The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However...The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However,a notable drawback of Cocks’scheme is the significant expansion of the ciphertext,and some of its limitations have been addressed in subsequent research.Recently,Cotan and Teşeleanu highlighted that previous studies on Cocks’scheme relied on a trial-and-error method based on Jacobi symbols to generate the necessary parameters for the encryption process.They enhanced the encryption speed of Cocks’scheme by eliminating this trialand-error method.Based on security analysis,this study concludes that the security of Cotan-Teşeleanu’s proposal cannot be directly derived from the security of the original Cocks’scheme.Furthermore,by adopting the Cotan-Teşeleanu method and introducing an additional variable as a public element,this study develops a similar enhancement scheme that not only accelerates the encryption speed but also provides security equivalent to the original Cocks’scheme.展开更多
We survey the state of research on identity-based cryptography and attribute-based cryptography.We firstly review the basic concepts of identity-based cryptographic schemes in which users' identifier information s...We survey the state of research on identity-based cryptography and attribute-based cryptography.We firstly review the basic concepts of identity-based cryptographic schemes in which users' identifier information such as email or IP addresses instead of digital certificates can be used as public key for encryption or signature verification,and subsequently review some important identity-based encryption,signature and signcryption schemes.Then we give our research on Identity-Based Encryption-Signature(IBES) method.We also survey the attribute-based cryptographic schemes in which the identity of user is viewed as a set of descriptive attributes,including some important attribute-based encryption and signature schemes.We subsequently give our research on Attribute-Based Encryption and Identity-Based Signature (ABE-IBS) method.Both methods aim at efficiently improving the security of wireless sensor network.Finally,we propose a few interesting open problems concerning with practical and theoretical aspects of identity-based cryptography and attribute-based cryptography.展开更多
Traditional chaotic maps struggle with narrow chaotic ranges and inefficiencies,limiting their use for lightweight,secure image encryption in resource-constrained Wireless Sensor Networks(WSNs).We propose the SPCM,a n...Traditional chaotic maps struggle with narrow chaotic ranges and inefficiencies,limiting their use for lightweight,secure image encryption in resource-constrained Wireless Sensor Networks(WSNs).We propose the SPCM,a novel one-dimensional discontinuous chaotic system integrating polynomial and sine functions,leveraging a piecewise function to achieve a broad chaotic range()and a high Lyapunov exponent(5.04).Validated through nine benchmarks,including standard randomness tests,Diehard tests,and Shannon entropy(3.883),SPCM demonstrates superior randomness and high sensitivity to initial conditions.Applied to image encryption,SPCM achieves 0.152582 s(39%faster than some techniques)and 433.42 KB/s throughput(134%higher than some techniques),setting new benchmarks for chaotic map-based methods in WSNs.Chaos-based permutation and exclusive or(XOR)diffusion yield near-zero correlation in encrypted images,ensuring strong resistance to Statistical Attacks(SA)and accurate recovery.SPCM also exhibits a strong avalanche effect(bit difference),making it an efficient,secure solution for WSNs in domains like healthcare and smart cities.展开更多
As quantum computing continues to advance,traditional cryptographic methods are increasingly challenged,particularly when it comes to securing critical systems like Supervisory Control andData Acquisition(SCADA)system...As quantum computing continues to advance,traditional cryptographic methods are increasingly challenged,particularly when it comes to securing critical systems like Supervisory Control andData Acquisition(SCADA)systems.These systems are essential for monitoring and controlling industrial operations,making their security paramount.A key threat arises from Shor’s algorithm,a powerful quantum computing tool that can compromise current hash functions,leading to significant concerns about data integrity and confidentiality.To tackle these issues,this article introduces a novel Quantum-Resistant Hash Algorithm(QRHA)known as the Modular Hash Learning Algorithm(MHLA).This algorithm is meticulously crafted to withstand potential quantum attacks by incorporating advanced mathematical and algorithmic techniques,enhancing its overall security framework.Our research delves into the effectiveness ofMHLA in defending against both traditional and quantum-based threats,with a particular emphasis on its resilience to Shor’s algorithm.The findings from our study demonstrate that MHLA significantly enhances the security of SCADA systems in the context of quantum technology.By ensuring that sensitive data remains protected and confidential,MHLA not only fortifies individual systems but also contributes to the broader efforts of safeguarding industrial and infrastructure control systems against future quantumthreats.Our evaluation demonstrates that MHLA improves security by 38%against quantumattack simulations compared to traditional hash functionswhilemaintaining a computational efficiency ofO(m⋅n⋅k+v+n).The algorithm achieved a 98%success rate in detecting data tampering during integrity testing.These findings underline MHLA’s effectiveness in enhancing SCADA system security amidst evolving quantum technologies.This research represents a crucial step toward developing more secure cryptographic systems that can adapt to the rapidly changing technological landscape,ultimately ensuring the reliability and integrity of critical infrastructure in an era where quantum computing poses a growing risk.展开更多
