Leakage-Resilient Hybrid Signcryption in Heterogeneous Public-key Systems

Ho, Ting-Chieh; Tseng, Yuh-Min; Huang, Sen-Shan

doi:10.15388/24-INFOR546

Informatica

Leakage-Resilient Hybrid Signcryption in Heterogeneous Public-key Systems

Volume 35, Issue 1 (2024), pp. 131–154

Ting-Chieh Ho Yuh-Min Tseng Sen-Shan Huang

https://doi.org/10.15388/24-INFOR546

Pub. online: 6 March 2024 Type: Research Article

Open Access

Received
1 September 2023

Accepted
1 February 2024

Published
6 March 2024

Abstract

Signcryption integrates both signature and encryption schemes into single scheme to ensure both content unforgeability (authentication) and message confidentiality while reducing computational complexity. Typically, both signers (senders) and decrypters (receivers) in a signcryption scheme belong to the same public-key systems. When signers and decrypters in a signcryption scheme belong to heterogeneous public-key systems, this scheme is called a hybrid signcryption scheme which provides more elastic usage than typical signcryption schemes. In recent years, a new kind of attack, named side-channel attack, allows adversaries to learn a portion of the secret keys used in cryptographic algorithms. To resist such an attack, leakage-resilient cryptography has been widely discussed and studied while a large number of leakage-resilient schemes have been proposed. Also, numerous hybrid signcryption schemes under heterogeneous public-key systems were proposed, but none of them possesses leakage-resilient property. In this paper, we propose the first hybrid signcryption scheme with leakage resilience, called leakage-resilient hybrid signcryption scheme, in heterogeneous public-key systems (LR-HSC-HPKS). Security proofs are demonstrated to show that the proposed scheme provides both authentication and confidentiality against two types of adversaries in heterogeneous public-key systems.

References

Akavia, A., Goldwasser, S., Vaikuntanathan, V. (2009). Simultaneous hardcore bits and cryptography against memory attacks. In: Theory of Cryptography, TCC’09, LNCS, Vol. 5444, pp. 474–495.

Ali, I., Lawrence, T., Omala, A.A., Li, F. (2020). An efficient hybrid signcryption scheme with conditional privacy-preservation for heterogeneous vehicular communication in VANETs. IEEE Transactions on Vehicular Technology, 69(10), 11266–11280.

Al-Riyami, S., Paterson, K. (2003). Certificateless public key cryptography. In: Advances in Cryptology – ASIACRYPT 2003, LNCS, 2894, pp. 452–473.

Alwen, J., Dodis, Y., Wichs, D. (2009). Leakage-resilient public-key cryptography in the bounded-retrieval model. In: Advances in Cryptology – CRYPTO 2009, LNCS, Vol. 5677, pp. 36–54.

Baek, J., Steinfeld, R., Zheng, Y. (2007). Formal proofs for the security of signcryption. Journal of Cryptology, 20(2), 203–235.

Barbosa, M., Farshim, P. (2008). Certificateless signcryption. In: Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security, ASIACCS’08, pp. 369–372.

Biham, E., Carmeli, Y., Shamir, A. (2008). Bug attacks. In: Advances in Cryptology – CRYPTO 2008, LNCS, Vol. 5157, pp. 221–240.

Boneh, D., Franklin, M. (2001). Identity-based encryption from the Weil pairing. In: Advances in Cryptology – CRYPTO 2001, LNCS, 2139, pp. 213–229.

Boneh, D., Boyen, X., Goh, E. (2005). Hierarchical identity-based encryption with constant size ciphertext. In: Advances in Cryptology–EURO–CRYPT 2005, Eurocrypt’05, LNCS, Vol. 3494, pp. 440–456.

Brumley, D., Boneh, D. (2005). Remote timing attacks are practical. Computer Networks, 48(5), 701–716.

Dodis, Y., Ostrovsky, R., Reyzin, L., Smith, A. (2008). Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM Journal on Computing, 38(1), 97–139.

Elkhalil, A., Zhang, J., Elhabob, R., Eltayieb, N. (2021). An efficient signcryption of heterogeneous systems for internet of vehicles. Journal of Systems Architecture, 113, 101885.

