Paper 2006/159

Repairing a Security-Mediated Certificateless Encryption Scheme from PKC 2006

Joonsang Baek and Guilin Wang

Abstract

At PKC 2006, Chow, Boyd, and Nieto introduced the concept of security-mediated certificateless (SMC) cryptography. This notion can be considered as a variant of certificateless cryptography with the property of instantaneous key revocation, or a variant of mediated cryptography without full key escrow. They presented a definition of security for SMC encryption, which covers (fully-adaptive) chosen ciphertext attack with public key replacement considered as a strong but essential attack on certificateless cryptographic schemes. They proposed two SMC encryption schemes, one is a generic construction based on any public key encryption, identity-based encryption and one-time signature schemes and the other is a concrete construction based on bilinear pairings, which were shown to be secure under their security definition. In this note, we, however, present two types of attacks demonstrating that their generic construction for SMC encryption fails to meet their security requirement. We then discuss how to repair the scheme and provide a provably-secure solution.

Note: The corresponding author of the paper, "Security-Mediated Certificateless Cryptography", informed us that he already addressed the issues discussed in our paper, presented a fixed scheme at the PKC 2006 conference and is in the middle of preparing a final version. We did not attend the conference and were not aware of this. We look forward to seeing the final version from the original authors.