Cloud environments are essential for modern computing,but are increasingly vulnerable to Side-Channel Attacks(SCAs),which exploit indirect information to compromise sensitive data.To address this critical challenge,we...Cloud environments are essential for modern computing,but are increasingly vulnerable to Side-Channel Attacks(SCAs),which exploit indirect information to compromise sensitive data.To address this critical challenge,we propose SecureCons Framework(SCF),a novel consensus-based cryptographic framework designed to enhance resilience against SCAs in cloud environments.SCF integrates a dual-layer approach combining lightweight cryptographic algorithms with a blockchain-inspired consensus mechanism to secure data exchanges and thwart potential side-channel exploits.The framework includes adaptive anomaly detection models,cryptographic obfuscation techniques,and real-time monitoring to identify and mitigate vulnerabilities proactively.Experimental evaluations demonstrate the framework's robustness,achieving over 95%resilience against advanced SCAs with minimal computational overhead.SCF provides a scalable,secure,and efficient solution,setting a new benchmark for side-channel attack mitigation in cloud ecosystems.展开更多
Current grid authentication frameworks are achieved by applying the standard SSL authentication protocol (SAP). The authentication process is very complicated, and therefore, the grid user is in a heavily loaded poi...Current grid authentication frameworks are achieved by applying the standard SSL authentication protocol (SAP). The authentication process is very complicated, and therefore, the grid user is in a heavily loaded point both in computation and in communication. Based on identity-based architecture for grid (IBAG) and corresponding encryption and signature schemes, an identity-based authentication protocol for grid is proposed. Being certificate-free, the authentication protocol aligns well with the demands of grid computing. Through simulation testing, it is seen that the authentication protocol is more lightweight and efficient than SAP, especially the more lightweight user side. This contributes to the larger grid scalability.展开更多
In 2006, Bao et al proposed an identlty-based threshold proxy signature scheme with known signers. In this paper, we show that Bao et al's scheme is vulnerable to the forgery attack. An adversary can forge a valid th...In 2006, Bao et al proposed an identlty-based threshold proxy signature scheme with known signers. In this paper, we show that Bao et al's scheme is vulnerable to the forgery attack. An adversary can forge a valid threshold proxy signature for any message with knowing a previously valid threshold proxy signature. In addition, their scheme also suffers from the weakness that the proxy signers might change the threshold value. That is, the proxy signers can arbitrarily modify the threshold strategy without being detected by the original signer or verifiers, which might violate the original signer's intent. Furthermore, we propose an improved scheme that remedies the weaknesses of Bao et al's scheme. The improved scheme satisfies all secure requirements for threshold proxy signature.展开更多
An identity-based multisignature scheme and an identity-based aggregate signature scheme are proposed in this paper. They are both from m-torsion groups on super-singular elliptic curves or hyper-elliptic curves and b...An identity-based multisignature scheme and an identity-based aggregate signature scheme are proposed in this paper. They are both from m-torsion groups on super-singular elliptic curves or hyper-elliptic curves and based on the recently proposed identity-based signature scheme of Cha and Cheon. Due to the sound properties of m-torsion groups and the base scheme, it turns out that our schemes are very simple and efficient. Both schemes are proven to be secure against adaptive chosen message attack in the random oracle model under the normal security notions with the assumption that the Computational Diffie-Hellman problem is hard in the m-torsion groups.展开更多
In opportunistic Networks,compromised nodes can attack social context-based routing protocols by publishing false social attributes information.To solve this problem,we propose a security scheme based on the identity-...In opportunistic Networks,compromised nodes can attack social context-based routing protocols by publishing false social attributes information.To solve this problem,we propose a security scheme based on the identity-based threshold signature which allows mobile nodes to jointly generate and distribute the secrets for social attributes in a totally self-organized way without the need of any centralized authority.New joining nodes can reconstruct their own social attribute signatures by getting enough partial signature services from encounter opportunities with the initial nodes.Mobile nodes need to testify whether the neighbors can provide valid attribute signatures for their routing advertisements in order to resist potential routing attacks.Simulation results show that:by implementing our security scheme,the network delivery probability of the social context-based routing protocol can be effectively improved when there are large numbers of compromised nodes in opportunistic networks.展开更多
