Anonymous proxy signature scheme can provide the privacy protection for the proxy signer. Recently, Yu et al. proposed an anonymous proxy signature, which can be viewed as the organic combination of proxy signature an...Anonymous proxy signature scheme can provide the privacy protection for the proxy signer. Recently, Yu et al. proposed an anonymous proxy signature, which can be viewed as the organic combination of proxy signature and ring signature. However, the efficiency is low. In this paper, we propose an efficient and secure proxy signature with the properties of anonymity and traceability, and it is provably secure in the random oracle model. Compared with Yu et al.'s scheme, the scheme has higher efficiency.展开更多
This paper focuses on the instantiation of random oracles in public key encryption schemes. A misunderstanding in the former instantiations is pointed out and analyzed. A method of using this primitive as a substituti...This paper focuses on the instantiation of random oracles in public key encryption schemes. A misunderstanding in the former instantiations is pointed out and analyzed. A method of using this primitive as a substitution of random oracles is also proposed. The partial and full instantiations of random oracles in optimal asymmetric encryption padding (OAEP) implemented by pseudorandom functions are described and the resulted schemes are proven to be indistinguishable secure against adaptive chosen ciphertext attack (IND-CCA2) secure. Using this method, one can transform a practical public key encryption scheme secure in the random oracle model into a standard-model secure scheme. The security of the scheme is based on computational assumptions, which is weaker than decisional assumptions used in Cramer- Shoup like schemes.展开更多
A Verifiably Encrypted Signature (VES) plays an essential role in the construction of a fair data exchange. The paper proposes an Identity-based Proxy Verifiably Encrypted Signature (IPVES) to combine the advantages o...A Verifiably Encrypted Signature (VES) plays an essential role in the construction of a fair data exchange. The paper proposes an Identity-based Proxy Verifiably Encrypted Signature (IPVES) to combine the advantages of a proxy signature and a VES in order to delegate the signing capability of the VES of an entity called the original signer to another entity, called the proxy signer. In this IPVES scheme, the original signer delegates his/her signing capability to the proxy signer. The proxy signer issues a signature by using a proxy signing key, encrypts the signature under a designated public key, and subsequently convinces a verifier that the resulting ciphertext contains such a signature. We prove that the proposed IPVES scheme is secure in a random oracle model under the computational Diffie-Hellman assumption.展开更多
The Vehicular Ad-hoc Network(VANET)is the fundamental of smart transportation system in the future,but the security of the communication between vehicles and vehicles,between vehicles and roadside infrastructures have...The Vehicular Ad-hoc Network(VANET)is the fundamental of smart transportation system in the future,but the security of the communication between vehicles and vehicles,between vehicles and roadside infrastructures have become increasingly prominent.Certificateless aggregate signature protocol is used to address this security issue,but the existing schemes still have many drawbacks in terms of security and efficiency:First,many schemes are not secure,and signatures can be forged by the attacker;Second,even if some scheme are secure,many schemes use a large number of bilinear pairing operation,and the computation overhead is large.At the same time,the length of the aggregated signature also increases linearly with the increase of user numbers,resulting in a large communication overhead.In order to overcome the above challenges,we propose a new certificateless aggregate signature scheme for VANET,and prove the security of the scheme under the random oracle model.The new scheme uses pseudonym to realize the conditional privacy protection of the vehicle’s information.The new scheme does not use bilinear pairing operation,and the calculation efficiency is high.At the same time,the length of the aggregate signature of the new scheme is constant,thereby greatly reducing the communication and storage overhead.The analysis results demonstrate that the new scheme is not only safer,but also superior in performance to the recent related schemes in computation overhead and communication cost.展开更多
Due to the compromise of the security of the underlying system or machine stonng the key, exposure of the private key can be a devastating attack on a cryptosystem. Key insulation is an important technique to protect ...Due to the compromise of the security of the underlying system or machine stonng the key, exposure of the private key can be a devastating attack on a cryptosystem. Key insulation is an important technique to protect private keys. To deal with the private (signing) key exposure problem in identity-based signature systems, we propose an identity-based threshold key-insulated signature (IBTKIS) scheme. It strengthens the security and flexibility of existing identity-based key-insulated signature schemes. Our scheme' s security is proven in the random oracle model and rests on the hardness of the computational Diffie-Helhnan problem in groups equipped with a pairing. To the best of our knowledge, it is the first IBTKIS scheme up to now.展开更多
