Abstract
To resolve both certificate management and key escrow problems, a certificateless public-key system (CLPKS) has been proposed. However, a CLPKS setting must provide a revocation mechanism to revoke compromised users. Thus, a revocable certificateless public-key system (RCLPKS) was presented to address the revocation issue and, in such a system, the key generation centre (KGC) is responsible to run this revocation functionality. Furthermore, a RCLPKS setting with an outsourced revocation authority (ORA), named RCLPKS-ORA setting, was proposed to employ the ORA to alleviate the KGC’s computational burden. Very recently it was noticed that adversaries may adopt side-channel attacks to threaten these existing conventional public-key systems (including CLPKS, RCLPKS and RCLPKS-ORA). Fortunately, leakage-resilient cryptography offers a solution to resist such attacks. In this article, the first leakage-resilient revocable certificateless encryption scheme with an ORA, termed LR-RCLE-ORA scheme, is proposed. The proposed scheme is formally shown to be semantically secure against three types of adversaries in the RCLPKS and RCLPKS-ORA settings while resisting side-channel attacks. In the proposed scheme, adversaries are allowed to continually extract partial ingredients of secret keys participated in various computational algorithms of the proposed scheme while retaining its security.
Highlights
To eliminate the management of both public keys and their associated certificates in the traditional public-key systems (PKS), an identity (ID)-based public-key system (IDPKS) was proposed (Boneh and Franklin, 2001)
A revocable certificateless public-key system (RCLPKS) setting with an outsourced revocation authority (ORA), named RCLPKS-ORA setting (Tsai et al, 2015; Du et al, 2018), was presented to employ the ORA to alleviate the key generation centre (KGC)’s computational burden
A RCLPKS setting with an outsourced revocation authority (ORA), named RCLPKS-ORA setting, can revoke compromised users and alleviate the KGC’s revocation computation burden
Summary
To eliminate the management of both public keys and their associated certificates in the traditional public-key systems (PKS), an identity (ID)-based public-key system (IDPKS) was proposed (Boneh and Franklin, 2001). In an IDPKS setting, a private key generator (PKG) is responsible to generate all participants’ secret keys. Can decrypt any ciphertexts of all participants and sign any messages on behalf of all participants To resolve both certificate management and key escrow problems, Al-Riyami and Paterson (2003) proposed the certificateless public-key system (CLPKS). Each user chooses a personal secret key and sets the associated public key. Tseng and Tsai (2012) has presented a revocable IDPKS setting By this revocable concept of Tseng and Tsai, revocable CLPKS (RCLPKS) settings (Shen et al, 2014; Tsai and Tseng, 2015; Hung et al, 2016) were presented to address the revocation issue and the key generation center (KGC) is responsible to run this revocation functionality. Our aim is to propose the first leakage-resilient revocable certificateless encryption (LRRCLE) scheme with an outsourced revocation authority (ORA), termed LR-RCLE-ORA scheme
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
