Study On Several Key-Insulated Cryptographic Schemes

Due to viruses, worms or other break-ins allowed by operating-system holes, key exposure seems inevitable. To minimize the damage caused by key exposure, we pro-posed several key-insulated schemes.1. Despite the flurry of recent results on identity-based key-insulated encryption (IBKIE) and signature (IBKIS), a problem regarding the security and efficiency of prac-ticing IBKIE and IBKIS as a joint identity-based key-insulated signature/encryption scheme with a common set of parameters and keys remains open. So, we present the primitive of identity-based key-insulated signcryption (IBKISC). We formalize the se-curity notions for IBKISC and then propose the first IBKISC scheme. The security of our proposed IBKISC scheme can be proved in the standard model. Compared with the Sign-then-Encrypt(StE) and Encrypt-then-Sign(EtS) using IBKIE and IBKIS in the standard model, our proposed IBKISC scheme is the fastest with the shortest ciphertext size.2. Since a proof in the random oracle model can only serve as a heuristic argument and can not imply the security in the real implementation, we propose an identity based key-insulated proxy signature (IBKIPS) scheme in the standard model.3. We extend the threshold key-insulated mechanism to identity-based signature scenarios, and then introduce the primitive of identity-based threshold key-insulated signature (IBTKIS). After formalizing the definition and security notions for IBTKIS, a concrete IBTKIS scheme is presented. This new primitive can enhance the security of the system while it can provide flexibility and efficiency. The security of our proposed IBTKIS scheme can be proved in the standard model.4. We extend the key-insulated mechanism to attribute-based encryption scenar-ios, and then introduce the primitive of threshold attribute-based key-insulated encryp-tion (TABKIE). After formalizing the definition and security notions for TABKIE, a concrete TABKIE scheme is presented. The security of our proposed TABKIE scheme can be proved in the standard model. 5. We extend the parallel key-insulated mechanism to ciphertext policy attribute-based encryption scenarios, and then introduce the primitive of ciphertext policy attribute-based parallel key-insulated encryption (CPABPKIE). After formalizing the definition and security notions for CPABPKIE, a concrete CPABPKIE scheme is pre-sented. The security of our proposed CPABPKIE scheme can be proved in the standard model. The new primitive does not increase the risk of helper key-exposure while it allows frequent key updating.6. We extend the key-insulated mechanism to hidden attribute-based signature scenarios, and then introduce the primitive of hidden attribute-based key-insulated signature (HABKIS). After formalizing the definition and security notions for HABKIS, a concrete HABKIS scheme is presented. The security of our proposed HABKIS scheme can be proved in the standard model.