JISE


  [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ]


Journal of Information Science and Engineering, Vol. 34 No. 6, pp. 1517-1541


Provably CCA-Secure Anonymous Multi-Receiver Certificateless Authenticated Encryption


YI-FAN TSENG1 AND CHUN-I FAN2,*
Department of Computer Science and Engineering
National Sun Yat-sen University
Kaohsiung, 80424 Taiwan

E-mail: yftseng1989@gmail.com1; cifan@mail.cse.nsysu.edu.tw2


Multi-receiver encryption allows a sender to choose a set of authorized receivers and send them a message securely and efficiently. Only one ciphertext corresponding to the message is generated regardless of the number of receivers. Thus it is practical and useful for video conferencing systems, pay-per-view channels, distance education, and so forth. In 2010, for further protecting receivers’ privacy, anonymous multi-receiver identity-based (ID-based) encryption was first discussed, and from then on, many works on the topic have been presented so far. To deal with the key escrow problem inherited from ID-based encryption (IBE), Islam et al. proposed the first anonymous multi-receiver certificateless encryption (AMRCLE) in 2014. In 2015, Hung et al. proposed a novel AMRCLE to improve the efficiency. However, we found that their security proofs are flawed, i.e., the simulation cannot be successfully performed. In this paper, we present a novel AMRCLE scheme with CCA security in confidentiality and anonymity against both Type I and Type II adversaries. Moreover, the identity of the sender of a ciphertext can be authenticated by the receiver after a successful decryption. To the best of our knowledge, the proposed scheme is the first CCA secure AMRCLE scheme, and furthermore, we also pioneer in achieving sender authentication in AMRCLE.


Keywords: anonymity, multi-receiver encryption, chosen-ciphertext attacks, certificateless encryption, sender authentication

  Retrieve PDF document (JISE_201806_09.pdf)