A Certificateless Aggregate Signature(CLAS) scheme was proposed by Qu and Mu recently, which was published in "Int J. Electronic Security and Digital Forensics, 2018, 10(2)". They used discrete logarithm to ...A Certificateless Aggregate Signature(CLAS) scheme was proposed by Qu and Mu recently, which was published in "Int J. Electronic Security and Digital Forensics, 2018, 10(2)". They used discrete logarithm to ensure the scheme's security. However,we show by formulating an attack that their CLAS scheme cannot defend against Type I adversary. Furthermore, we point out an error that exists in the signature simulation of their security proof.After that we give a correct signature simulation for the security proof. Finally, to resist the Type I attack, we present two methods for improving Qu et al's CLAS scheme. Moreover, the second improving method can elevate the trust level of Qu et al's CLAS scheme to the highest trust level: Level 3.展开更多
Based on decisional Difiie-Hcllman problem, we propose a simpleproxy-protected signature scheme In the random oracle model, we also carry out the strict securityproof for the proposed scheme. The security of the propo...Based on decisional Difiie-Hcllman problem, we propose a simpleproxy-protected signature scheme In the random oracle model, we also carry out the strict securityproof for the proposed scheme. The security of the proposed scheme is not loosely related to thediscrete logarithm assumption hut tightly related to the decisional Diffie-Hellman assumption in therandom oracle model.展开更多
The Internet of Vehicles(IoV)has evolved as an advancement over the conventional Vehicular Ad-hoc Networks(VANETs)in pursuing a more optimal intelligent transportation system that can provide various intelligent solut...The Internet of Vehicles(IoV)has evolved as an advancement over the conventional Vehicular Ad-hoc Networks(VANETs)in pursuing a more optimal intelligent transportation system that can provide various intelligent solutions and enable a variety of applications for vehicular traffic.Massive volumes of data are produced and communicated wirelessly among the different relayed entities in these vehicular networks,which might entice adversaries and endanger the system with a wide range of security attacks.To ensure the security of such a sensitive network,we proposed a distributed authentication mechanism for IoV based on blockchain technology as a distributed ledger with an ouroboros algorithm.Using timestamp and challenge-responsemechanisms,the proposed authentication model can withstand several security attacks such asMan-in-Middle(MiM)attacks,Distributed Denial of Service(DDoS)attacks,server spoofing attacks and more.The proposed method also provides a solution for single-point failure,forward secrecy,revocability,etc.We exhibit the security of our proposed model by using formal(mathematical)analysis and informal analysis.We used Random Oracle Model to perform themathematical analysis.In addition,we compared the communication cost,computation cost,and security of the proposed model with the related existing studies.We have verified the security of the model by using AVISPA tool simulation.The security analysis and computation analysis show that the proposed protocol is viable.展开更多
To solve the key escrow problem of the identity-based cryptosystem, Girault introduced the notion of a self-certified public key, which not only eliminates the need to authenticate a public key but also solves the key...To solve the key escrow problem of the identity-based cryptosystem, Girault introduced the notion of a self-certified public key, which not only eliminates the need to authenticate a public key but also solves the key escrow problerrL This paper proposes a Self-Certified Signature (SCS) scheme with message recovery and two variants without using bilinear pairings: one is the authenticated encryption scheme in which only the designated re- ceiver can verify the signature, and the other is the authenticated encryption scheme with message linkage that deals with large messages. These three SCS schemes are provably secure in the random oracle model and are more efficient than previous schemes .展开更多
The research on the identification scheme is an important and active area in computer and communication security. A series of identification schemes were proposed to improve the efficiency and security of the protocol...The research on the identification scheme is an important and active area in computer and communication security. A series of identification schemes were proposed to improve the efficiency and security of the protocols by various methods. Based on the hardness assumption of the discrete logarithm problem in a gap Diffie-Hellman group and the difficulty of the collusion attack algorithm with k traitors, an efficient identification scheme is presented. Without random oracle models, the proposed scheme is then proved secure against impersonation and reset attacks in both concurrent and reset attack setting. Since the proposed scheme is simple, memory-saving, computation-efficient, and perfectly-secure, it is well suitable for use in smart cards.展开更多