Blind signature allows a user to get a signature of a signer on an arbitrary message,and the verifier can convince that the signature is indeed signed by the signer without leaking any information about the message.Th...Blind signature allows a user to get a signature of a signer on an arbitrary message,and the verifier can convince that the signature is indeed signed by the signer without leaking any information about the message.This property is necessary when the user’s privacy needs protection,such as a bank bill,a trade secret,etc.As an alternative of public key infrastructure,the identity-based system can simplify the key management procedures in certificate-based public key systems.Inspired by the requirement of identity-based blind signature in the post quantum world,we research on identity-based blind signature based on hard lattice problems under the random Oracle model.We propose a construction built upon the blind signature by Rückert,and it is proved to be one-more unforgeable against selective identity and chosen message attacks(s ID-CMA)and unconditionally blind.The proposed scheme has 2 moves,and its security can be reduced to the small integer solution(SIS)problem.展开更多
Signcryption is a cryptographic primitive that performs encryption and signature in a single logical step more efficiently than sign-then-encrypt approach. Till now, various kinds of signcryption schemes have been pro...Signcryption is a cryptographic primitive that performs encryption and signature in a single logical step more efficiently than sign-then-encrypt approach. Till now, various kinds of signcryption schemes have been proposed. Among them, the requirement of signcrypter's privacy protection is needful in some practical applications. In this paper, a new identity-based anonymous signcryption scheme from hilinear pairings, which is the organic combination of identity-based ring signature and encryption scheme, is proposed. The proposed scheme is indistinguishable against the chosen ciphertext attack under the Decisional Bilinear Diffie-Hellman assumption in the random oracle model. Its unforgeability relies on the computational Diffieellman problem. Compared with the previous schemes, the new scheme is more efficient in computation.展开更多
An authentication multiple key agreement protocol allows the users to compute more than one session keys in an authentication way. In the paper,an identity-based authentication multiple key agreement protocol is propo...An authentication multiple key agreement protocol allows the users to compute more than one session keys in an authentication way. In the paper,an identity-based authentication multiple key agreement protocol is proposed. Its authentication part is proven secure against existential forgery on adaptively chosen message and ID attacks under the random oracle model upon the CDH assumptions. The session keys are proven secure in a formal CK security model under the random oracle model upon the CBDH assumptions. Compared with the previous multiple key agreement protocols,it requires less communication cost.展开更多
Signcryption, which was introduced by ZHEN~ is a cryptographic primitive that fulfils the functions of both digital signature and encryption and guarantees confidentiality, integrity and non-repudiation in a more effi...Signcryption, which was introduced by ZHEN~ is a cryptographic primitive that fulfils the functions of both digital signature and encryption and guarantees confidentiality, integrity and non-repudiation in a more effi- cient way. Certificateless signcryption and pro- xy signcryption in identity-based cryptography were proposed for different applications. Most of these schemes are constructed by bilinear pairings from elliptic curves. However, some schemes were recently presented without pai- rings. In this paper, we present a certificateless proxy identity-based signcryption scheme with- out bilinear pairings, which is efficient and secure.展开更多
In proxy signature schemes,the proxy signer B is permitted to produce a signature on behalf of the original signer A. However,exposure of proxy signing keys can be the most devastating attack on a proxy signature sche...In proxy signature schemes,the proxy signer B is permitted to produce a signature on behalf of the original signer A. However,exposure of proxy signing keys can be the most devastating attack on a proxy signature scheme since any adversary can sign messages on behalf of the proxy signer. In this paper,we applied Dodis,et al.’s key-insulation mechanism and proposed an Identity-Based (ID-based) Key-Insulated Proxy Signature (IBKIPS) scheme with secure key-updates. The proposed scheme is strong key-insulated and perfectly key-insulated. Our scheme also supports unbounded period numbers and random-access key-updates.展开更多
In a strong designated verifier proxy signature scheme, a proxy signer can generate proxy signature on behalf of an original signer, but only the designated verifier can verify the validity of the proxy signature. In ...In a strong designated verifier proxy signature scheme, a proxy signer can generate proxy signature on behalf of an original signer, but only the designated verifier can verify the validity of the proxy signature. In this paper, we first define the security requirements for strong designated verifier proxy signature schemes. And then we construct an identity-based strong designated verifier proxy signature scheme. We argue that the proposed scheme satisfies all of the security requirements.展开更多
