Abstract
In the past, the security of most public-key encryption or key encapsulation schemes is shown in an ideal model, where private keys, secret keys and random values are assumed to be absolutely secure to adversaries. However, this ideal model is not practical due to side-channel attacks in the sense that adversaries could gain partial information of these secret values involved in decryption operations by perceiving energy consumption or execution timing. In such a case, these schemes under the ideal model could suffer from side-channel attacks. Recently, leakage-resilient cryptography resistant to side-channel attacks is an emerging research topic. Certificate-based encryption (CBE) or certificate-based key encapsulation (CB-KE) schemes are a class of important public-key encryption. However, little work addresses the design of leakage-resilient CBE (LR-CBE) or leakage-resilient CB-KE (LR-CB-KE) schemes. In this paper, we present the first LR-CB-KE scheme with overall unbounded leakage property which permits adversaries to continuously gain partial information of the system secret key of a trusted certificate authority (CA), the private keys and certificates of users, and random values. In the generic bilinear group model, formal security analysis is made to prove that the proposed LR-CB-KE scheme is secure against chosen ciphertext attacks.
Highlights
In traditional public-key settings [1], [2], the certificate of a user is used to create a link between her/his identity and public key while a public-key infrastructure (PKI) is constructed to manage certificates of all users
The security of the public-key settings mentioned above is shown in an ideal model, where private keys, secret keys and random values are assumed to be absolutely secure to adversaries
Certificate-based encryption (CBE) or certificatebased key encapsulation (CB-KE) schemes are a class of important public-key encryption
Summary
In traditional public-key settings [1], [2], the certificate of a user is used to create a link between her/his identity and public key while a public-key infrastructure (PKI) is constructed to manage certificates of all users. Based on a traditional public-key setting, Akavia et al [21] presented the first leakage-resilient encryption (LRE) scheme and the associated bounded leakage model Their LRE scheme is semantically secure against chosen plain-text attacks (CPA). In their LR-CBE scheme, adversaries are allowed to gain partial information of both the CA’s system secret key in the certificate generation phase and the user’s private key and certificate in the decryption phase Their LR-CBE scheme is constructed in the bounded leakage model. In the continuous leakage model, Li et al [35] proposed a new LR-CBE scheme In their scheme, adversaries are allowed to gain only partial information of the user’s private key and certificate, but random values involved in decryption phase and the CA’s system secret key are disallowed to be leaked to adversaries.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
