Leakage-resilient certificate-based encryption

AbstractCertificate-based encryption is a new cryptography primitive, which can be used to construct efficient public key infrastructure. However, side-channel attacks are not considered in certificate-based encryption. In order to capture these attacks, we formalize security model of certificate-based encryption with leakage resilience. Furthermore, we present a leakage-resilient certificate-based encryption LR-CBE scheme. To the best of our knowledge, this is the first LR-CBE scheme. Based on decision bilinear Diffie-Hellman assumption and decision generalized bilinear Diffie-Hellman assumption, we prove that our scheme is secure against adaptive chosen ciphertext attacks in the random oracle model. Our scheme includes a certificate-based key encapsulation algorithm and a symmetric encryption algorithm, where the encapsulated information is a symmetric key that is used to encrypt message. In order to obtain leakage-resilient property, two-source extractor is used to randomize the symmetric key. The designed scheme can resist entropy leakage. The performance analysis of leakage resilience shows that the relative leakage ratio almost amounts to 1. Copyright © 2015 John Wiley & Sons, Ltd.