This paper describes two identity-based broadcast encryption (IBBE) schemes for mobile ad hoc networks. The first scheme proposed achieves sub-linear size cipertexts and the second scheme achieves O(1)- size ciphe...This paper describes two identity-based broadcast encryption (IBBE) schemes for mobile ad hoc networks. The first scheme proposed achieves sub-linear size cipertexts and the second scheme achieves O(1)- size ciphertexts. Furthermore, when the public keys are transmitted, the two schemes have short transmissions and achieve O(1) user storage cost, which are important for a mobile ad hoc network. Finally, the proposed schemes are provable security under the decision generalized bilinear Diffi-Hellman (GBDH) assumption in the random oracles model.展开更多
An identity-based encryption(IBE) was studied with non-interactively opening property that the plain text of a ciphertext can be revealed without affecting the security of the encryption system.Two kinds of non-intera...An identity-based encryption(IBE) was studied with non-interactively opening property that the plain text of a ciphertext can be revealed without affecting the security of the encryption system.Two kinds of non-interactive opening properties for IBE schemes were defined along with a concrete scheme in each case.展开更多
Identity-based (ID-based) ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are const...Identity-based (ID-based) ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are constructed from bilinear pairings, a powerful but computationally expensive primitive. Hence, ID-based ring signature without pairing is of great interest in the field of cryptography. In this paper, the authors firstly propose an ID-based ring signature scheme based on quadratic residues. The proposed scheme is proved to be existentially unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the hardness of factoring. The proposed scheme is more efficient than those which are constructed from bilinear pairings.展开更多
To design an efficient protocol for sharing the encrypted lock keys in the renting house system,we introduce a new notion called time-and identitybased proxy reencryption(TIPRE)and the blockchain platform.Our CPA secu...To design an efficient protocol for sharing the encrypted lock keys in the renting house system,we introduce a new notion called time-and identitybased proxy reencryption(TIPRE)and the blockchain platform.Our CPA secure TIPRE scheme is constructed from Green et al.’s identity-based proxy reencryption scheme by adding the time property.In every time period,a time stamp authority generates a public key embedded with the current time stamp for each user.In our protocol for the renting house system,the TIPRE scheme is the primary building block,and the blockchain platform serves instead of a trusted third party,such as a real estate agency between landlords and tenants.The TIPRE scheme allows the landlord to change the lock key at each time period for safety.The blockchain platform allows the landlords and tenants to directly interact,and all of the interactions are recorded in the blockchain database to provide the desired security requirements,such as nonrepudiation and unforgeability.Finally,we provide the secure analysis of our protocol and test its performance by implementing it in the MacBook Pro and the Intel Edison development platforms.展开更多
An identity-based proxy re-encryption scheme(IB-PRE)allows a semi-trusted proxy to convert an encryption under one identity to another without revealing the underlying message.Due to the fact that the proxy was semi-t...An identity-based proxy re-encryption scheme(IB-PRE)allows a semi-trusted proxy to convert an encryption under one identity to another without revealing the underlying message.Due to the fact that the proxy was semi-trusted,it should place as little trust as necessary to allow it to perform the translations.In some applications such as distributed file system,it demands the adversary cannot identify the sender and recipient’s identities.However,none of the exiting IB-PRE schemes satisfy this requirement.In this work,we first define the security model of key-private IB-PRE.Finally,we propose the first key-private IB-PRE scheme.Our scheme is chosen plaintext secure(CPA)and collusion resistant in the standard model.展开更多
基金Rising-Star Program of Shanghai 2023 Science and Technology Innovation Action Plan(Yangfan Special Project),China(No.23YF1401000)Fundamental Research Funds for the Central Universities,China(No.2232022D-25)。
文摘The theory of quadratic residues plays an important role in cryptography.In 2001,Cocks developed an identity-based encryption(IBE)scheme based on quadratic residues,resolving Shamir’s 17-year-old open problem.However,a notable drawback of Cocks’scheme is the significant expansion of the ciphertext,and some of its limitations have been addressed in subsequent research.Recently,Cotan and Teşeleanu highlighted that previous studies on Cocks’scheme relied on a trial-and-error method based on Jacobi symbols to generate the necessary parameters for the encryption process.They enhanced the encryption speed of Cocks’scheme by eliminating this trialand-error method.Based on security analysis,this study concludes that the security of Cotan-Teşeleanu’s proposal cannot be directly derived from the security of the original Cocks’scheme.Furthermore,by adopting the Cotan-Teşeleanu method and introducing an additional variable as a public element,this study develops a similar enhancement scheme that not only accelerates the encryption speed but also provides security equivalent to the original Cocks’scheme.
