Abstract: In recent years, much attention has been focused on designing provably secure cryptographic primitives in the presence of key leakage. Many constructions of leakage-resilient cryptographic primitives have been proposed. However, for any polynomial time adversary, most existing leakage-resilient cryptographic primitives cannot ensure that their outputs are random, and any polynomial time adversary can obtain a certain amount of leakage on the secret key from the corresponding output of a cryptographic primitive. In this study, to achieve better performance, a new construction of a chosen ciphertext attack 2 (CCA2) secure, leakage-resilient, and certificateless public-key encryption scheme is proposed, whose security is proved based on the hardness of the classic decisional Diffie-Hellman assumption. According to our analysis, our method can tolerate leakage attacks on the private key. This method also achieves better performance because polynomial time adversaries cannot achieve leakage on the private key from the corresponding ciphertext, and a key leakage ratio of 1/2 can be achieved. Because of these good features, our method may be significant in practical applications.

抗泄露的CCA2安全的无证书公钥加密机制

[1]Akavia A, Goldwasser S, Vaikuntanathan V, 2009. Simultaneous hardcore bits and cryptography against memory attacks. 6^th Theory of Cryptography Conf, p.474-495.

[2]Al-Riyami SS, Paterson KG, 2003. Certificateless public key cryptography. 9^th Int Conf on the Theory and Application of Cryptology and Information Security, p.452-473.

[3]Alwen J, Dodis Y, Wichs D, 2009. Leakage-resilient public-key cryptography in the bounded-retrieval model. 29^th Annual Int Conf on Advances in Cryptology, p.36-54.

[4]Chen R, Mu Y, Yang G, et al., 2016a. Strong authenticated key exchange with auxiliary inputs. Des Cod Crypt, 85(1):145-173.

[5]Chen R, Mu Y, Yang G, et al., 2016b. Strongly leakage-resilient authenticated key exchange. Cryptographers’ Track at the RSA Conf, p.19-36.

[6]Cramer R, Shoup V, 2003. Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM J Comput, 33(1):167-226.

[7]Dodis Y, Ostrovsky R, Reyzin L, et al., 2008. Fuzzy extractors: how to generate strong keys from biometrics and other noisy data. SIAM J Comput, 38(1):97-139.

[8]Li J, Teng M, Zhang Y, et al., 2016. A leakage-resilient CCA-secure identity-based encryption scheme. Comput J, 59(7):1066-1075.

[9]Li S, Zhang F, Sun Y, et al., 2013. Efficient leakage-resilient public key encryption from DDH assumption. Clust Comput, 16(4):797-806.

[10]Liu S, Weng J, Zhao Y, 2013. Efficient public key cryptosystem resilient to key leakage chosen ciphertext attacks. Cryptographers’ Track at the RSA Conf, p.84-100.

[11]Naor M, Segev G, 2012. Public-key cryptosystems resilient to key leakage. SIAM J Comput, 41(4):772-814.

[12]Qin B, Liu S, Chen K, 2015. Efficient chosen-ciphertext secure public-key encryption scheme with high leakage-resilience. IET Inform Secur, 9(1):32-42.

[13]Shamir A, 1984. Identity-based cryptosystems and signature schemes. Workshop on the Theory and Application of Cryptographic Techniques, p.47-53.

[14]Xiong H, Yuen T, ZHANG C, et al., 2013. Leakage-resilient certificateless public key encryption. Proc 1^st ACM Workshop on Asia Public-Key Cryptography, p.13-22.

[15]Yu Q, Li J, Zhanga Y, et al., 2016. Certificate-based encryption resilient to key leakage. J Syst Softw, 116:101-102.

[16]Zhou Y, Yang B, Zhang W, 2016. Provably secure and efficient leakage-resilient certificateless signcryption scheme without bilinear pairing. Disc Appl Math, 204:185-202.