A Hybrid Encryption Scheme with
Key-cloning Protection: Attributes and Fingerprints 1Kyushu
University, Fukuoka, Japan 2Institute
of Systems, Information Technologies and Nanotechnologies, Fukuoka, Japan
Abstract Internet service has enabled digital contents to be
shared faster and easier, but on the other side it raised an issue of illegal
copy of the digital contents. Public key encryption schemes solve this issue
partially. However, there is still a weak point that the secret key is not
completely protected; that is, public key encryption
schemes suffer from illegal copy of secret keys (the key-cloning problem). In
this paper, first, we discuss the usability of terminal fingerprints for
key-cloning protection. Next, we propose a hybrid encryption scheme using
terminal fingerprints to protect the secret keys from the key-cloning. Based
on an assumption that the terminal fingerprint is unchangeable and unextractable even by the user of the terminal, our
hybrid encryption scheme can be effectively used as a method of the
key-cloning protection. Then, we instantiate our hybrid encryption scheme as
a combination of the attribute-based encryption scheme and the RSA encryption
scheme; the attribute-based encryption scheme functions as a mechanism for
authentication of user's attributes, and the RSA encryption scheme functions
as a mechanism for authentication of a terminal device. Terminal fingerprint
that is a feature of the device is used to generate a secret key of the RSA
encryption. Keywords: Key
misuse, Terminal fingerprint, Re-encryption +: Corresponding author: Chunlu Chen
Journal of Internet Services and Information Security (JISIS), 6(2): 23-36, May 2016 [pdf] |
|