Efficient and Generic Construction of Certification-Based Encryption in the Standard Model Based on the NIZK Proof System

Certificate-based encryption (CBE) is a new public key encryption paradigm which combines traditional PKI-based public-key encryption (PKE) and identity-based encryption (IBE), and preserves some of their most attractive features. CBE provides an efficient implicit certificate mechanism and allows a periodical update of certificate status. It eliminates third-party queries for the certificate status and simplifies the certificate revocation problem in the traditional PKI, while it solves the key escrow problem and the key distribution problem inherent in IBE. In this paper, we propose a new generic construction of CBE schemes from PKE and IBE, and prove it to be CCA-secure in the standard model. In our construction, we use an efficient one-time simulation-sound adaptive NIZK proof system as the security enhancing building block to guarantee the CCA-security of the generated CBE schemes. When compared to the previous method, the security requirements of the primitive encryption schemes in our construction are much weaker and the performance of the generated CBE schemes from our construction is much more efficient.