基金supported by the National Natural Science Foundation of China(No. 60873231)Natural Science Fund for Colleges and the Universities of Jiangsu Province(No. 08KJB520006)+2 种基金Natural Science Foundation of Jiangsu Province(No. BK2009426)Colleges and Universities of Jiangsu Province Plans to Graduate Research and Innovation(No.CX09B_151Z)the Innovation Fund of NJUPT(No.NY208006)
文摘We survey the state of research on identity-based cryptography and attribute-based cryptography.We firstly review the basic concepts of identity-based cryptographic schemes in which users' identifier information such as email or IP addresses instead of digital certificates can be used as public key for encryption or signature verification,and subsequently review some important identity-based encryption,signature and signcryption schemes.Then we give our research on Identity-Based Encryption-Signature(IBES) method.We also survey the attribute-based cryptographic schemes in which the identity of user is viewed as a set of descriptive attributes,including some important attribute-based encryption and signature schemes.We subsequently give our research on Attribute-Based Encryption and Identity-Based Signature (ABE-IBS) method.Both methods aim at efficiently improving the security of wireless sensor network.Finally,we propose a few interesting open problems concerning with practical and theoretical aspects of identity-based cryptography and attribute-based cryptography.
基金supported by the National Research Foundation of Korea(NRF)grant funded by the Korean government Ministry of Science and ICT(MIST)(RS-2022-00165225).
文摘Traditional chaotic maps struggle with narrow chaotic ranges and inefficiencies,limiting their use for lightweight,secure image encryption in resource-constrained Wireless Sensor Networks(WSNs).We propose the SPCM,a novel one-dimensional discontinuous chaotic system integrating polynomial and sine functions,leveraging a piecewise function to achieve a broad chaotic range()and a high Lyapunov exponent(5.04).Validated through nine benchmarks,including standard randomness tests,Diehard tests,and Shannon entropy(3.883),SPCM demonstrates superior randomness and high sensitivity to initial conditions.Applied to image encryption,SPCM achieves 0.152582 s(39%faster than some techniques)and 433.42 KB/s throughput(134%higher than some techniques),setting new benchmarks for chaotic map-based methods in WSNs.Chaos-based permutation and exclusive or(XOR)diffusion yield near-zero correlation in encrypted images,ensuring strong resistance to Statistical Attacks(SA)and accurate recovery.SPCM also exhibits a strong avalanche effect(bit difference),making it an efficient,secure solution for WSNs in domains like healthcare and smart cities.
基金Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2025R343),Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabiathe Deanship of Scientific Research at Northern Border University,Arar,Saudi Arabia for funding this research work through the project number NBU-FFR-2025-1092-10.
