Informatica

The primitive of certificateless signature, since its invention, has become a widely studied paradigm due to the lack of key escrow problem and certificate management problem. However, this primitive cannot resist catastrophic damage caused by key exposure. Therefore, it is necessary to integrate revocation mechanism into certificateless signature. In this paper, we propose a new certificateless signature scheme with revocation (RCLS) and prove its security under the standard model. In the meanwhile, our scheme can resist malicious-but-passive Key Generation Center (KGC) attacks that were not possible in previous solutions. The theoretical analysis shows our scheme has high efficiency and practicality.

In a multi-decrypter encryption (MDE) scheme, a message encrypted under the public keys of multiple receivers can be recovered only when all the receivers designated by the sender are available (e.g. in a national security setting where a “Top Secret” document can only be decrypted and recovered when all the designated “keyholders” present the respective keys). Despite its effectiveness (i.e. without heavy computational overheads) in ensuring a message can only be read when all the designated parties are available, this is an under-researched topic (there are only two published MDE schemes in the literature, to the best of our knowledge). In this paper, we propose an efficient MDE scheme and prove its CCA2 security in the standard model under the decisional bilinear Diffie–Hellman assumption.

Up to date, a large number of ID-based signature (IBS) schemes based on bilinear pairings have been proposed. Most of these IBS schemes possess existential unforgeability under adaptive chosen-message attacks, among which some offer strong unforgeability. An IBS scheme is said to be strongly unforgeable if it possesses existential unforgeability and an adversary who is given signatures of the IBS scheme on some message m is unable to generate a new signature on m. Strong unforgeable IBS schemes can be used to construct many important ID-based cryptographic schemes. However, the existing strongly unforgeable IBS schemes lack efficiency for the signature size and the computation cost of verification phase. In this paper, we propose an efficient strongly unforgeable IBS scheme without random oracles. Under the computational Diffie–Hellman and collision resistant hash assumptions, we demonstrate that the proposed IBS scheme possesses strong unforgeability against adaptive chosen-message attacks. When compared with previously proposed strongly unforgeable IBS schemes, our scheme has better performance in terms of signature size and computation cost.

Up to now, there was very little work on studying the revocation problem in existing hierarchical ID-based encryption (HIBE) systems. Certainly, all existing HIBE systems may inherit the revocation method suggested by Boneh and Franklin to revoke illegal or expired users, in which non-revoked users must periodically update their private keys using secure channels by contacting their ancestors in hierarchical structures. In this paper, we propose the first HIBE scheme with public revocation mechanism, called revocable HIBE (RHIBE), which is extended from Lewko and Waters's unbounded HIBE scheme presented in Eurocrypt 2011. We demonstrate that the proposed RHIBE scheme is fully secure while removing the requirement of secure channels for private key updating in Boneh and Franklin's revocation method. The public revocation mechanism is an exciting alternative to the existing revocation methods. Finally, we discuss the transformation technique from a HIBE scheme to a RHIBE scheme and employ it to another well-known HIBE scheme.

Key-insulated cryptography is an important technique to protect private keys in identity-based (IB) cryptosytems. Despite the flurry of recent results on IB key-insulated encryption (IBKIE) and signature (IBKIS), a problem regarding the security and efficiency of practicing IBKIE and IBKIS as a joint IB key-insulated signature/encryption scheme with a common set of parameters and keys remains open. To deal with the above question, we propose an identity-based key-insulated signcryption (IBKISC) scheme. Compared with the Sign-then-Encrypt (StE) and Encrypt-then-Sign (EtS) using IBKIE and IBKIS in the standard model, our proposed IBKISC scheme is the fastest with the shortest ciphertext size.