Elsevier

Information Processing Letters

Volume 113, Issues 19–21, September–October 2013, Pages 789-792
Information Processing Letters

Improvement on Meshram et al.ʼs ID-based cryptographic mechanism

https://doi.org/10.1016/j.ipl.2013.07.019Get rights and content

Highlights

  • Analyses show that there exists a deadlock problem in Meshram et al.ʼs scheme because the user cannot decrypt the ciphertext as expected.

  • An improvement on Meshram et al.ʼs scheme is proposed to solve this deadlock problem.

  • The proposed scheme is as secure as Meshram et al.ʼs scheme, and it is more efficient than Meshram et al.ʼs scheme.

Abstract

Meshram et al. proposed an ID-based cryptosystem based on the generalized discrete logarithm problem (GDLP) and the integer factorization problem (IFP) in 2012, and their contribution lies in that they firstly proposed an idea to construct the ID-based cryptosystem without using the bilinear pair. This scheme can achieve the security goal of protecting data and prevent the adversary from snooping the encrypted data or the userʼs private key. However, our analyses show that their scheme is still incorrect and has a deadlock problem, because the user cannot carry out the encryption process as expected because it is required for the user to own the key authentication centerʼs private information which is designed to be secret to users. A solution to the deadlock problem is given and an improved scheme is proposed.

Introduction

Secure communication requires secure key distribution between users, and the design of effective session key distribution protocols is a hot topic in the field of cryptography [1]. The public key cryptosystem can effectively solve the session key distribution problem in an open network environment, but each user should authenticate the public key of the partner before using it. The public key infrastructure (PKI) is proposed to implement the authentication of the public key, but it leads to large management overheads.

The concept of the identity-based (ID-based) cryptosystem was introduced by Shamir in 1984. According to Shamirʼs idea, the public key of each user is just extracted from his public identity information, such as e-mail address, ID number [2]. Using each userʼs public identity as his public key can avoid the problem of authentication of the public key, and it enables users to establish the session key in the non-interactive form. However, Shamir only succeeded in constructing an identity-based signature scheme. Only when Boneh et al. [3] constructed ID-based encryption from the Weil pairing, did the ID-based cryptosystem become practical. However, the bilinear pair operations make the cryptosystems unsuitable to low-performance devices [4].

In 2012, Meshram et al. [5] proposed an ID-based cryptosystem under the security assumptions of the generalized discrete logarithm problem (GDLP) and the integer factorization problem (IFP) without adopting the bilinear pair. However, although their idea is excellent, Meshram et al.ʼs ID-based cryptosystem is incorrect. This scheme can achieve the security goal of protecting data and prevent the adversary from snooping the encrypted data or the userʼs private key, but, it also prevents the user from decrypting the ciphertext if the user does not own the key authentication center (KAC)ʼs private information which is designed to be secret to users. That is to say, without knowing a part of the private key of the key authentication center, the user, who receives a ciphertext sent to him, is unable to decrypt it only with his own private key. In a word, although Meshram et al.ʼs scheme is secure for protecting data and the userʼs private key, it has a deadlock problem.

So, in this paper, we shall firstly explain the deadlock problem existing in Meshram et al.ʼs scheme, and then we shall give a solution to it.

Section snippets

Review of Meshram et al.ʼs identity-based cryptosystem

To describe it briefly, Meshram et al.ʼs ID-based cryptosystem can be summarized as four related sub-algorithms, namely Setup, Extraction, Encryption and Decryption. The Setup algorithm is run by KAC to generate its public and private keys. On receiving the register application of a user, KAC shall run the Extraction algorithm to generate the private key of this user if the user is identified to be legal. If some user wants to securely send a message to another user, he can run the Encryption

Analyses on Meshram et al.ʼs cryptosystem

Meshram et al. did a good work, and proposed the above ID-based cryptosystem based on GDLP and IFP. Without adopting the bilinear pair operations, their cryptosystem must be more suitable to low-performance devices than the ones based on the bilinear pair. However, our analyses show that there is still weakness in their cryptosystem.

The weakness that we talk about is that entity 1, who receives a ciphertext sent to him, is unable to decrypt it as expected. Let us recall the Decryption algorithm

Improvement on Meshram et al.ʼs cryptosystem

Here, we shall make an improvement on Meshram et al.ʼs cryptosystem. The improved scheme can also be described as four related sub-algorithms, namely Setup, Extraction, Encryption and Decryption, which are shown as follows.

Setup

The Setup algorithm is almost the same as that in Section 2, and the only difference is the computation of n-dimensional vector h. In the proposed scheme, we set h=(h1,h2,,hn) where hi=daimodN (1in).

Extraction

The Extraction algorithm is the same as that in Section 2.

Encryption

Assume that

Discussions

The security of the proposed scheme is also based on the security assumptions of the GDLP and IFP problems. GDLP is the problem that it is difficult to compute the integer k from the value gk, while IFP is the problem that when p and q are the unknown large primes, it is difficult to decide the values of p and q by the value N=pq [5]. In the following, we shall analyze the security of the proposed scheme based on the GDLP and IFP security assumptions.

First, without knowing the private key of

Conclusion

In this paper, we analyze Meshram et al.ʼs ID-based cryptosystem and point out that there is still weakness in their scheme. Two intuitional methods are firstly presented to overcome the weakness, but they are not perfect. Then, another method is proposed and an improvement is made on Meshram et al.ʼs original scheme. The proposed scheme is secure based on hardness of GDLP and IFP. At the same time, our scheme is more efficient in encryption and decryption than Meshram et al.ʼs scheme. Meshram

Acknowledgements

This work is supported by the National Natural Science Foundation of China under Grant Nos. 61103178 and 60803151; the Research Fund for the Doctoral Program of Higher Education of China under Grant No. 20096102120045; Basic Science Research Fund in Xidian University under Grant No. K5051310006.

References (6)

  • C. Meshram et al.

    An ID-based cryptographic mechanisms based on GDLP and IFP

    Information Processing Letters

    (2012)
  • L. Pang et al.

    Improved multicast key management of Chinese wireless local area network security standard

    IET Communications

    (2012)
  • A. Shamir

    Identity-based cryptosystem and signature scheme

There are more references available in the full text version of this article.

Cited by (0)

View full text