1. Home
  2. Issues
  3. Volume 34, Issue 1 (2023)
  4. Fully Continuous Leakage-Resilient Certi ...

Informatica


Fully Continuous Leakage-Resilient Certificate-Based Signcryption Scheme for Mobile Communications
Volume 34, Issue 1 (2023), pp. 199–222
Pub. online: 19 December 2022      Type: Research Article      Open accessOpen Access
Received
1 September 2022
Accepted
1 December 2022
Published
19 December 2022

Abstract

Due to the popularity of mobile communication, many computing devices are exposed to remote environments without physical protection so that these devices easily suffer from leakage attacks (e.g., side-channel attacks). Under such leakage attacks, when a computing device performs some cryptographic algorithm, an adversary may acquire partial bits of secret keys participated in this cryptographic algorithm. To resist leakage attacks, researchers offer leakage-resilient cryptography as a solution. A signcryption scheme combines signing and encrypting processes to simultaneously provide both authentication and confidentiality, which is an important cryptographic primitive. Indeed, many leakage-resilient signcryption schemes under various public key system (PKS) settings were proposed. Unfortunately, these schemes still have two shortcomings, namely, bounded leakage resilience and conditionally continuous leakage resilience. In this paper, a “fully” continuous leakage-resilient certificate-based signcryption (FCLR-CBSC) scheme is proposed. Security analysis is formally proved to show that our scheme possesses both authentication and confidentiality against two types of adversaries in the certificate-based PKS setting. Performance analysis and simulation experience show that our scheme is suited to run on both a PC and a mobile device.

References

 
Ali, I., Lawrence, T., Omala, A., Li, F. (2020). An efficient hybrid signcryption scheme with conditional privacy-preservation for heterogeneous vehicular communication in VANETs. IEEE Transactions on Vehicular Technology, 69(10), 11266–11280.
 
Al-Riyami, S., Paterson, K. (2003). Certificateless public key cryptography. In: ASIACRYPT’03, LNCS, Vol. 2894, pp. 452–473.
 
Alwen, J., Dodis, Y., Wichs, D. (2009). Leakage-resilient public-key cryptography in the bounded-retrieval model. In: Crypto’09, LNCS, Vol. 5677, pp. 36–54.
 
Biham, E., Carmeli, Y., Shamir, A. (2008). Bug attacks. In: Crypto’08, LNCS, Vol. 5157, pp. 221–240.
 
Boneh, D., Franklin, M. (2001). Identity-based encryption from the Weil pairing. In: Crypto’01, LNCS, Vol. 2139, pp. 213–229.
 
Boneh, D., Boyen, X., Goh, E. (2005). Hierarchical identity-based encryption with constant size ciphertext. In: Eurocrypt’05, LNCS, Vol. 3494, pp. 440–456.
 
Brumley, D., Boneh, D. (2005). Remote timing attacks are practical. Computer Networks, 48(5), 701–716.
 
Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A. (2008). Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM Journal on Computing, 38(1), 97–139.
 
Dodis, Y., Haralambiev, K., Lopez-Alt, A., Wichs, D. (2010). Cryptography resilient to continual memory leakage. In: 51st Annual IEEE Symposium on Foundations of Computer Science, pp. 501–510.
 
Galindo, D., Virek, S. (2013). A practical leakage-resilient signature scheme in the generic group model. In: SAC’12, LNCS, Vol. 7707, pp. 50–65.
 
Galindo, D., Grobschadl, J., Liu, Z., Vadnala, P., Vivek, S. (2016). Implementation of a leakage-resilient ElGamal key encapsulation mechanism. Journal of Cryptographic Engineering, 6(3), 229–238.
 
Gentry, C. (2003). Certificate-based encryption and the certificate revocation problem. In: EUROCRYPT’03, LNCS, Vol. 2656, pp. 272–293.
 
Hussain, S., Ullah, I., Khattak, H., Adnan, M., Kumari, S., Ullah, S., Khan, M., Khattak, S. (2020). A lightweight and formally secure certificate based signcryption with proxy re-encryption (CBSRE) for internet of things enabled smart grid. IEEE Access, 8, 93230–93248.
 
Katz, J., Vaikuntanathan, V. (2009). Signature schemes with bounded leakage resilience. In: Asiacrypt’09, LNCS, Vol. 5912, pp. 703–720.
 
Khan, M., Ullah, I., Nisar, S., Noor, F., Qureshi, I., Khanzada, F., Amin, N. (2020). An efficient and provably secure certificateless key-encapsulated signcryption scheme for flying ad-hoc network. IEEE Access, 8, 36807–36828.
 
