The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. ex. Some numerals are expressed as "XNUMX".
Copyrights notice
The original paper is in English. Non-English content has been machine-translated and may contain typographical errors or mistranslations. Copyrights notice
Dans INDOCRYPT 2006, Chatterjee et Sarkar ont suggéré un mécanisme d'encapsulation de clé basé sur l'identité de plusieurs récepteurs qui est sécurisé dans le modèle complet sans oracles aléatoires. Jusqu’à présent, on pensait que leur système était le seul à fournir une telle fonctionnalité de sécurité, tout en obtenant un texte chiffré de taille sous-linéaire. Dans cette lettre, nous montrons que leur système n’est pas sécurisé dans le sens où tout utilisateur révoqué peut récupérer une clé de chiffrement de message, même sans collusion avec d’autres utilisateurs révoqués. Notre attaque vient d’une analyse d’une fonction surjective publiquement calculable utilisée dans le schéma.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copier
Jong Hwan PARK, Dong Hoon LEE, "Security Analysis of a Multi-Receiver Identity-Based Key Encapsulation Mechanism" in IEICE TRANSACTIONS on Fundamentals,
vol. E92-A, no. 1, pp. 329-331, January 2009, doi: 10.1587/transfun.E92.A.329.
Abstract: In INDOCRYPT 2006, Chatterjee and Sarkar suggested a multi-receiver identity-based key encapsulation mechanism that is secure in the full model without random oracles. Until now, it has been believed that their scheme is the only one to provide such a security feature, while achieving sub-linear size ciphertext. In this letter, we show that their scheme is insecure in the sense that any revoked user can retrieve a message encryption key, even without colluding with other revoked users. Our attack comes from an analysis of a publicly computable surjective function used in the scheme.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E92.A.329/_p
Copier
@ARTICLE{e92-a_1_329,
author={Jong Hwan PARK, Dong Hoon LEE, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={Security Analysis of a Multi-Receiver Identity-Based Key Encapsulation Mechanism},
year={2009},
volume={E92-A},
number={1},
pages={329-331},
abstract={In INDOCRYPT 2006, Chatterjee and Sarkar suggested a multi-receiver identity-based key encapsulation mechanism that is secure in the full model without random oracles. Until now, it has been believed that their scheme is the only one to provide such a security feature, while achieving sub-linear size ciphertext. In this letter, we show that their scheme is insecure in the sense that any revoked user can retrieve a message encryption key, even without colluding with other revoked users. Our attack comes from an analysis of a publicly computable surjective function used in the scheme.},
keywords={},
doi={10.1587/transfun.E92.A.329},
ISSN={1745-1337},
month={January},}
Copier
TY - JOUR
TI - Security Analysis of a Multi-Receiver Identity-Based Key Encapsulation Mechanism
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 329
EP - 331
AU - Jong Hwan PARK
AU - Dong Hoon LEE
PY - 2009
DO - 10.1587/transfun.E92.A.329
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E92-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2009
AB - In INDOCRYPT 2006, Chatterjee and Sarkar suggested a multi-receiver identity-based key encapsulation mechanism that is secure in the full model without random oracles. Until now, it has been believed that their scheme is the only one to provide such a security feature, while achieving sub-linear size ciphertext. In this letter, we show that their scheme is insecure in the sense that any revoked user can retrieve a message encryption key, even without colluding with other revoked users. Our attack comes from an analysis of a publicly computable surjective function used in the scheme.
ER -