文摘As quantum computing continues to advance,traditional cryptographic methods are increasingly challenged,particularly when it comes to securing critical systems like Supervisory Control andData Acquisition(SCADA)systems.These systems are essential for monitoring and controlling industrial operations,making their security paramount.A key threat arises from Shor’s algorithm,a powerful quantum computing tool that can compromise current hash functions,leading to significant concerns about data integrity and confidentiality.To tackle these issues,this article introduces a novel Quantum-Resistant Hash Algorithm(QRHA)known as the Modular Hash Learning Algorithm(MHLA).This algorithm is meticulously crafted to withstand potential quantum attacks by incorporating advanced mathematical and algorithmic techniques,enhancing its overall security framework.Our research delves into the effectiveness ofMHLA in defending against both traditional and quantum-based threats,with a particular emphasis on its resilience to Shor’s algorithm.The findings from our study demonstrate that MHLA significantly enhances the security of SCADA systems in the context of quantum technology.By ensuring that sensitive data remains protected and confidential,MHLA not only fortifies individual systems but also contributes to the broader efforts of safeguarding industrial and infrastructure control systems against future quantumthreats.Our evaluation demonstrates that MHLA improves security by 38%against quantumattack simulations compared to traditional hash functionswhilemaintaining a computational efficiency ofO(m⋅n⋅k+v+n).The algorithm achieved a 98%success rate in detecting data tampering during integrity testing.These findings underline MHLA’s effectiveness in enhancing SCADA system security amidst evolving quantum technologies.This research represents a crucial step toward developing more secure cryptographic systems that can adapt to the rapidly changing technological landscape,ultimately ensuring the reliability and integrity of critical infrastructure in an era where quantum computing poses a growing risk.
文摘Cloud environments are essential for modern computing,but are increasingly vulnerable to Side-Channel Attacks(SCAs),which exploit indirect information to compromise sensitive data.To address this critical challenge,we propose SecureCons Framework(SCF),a novel consensus-based cryptographic framework designed to enhance resilience against SCAs in cloud environments.SCF integrates a dual-layer approach combining lightweight cryptographic algorithms with a blockchain-inspired consensus mechanism to secure data exchanges and thwart potential side-channel exploits.The framework includes adaptive anomaly detection models,cryptographic obfuscation techniques,and real-time monitoring to identify and mitigate vulnerabilities proactively.Experimental evaluations demonstrate the framework's robustness,achieving over 95%resilience against advanced SCAs with minimal computational overhead.SCF provides a scalable,secure,and efficient solution,setting a new benchmark for side-channel attack mitigation in cloud ecosystems.
基金the Sichuan Provincial Youth Software Innovation Foundation (2004AA03692005AA0827).
文摘Current grid authentication frameworks are achieved by applying the standard SSL authentication protocol (SAP). The authentication process is very complicated, and therefore, the grid user is in a heavily loaded point both in computation and in communication. Based on identity-based architecture for grid (IBAG) and corresponding encryption and signature schemes, an identity-based authentication protocol for grid is proposed. Being certificate-free, the authentication protocol aligns well with the demands of grid computing. Through simulation testing, it is seen that the authentication protocol is more lightweight and efficient than SAP, especially the more lightweight user side. This contributes to the larger grid scalability.
基金Supported by the National Natural Science Foun-dation of China (60473029)
文摘In 2006, Bao et al proposed an identlty-based threshold proxy signature scheme with known signers. In this paper, we show that Bao et al's scheme is vulnerable to the forgery attack. An adversary can forge a valid threshold proxy signature for any message with knowing a previously valid threshold proxy signature. In addition, their scheme also suffers from the weakness that the proxy signers might change the threshold value. That is, the proxy signers can arbitrarily modify the threshold strategy without being detected by the original signer or verifiers, which might violate the original signer's intent. Furthermore, we propose an improved scheme that remedies the weaknesses of Bao et al's scheme. The improved scheme satisfies all secure requirements for threshold proxy signature.
基金Supported by the National 973 Project of China (No.G1999035803), the National Natural Science Foundation of China (No.60373104) and the National 863 Project of China (No.2002AA143021).
文摘An identity-based multisignature scheme and an identity-based aggregate signature scheme are proposed in this paper. They are both from m-torsion groups on super-singular elliptic curves or hyper-elliptic curves and based on the recently proposed identity-based signature scheme of Cha and Cheon. Due to the sound properties of m-torsion groups and the base scheme, it turns out that our schemes are very simple and efficient. Both schemes are proven to be secure against adaptive chosen message attack in the random oracle model under the normal security notions with the assumption that the Computational Diffie-Hellman problem is hard in the m-torsion groups.
