Browse > Article
http://dx.doi.org/10.13089/JKIISC.2007.17.1.3

Security of two public key schemes with implicit certifications  

Park, Je-Hong (National Security Research Institute)
Lee, Dong-Hoon (National Security Research Institute)
Park, Sang-Woo (National Security Research Institute)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.17, no.1, 2007 , pp. 3-10 More about this Journal
Abstract
In this paper, we show that the status certificate-based encryption(SCBE) scheme proposed at ICISC 2004 and the certificateless signature(CLS) scheme proposed at EUC workshops 2006 are insecure. Both schemes are claimed that an adversary has no advantage if it controls only one of two participants making a cryptographic key such as a decryption key in SCBE or a signing key in CLS. But we will show that an adversary considered in the security model of each scheme can generate a valid cryptographic key by replacing the public key of a user.
Keywords
Certificate-based Encryption; Certificateless signature; Security analysis;
Citations & Related Records
연도 인용수 순위
  • Reference
1 A. Shamir, 'Identity-based cryptosystems and signature schemes,' Advances in Cryptology - CRYPTO 1984, LNCS 196, pp. 47-53, 1985
2 C. Gentry, 'Certificate-based encryption and the certificate revocation problem,' Advances in Cryptology-EUROCRYPT 2003, LNCS 2656, pp. 272-293, 2003
3 S.S. Al-Riyami and K.G. Paterson, 'Certificateless public key cryptography,' Advances in Cryptology-ASIACRYPT 2003, LNCS 2894, pp. 452-473, 2003
4 D. Boneh, C. Gentry, B. Lynn and H. Shacham, 'Aggregate and verifiably encrypted signatures from bilinear maps,' Advances in Cryptology-EUROCRYPT 2003, LNCS 2656, pp. 416-432, 2003
5 A.W. Dent, 'A survey of certificateless encryption schemes and security models,' Cryptology ePrint Archive, Report 2006/211
6 M.C. Gorantla and A. Saxena, 'An efficient certificateless signature scheme,' Computational Intelligence and Security-CIS 2005, LNAI 3802, pp. 110-116, 2005
7 D. Galindo, P. Morillo and C. Rafols, 'Breaking Yum and Lee generic construction of certificate-less and certificate-based encryption schemes,' Public Key Infrastructure-EuroPKI 2006, LNCS 4043, pp. 81-91, 2006
8 X. Cao, K.G. Paterson and W. Kou, “An attack on a certificateless signature scheme,” Cryptology ePrint Archive, Report 2006/367
9 D.H. Yum and P.J. Lee, 'Identity-based cryptography in public key management,' Public Key Infrastructure-EuroPKI 2004, LNCS 3093, pp. 71-84, 2004
10 X. Huang, W. Susilo, Y. Mu and F. Zhang, 'On the security of certificateless signature schemes from ASIACRYPT 2003,' Cryptology and Network Security-CANS 2005, LNCS 3810, pp. 13-25, 2005
11 S.S. Al-Riyami and K.G. Paterson, 'CBE from CL-PKE: A generic construction and efficient scheme,' Public Key Cryptography-PKC 2005, LNCS 3386, pp. 398-415, 2005
12 B.G. Kang and J.H. Park, 'Is it possible to have CBE from CL-PKE?' Cryptology ePrint Archive, Report 2005/431
13 D. Boneh and M. Franklin, 'Identity-based encryption from the Weil pairing,' SIAM J. Comput., vol. 32, no. 3, pp. 586-615, 2003   DOI   ScienceOn
14 D.H. Yum and P.J. Lee, 'Separable implicit certificate revocation,' Information Security and Cryptology - ICISC 2004, LNCS 3506, pp. 121-136, 2005
15 A. Boldyreva, 'Efficient threshold signature, multisignature and blind signature schemes based on the gap-Diffie-Hellman-group signature scheme,' Public Key Cryptography-PKC 2003, LNCS 2567, pp. 31-46, 2003
16 D.H. Yum and P.J. Lee, 'Generic construction of certificateless signature,' Information Security and Privacy-ACISP 2004, LNCS 3108, pp. 188-199, 2004
17 B.C. Hu, D.S. Wong, Z. Zhang and X. Deng, 'Key replacement attack against a generic construction of certificateless signature,' Information Security and Privacy-ACISP 2006, LNCS 4058, pp. 235-246, 2006
18 W.-S. Yap, S.-H. Heng and B.-M. Goi, 'An efficient certificateless signature scheme,' EUC Workshops 2006, LNCS 4097, pp. 322-331, 2006