Leakage-Resilient Certificate-based Encryption Scheme for IoT Environments

TY - GEN

T1 - Leakage-Resilient Certificate-based Encryption Scheme for IoT Environments

AU - Tseng, Yuh-Min

AU - Wu, Jui Di

AU - Hung, Ruo Wei

AU - Chien, Hung Yu

PY - 2018/10/31

Y1 - 2018/10/31

N2 - Now, Internet of Things (IoT) brings people innovative experiences and applications through connectivity of numerous computing devices. In these applications, computing devices generate and exchange a large number of critical and sensitive data. Typically, these computing devices are putted on some unprotected environments that make them to be attractive attack targets while easily suffering from a new kind of threat, called "side-channel attacks". By side-channel attacks, an adversary could obtain partial information of secret values (or internal states) stored in these devices by observing execution timing or energy consumption. However, most adversary models of previous cryptographic schemes/protocols do not concern with such side-channel attacks. Indeed, leakage-resilient cryptography is a flexible solution for resisting to side-channel attacks. So far, little work focuses on the design of leakage-resilient certificate-based encryption (LR-CBE) schemes. In the article, we propose the first LR-CBE scheme resilient to continuous key leakage of user's private keys, system secret key and random values. In the generic bilinear group model, security analysis is given to show that the proposed LR-CBE scheme is provably secure against chosen cipher-text attacks under the continual leakage model. Performance evaluation is made to demonstrate that our scheme is suitable for embedded devices.

AB - Now, Internet of Things (IoT) brings people innovative experiences and applications through connectivity of numerous computing devices. In these applications, computing devices generate and exchange a large number of critical and sensitive data. Typically, these computing devices are putted on some unprotected environments that make them to be attractive attack targets while easily suffering from a new kind of threat, called "side-channel attacks". By side-channel attacks, an adversary could obtain partial information of secret values (or internal states) stored in these devices by observing execution timing or energy consumption. However, most adversary models of previous cryptographic schemes/protocols do not concern with such side-channel attacks. Indeed, leakage-resilient cryptography is a flexible solution for resisting to side-channel attacks. So far, little work focuses on the design of leakage-resilient certificate-based encryption (LR-CBE) schemes. In the article, we propose the first LR-CBE scheme resilient to continuous key leakage of user's private keys, system secret key and random values. In the generic bilinear group model, security analysis is given to show that the proposed LR-CBE scheme is provably secure against chosen cipher-text attacks under the continual leakage model. Performance evaluation is made to demonstrate that our scheme is suitable for embedded devices.

UR - http://www.scopus.com/inward/record.url?scp=85057371669&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85057371669&partnerID=8YFLogxK

U2 - 10.1109/ICAwST.2018.8517196

DO - 10.1109/ICAwST.2018.8517196

M3 - Conference contribution

AN - SCOPUS:85057371669

T3 - 2018 9th International Conference on Awareness Science and Technology, iCAST 2018

SP - 251

EP - 256

BT - 2018 9th International Conference on Awareness Science and Technology, iCAST 2018

PB - Institute of Electrical and Electronics Engineers Inc.

ER -