.

Bronchain, O., Momin, C., Peters, T., Standaert, F. (2021). Improved leakage-resistant authenticated encryption based on hardware AES coprocessors. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2021(3), 641–676.

Brumley, D., Boneh, D. (2005). Remote timing attacks are practical. Computer Networks, 48(5), 701–716.

Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A. (2008). Fuzzy extractors: How to generate strong keys from biometrics and other noisy data. SIAM Journal on Computing, 38(1), 97–139.

Du, H., Wen, Q., Zhang, S. (2018). A provably-secure outsourced revocable certificateless signature scheme without bilinear pairings. IEEE Access, 6, 73846–73855.

Galindo, D., Virek, S. (2013). A practical leakage-resilient signature scheme in the generic group model. In: SAC’12, LNCS, Vol. 7707, pp. 50–65.

Galindo, D., Grobschadl, J., Liu, Z., Vadnala, P.K., Vivek, S. (2016). Implementation of a leakage-resilient ElGamal key encapsulation mechanism. Journal of Cryptographic Engineering, 6(3), 229–238.

Hazay, C., López-Alt, A., Wee, H., Wichs, D. (2013). Leakage-resilient cryptography from minimal assumptions. In: EUROCRYPT’13, LNCS, Vol. 7881, pp. 160–176.

Housley, R., Polk, W., Ford, W., Solo, D. (2002). Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. IETF, RFC 3280.

Hsieh, T.-C., Tseng, Y.-M., Huang, S.-S. (2020). A leakage-resilient certificateless authenticated key exchange protocol withstanding side-channel attacks. IEEE Access, 8, 121795–121810.

Hung, Y.-H., Tseng, Y.-M., Huang, S.S. (2016). A revocable certificateless short signature scheme and its authentication application. Informatica, 27(3), 549–572.

Katz, J., Vaikuntanathan, V. (2009). Signature schemes with bounded leakage resilience. In: ASIACRYPT’09, LNCS, Vol. 5912, pp. 703–720.

Kiltz, E., Pietrzak, K. (2010). Leakage resilient elgamal encryption. In: ASIACRYPT’10, LNCS, Vol. 6477, pp. 595–612.

Kocher, P.C. (1996). Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In: CRYPTO’96, LNCS, Vol. 1163, pp. 104–113.

Kocher, P., Jaffe, J., Jun, B. (1999). Differential power analysis. In: CRYPTO’99, LNCS, Vol. 1666, pp. 388–397.

Li, Y., Cheng, Q., Liu, X., Li, X. (2021). A secure anonymous identity-based scheme in new authentication architecture for mobile edge computing. IEEE Systems Journal, 15(1), 935–946.

Li, J., Guo, Y., Yu, Q., Lu, Y., Zhang, Y. (2016). Provably secure identity based encryption resilient to post-challenge continuous auxiliary input leakage. Security and Communication Network, 9(10), 1016–1024.

Li, S., Zhang, F., Sun, Y., Shen, L. (2013). Efficient leakage-resilient public key encryption from DDH assumption. Cluster Computing, 16(4), 797–806.

Liu, S., Weng, J., Zhao, Y. (2013). Efficient public key cryptosystem resilient to key leakage chosen ciphertext attacks. In: CTRSA’13, LNCS, Vol. 7779, pp. 84–100.

Naor, M., Segev, G. (2009). Public-key cryptosystems resilient to key leakage. In: CRYPTO’09, LNCS, Vol. 5677, pp. 18–35.

Naor, M., Segev, G. (2012). Public-key cryptosystems resilient to key leakage. SIAM Journal on Computing, 41(4), 772–814.

Scott, M. (2011). On the efficient implementation of pairing-based protocols. In: Cryptography and Coding, LNCS, Vol. 7089, pp. 296–308.

Shen, L., Zhang, F., Sun, Y. (2014). Efficient revocable certificateless encryption secure in the standard model. Computer Journal, 57(4), 592–601.

Tsai, T.-T., Tseng, Y.-M. (2015). Revocable certificateless public key encryption. IEEE Systems Journal, 9(3), 824–833.

Tsai, T.-T., Tseng, Y.-M., Huang, S.-S. (2015). Efficient revocable certificateless public key encryption with a delegated revocation authority. Security and Communication Networks, 8(18), 3713–3725.

Tsai, T.-T., Chuang, Y.-H., Tseng, Y.-M., Huang, S.-S., Hung, Y.-H. (2021). A leakage-resilient ID-based authenticated key exchange protocol with a revocation mechanism. IEEE Access, 9, 128633–128647.

