A survey of certificateless encryption schemes and security models |
| |
Authors: | Alexander W Dent |
| |
Affiliation: | (1) Information Security Group, Royal Holloway, Egham Hill, Egham, Surrey, UK |
| |
Abstract: | This paper surveys the literature on certificateless encryption schemes. In particular, we examine the large number of security
models that have been proposed to prove the security of certificateless encryption schemes and propose a new nomenclature
for these models. This allows us to “rank” the notions of security for a certificateless encryption scheme against an outside
attacker and a passive key generation centre, and we suggest which of these notions should be regarded as the “correct” model
for a secure certificateless encryption scheme. We also examine the security models that aim to provide security against an
actively malicious key generation centre and against an outside attacker who attempts to deceive a legitimate sender into
using an incorrect public key (with the intention to deny the legitimate receiver that ability to decrypt the ciphertext).
We note that the existing malicious key generation centre model fails to capture realistic attacks that a malicious key generation
centre might make and propose a new model. Lastly, we survey the existing certificateless encryption schemes and compare their
security proofs. We show that few schemes provide the “correct” notion of security without appealing to the random oracle
model. The few schemes that do provide sufficient security guarantees are comparatively inefficient. Hence, we conclude that
more research is needed before certificateless encryption schemes can be thought to be a practical technology. |
| |
Keywords: | Cryptography Public-key cryptography Certificateless cryptography Certificateless encryption |
本文献已被 SpringerLink 等数据库收录! |
|