In this paper, we point out that Libert and Quisquater’s signcryption scheme cannot provide public verifiability. Then we present a new identity based signcryption scheme using quadratic residue and pairings over ell...In this paper, we point out that Libert and Quisquater’s signcryption scheme cannot provide public verifiability. Then we present a new identity based signcryption scheme using quadratic residue and pairings over elliptic curves. It combines the functionalities of both public verifiability and forward security at the same time. Under the Bilinear Diffie-Hellman and quadratic residue assumption, we describe the new scheme that is more secure and can be some-what more efficient than Libert and Quisquater’s one.展开更多
Hierarchical identity based cryptography is a generalization of identity based encryption that mirrors an organizational hierarchy. It allows a root public key generator to distribute the workload by delegating public...Hierarchical identity based cryptography is a generalization of identity based encryption that mirrors an organizational hierarchy. It allows a root public key generator to distribute the workload by delegating public key generation and identity authentication to lower-level public key generators. Most hierarchical identity based signature schemes are provably secure in the random oracle model or the weak models without random oracles such as gauntlet-ID model. Currently, there is no hierarchical identity based signature scheme that is fully secure in the standard model, with short public parameters and a tight reduction. In this paper, a hierarchical identity based signature scheme based on the q-SDH problem that is fully secure in the standard model is proposed. The signature size is independent of the level of the hierarchy. Moreover, our scheme has short public parameters, high efficiency and a tight reduction.展开更多
Two new constructions of chosen-ciphertext secure fuzzy identity-based encryption (fuzzy-IBE) schemes without random oracle are proposed. The first scheme combines the modification of chosen-plaintext secure Sahai a...Two new constructions of chosen-ciphertext secure fuzzy identity-based encryption (fuzzy-IBE) schemes without random oracle are proposed. The first scheme combines the modification of chosen-plaintext secure Sahai and Waters' "large universe" construction and authenticated symmetric encryption, and uses con- sistency checking to handle with ill-formed ciphertexts to achieve chosen-ciphertext security in the selective ID model. The second scheme improves the efficiency of first scheme by eliminating consistency checking. This improved scheme is more efficient than existing chosen-ciphertext secure fuzzy-IBE scheme in the standard model.展开更多
Since Libert and Quisquater's identity based signcryption scheme cannot provide public verifiability after research, the paper proposes a new identity based signcryption scheme. The scheme uses quadratic residue a...Since Libert and Quisquater's identity based signcryption scheme cannot provide public verifiability after research, the paper proposes a new identity based signcryption scheme. The scheme uses quadratic residue and pairings over elliptic curves to realize public verifiability. By analysis the scheme is proved to be more efficient than Libert and Quisquater's scheme. Moreover, a security proof of the original scheme is presented in the random oracle model.展开更多
Identity-based key agreement protocol affords a natural way to combine the participant's identity with its public key. However, most of them just consider the key agreement in a single private key generator (PKG) e...Identity-based key agreement protocol affords a natural way to combine the participant's identity with its public key. However, most of them just consider the key agreement in a single private key generator (PKG) environment. In addition, the existing key agreement protocols have a great computing overhead for mobile computing which is more and more popular today. This paper proposes a new identity based key agreement protocol. With the help of mathematical tools, we make our protocol applied in multiple PKG environment. It also satisfies all the security properties which is set for key agreement protocol. Moreover, some of its time-consuming operations can be delivered to untrusted public computation resources, so its computing complexity can be greatly reduced.展开更多
Using lattice basis delegation in a fixed dimension, we propose an efficient lattice-based hierarchical identity based encryption(HIBE) scheme in the standard model whose public key size is only(dm^2+ mn) log q b...Using lattice basis delegation in a fixed dimension, we propose an efficient lattice-based hierarchical identity based encryption(HIBE) scheme in the standard model whose public key size is only(dm^2+ mn) log q bits and whose message-ciphertext expansion factor is only log q, where d is the maximum hierarchical depth and(n, m, q)are public parameters. In our construction, a novel public key assignment rule is used to averagely assign one random and public matrix to two identity bits, which implies that d random public matrices are enough to build the proposed HIBE scheme in the standard model, compared with the case in which 2d such public matrices are needed in the scheme proposed at Crypto 2010 whose public key size is(2dm^2+ mn + m) log q. To reduce the message-ciphertext expansion factor of the proposed scheme to log q, the encryption algorithm of this scheme is built based on Gentry's encryption scheme, by which m^2 bits of plaintext are encrypted into m^2 log q bits of ciphertext by a one time encryption operation. Hence, the presented scheme has some advantages with respect to not only the public key size but also the message-ciphertext expansion factor. Based on the hardness of the learning with errors problem, we demonstrate that the scheme is secure under selective identity and chosen plaintext attacks.展开更多
文摘In this paper, we point out that Libert and Quisquater’s signcryption scheme cannot provide public verifiability. Then we present a new identity based signcryption scheme using quadratic residue and pairings over elliptic curves. It combines the functionalities of both public verifiability and forward security at the same time. Under the Bilinear Diffie-Hellman and quadratic residue assumption, we describe the new scheme that is more secure and can be some-what more efficient than Libert and Quisquater’s one.