In this paper, an efficient hybrid proxy re-encryption scheme that allows the transformation of the ciphertexts in a traditional public key cryptosystem into the ciphertexts in an identity-based system is proposed. Th...In this paper, an efficient hybrid proxy re-encryption scheme that allows the transformation of the ciphertexts in a traditional public key cryptosystem into the ciphertexts in an identity-based system is proposed. The scheme is non-interactive, unidirectional and collude "safe". Furthermore, it is compatible with current IBE (identity-based encryption) deployments. The scheme has chosen ciphertext security in the random oracle model assuming the hardness of the Decisional Bilinear Diffie-Hellman problem.展开更多
Group signature schemes are fundamental cryptographic tools. A group signature scheme allows members of a group to anonymously sign misuse, the anonymity messages. To counter can be revoked by the group manager. The g...Group signature schemes are fundamental cryptographic tools. A group signature scheme allows members of a group to anonymously sign misuse, the anonymity messages. To counter can be revoked by the group manager. The group joining operation is a critical component of group signature scheme, the framing attack can be prevented by group joining processes. This paper presents an efficient group signature scheme with a simple joining protocol that is based on a "single message and signature response" interaction between the prospective user and the group manager. The security of our group signature is based on the Discrete Logarithm assumption and Decisional Linear Diffie- Hellman assumption. The formal security proof of our scheme is given in the random oracle model. Our scheme is also a very efficient short group signature scheme with efficient concurrent join.展开更多
Strong security in public key cryptography is not enongh; the encryption has to be achieved in an efficient way. OAEP or SAEP is only suitable for special applications (e. g. key transport), and securely transportin...Strong security in public key cryptography is not enongh; the encryption has to be achieved in an efficient way. OAEP or SAEP is only suitable for special applications (e. g. key transport), and securely transporting message of any length is a challenge. Motivated by the hybrid encryption, we present a practical approach to achieve the (adaptively) chosen eiphertext security. The time cost of encryption/decryption of proposed scheme is similar to OAEP and the bandwidth of message recovery is 92% for standard security parameter, while RSA-OAEP is 84%. The scheme is also provably secure against adaptively chosen ciphertext attacks in the random oracle model. We conclude that the approach is practical in more extensive application.展开更多
The introduction of the electronic medical record(EHR)sharing system has made a great contribution to the management and sharing of healthcare data.Considering referral treatment for patients,the original signature ne...The introduction of the electronic medical record(EHR)sharing system has made a great contribution to the management and sharing of healthcare data.Considering referral treatment for patients,the original signature needs to be converted into a re-signature that can be verified by the new organization.Proxy re-signature(PRS)can be applied to this scenario so that authenticity and nonrepudiation can still be insured for data.Unfortunately,the existing PRS schemes cannot realize forward and backward security.Therefore,this paper proposes the first PRS scheme that can provide key-insulated property,which can guarantee both the forward and backward security of the key.Although the leakage of the private key occurs at a certain moment,the forward and backward key will not be attacked.Thus,the purpose of key insulation is implemented.What’s more,it can update different corresponding private keys in infinite time periods without changing the identity information of the user as the public key.Besides,the unforgeability of our scheme is proved based on the extended Computational Diffie-Hellman assumption in the random oracle model.Finally,the experimental simulation demonstrates that our scheme is feasible and in possession of promising properties.展开更多
A group-oriented (t, n) threshold signature scheme employs the cryptographic techniques of secret share, allows any subset of t players out of n players to sign message on behalf of the group and disallows the creat...A group-oriented (t, n) threshold signature scheme employs the cryptographic techniques of secret share, allows any subset of t players out of n players to sign message on behalf of the group and disallows the creation of a valid signature if fewer than t players take part in the signature protocol. In this paper, we proposed a new group-oriented (t, n) threshold signature schemes with traceable signers based on Schnorr signature. The proposed scheme is proved traceable, robust and unforgeable against the "static" adversary with the discrete logarithm assumption in the random oracle model and existence of broadcast channel. The proofs of the strongest security (existential unforgeability against adaptively chosen message attacks under the discrete logarithm assumption) are provided in the random oracle model.展开更多
