Abstract
Certificate-based encryption (CBE) is a very useful cryptographic primitive which not only simplifies the certificate management in traditional public-key encryption, but also solves the key escrow problem inherent in identity-based encryption. How to construct a provably-secure CBE scheme without using random oracles has been attracting the attentions of the research community. Recently, Lu et al. introduced a CBE scheme and claimed that their scheme is secure against adaptive chosen ciphertext attacks even considering a malicious certification authority (CA). In this paper, we demonstrate that a chosen ciphertext attacker can easily distinguish the challenge ciphertext generated by the challenger according to their security model. Further, the CA can trivially decrypt any entity’s ciphertext without knowing the entity’s secret key. In addition, we also point out that their security proof has some flaws and give a new CBE scheme secure against malicious CA attacks in the standard model.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