基金Supported by the National Natural Science Foundation of China (6057303)the Program for New Century Excellent Talents in University by Ministry of Education (NCET-05-0398)
文摘Hierarchical identity based cryptography is a generalization of identity based encryption that mirrors an organizational hierarchy. It allows a root public key generator to distribute the workload by delegating public key generation and identity authentication to lower-level public key generators. Most hierarchical identity based signature schemes are provably secure in the random oracle model or the weak models without random oracles such as gauntlet-ID model. Currently, there is no hierarchical identity based signature scheme that is fully secure in the standard model, with short public parameters and a tight reduction. In this paper, a hierarchical identity based signature scheme based on the q-SDH problem that is fully secure in the standard model is proposed. The signature size is independent of the level of the hierarchy. Moreover, our scheme has short public parameters, high efficiency and a tight reduction.
基金the National High Technology Research and Development Program (863) of China(No. 2006AA12A106)
文摘Two new constructions of chosen-ciphertext secure fuzzy identity-based encryption (fuzzy-IBE) schemes without random oracle are proposed. The first scheme combines the modification of chosen-plaintext secure Sahai and Waters' "large universe" construction and authenticated symmetric encryption, and uses con- sistency checking to handle with ill-formed ciphertexts to achieve chosen-ciphertext security in the selective ID model. The second scheme improves the efficiency of first scheme by eliminating consistency checking. This improved scheme is more efficient than existing chosen-ciphertext secure fuzzy-IBE scheme in the standard model.
文摘Since Libert and Quisquater's identity based signcryption scheme cannot provide public verifiability after research, the paper proposes a new identity based signcryption scheme. The scheme uses quadratic residue and pairings over elliptic curves to realize public verifiability. By analysis the scheme is proved to be more efficient than Libert and Quisquater's scheme. Moreover, a security proof of the original scheme is presented in the random oracle model.
基金Supported by the National Natural Science Foundation of China(61103194)
文摘Identity-based key agreement protocol affords a natural way to combine the participant's identity with its public key. However, most of them just consider the key agreement in a single private key generator (PKG) environment. In addition, the existing key agreement protocols have a great computing overhead for mobile computing which is more and more popular today. This paper proposes a new identity based key agreement protocol. With the help of mathematical tools, we make our protocol applied in multiple PKG environment. It also satisfies all the security properties which is set for key agreement protocol. Moreover, some of its time-consuming operations can be delivered to untrusted public computation resources, so its computing complexity can be greatly reduced.
基金Project supported by the National Natural Science Foundation of China(Nos.61303198,61471409,61472470,and 61402112) the Natural Science Foundation of Shandong Province,China(No.ZR2013FQ031)
文摘Using lattice basis delegation in a fixed dimension, we propose an efficient lattice-based hierarchical identity based encryption(HIBE) scheme in the standard model whose public key size is only(dm^2+ mn) log q bits and whose message-ciphertext expansion factor is only log q, where d is the maximum hierarchical depth and(n, m, q)are public parameters. In our construction, a novel public key assignment rule is used to averagely assign one random and public matrix to two identity bits, which implies that d random public matrices are enough to build the proposed HIBE scheme in the standard model, compared with the case in which 2d such public matrices are needed in the scheme proposed at Crypto 2010 whose public key size is(2dm^2+ mn + m) log q. To reduce the message-ciphertext expansion factor of the proposed scheme to log q, the encryption algorithm of this scheme is built based on Gentry's encryption scheme, by which m^2 bits of plaintext are encrypted into m^2 log q bits of ciphertext by a one time encryption operation. Hence, the presented scheme has some advantages with respect to not only the public key size but also the message-ciphertext expansion factor. Based on the hardness of the learning with errors problem, we demonstrate that the scheme is secure under selective identity and chosen plaintext attacks.