Galindo, D., Virek, S. (2013). A practical leakage-resilient signature scheme in the generic group model. In: Selected Areas in Cryptography, SAC’12, LNCS, Vol. 7707, pp. 50–65.

Galindo, D., Grobschadl, J., Liu, Z., Vadnala, P., Vivek, S. (2016). Implementation of a leakage-resilient ElGamal key encapsulation mechanism. Journal of Cryptographic Engineering, 6(3), 229–238.

Hou, Y., Huang, X., Chen, Y., Kumari, S., Xiong, H. (2021). Heterogeneous signcryption scheme supporting equality test from PKI to CLC toward IoT. Transactions on Emerging Telecommunications Technologies, 32(8), e4190.

Huang, Q., Wong, D.-S., Yang, G. (2011). Heterogeneous signcryption with key privacy. Computer Journal, 54(4), 525–536.

Karati, A., Islam, S.H., Biswas, G.P., Bhuiyan, M.Z., Vijayakumar, P., Karuppiah, M. (2018). Provably secure identity-based signcryption scheme for crowdsourced industrial Internet of Things environments. IEEE Internet of Things Journal, 5(4), 2904–2914.

Kiltz, E., Pietrzak, K. (2010). Leakage resilient Elgamal encryption. In: Advances in Cryptology – ASIACRYPT 2010, LNCS, Vol. 6477, pp. 595–612.

Li, C., Yang, G., Wong, D., Deng, X., Chow, S.S.M. (2010). An efficient signcryption scheme with key privacy and its extension to ring signcryption. Journal of Computing and Security, 18(3), 451–473.

Li, F., Xiong, P. (2013). Practical secure communication for integrating wireless sensor networks into the Internet of Things. IEEE Sensors Journal, 13(10), 3677–3684.

Li, F., Shirase, M., Takagi, T. (2013a). Certificateless hybrid signcryption. Mathematical and Computer Modelling, 57, 324–343.

Li, F., Zhang, H., Takagi, T. (2013b). Efficient signcryption for heterogeneous systems. IEEE Systems Journal, 7(3), 420–429.

Li, F., Han, Y., Jin, C. (2016a). Practical access control for sensor networks in the context of the internet of things. Computer Communications, 89–90, 154–164.

Li, F., Han, Y., Jin, C. (2016b). Practical signcryption for secure communication of wireless sensor networks. Wireless Personal Communications, 89, 1391–1412.

Liu, J., Zhang, L., Sun, R., Du, X., Guizani, M. (2018). Mutual heterogeneous signcryption schemes for 5G network slicings. IEEE Access, 6, 7854–7863.

Niu, S., Shao, H., Su, Y., Wang, C. (2023). Efficient heterogeneous signcryption scheme based on edge computing for industrial internet of things. Journal of Systems Architecture, 136, 102836.

Pan, X., Jin, Y., Wang, Z., Li, F. (2022). A pairing-free heterogeneous signcryption scheme for unmanned aerial vehicles. IEEE Internet of Things Journal, 9(19), 19426–19437.

Peng, A.-L., Tseng, Y.-M., Huang, S.-S. (2021). An efficient leakage-resilient authenticated key exchange protocol suitable for IoT devices. IEEE Systems Journal, 15(4), 5343–5354.

Rivest, R., Shamir, A., Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of ACM, 21(2), 120–126.

Sun, Y., Li, H. (2010). Efficient signcryption between TPKC and IDPKC and its multi-receiver construction. Science China Information Sciences, 53, 557–566.

Tsai, T.-T., Tseng, Y.-M., Huang, S.-S. (2023). Leakage-resilient certificateless signcryption scheme under a continual leakage model. IEEE Access, 11, 54448–54461.

Tseng, Y.-M., Wu, J.-D., Huang, S.-S., Tsai, T.-T. (2020). Leakage-resilient outsourced revocable certificateless signature with a cloud revocation server. Information Technology and Control, 49(4), 464–481.

