Informatica

To resolve both certificate management and key escrow problems, a certificateless public-key system (CLPKS) has been proposed. However, a CLPKS setting must provide a revocation mechanism to revoke compromised users. Thus, a revocable certificateless public-key system (RCLPKS) was presented to address the revocation issue and, in such a system, the key generation centre (KGC) is responsible to run this revocation functionality. Furthermore, a RCLPKS setting with an outsourced revocation authority (ORA), named RCLPKS-ORA setting, was proposed to employ the ORA to alleviate the KGC’s computational burden. Very recently it was noticed that adversaries may adopt side-channel attacks to threaten these existing conventional public-key systems (including CLPKS, RCLPKS and RCLPKS-ORA). Fortunately, leakage-resilient cryptography offers a solution to resist such attacks. In this article, the first leakage-resilient revocable certificateless encryption scheme with an ORA, termed LR-RCLE-ORA scheme, is proposed. The proposed scheme is formally shown to be semantically secure against three types of adversaries in the RCLPKS and RCLPKS-ORA settings while resisting side-channel attacks. In the proposed scheme, adversaries are allowed to continually extract partial ingredients of secret keys participated in various computational algorithms of the proposed scheme while retaining its security.

Certificateless short signature (CLSS) possesses the advantages of both certificateless signature and short signature. CLSS eliminates the certificate management in conventional signatures and solves the key escrow problem in ID-based signatures. In the meantime, due to its short signature length, CLSS reduces the bandwidth for communication so that it is suitable for some specific authentication applications requiring bandwidth-constrained communication environments. However, up to now, there is no work on studying the revocation problem in existing CLSS schemes. In this article, we address the revocation problem and propose the first revocable certificateless short signature (RCLSS) scheme. Based on the computational Diffie–Hellman (CDH) assumption, we demonstrate that our RCLSS scheme possesses strong unforgeability against adaptive chosen-message attacks under an accredited security model. It turns out that our scheme has the shortest signature length while retaining computational efficiency. Thus, the proposed RCLSS scheme is well suited for low-bandwidth communication environments. Finally, we combine the proposed RCLSS scheme with cloud revocation authority (CRA) to present a CRA-aided authentication scheme with period-limited privileges for mobile multi-server environment.