Skip to main content

Extensions of Public-Key, Identity-Based and Certificateless Encryption Schemes

Pooya Farshim, Extensions of Public-Key, Identity-Based and Certificateless Encryption Schemes. PhD thesis. Univerity of Bristol. February 2008. PDF, 1006 Kbytes.


In this work, we first study extensions and applications of the identity-based encryption (IBE) primitive, focusing on generic constructions. We first define what is meant by an identity-based key encapsulation mechanism before extending it to the multi-recipient setting. We then propose an efficient multi-recipient scheme based on bilinear maps and then move on to investigate the properties of publickey schemes which allow for generic and efficient construction of multi-recipient encryption schemes via randomness-reuse. We conclude this part by proposing a generic construction of workflow cryptosystems, where encryption is performed with respect to an access structure, based on any IBE scheme.

We then turn our attention to the certificateless encryption primitive and extend it to the hybrid encryption paradigm. Subsequently, a certificateless key encapsulation mechanism based on weakly secure identity-based and public-key encryption schemes is constructed. Next, by introducing the first provably secure certificateless signcryption scheme, we demonstrate how one can achieve two of the most important security goals in cryptography, namely confidentiality and authenticity (including non-repudiation) of data, efficiently in the certificateless scenario.

Bibtex entry.

Publication Admin