基金the Major national S&T program under Grant No. 2011ZX03005-002National Natural Science Foundation of China under Grant No. 60872041,61072066the Fundamental Research Funds for the Central Universities under Grant No. JY10000903001,JY10000901034
文摘In opportunistic Networks,compromised nodes can attack social context-based routing protocols by publishing false social attributes information.To solve this problem,we propose a security scheme based on the identity-based threshold signature which allows mobile nodes to jointly generate and distribute the secrets for social attributes in a totally self-organized way without the need of any centralized authority.New joining nodes can reconstruct their own social attribute signatures by getting enough partial signature services from encounter opportunities with the initial nodes.Mobile nodes need to testify whether the neighbors can provide valid attribute signatures for their routing advertisements in order to resist potential routing attacks.Simulation results show that:by implementing our security scheme,the network delivery probability of the social context-based routing protocol can be effectively improved when there are large numbers of compromised nodes in opportunistic networks.
基金Supported by the National Natural Science Foundation of China(61472309,61572390,61672412,61402353)
文摘Blind signature allows a user to get a signature of a signer on an arbitrary message,and the verifier can convince that the signature is indeed signed by the signer without leaking any information about the message.This property is necessary when the user’s privacy needs protection,such as a bank bill,a trade secret,etc.As an alternative of public key infrastructure,the identity-based system can simplify the key management procedures in certificate-based public key systems.Inspired by the requirement of identity-based blind signature in the post quantum world,we research on identity-based blind signature based on hard lattice problems under the random Oracle model.We propose a construction built upon the blind signature by Rückert,and it is proved to be one-more unforgeable against selective identity and chosen message attacks(s ID-CMA)and unconditionally blind.The proposed scheme has 2 moves,and its security can be reduced to the small integer solution(SIS)problem.
基金Supported by the National Natural Science Foundation of China (60573043)the Foundation of National Laboratory for Modern Communications (9140C1107010604)Youth Science and Technology Foundation of University of Electronic Science and Technology of China
文摘Signcryption is a cryptographic primitive that performs encryption and signature in a single logical step more efficiently than sign-then-encrypt approach. Till now, various kinds of signcryption schemes have been proposed. Among them, the requirement of signcrypter's privacy protection is needful in some practical applications. In this paper, a new identity-based anonymous signcryption scheme from hilinear pairings, which is the organic combination of identity-based ring signature and encryption scheme, is proposed. The proposed scheme is indistinguishable against the chosen ciphertext attack under the Decisional Bilinear Diffie-Hellman assumption in the random oracle model. Its unforgeability relies on the computational Diffieellman problem. Compared with the previous schemes, the new scheme is more efficient in computation.
基金supported by a grant from the National Natural Science Foundation of China (10961013)
文摘An authentication multiple key agreement protocol allows the users to compute more than one session keys in an authentication way. In the paper,an identity-based authentication multiple key agreement protocol is proposed. Its authentication part is proven secure against existential forgery on adaptively chosen message and ID attacks under the random oracle model upon the CDH assumptions. The session keys are proven secure in a formal CK security model under the random oracle model upon the CBDH assumptions. Compared with the previous multiple key agreement protocols,it requires less communication cost.
基金supported by the National Natural Science Foundation of China under Grants No.61272499,No.10990011
文摘Signcryption, which was introduced by ZHEN~ is a cryptographic primitive that fulfils the functions of both digital signature and encryption and guarantees confidentiality, integrity and non-repudiation in a more effi- cient way. Certificateless signcryption and pro- xy signcryption in identity-based cryptography were proposed for different applications. Most of these schemes are constructed by bilinear pairings from elliptic curves. However, some schemes were recently presented without pai- rings. In this paper, we present a certificateless proxy identity-based signcryption scheme with- out bilinear pairings, which is efficient and secure.
基金Supported by the National Natural Science Foundation of China (No. 60573032, 60773092, 90604036, 60873229, 60903178, 60672072, 60832003)Zhejiang Provincial Natural Science Foundation of China (No. Y106505)
文摘In proxy signature schemes,the proxy signer B is permitted to produce a signature on behalf of the original signer A. However,exposure of proxy signing keys can be the most devastating attack on a proxy signature scheme since any adversary can sign messages on behalf of the proxy signer. In this paper,we applied Dodis,et al.’s key-insulation mechanism and proposed an Identity-Based (ID-based) Key-Insulated Proxy Signature (IBKIPS) scheme with secure key-updates. The proposed scheme is strong key-insulated and perfectly key-insulated. Our scheme also supports unbounded period numbers and random-access key-updates.
