Study On Hybrid Cryptography Theory And Schemes Design

The advantage of public key cryptography is removing the request of sharing secrete information in security communication. But in general most of public key cryptographic function operates in very large algebraic structure which means expensive algebraic operation. In a long time application of cryptography the idea of hybrid cryptography is proposed. In this cryptosystems message is encrypted by a symmetric encryption scheme with a randomly generated symmetric key. On the other hand the random symmetric key is encrypted by an asymmetric encryption scheme. Initially the application of hybrid cryptography is limited to areas from the implementation of efficiency considerations. Until 2000 Cramer and Shoup proposed a KEM-DEM model for hybrid encryption. Since then hybrid cryptography became a general solution to IND-CCA secure and practical public key cryptosystem. In 2005 Dent introduced the idea of signcryption to hybrid cryptography and proposed the concept of hybrid signcryption.Hybrid cryptography can take into account security and effectiveness in application of cryptography. So the hybrid cryptography is increasingly being used in real-world scenarios. Hybrid cryptography has been a research focus in the field of public key cryptography. In the projects of future encryption standard such as NESSIE and ISO the most promising candidates are required to provide the figure of hybrid encryption.Aiming at the key issues of formal definition and scheme design for hybrid cryptography KEM .Existing hybrid cryptography schemes are analyzed in this dissertation. The generic models and security definitions for hybrid encryption and hybrid signcryption KEMs are abstracted. Combine with other cryptographic research fields exploring research work has been done for KEM design. The main research fruits in this dissertation are as follows:1. Existing hybrid encryption schemes and hybrid signcryption schemes are analyzed. Based on these schemes the general models and security criteria for hybrid encryption KEM and hybrid signcryption KEM are summarized. A new general definition for hybrid signcryption KEM with insider security is proposed. In the new definition a random tag and a verification algorithm is introduced to provide security. The security definition is considered both to confidentiality and unforgeability in concept of provable security.2. From the perspective of public key management hybrid cryptography based on special key management model is researched. A general model and security criteria for signcryption hybrid KEM based on identity-based public key with insider security is proposed. Using Sakai-Kalahari keys contracture and elliptic curves related hard problems an instance scheme of ID-based signcryption KEM is presented. Security of our scheme is proven in random oracle model. The proposed scheme is ID-IND-CCA secure in confidentiality and ID-UF-CMA secure in unforgeability. In the encapsulation phase no paring computing and no MapToPoint hash function are required. According to the recent advances in pairings optimized computing and point reduction our scheme is not only security but also have advantage on performance. The proposed scheme is more efficient on performance than existing schemes. The certificateless public key cryptography CL-PKC which has the advantages of ID-PKC can overcome the key escrow limitation in ID-PKC. A certificateless hybrid encryption scheme based on elliptic curve discrete logarithm problem is proposed. We analysis the proposed scheme in public-key security and message confidential security .In the proposed scheme the main operations is point operation in elliptic. Compare with traditional certificateless encryption schemes built on bilinear pairing operation the proposed scheme is more efficient on performance than the existing schemes.3. Based on the idea of role-based cryptography in multi-user scenarios. The hybrid signcryption KEM supporting cryptographic workflow is studied. Cryptographic workflow is a special cryptographic working model, in which to encrypt a message according to some policy so that only entities fulfilling the policy are able to decrypt ciphertext. A new key encapsulation mechanism based on signcryption supporting cryptographic workflow is proposed. Firstly the generic model and security issues of this key encapsulation scheme are defined. According to the generic model a construction scheme for key encapsulation mechanism supporting cryptographic workflow is presented from combining secret sharing scheme, ID-based encryption scheme and signcryption scheme. The security of construction scheme is proved in standard model by the security proofs methods "Sequences of games". The proposed scheme is satisfied with receiver security and external security characters.4. Hybrid cryptography application in practical occasions is studied further. Based on hybrid signcryption instance scheme "parallel signcryption" a new multi-signcryption scheme is proposed. In this dissertation existing multi-signcryption schemes are analysed.Weaknesses of these schemes are pointed out. The proposed scheme can provide message confidentiality, unforgeability and non-repudiation security. At the same time new scheme is more efficient and flexible than existed multi-signcryption schemes. Proposed scheme can be built by trapdoor permutation function such as RSA. So it is simple and can be set up easily. Proposed scheme is suitable to some occasions such as E-commerce and E-government. Owing to commitment scheme is the fundamental cryptographic primitive used as a basic building block throughout modern cryptography research work related with commitment scheme also is done in this in this dissertation. Based on elliptic curve discrete logarithm problem a new commitment scheme is proposed. In new commitment scheme the information exchange among participants is not needed. Just through the implementation of one round commitments phase and decommitment phase a commitment of message can be achieved from the sender. The detail security analysis of the proposed scheme is presented. The new commitment scheme has message hiding and binding properties.