Tseng, Y.-M., Tsai, T.-T. (2012). Efficient revocable ID-based encryption with a public channel. Computer Journal, 55(4), 475–486.

Tseng, Y.-M., Wu, J.-D., Huang, S.-S., Tsai, T.-T. (2020). Leakage-resilient outsourced revocable certificateless signature with a cloud revocation server. Information Technology and Control, 49(4), 464–481.

Unterstein, F., Schink, M., Schamberger, T., Tebelmann, L., Ilg, M., Heyszl, J. (2020). Retrofitting leakage resilient authenticated encryption to microcontrollers. IACR Transactions on Cryptographic Hardware and Embedded Systems, 2020(4), 365–388.

Wu, J.-D., Tseng, Y.-M., Huang, S.-S., Chou, W.-C. (2018). Leakage-resilient certificateless key encapsulation scheme. Informatica, 29(1), 125–155.

Wu, J.-D., Tseng, Y.-M., Huang, S.-S. (2019). An identity-based authenticated key exchange protocol resilient to continuous key leakage. IEEE Systems Journal, 13(4), 3968–3979.

Wu, J.-D., Tseng, Y.-M., Huang, S.-S., Tsai, T.-T. (2020). Leakage-resilient revocable identity-based signature with cloud revocation authority. Informatica, 31(3), 597–620.

Xiong, H., Yuen, T.-H., Zhang, C., Yiu, S.-M., He, Y.-J. (2013). Leakage-resilient certificateless public key encryption. In: The first ACM workshop on Asia Public-Key Cryptography. ACM Press, pp. 13–22.

Yuen, T.-H., Chow, S.S.M., Zhang, Y., Yiu, S.-M. (2012). Identity-based encryption resilient to continual auxiliary leakage. In: EUROCRYPT’12, LNCS, Vol. 7237, pp. 117–134.

Zhou, Y., Yang, B., Zhang, W. (2016). Provably secure and efficient leakage-resilient certificateless signcryption scheme without bilinear pairing. Discrete Applied Mathematics, 204, 185–202.

Biographies

Tseng Yuh-Min

ymtseng@cc.ncue.edu.tw

Y.-M. Tseng is currently the vice president and a professor in the Department of Mathematics, National Changhua University of Education, Taiwan. He is a member of IEEE Computer Society, IEEE Communications Society and the Chinese Cryptology and Information Security Association (CCISA). He has published over one hundred scientific journal papers on various research areas of cryptography, security and computer network. His research interests include cryptography, network security, computer network and leakage-resilient cryptography. He serves as an editor of several international journals.

Huang Sen-Shan

S.-S. Huang is currently a professor in the Department of Mathematics, National Changhua University of Education, Taiwan. His research interests include number theory, cryptography, and leakage-resilient cryptography. He received his PhD from the University of Illinois at Urbana-Champaign in 1997 under the supervision of Professor Bruce C. Berndt.

Tsai Tung-Tso

T.-T. Tsai is currently an assistant professor in the Department of Computer Science and Engineering, National Taiwan Ocean University, Taiwan. His research interests include applied cryptography, pairing-based cryptography and leakage-resilient cryptography. He received the PhD degree from the Department of Mathematics, National Changhua University of Education, Taiwan, in 2014, under the supervision of Professor Yuh-Min Tseng.

Chuang Yun-Hsin

Y.-H. Chuang received the PhD degree from the Department of Computer Science and Engineering, National Taiwan University, Taiwan, in 2020. His research interests include information security, cryptography and leakage-resilient cryptography.

Hung Ying-Hao

Y.-H. Hung received the PhD degree from the Department of Mathematics, National Changhua University of Education, Taiwan, in 2017 under the supervision of Professor Yuh-Min Tseng. His research interests include applied cryptography and pairing-based cryptography.

Full article Related articles Cited by

Open access article under the CC BY license.

Keywords

leakage-resilience certificateless encryption revocation key encapsulation

Funding

This research was partially supported by Ministry of Science and Technology, Taiwan, under contract no. MOST110-2221-E-018-006-MY2, MOST110-2221-E-018-007-MY2 and MOST110-2222-E-019-001-MY2.

Metrics

since January 2020

1046

Article info
views

539

Full article
views

607

PDF
downloads

158

XML
downloads

RSS

Authors

Abstract

References

Biographies

Export citation

Copy and paste formatted citation

Download citation in file