We also examine the security models that aim to provide security against an actively malicious key generation centre and against an outside attacker who attempts to deceive a legitimate sender into using an incorrect public key (with the intention to deny the the legitimate receiver that ability to decrypt the ciphertext). We note that the existing malicious key generation centre model fails to capture realistic attacks that a malicious key generation centre might make and propose a new model.
Lastly, we survey the existing certificateless encryption schemes and compare their security proofs. We show that few schemes provide the correct notion of security without appealing to the random oracle model. The few schemes that do provide sufficient security guarantees are comparatively inefficient. Hence, we conclude that more research is needed before certificateless encryption schemes can be thought to be a practical technology.Category / Keywords: public-key cryptography / Date: received 23 Jun 2006, last revised 14 Dec 2007 Contact author: a dent at rhul ac uk Available format(s): Postscript (PS) | Compressed Postscript (PS.GZ) | PDF | BibTeX Citation Note: This document significantly exapnds and replaces the earlier paper "On Proofs of Security for Certificateless Cryptosystems" by Dent and Kudla (available as eprint report 2005/348). It should be noted that Caroline has chosen (voluntarily) to have her name taken off this new version of the paper. Version: 20071214:150153 (All versions of this report) Short URL: ia.cr/2006/211 Discussion forum: Show discussion | Start new discussion