pCLSC-TKEM: a Pairing-free Certificateless Signcryption-tag Key Encapsulation Mechanism for a Privacy-Preserving IoT
Seung-Hyun Seo(a),(*), Jongho Won(b), Elisa Bertino(b)
Transactions on Data Privacy 9:2 (2016) 101 - 130
(a) Department of Mathematics, Korea University Sejong Campus 2511 Sejong-ro, Sejong City 30019, Korea.
(b) Computer Science Department, Purdue University, West Lafayette, IN, 47907, USA.
e-mail:crypto77 @korea.ac.kr; won12 @purdue.edu; bertino @purdue.edu
Certificateless Signcryption Tag Key Encapsulation Mechanism (CLSC-TKEM) is an effective method for simultaneously providing key
encapsulation and a digital signature on the tag. It has
applications in several security services such as communication
confidentiality, integrity, authentication, and non-repudiation.
Moreover, because CLSC-TKEM is based on certificateless public key
cryptography (CL-PKC), it has the advantage of not requiring public
key certificates. In addition it does not suffer from the key escrow
problem which is instead a major drawback of identity-based public
key cryptography (ID-PKC). Unfortunately, current constructions of
CLSC-TKEM rely on the use of bilinear pairing-based operations that
are computationally very expensive for small IoT devices. In this paper, we
present a new construction of CLSC-TKEM that does not require bilinear pairing
operations. We refer to our new construction on pairing-free
Certificateless Signcryption Tag Key Encapsulation Mechanism
(pCLSC-TKEM). We also provide a simple construction for pairing-free
certificateless hybrid signcryption by combining pCLSC-TKEM with a
data encapsulation mechanism (DEM). We provide a security model for
pCLSC-TKEM. Then, we prove that our pCLSC-TKEM is secure against
both an adaptively chosen ciphertext attack and existential forgery
in the random oracle model. We have implemented our pCLSC-TKEM
construction and previous pairing-based CLSC-TKEM constructions in
order to compare their performance. Our experimental results
demonstrate that pCLSC-TKEM is much more efficient that previous
pairing-based CLCS-TKEM constructions.
* Corresponding author.