基金Supported by the National Natural Science Foun-dation of Chinafor Distinguished Young Scholars(60225007) the Na-tional Research Fundfor the Doctoral Programof Higher Education ofChina(20020248024) the Science and Technology Research Pro-ject of Shanghai (04DZ07067)
文摘In a strong designated verifier proxy signature scheme, a proxy signer can generate proxy signature on behalf of an original signer, but only the designated verifier can verify the validity of the proxy signature. In this paper, we first define the security requirements for strong designated verifier proxy signature schemes. And then we construct an identity-based strong designated verifier proxy signature scheme. We argue that the proposed scheme satisfies all of the security requirements.
基金the National Natural Science Foundation of China (Nos. 60673072, 60803149)the National Basic Research Program (973) of China(No. 2007CB311201)
文摘This paper describes two identity-based broadcast encryption (IBBE) schemes for mobile ad hoc networks. The first scheme proposed achieves sub-linear size cipertexts and the second scheme achieves O(1)- size ciphertexts. Furthermore, when the public keys are transmitted, the two schemes have short transmissions and achieve O(1) user storage cost, which are important for a mobile ad hoc network. Finally, the proposed schemes are provable security under the decision generalized bilinear Diffi-Hellman (GBDH) assumption in the random oracles model.
文摘An identity-based encryption(IBE) was studied with non-interactively opening property that the plain text of a ciphertext can be revealed without affecting the security of the encryption system.Two kinds of non-interactive opening properties for IBE schemes were defined along with a concrete scheme in each case.
基金Supported by the National High Technology Research and Development Program of China (No. 2006AA01Z428)the National Natural Science Foundation of China ( No. 60673075)
文摘Identity-based (ID-based) ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are constructed from bilinear pairings, a powerful but computationally expensive primitive. Hence, ID-based ring signature without pairing is of great interest in the field of cryptography. In this paper, the authors firstly propose an ID-based ring signature scheme based on quadratic residues. The proposed scheme is proved to be existentially unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the hardness of factoring. The proposed scheme is more efficient than those which are constructed from bilinear pairings.
基金This research is partially supported by the National Natural Science Foundation of China under Grant Nos.61672016the Jiangsu Qing Lan Project,the Six Talent Peaks Project in Jiangsu Province under Grant RJFW-010the Guangxi Key Laboratory of Cryptography and Information Security under Grant GCIS201815.
文摘To design an efficient protocol for sharing the encrypted lock keys in the renting house system,we introduce a new notion called time-and identitybased proxy reencryption(TIPRE)and the blockchain platform.Our CPA secure TIPRE scheme is constructed from Green et al.’s identity-based proxy reencryption scheme by adding the time property.In every time period,a time stamp authority generates a public key embedded with the current time stamp for each user.In our protocol for the renting house system,the TIPRE scheme is the primary building block,and the blockchain platform serves instead of a trusted third party,such as a real estate agency between landlords and tenants.The TIPRE scheme allows the landlord to change the lock key at each time period for safety.The blockchain platform allows the landlords and tenants to directly interact,and all of the interactions are recorded in the blockchain database to provide the desired security requirements,such as nonrepudiation and unforgeability.Finally,we provide the secure analysis of our protocol and test its performance by implementing it in the MacBook Pro and the Intel Edison development platforms.
基金This work is supported by the National Natural Science Foundation of China(Nos.61702236,61672270,61602216,61872181)Changzhou Sci&Tech Program(Grant No.CJ20179027).
文摘An identity-based proxy re-encryption scheme(IB-PRE)allows a semi-trusted proxy to convert an encryption under one identity to another without revealing the underlying message.Due to the fact that the proxy was semi-trusted,it should place as little trust as necessary to allow it to perform the translations.In some applications such as distributed file system,it demands the adversary cannot identify the sender and recipient’s identities.However,none of the exiting IB-PRE schemes satisfy this requirement.In this work,we first define the security model of key-private IB-PRE.Finally,we propose the first key-private IB-PRE scheme.Our scheme is chosen plaintext secure(CPA)and collusion resistant in the standard model.
