TY - JOUR
T1 - Leakage-Resilient Revocable Certificateless Encryption with an Outsourced Revocation Authority
AU - Tseng, Yuh Min
AU - Huang, Sen Shan
AU - Tsai, Tung Tso
AU - Chuang, Yun Hsin
AU - Hung, Ying Hao
N1 - Funding Information:
This research was partially supported by Ministry of Science and Technology, Taiwan, under contract no. MOST110-2221-E-018-006-MY2, MOST110-2221-E-018-007-MY2 and MOST110-2222-E-019-001-MY2.
Publisher Copyright:
© 2022 Vilnius University.
PY - 2022
Y1 - 2022
N2 - To resolve both certificate management and key escrow problems, a certificateless public-key system (CLPKS) has been proposed. However, a CLPKS setting must provide a revocation mechanism to revoke compromised users. Thus, a revocable certificateless public-key system (RCLPKS) was presented to address the revocation issue and, in such a system, the key generation centre (KGC) is responsible to run this revocation functionality. Furthermore, a RCLPKS setting with an outsourced revocation authority (ORA), named RCLPKS-ORA setting, was proposed to employ the ORA to alleviate the KGC's computational burden. Very recently it was noticed that adversaries may adopt side-channel attacks to threaten these existing conventional public-key systems (including CLPKS, RCLPKS and RCLPKS-ORA). Fortunately, leakage-resilient cryptography offers a solution to resist such attacks. In this article, the first leakage-resilient revocable certificateless encryption scheme with an ORA, termed LR-RCLE-ORA scheme, is proposed. The proposed scheme is formally shown to be semantically secure against three types of adversaries in the RCLPKS and RCLPKS-ORA settings while resisting side-channel attacks. In the proposed scheme, adversaries are allowed to continually extract partial ingredients of secret keys participated in various computational algorithms of the proposed scheme while retaining its security.
AB - To resolve both certificate management and key escrow problems, a certificateless public-key system (CLPKS) has been proposed. However, a CLPKS setting must provide a revocation mechanism to revoke compromised users. Thus, a revocable certificateless public-key system (RCLPKS) was presented to address the revocation issue and, in such a system, the key generation centre (KGC) is responsible to run this revocation functionality. Furthermore, a RCLPKS setting with an outsourced revocation authority (ORA), named RCLPKS-ORA setting, was proposed to employ the ORA to alleviate the KGC's computational burden. Very recently it was noticed that adversaries may adopt side-channel attacks to threaten these existing conventional public-key systems (including CLPKS, RCLPKS and RCLPKS-ORA). Fortunately, leakage-resilient cryptography offers a solution to resist such attacks. In this article, the first leakage-resilient revocable certificateless encryption scheme with an ORA, termed LR-RCLE-ORA scheme, is proposed. The proposed scheme is formally shown to be semantically secure against three types of adversaries in the RCLPKS and RCLPKS-ORA settings while resisting side-channel attacks. In the proposed scheme, adversaries are allowed to continually extract partial ingredients of secret keys participated in various computational algorithms of the proposed scheme while retaining its security.
UR - http://www.scopus.com/inward/record.url?scp=85126447330&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85126447330&partnerID=8YFLogxK
U2 - 10.15388/22-INFOR474
DO - 10.15388/22-INFOR474
M3 - Article
AN - SCOPUS:85126447330
SN - 0868-4952
VL - 33
SP - 151
EP - 179
JO - Informatica
JF - Informatica
IS - 1
ER -