Abstract
Group encryption schemes based on general access structures can be used to build advanced IT systems, which store and manage confidential documents. The paper proposes a reference architecture of public key cryptography infrastructure required to implement CIBE-GAS scheme. The CIBE-GAS scheme is a certificate-based group-oriented encryption scheme with an effective secret sharing scheme based on general access structure and bilinear pairings. The security architecture required to implement the scheme must be compliant with common standards and technical specifications, e.g. X.509 certificate format and XML-encryption standard for messages. In order to encrypt arbitrary-length messages, we also suggest a new CIBE-GAS-H scheme with a key encapsulation mechanism based on the techniques of Bentahar et al., and combined with one-time symmetric-key encryption.
Chapter PDF
Similar content being viewed by others
References
Hyla, T., Pejaś, J.: Certificate-Based Encryption Scheme with General Access Structure. In: Cortesi, A., Chaki, N., Saeed, K., Wierzchoń, S. (eds.) CISIM 2012. LNCS, vol. 7564, pp. 41–55. Springer, Heidelberg (2012)
Sang, Y., Zeng, J., Li, Z., You, L.: A Secret Sharing Scheme with General Access Structures and its Applications. International Journal of Advancements in Computing Technology 3(4), 121–128 (2011)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
Boneh, D., Franklin, M.: Identity-based encryption from the Weil pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
IEEE-P1363.3. IEEE P1636.3TM/D1 draft standard for identity-based public-key cryptography using pairings (2008)
RFC 6508 Sakai-Kasahara Key Encryption, SAKKE (2012)
RFC 5091 Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems (2007)
RFC 5408 Identity-Based Encryption Architecture and Supporting Data Structures (January 2009)
Chatterjee, S., Sarkar, P.: Identity-Based Encryption. Springer, New York (2011)
Galbraith, S.D., Paterson, K.G., Smart, N.P.: Pairings for cryptographers. Discrete Applied Mathematics 156(16), 3113–3121 (2008)
Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)
Chen, L., Cheng, Z., Malone–Lee, J., Smart, N.P.: Efficient ID-KEM based on the Sakai–Kasahara key construction. IEE Proceedings, Information Security 153(1), 19–26 (2006)
Bentahar, K., Farshim, P., Malone-Lee, J., Smart, N.P.: Generic constructions of identity-based and certificateless KEMs. Journal of Cryptology 21, 178–199 (2008)
Burak, D., Chudzik, M.: Parallelization of the Discrete Chaotic Block Encryption Algorithm. In: Wyrzykowski, R., Dongarra, J., Karczewski, K., Waśniewski, J. (eds.) PPAM 2011, Part II. LNCS, vol. 7204, pp. 323–332. Springer, Heidelberg (2012)
Cramer, R., Shoup, V.: Design and analysis of practical public-key encryption schemes secure against adaptive chosen ciphertext attack. SIAM Journal on Computing 33, 167–226 (2004)
Bell, M.: Service-Oriented Modeling (SOA): Service Analysis, Design, and Architecture. Wiley & Sons (2008) ISBN 978-0-470-14111-3
Lynn, B.: PBC Library Specification, http://crypto.stanford.edu/pbc/ (retrieved 2013)
FIPS PUB 140-2: Security Requirements for Cryptographic Modules, National Institute of Standards and Technology (2001)
Souppaya, M., Wack, J., Kent, K.: Security Configuration Checklist Program for IT Products - Guidance for Checklist Users and Developers, NIST Special Publication SP 800-70 (May 2005)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Appenzeller, G., et al.: Identity-Based Encryption Architecture and Supporting Data Structures, RFC5408, IETF (2009)
Imamura, T., et al.: XML Encryption Syntax and Processing. W3C Recommendation (2002)
Boneh, D., Gentry, C., Lynn, B., Shacham, H.: Aggregate and verifiably encrypted signatures from bilinear maps. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 614–629. Springer, Heidelberg (2003)
Gentry, C., Silverberg, A.: Hierarchical ID-based cryptography. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 548–566. Springer, Heidelberg (2002)
El Fray, I., Kurkowski, M., Pejaś, J., Maćków, W.: A New Mathematical Model for Analytical Risk Assessment and Prediction in IT Systems. Control and Cybernetics 41(1), 241–268 (2012)
El Fray, I.: A Comparative Study of Risk Assessment Methods, MEHARI & CRAMM with a New Formal Model of Risk Assessment (FoMRA) in Information Systems. In: Cortesi, A., Chaki, N., Saeed, K., Wierzchoń, S. (eds.) CISIM 2012. LNCS, vol. 7564, pp. 428–442. Springer, Heidelberg (2012)
Hyla, T., El Fray, I., Pejaś, J., Maćków, W.: Long-term Preservation of Digital Signatures for Multiple Groups of Related Documents. IET Information Security 6(3), 219–227 (2012)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2013 IFIP International Federation for Information Processing
About this paper
Cite this paper
Hyla, T., Pejaś, J. (2013). A Practical Certificate and Identity Based Encryption Scheme and Related Security Architecture. In: Saeed, K., Chaki, R., Cortesi, A., Wierzchoń, S. (eds) Computer Information Systems and Industrial Management. CISIM 2013. Lecture Notes in Computer Science, vol 8104. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-40925-7_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-40925-7_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-40924-0
Online ISBN: 978-3-642-40925-7
eBook Packages: Computer ScienceComputer Science (R0)