Certificateless Deniable Authenticated Encryption for Location-Based Privacy Protection

Abstract

Deniable authenticated encryption (DAE) is a cryptographic primitive that supports data confidentiality with deniable authentication in an efficient manner. The DAE plays a significant role in location-based service systems for privacy protection. In this paper, we construct a certificateless DAE (CLDAE) scheme. The CLDAE is based on certificateless cryptosystems (CLCs), which avoids the need to manage public key certificates in public key infrastructure (PKI)-based cryptosystems and key escrow problems in identity-based cryptosystems (IBCs). Our design utilizes hybrid methods: tag-key encapsulation mechanism (TKEM) and data encapsulation mechanism (DEM). This technique is more suitable for location-based applications. We show how to construct a CLDAE scheme utilizing a certificateless deniable authenticated tag-KEM (CLDATK) and a DEM. We also design a CLDATK scheme and provide formal security proof using the random oracle model (ROM). We conduct a comprehensive performance analysis, which shows that CLDAE is highly efficient in terms of communication overhead. We also provide an application of the CLDAE for a location-based service (LBS) system.