Joonsang Baek

Certificateless public key encryption without pairing

“Certificateless Public Key Cryptography” has very appealing features, namely it does not require any public key certification (cf. traditional Public Key Cryptography) nor having key escrow problem (cf. Identity-Based Cryptography). Unfortunately, construction of Certificateless Public Key Encryption (CLPKE) schemes has so far depended on the use of Identity-Based Encryption, which results in the bilinear pairing-based schemes that need costly operations. In this paper, we consider a relaxation of the original model of CLPKE and propose a new CLPKE scheme that does not depend on the bilinear pairings. We prove that in the random oracle model, our scheme meets the strong security requirements of the new model of CLPKE such as security against public key replacement attack and chosen ciphertext attack, assuming that the standard Computational Diffie-Hellman problem is intractable.

Formal Proofs for the Security of Signcryption

Signcryption is a public key or asymmetric cryptographic method that provides simultaneously both message confidentiality and unforgeability at a lower computational and communication overhead. In this paper, we propose a sound security model for signcryption that admits rigorous formal proofs for the confidentiality and unforgeablity of signcryption. A conclusion that comes out naturally from this work is that, as an asymmetric encryption scheme, signcryption is secure against adaptive chosen ciphertext attack in the random oracle model relative to, quite interestingly, the Gap Diffie-Hellman problem, and as a digital signature scheme, signcryption is existentially unforgeable against adaptive chosen message attack in the random oracle model relative to the discrete logarithm problem.

Identity-Based Threshold Decryption

In this paper, we examine issues related to the construction of identity-based threshold decryption schemes and argue that it is important in practice to design an identity-based threshold decryption scheme in which a private key associated with an identity is shared. A major contribution of this paper is to construct the first identity-based threshold decryption scheme secure against chosen-ciphertext attack. A formal proof of security of the scheme is provided in the random oracle model, assuming the Bilinear Diffie-Hellman problem is computationally hard. Another contribution of this paper is, by extending the proposed identity-based threshold decryption scheme, to construct a mediated identity-based encryption scheme secure against more powerful attacks than those considered previously.

Efficient multi-receiver identity-based encryption and its application to broadcast encryption

In this paper, we construct an efficient “multi-receiver identity-based encryption scheme”. Our scheme only needs one (or none if precomputed and provided as a public parameter) pairing computation to encrypt a single message for n receivers, in contrast to the simple construction that re-encrypts a message n times using Boneh and Franklins identity-based encryption scheme, considered previously in the literature. We extend our scheme to give adaptive chosen ciphertext security. We support both schemes with security proofs under precisely defined formal security model. Finally, we discuss how our scheme can lead to a highly efficient public key broadcast encryption scheme based on the “subset-cover” framework.

Efficient online/offline identity-based signature for wireless sensor network

In this paper, we present an online/offline identity-based signature scheme for the wireless sensor network (WSN). We argue that due to significant reduction in costs of computation and storage, our scheme is particularly suitable for the WSN environment with severely constrained resources. One of the interesting features of our scheme is that it provides multi-time usage of the offline storage, which allows the signer to re-use the offline pre-computed information in polynomial time, in contrast to one-time usage in all previous online/offline signature schemes. As evidence of the practicality and feasibility of our scheme to be used in the WSN environment, we provide an actual implementation result of our scheme on the MicaZ platform.

A Secure Cloud Computing Based Framework for Big Data Information Management of Smart Grid

Smart grid is a technological innovation that improves efficiency, reliability, economics, and sustainability of electricity services. It plays a crucial role in modern energy infrastructure. The main challenges of smart grids, however, are how to manage different types of front-end intelligent devices such as power assets and smart meters efficiently; and how to process a huge amount of data received from these devices. Cloud computing, a technology that provides computational resources on demands, is a good candidate to address these challenges since it has several good properties such as energy saving, cost saving, agility, scalability, and flexibility. In this paper, we propose a secure cloud computing based framework for big data information management in smart grids, which we call “Smart-Frame.” The main idea of our framework is to build a hierarchical structure of cloud computing centers to provide different types of computing services for information management and big data analysis. In addition to this structural framework, we present a security solution based on identity-based encryption, signature and proxy re-encryption to address critical security issues of the proposed framework.

On the integration of public key data encryption and public key encryption with keyword search

In this paper, we consider the problem of combining a public key encryption (PKE) scheme and a public key encryption with keyword search (PEKS) scheme proposed by Boneh, Di Crescenzo, Ostrovsky and Persiano (BDOP) in Eurocrypt 2004. We argue that the two schemes need to be treated as a single scheme to securely provide the PEKS service that BDOP envisioned. We formally define such a scheme, which we call “PKE/PEKS” and its security against chosen ciphertext attack, which we call “IND-PKE/PEKS-CCA”. We then construct a highly efficient PKE/PEKS scheme using the PEKS scheme presented by BDOP and a variation of ElGamal encryption scheme and show that it is IND-PKE/PEKS-CCA secure in the random oracle model assuming that the Computational Diffie-Hellman (CDH) problem is intractable. We also propose a generic construction of PKE/PEKS, which is slightly less efficient than the first one. Finally, we present two extensions of a PKE/PEKS scheme to the multi-receiver setting and multi-keyword setting.

New constructions of fuzzy identity-based encryption

In this paper we construct two new fuzzy identity-based encryption (IBE) schemes in the random oracle model. Not only do our schemes provide public parameters whose size is independent of the number of attributes in each identity (used as public key) but they also have useful structures which result in more efficient key extraction and/or encryption than the random oracle version of Sahai and Waters fuzzy IBE scheme, considered recently by Pirretti et al. We prove that the confidentiality of the proposed schemes is relative to the Bilinear Decisional Bilinear Diffie-Hellman problem.

Strongly secure certificateless public key encryption without pairing

Certificateless Public Key Cryptography (CLPKC) enjoys the advantage of ID-based public key cryptography without suffering from the key escrow problem. In 2005, Baek et al. proposed the first certificateless encryption (CLPKE) scheme that does not depend on pairing. Although it provides high efficiency, one drawback of their scheme is that the security proof only holds for a weaker security model in which the Type I adversary is not allowed to replace the public key associated with the challenge identity. In this paper, we eliminate this limitation and construct a strongly secure CLPKE scheme without pairing. We prove that the proposed scheme is secure against adaptive chosen-ciphertext attack in the random oracle model, provided that the Computational Diffie-Hellman problem is intractable.

Certificate-Based Signature Schemes without Pairings or Random Oracles

In this paper, we propose two new certificate-based signature (CBS) schemes with new features and advantages. The first one is very efficient as it does not require any pairing computation and its security can be proven using Discrete Logarithm assumption in the random oracle model. We also propose another scheme whose security can be proven in the standard model without random oracles. To the best of our knowledge, these are the firstCBS schemes in the literature that have such kind of features.