Kiltz, E., Pietrzak, K. (2010). Leakage resilient Elgamal encryption. In: Asiacrypt’10, LNCS, Vol. 6477, pp. 595–612.
 
Kocher, P., Jaffe, J., Jun, B. (1999). Differential power analysis. In: Crypto’99, LNCS, Vol. 1666, pp. 388–397.
 
Peng, A.-L., Tseng, Y.-M., Huang, S.-S. (2021). An efficient leakage-resilient authenticated key exchange protocol suitable for IoT devices. IEEE Systems Journal, 15(4), 5343–5354.
 
Rivest, R., Shamir, A., Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120–126.
 
Tsai, T.-T., Huang, S.-S., Tseng, Y.-M., Chuang, Y.-H., Hung, Y.-H. (2022). Leakage-resilient certificate-based authenticated key exchange protocol. IEEE Open Journal of the Computer Society, 3, 137–148.
 
Tseng, Y.-M., Wu, J.-D., Huang, S.-S., Tsai, T.-T. (2020). Leakage-resilient outsourced revocable certificateless signature with a cloud revocation server. Information Technology and Control, 49(4), 464–481.
 
Tseng, Y.-M., Chen, J.-L., Huang, S.-S. (2021). A lightweight leakage-resilient identity-based mutual authentication and key exchange protocol for resource-limited devices. Computer Networks, 196, 108246.
 
Tseng, Y.-M., Huang, S.-S., Tsai, T.-T., Chuang, Y.-H., Hung, Y.-H. (2022). Leakage-resilient revocable certificateless encryption with an outsourced revocation authority. Informatica, 33(1), 151–179.
 
Ullah, I., Alomari, A., Amin, N., Khan, M., Khattak, H. (2019). An energy efficient and formally secured certificate-based signcryption for wireless body area networks with the internet of things. Electronics, 8(10), 1171.
 
Ullah, S., Li, X., Lan, Z. (2020). A novel trusted third party based signcryption scheme. Multimedia Tools and Applications, 79, 22749–22769.
 
Wu, Y., Gong, B., Zhang, Y. (2022). An improved efficient certificateless hybrid signcryption scheme for internet of things. Wireless Communications and Mobile Computing, 2022, 6945004.
 
Wu, J.-D., Tseng, Y.-M., Huang, S.-S., Chou, W.-C. (2018). Leakage-resilient certificateless key encapsulation scheme. Informatica, 29(1), 125–155.
 
Wu, J.-D., Tseng, Y.-M., Huang, S.-S., Tsai, T.-T. (2019). Leakage-resilient certificate-based signature resistant to side-channel attacks. IEEE Access, 7(1), 19041–19053.
 
Wu, J.-D., Tseng, Y.-M., Huang, S.-S., Tsai, T.-T. (2020a). Leakage-resilient certificate-based key encapsulation scheme resistant to continual leakage. IEEE Open Journal of the Computer Society, 1, 131–144.
 
Wu, J.-D., Tseng, Y.-M., Huang, S.-S., Tsai, T.-T. (2020b). Leakage-resilient revocable identity-based signature with cloud revocation authority. Informatica, 31(3), 597–620.
 
Xiong, H., Qin, Z. (2015). Revocable and scalable certificateless remote authentication protocol with anonymity for wireless body area networks. IEEE Transactions on Information Forensics and Security, 10(7), 1442–1455.
 
Yang, Q., Zhou, Y., Yu, Y. (2019). Leakage-resilient certificateless signcryption scheme. In: GLOBECOM Workshops, pp. 1–6.
 
Zheng, Y. (1997). Digital signcryption or how to achieve cost (signature & encryption) cost (signature)+ cost (encryption). In: Annual International Cryptology Conference, LNCS, Vol. 1294, pp. 165–179.
 
Zhou, Y., Yang, B., Zhang, W. (2016). Provably secure and efficient leakage-resilient certificateless signcryption scheme without bilinear pairing. Discrete Applied Mathematics, 204, 185–202.
 
Zhou, Y., Xu, Y., Qiao, Z., Yang, B., Zhang, M. (2021). Continuous leakage-resilient certificate-based signcryption scheme and application in cloud computing. Theoretical Computer Science, 860, 1–22.

Full article Related articles Cited by PDF XML
Full article Related articles Cited by PDF XML

Copyright
© 2023 Vilnius University
Open access article under the CC BY license.

Keywords
leakage attacks signcryption certificate-based public key system leakage resilience

Metrics
since January 2020
520

Article info
views

256

Full article
views

351

PDF
downloads

99

XML
downloads


Share


RSS