pCLSC-TKEM: a Pairing-free Certificateless Signcryption-tag Key Encapsulation Mechanism for a Privacy-Preserving IoT

Certificateless Signcryption Tag Key Encapsulation Mechanism (CLSC-TKEM) is an effective method for simultaneously providing key encapsulation and a digital signature on the tag. It has applications in several security services such as communication confidentiality, integrity, authentication, and non-repudiation. Moreover, because CLSC-TKEM is based on certificateless public key cryptography (CL-PKC), it has the advantage of not requiring public key certificates. In addition it does not suffer from the key escrow problem which is instead a major drawback of identity-based public key cryptography (ID-PKC). Unfortunately, current constructions of CLSC-TKEM rely on the use of bilinear pairing-based operations that are computationally very expensive for small IoT devices. In this paper, we present a new construction of CLSC-TKEM that does not require bilinear pairing operations. We refer to our new construction on pairing-free Certificateless Signcryption Tag Key Encapsulation Mechanism (pCLSC-TKEM). We also provide a simple construction for pairingfree certificateless hybrid signcryption by combining pCLSC-TKEM with a data encapsulation mechanism (DEM). We provide a security model for pCLSC-TKEM. Then, we prove that our pCLSC-TKEM is secure against both an adaptively chosen ciphertext attack and existential forgery in the random oracle model. We have implemented our pCLSC-TKEM construction and previous pairing-based CLSC-TKEM constructions in order to compare their performance. Our experimental results demonstrate that pCLSC-TKEM is much more efficient that previous pairing-based CLCS-TKEM constructions.