A continuous leakage-resilient CCA secure identity-based key encapsulation mechanism in the standard model

IF 4.1 2区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE Journal of Systems Architecture Pub Date : 2025-03-05 DOI:10.1016/j.sysarc.2025.103388

Zirui Qiao , Yasi Zhu , Yanwei Zhou , Bo Yang

{"title":"A continuous leakage-resilient CCA secure identity-based key encapsulation mechanism in the standard model","authors":"Zirui Qiao , Yasi Zhu , Yanwei Zhou , Bo Yang","doi":"10.1016/j.sysarc.2025.103388","DOIUrl":null,"url":null,"abstract":"<div><div>In practical scenarios, attackers can exploit leakage assaults such as fault analysis and cold boot attacks to extract sensitive data, including secret keys, from cryptographic primitives. As a result, cryptographic primitives are deemed secure under traditional ideal security models and may no longer provide the expected level of security. To meet the demand for leakage resilience in identity-based key encapsulation mechanisms (IB-KEM), we introduce a concrete structure of a leakage-resilient IB-KEM, and its resistance to chosen-ciphertext attacks (CCA) is grounded in the decisional bilinear Diffie–Hellman hypothesis. Furthermore, to enhance the practicality of our IB-KEM construction, we investigate its continuous leakage resilience. We achieve protection against ongoing leakage attacks by implementing regular updates of user keys. Our analysis and comparisons with existing works demonstrate that our proposal can effectively mitigate leakage attacks and maintain high computational efficiency while ensuring CCA security. Additionally, leveraging the enhanced scalability provided by hierarchical identities, we explore the leakage resilience of the hierarchical identity-based key encapsulation mechanism (HIB-KEM). We propose a general formation of a leakage-tolerant (hierarchical) identity-based encryption scheme based on (H)IB-KEM, further underscoring the high availability of (H)IB-KEM.</div></div>","PeriodicalId":50027,"journal":{"name":"Journal of Systems Architecture","volume":"162 ","pages":"Article 103388"},"PeriodicalIF":4.1000,"publicationDate":"2025-03-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Systems Architecture","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S1383762125000608","RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

In practical scenarios, attackers can exploit leakage assaults such as fault analysis and cold boot attacks to extract sensitive data, including secret keys, from cryptographic primitives. As a result, cryptographic primitives are deemed secure under traditional ideal security models and may no longer provide the expected level of security. To meet the demand for leakage resilience in identity-based key encapsulation mechanisms (IB-KEM), we introduce a concrete structure of a leakage-resilient IB-KEM, and its resistance to chosen-ciphertext attacks (CCA) is grounded in the decisional bilinear Diffie–Hellman hypothesis. Furthermore, to enhance the practicality of our IB-KEM construction, we investigate its continuous leakage resilience. We achieve protection against ongoing leakage attacks by implementing regular updates of user keys. Our analysis and comparisons with existing works demonstrate that our proposal can effectively mitigate leakage attacks and maintain high computational efficiency while ensuring CCA security. Additionally, leveraging the enhanced scalability provided by hierarchical identities, we explore the leakage resilience of the hierarchical identity-based key encapsulation mechanism (HIB-KEM). We propose a general formation of a leakage-tolerant (hierarchical) identity-based encryption scheme based on (H)IB-KEM, further underscoring the high availability of (H)IB-KEM.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

标准模型中基于身份的连续防泄漏CCA安全密钥封装机制

在实际场景中，攻击者可以利用泄漏攻击（如故障分析和冷启动攻击）从加密原语中提取敏感数据，包括密钥。因此，在传统的理想安全模型下，加密原语被认为是安全的，可能不再提供预期的安全级别。为了满足基于身份的密钥封装机制（IB-KEM）对泄漏弹性的要求，我们引入了一种具有泄漏弹性的IB-KEM的具体结构，其抗选择密文攻击（CCA）的能力基于决策双线性Diffie-Hellman假设。此外，为了提高我们的IB-KEM结构的实用性，我们研究了它的连续泄漏弹性。我们通过实现用户密钥的定期更新来防止持续的泄漏攻击。通过与现有工作的分析和比较，我们的方案在保证CCA安全性的同时，可以有效地减少泄漏攻击，保持较高的计算效率。此外，利用分层身份提供的增强可扩展性，我们探索了基于分层身份的密钥封装机制（HIB-KEM）的泄漏弹性。我们提出了一种基于(H)IB-KEM的容漏（分层）身份加密方案的一般形式，进一步强调了(H)IB-KEM的高可用性。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Journal of Systems Architecture 工程技术-计算机：硬件

CiteScore

8.70

自引率

15.60%

发文量

226

审稿时长

46 days

期刊介绍： The Journal of Systems Architecture: Embedded Software Design (JSA) is a journal covering all design and architectural aspects related to embedded systems and software. It ranges from the microarchitecture level via the system software level up to the application-specific architecture level. Aspects such as real-time systems, operating systems, FPGA programming, programming languages, communications (limited to analysis and the software stack), mobile systems, parallel and distributed architectures as well as additional subjects in the computer and system architecture area will fall within the scope of this journal. Technology will not be a main focus, but its use and relevance to particular designs will be. Case studies are welcome but must contribute more than just a design for a particular piece of software. Design automation of such systems including methodologies, techniques and tools for their design as well as novel designs of software components fall within the scope of this journal. Novel applications that use embedded systems are also central in this journal. While hardware is not a part of this journal hardware/software co-design methods that consider interplay between software and hardware components with and emphasis on software are also relevant here.