We propose the first generic construction of certificateless key encapsulation mechanism (CL-KEM) in the standard model, which is also secure against malicious-but-passive KGC attacks. It is based on an ID-based KEM, a public key encryption and a message authentication code. The high efficiency of our construction is due to the efficient implementations of these underlying building blocks, and is comparable to Bentahar et al.’s CL-KEMs, which are only proven secure under the random oracle model with no consideration of the malicious-but-passive KGC attacks. The second contribution of our work is that we introduce the notion of certificateless tag-based KEM (CL-TKEM), which is an extension of Abe et al.’s work in the certificateless setting. We show that an efficient CL-TKEM can be constructed by modifying our CL-KEM. We also show that with a CL-TKEM and a one-time data encapsulation mechanism (DEM), an efficient hybrid certificateless encryption can be constructed by applying Abe et al.’s transformation in the certificateless setting.
展开▼
