| Hybrid encryption is a new type of public-key cryptosystem, combining theSymmetric cryptosystem with the Asymmetric cryptosystem. The public-key part isused to produce a symmetric key with the receiver’s public key as input, called a keyencapsulation mechanism (KEM); the symmetric part is used to encrypt a message withthe symmetric key as input, called a data encapsulation mechanism (DEM). Comparedwith the traditional public-key encryption scheme, hybrid encryption scheme has thefollowing advantages: cancel the message space restrictions, inherit the symmetricencryption and decryption encryption speed, better performance in bandwidth usage.Hybrid encryption theory is widely applied in practical application, such as:internet security protocol used in the network layer, the Secure Sockets Layer protocoland the transport layer security protocol used in transport layer, digital envelopes. Howto design safe and efficient cryptographic algorithms in order to achieve success in thepractical application of these has been the research focus.This paper focus on the designand analysis of key encapsulation mechanism under the two systems. The concept ofidentity based key encapsulation to multiple parties has applications where one wishesto encrypt a single large document to a set of multiple recipients. This reduces thecomputational and communication cost, and improves efficiency. Combining a securekey encapsulation to multiple parties and proposely secure DEM, we can get amulti-receiver public key encryption scheme, required by pay-per-view, multicastcommunication, broadcast encryption digital content distribution. Certificateless publickey cryptography eliminates the certificate of traditional public key cryptography andthe key escrow problem of identity-based public key cryptography. The researching ofthe Certificateless key encapsulation has of great significance.Anonymity can protect the privacy of user. Based on the bilinear pairing, anefficient identity-based privacy-preserving multi-receiver key encapsulation mechanismis presented to protect the identities of the users who are able to access protectedcontents. This proposed scheme uses the one-way anonymous key agreement protocoland Hash function to generate the temporary key. In the random oracle model, weformally prove that the proposed scheme is confidential and anonymous under selectiveID and chosen ciphertext attack. Besides, it has higher efficiency and shorter ciphertext.The CL-KEM by Lippold et al. does not Type-I CCA secure. During the confidentiality game for Type-I adversary, the adversary can break this scheme byreplacing the public key of the receiver. In order to improve the shortcomings, animproved certicateless key encapsulation mechanism is presented by using thetechnique of the Schnorr one-time signature to generate the public key. The proposedscheme is secure in the standard model and efficient inheriting the advantages of theoriginal scheme. |
PDF Full Text Request