We present a new generic construction of a public-key encryption (PKE) scheme secure against leakage-resilient chosen-ciphertext attacks (LR-CCA), from any Hash Proof System (HPS) and any one-time lossy filter (OT-LF). Efficient constructions of HPSs and OT-LFs from the DDH and DCR assumptions suggest that our construction is a practical approach to LR-CCA security. Most of practical PKEs with ...

Signcryption is a useful cryptographic primitive that achieves confidentiality and authentication in an efficient manner. As an extension of signcryption in certificate-based cryptography, certificate-based signcryption preserves the merits of certificate-based cryptography and signcryption simultaneously. In this paper, we present an improved security model of certificate-based signcryption th...

Certificateless public key cryptography was introduced to solve the key escrow problem in identity based cryptography while enjoying the most attractive certificateless property. In this paper, we present the first secure certificateless public key encryption (CLPKE) scheme without redundancy. Our construction provides optimal bandwidth and quite efficient decryption process compared with the e...

Certificate-based cryptography is a new public-key cryptographic paradigm that has very appealing features, namely it simplifies the certificate management problem in traditional public key cryptography while eliminating the key escrow problem in identity-based cryptography. So far, three authenticated key agreement (AKA) protocols in the setting of certificate-based cryptography have been prop...

In this paper, we show that the certificateless signature scheme proposed by Yap, Heng and Goi at SecUbiq 2006 is insecure against a key replacement attack and a malicious-but-passive KGC attack, respectively. The former implies that anyone who replaces a signer’s public key can forge valid signatures for that signer without knowledge of the signer’s private key. The latter supposes the malicio...

A generalization of the original Diffie-Hellman key exchange in (Z/pZ) found a new depth when Miller [27] and Koblitz [16] suggested that such a protocol could be used with the group over an elliptic curve. In this paper, we propose a further vast generalization where abelian semigroups act on finite sets. We define a Diffie-Hellman key exchange in this setting and we illustrate how to build in...

We present an extension of Wiener’s attack on small RSA secret decryption exponents [10]. Wiener showed that every RSA public key tuple (N, e) with e ∈ ∗ φ(N) that satisfies ed − 1 = 0 mod φ(N) for some d < 1 3 N 1 4 yields the factorization of N = pq. Our new method finds p and q in polynomial time for every (N, e) satisfying ex + y = 0 mod φ(N) with x < 1 3 N 1 4 and |y| = O(N− 3 4 ex). In ot...

Featured with anonymity and spontaneity, ring signature has been widely adopted in various environments to offer anonymous authentication. To simplify the certificate management in traditional public key infrastructure (PKI) and solve the inherent key escrow problem in the Identity-based cryptography, Qin et al. propose a pairingfree ring signature scheme in the certificate-based cryptosystem r...

In modern network computing, authenticated group key agreement (AGKA) is important for conferencing. After Shamir [2] proposed the ID-based cryptosystem in 1984, the various applications on the ID-based cryptosystem have been actively studied, due to the simple key management complexity. For the AGKA, Choi et al. [16] proposed an ID-based authenticated group key agreement with bilinear maps, wh...

In this paper we present a key recovery attack to the scale-invariant NTRU-based somewhat homomorphic encryption scheme proposed by Bos et al [BLLN13] in 2013. The attack allows us to compute the private key for t > 2 and when the private key is chosen with coefficients in {−1, 0, 1}. The efficiency of the attack is optimal since it requires just one decryption oracle query, showing that if we ...