Haipeng Qu

Public Key Encryption Supporting Equality Test and Flexible Authorization without Bilinear Pairings

One of the most fundamental notions of cryptography is that of simulation. It stands behind the concepts of semantic security, zero knowledge, and security for multiparty computation. However, writing a simulator and proving security via the use of simulation is a nontrivial task, and one that many newcomers to the field often find difficult. In this tutorial, we provide a guide to how to write simulators and prove security via the simulation paradigm. Although we have tried to make this tutorial as stand-alone as possible, we assume some familiarity with the notions of secure encryption, zero-knowledge, and secure computation.

Insecurity of an anonymous authentication for privacy-preserving IoT target-driven applications

The Internet of Things (IoT) will be formed by smart objects and services interacting autonomously and in real-time. Recently, Alcaide et?al. proposed a fully decentralized anonymous authentication protocol for privacy-preserving IoT target-driven applications. Their system is set up by an ad-hoc community of decentralized founding nodes. Nodes can interact, being participants of cyberphysical systems, preserving full anonymity. In this study, we point out that their protocol is insecure. The adversary can cheat the data collectors by impersonating a legitimate user.

An efficient RSA-based certificateless public key encryption scheme

Abstract In order to resolve the key escrow in identity-based scheme and the significant cost of using a PKI system in traditional public key scheme, the notion of certificateless public key cryptography (CL-PKC) was introduced. The first certificateless public key encryption scheme (CL-PKE) was proposed by Al-Riyami and Paterson, and then further schemes were developed. However, most of them are constructed from the bilinear pairing which is a time costing operation. In this paper, we construct an efficient CL-PKE scheme from RSA since RSA is the de facto Internet standard and is widely used in many applications. The security is based on Kilian–Petrank’s RSA assumption which is a variant of RSA.

Certificateless public key encryption with equality test

Abstract In this paper, we present the concept of certificateless public key encryption with equality test (CL-PKEET), which integrates certificateless public key cryptography (CL-PKC) into public key encryption with equality test (PKEET) to solve the key escrow problem of identity-based encryption with equality test (IBEET). In the CL-PKEET scheme, the receiver first computes his private key with the receiver’s secret value and the partial private key generated by the key generation center (KGC). The trapdoor is generated with this private key. Then, using the trapdoor, the receiver authorizes the cloud server to test the equivalence between his ciphertexts and others’ ciphertexts. We formalize the system model and definition of CL-PKEET, propose the security models by considering four types of adversaries, and then present a concrete CL-PKEET scheme. Our proposal achieves the IND-CCA security against adversaries without trapdoor, and the OW-CCA security against adversaries with trapdoor. Furthermore, compared with IBEET and PKEET, our proposal which has the features of CL-PKC solves certificate management and key escrow problems simultaneously.