Tseng, Y.-M., Huang, S.-S., Tsai, T.-T. (2022a). Practical leakage-resilient signcryption scheme suitable for mobile environments. In: 2022 IEEE 11th Global Conference on Consumer Electronics (GCCE), Osaka, Japan, 2022, pp. 383–384. https://doi.org/10.1109/GCCE56475.2022.10014332.

Tseng, Y.-M., Huang, S.-S., Tsai, T.-T., Chuang, Y.-H., Hung, Y.-H. (2022b). Leakage-resilient revocable certificateless encryption with an outsourced revocation authority. Informatica, 33(1), 151–179.

Tseng, Y.-M., Tsai, T.-T., Huang, S.-S. (2023). Fully continuous leakage-resilient certificate-based signcryption scheme for mobile communications. Informatica, 34(1), 199–222.

Wei, G., Shao, J., Xiang, Y., Zhu, P., Lu, R. (2015). Obtain confidentiality or/and authenticity in big data by ID-based generalized signcryption. Information Sciences, 318, 111–122.

Wu, J.-D., Tseng, Y.-M., Huang, S.-S., Chou, W.-C. (2018). Leakage-resilient certificateless key encapsulation scheme. Informatica, 29(1), 125–155.

Wu, J.-D., Tseng, Y.-M., Huang, S.-S. (2019). An identity-based authenticated key exchange protocol resilient to continuous key leakage. IEEE Systems Journal, 13(4), 3968–3979.

Xie, J.-Y., Tseng, Y.-M., Huang, S.-S. (2023). Leakage-resilient anonymous multi-receiver certificateless encryption resistant to side-channel attacks. IEEE Systems Journal, 17(2), 2674–2685.

Xiong, H., Qin, Z. (2015). Revocable and scalable certificateless remote authentication protocol with anonymity for wireless body area networks. IEEE Transactions on Information Forensics and Security, 10(7), 1442–1455.

Xiong, H., Zhao, Y., Hou, Y., Huang, X., Jin, C., Wang, L., Kumari, S. (2021). Heterogeneous signcryption with equality test for IIoT environment. IEEE Internet of Things Journal, 8(21), 16142–16152.

Xiong, H., Hou, Y., Huang, X., Zhao, Y., Chen, C.-M. (2022). Heterogeneous signcryption scheme from IBC to PKI with equality test for WBANs. IEEE Systems Journal, 16(2), 2391–2400.

Zheng, Y. (1997). Digital signcryption or how to achieve cost (signature & encryption) cost (signature) + cost (encryption). In: Advances in Cryptology – CRYPTO ’97, LNCS, Vol. 1294, pp. 165–179.

Biographies

Ho Ting-Chieh

T.-C. Ho is currently working toward her PhD degree in the Department of Mathematics, National Changhua University of Education, Changhua, Taiwan. Her research interests include applied cryptography and leakage-resilience cryptography.

Tseng Yuh-Min

ymtseng@cc.ncue.edu.tw

Y.-M Tseng is currently the vice president and a professor in the Department of Mathematics, National Changhua University of Education, Taiwan. He is a member of IEEE Computer Society, IEEE Communications Society and the Chinese Cryptology and Information Security Association (CCISA). He has published over one hundred scientific journal papers on various research areas of cryptography, security and computer network. His research interests include cryptography, network security, computer network and leakage-resilient cryptography. He is an editor of several international journals.

Huang Sen-Shan

S.-S. Huang is currently a professor in the Department of Mathematics, National Changhua University of Education, Taiwan. His research interests include number theory, cryptography, and leakage-resilient cryptography. He obtained his PhD from the University of Illinois at Urbana-Champaign in 1997 under the supervision of Professor Bruce C. Berndt.

Full article Related articles

Open access article under the CC BY license.

Keywords

heterogeneous public-key systems side-channel attack leakage-resilience signcryption

Funding

This research was partially supported by National Science and Technology Council, Taiwan, under contract No. NSTC112-2221-E-018-011.

Metrics

since January 2020

210

Article info
views

109

Full article
views

129

PDF
downloads

XML
downloads

RSS

Authors

Abstract

References

Biographies

Export citation

Copy and paste formatted citation

Download citation in file