Leakage-Resilient Certificate-based Key Encapsulation Scheme Resistant to Continual Leakage

In the past, the security of most public-key encryption or key encapsulation schemes is shown in an ideal model, where private keys, secret keys and random values are assumed to be absolutely secure to adversaries. However, this ideal model is not practical due to side-channel attacks in the sense that adversaries could gain partial information of these secret values involved in decryption operations by perceiving energy consumption or execution timing. In such a case, these schemes under the ideal model could suffer from side-channel attacks. Recently, leakage-resilient cryptography resistant to side-channel attacks is an emerging research topic. Certificate-based encryption (CBE) or certificate-based key encapsulation (CB-KE) schemes are a class of important public-key encryption. However, little work addresses the design of leakage-resilient CBE (LR-CBE) or leakage-resilient CB-KE (LR-CB-KE) schemes. In this paper, we present the first LR-CBKE scheme with overall unbounded leakage property which permits adversaries to continuously gain partial information of the system secret key of a trusted certificate authority (CA), the private keys and certificates of users, and random values. In the generic bilinear group model, formal security analysis is made to prove that the proposed LR-CB-KE scheme is secure against chosen ciphertext attacks.