The expansibility of PKI is expected to have the features that when the amount of user exceeds the system capacity, the users’ requirement can still be met by simply expanding the number of PKI entities and managemen...The expansibility of PKI is expected to have the features that when the amount of user exceeds the system capacity, the users’ requirement can still be met by simply expanding the number of PKI entities and management levels, and this expansion should be achieved smoothly from the original system. The upward, downward, and horizontal expansions of PKI are discussed in this paper. A path discovery method is suggested to reduce the effect of PKI expansion to the end entities, so as to enhance the availbility of PKI services.展开更多
Public Key Encryption with Keyword Search (PEKS), an indispensable part of searchable encryption, is stock-in- trade for both protecting data and providing operability of encrypted data. So far most of PEKS schemes ...Public Key Encryption with Keyword Search (PEKS), an indispensable part of searchable encryption, is stock-in- trade for both protecting data and providing operability of encrypted data. So far most of PEKS schemes have been established on Identity-Based Cryptography (IBC) with key escrow problem inherently. Such problem severely restricts the promotion of IBC-based Public Key Infrastructure including PEKS component. Hence, Certificateless Public Key Cryptography (CLPKC) is efficient to remove such problem. CLPKC is introduced into PEKS, and a general model of Certificateless PEKS (CLPEKS) is formalized. In addition, a practical CLPEKS scheme is constructed with security and efficiency analyses. The proposal is secure channel free, and semantically secure against adaptive chosen keyword attack and keyword guessing attack. To illustrate the superiority, massive experiments are conducted on Enron Email dataset which is famous in information retrieval field. Compared with existed constructions, CLPEKS improves the efficiency in theory and removes the key escrow problem.展开更多
文摘The expansibility of PKI is expected to have the features that when the amount of user exceeds the system capacity, the users’ requirement can still be met by simply expanding the number of PKI entities and management levels, and this expansion should be achieved smoothly from the original system. The upward, downward, and horizontal expansions of PKI are discussed in this paper. A path discovery method is suggested to reduce the effect of PKI expansion to the end entities, so as to enhance the availbility of PKI services.
基金This research was supported by the National Science Foundation of China for Funding Projects (61173089,61472298) and National Statistical Science Program of China(2013LZ46).
文摘Public Key Encryption with Keyword Search (PEKS), an indispensable part of searchable encryption, is stock-in- trade for both protecting data and providing operability of encrypted data. So far most of PEKS schemes have been established on Identity-Based Cryptography (IBC) with key escrow problem inherently. Such problem severely restricts the promotion of IBC-based Public Key Infrastructure including PEKS component. Hence, Certificateless Public Key Cryptography (CLPKC) is efficient to remove such problem. CLPKC is introduced into PEKS, and a general model of Certificateless PEKS (CLPEKS) is formalized. In addition, a practical CLPEKS scheme is constructed with security and efficiency analyses. The proposal is secure channel free, and semantically secure against adaptive chosen keyword attack and keyword guessing attack. To illustrate the superiority, massive experiments are conducted on Enron Email dataset which is famous in information retrieval field. Compared with existed constructions, CLPEKS improves the efficiency in theory and removes the key escrow problem.
