Revocation-free public-key encryption based on security-mediated public-key infrastructure

C. M. Lo, T. Hwang, C. M. Li

Research output: Contribution to journalArticlepeer-review

5 Citations (Scopus)

Abstract

Public-key certificates, which are used to associate public keys with certificate owner identifiers, play an important role in public-key infrastructures. Each public-key certificate must be revoked as soon as its corresponding private key is compromised, lost or invalid. Before a public key is used, its associated public-key certificate must therefore be verified to ensure that it has not been revoked. However, the revocation and revocation notification of public keys are sometimes costly in terms of communication and computation requirements. A new unimplemented public-key encryption is proposed, which allows a user to update his private key without changing the corresponding public key, so that public-key revocation and revocation verification are not needed. In addition, the proposed scheme provides the following benefits: (1) prompt disabling of decryption capability (users' decryption ability can be revoked in real time); (2) personal key privacy (users select their partial private key without exposing it to certificate authorities) and (3) chosen-ciphertext security (the proposed scheme is provably secure against adaptive chosen-ciphertext attacks, in the random oracle model).

Original languageEnglish
Pages (from-to)134-141
Number of pages8
JournalIET Information Security
Volume1
Issue number3
DOIs
Publication statusPublished - 2007 Sept 28

All Science Journal Classification (ASJC) codes

  • Software
  • Information Systems
  • Computer Networks and Communications

Fingerprint

Dive into the research topics of 'Revocation-free public-key encryption based on security-mediated public-key infrastructure'. Together they form a unique fingerprint.

Cite this