Forward-Secure Certificate-Based Encryption: Definition and Generic Construction

Certificate-based encryption (CBE) is a new paradigm which combines traditional public-key encryption (PKE) and identity-based encryption (IBE) while preserving their features. CBE provides an efficient implicit certificate mechanism to eliminate third-party queries for the certificate status and to simplify the certificate revocation problem. Therefore, CBE can be used to construct an efficient PKI requiring fewer infrastructures. In addition, it also solves the key escrow problem and key distribution problem inherent in IBE. In this paper, we introduce a new notion called Forward-Secure Certificate-Based Encryption. It preserves the advantages of CBE such as implicit certificate and no private key escrow. At the same time it also inherits the properties of the forward-secure public key encryption. We first formalize the definition and security model for forward-secure CBE. Then we propose a generic construction of forward-secure CBE and prove it to be secure against chosen plaintext attacks in the standard model. We also describe how our generic scheme can be enhanced to achieve security against adaptive chosen-ciphertext attacks in both the standard model and the random oracle model.