To tackle the key-exposure problem in signature settings,this paper introduces a new cryptographic primitive named threshold key-insulated signature(TKIS) and proposes a concrete TKIS scheme.For a TKIS system,at least...To tackle the key-exposure problem in signature settings,this paper introduces a new cryptographic primitive named threshold key-insulated signature(TKIS) and proposes a concrete TKIS scheme.For a TKIS system,at least k out of n helpers are needed to update a user's temporary private key.On the one hand,even if up to k 1 helpers are compromised in addition to the exposure of any of temporary private keys,security of the non-exposed periods is still assured.On the other hand,even if all the n helpers are compromised,we can still ensure the security of all periods as long as none of temporary private keys is exposed.Compared with traditional key-insulated signature(KIS) schemes,the proposed TKIS scheme not only greatly enhances the security of the system,but also provides flexibility and efficiency.展开更多
The improved RSA signature scheme can be strictly proved to be equivalent to the factoring problem. In the improved RSA signature scheme, when the public exponent e=1, the scheme becomes the improved Rabin signature. ...The improved RSA signature scheme can be strictly proved to be equivalent to the factoring problem. In the improved RSA signature scheme, when the public exponent e=1, the scheme becomes the improved Rabin signature. Such an improved Rabin signature scheme is reviewed and the techniques from the provable security is applied to analyze its security.展开更多
Quantum algorithms bring great challenges to classical public key cryptosystems, which makes cryptosystems based on non-commutative algebraic systems hop topic. The braid groups, which are non-commutative, have attrac...Quantum algorithms bring great challenges to classical public key cryptosystems, which makes cryptosystems based on non-commutative algebraic systems hop topic. The braid groups, which are non-commutative, have attracted much attention as a new platform for constructing quantum attack-resistant cryptosystems. A ring signature scheme is proposed based on the difficulty of the root extraction problem over braid groups, which can resist existential forgery against the adaptively cho-sen-message attack under the random oracle model.展开更多
As an improtant cryptographic scheme, signcryption scheme has been widely used in applications since it could provide both of signature and encryption. With the development of the certificateless public key cryptograp...As an improtant cryptographic scheme, signcryption scheme has been widely used in applications since it could provide both of signature and encryption. With the development of the certificateless public key cryptography (CLPKC), many certificatelss signcryption (CLSC) schemes using bilinear pairing hve been proposed. Comparated other operations, the bilinear pairing operaion is much more compulicated. Therefore, CLSC scheme without bilinear pairing is more suitable for applications. Recently, Jing et al. proposed a CLSC scheme without bilinear pairing and claimed their scheme is secure against two types of adversaries. In this paper, we will show their scheme provide neither unforgeability property nor confidentiality property. To improve security, we also propose a new CLSC scheme without pairing and demonstrate it is provably secure in the random oracle model.展开更多
A publicly verifiable secret sharing (PVSS) scheme is a verifiable secret sharing scheme with the special property that anyone is able to verify the shares whether they are correctly distributed by a dealer. PVSS pl...A publicly verifiable secret sharing (PVSS) scheme is a verifiable secret sharing scheme with the special property that anyone is able to verify the shares whether they are correctly distributed by a dealer. PVSS plays an important role in many applications such as electronic voting, payment systems with revocable anonymity, and key escrow. Up to now, all PVSS schemes are based on the traditional public-key systems. Recently, the pairing-based cryptography has received much attention from cryp- tographic researchers. Many pairing-based schemes and protocols have been proposed. However, no PVSS scheme using bilinear pairings is proposed. This paper presents the first pairing-based PVSS scheme. In the random oracle model and under the bilinear Diffie-HeUman assumption, the authors prove that the proposed scheme is a secure PVSS scheme.展开更多
基金supported by the National Natural Science Foundation of China (61121061, 90812001, 61272519)
文摘Anonymous proxy signature scheme can provide the privacy protection for the proxy signer. Recently, Yu et al. proposed an anonymous proxy signature, which can be viewed as the organic combination of proxy signature and ring signature. However, the efficiency is low. In this paper, we propose an efficient and secure proxy signature with the properties of anonymity and traceability, and it is provably secure in the random oracle model. Compared with Yu et al.'s scheme, the scheme has higher efficiency.
基金Supported by the National Basic Research Program of China (973 Program) (2007CB311201)the National High-Technology Research and Development Program of China (863 Program) (2006AA01Z427)the National Natural Science Foundation of China (60673073)
文摘This paper focuses on the instantiation of random oracles in public key encryption schemes. A misunderstanding in the former instantiations is pointed out and analyzed. A method of using this primitive as a substitution of random oracles is also proposed. The partial and full instantiations of random oracles in optimal asymmetric encryption padding (OAEP) implemented by pseudorandom functions are described and the resulted schemes are proven to be indistinguishable secure against adaptive chosen ciphertext attack (IND-CCA2) secure. Using this method, one can transform a practical public key encryption scheme secure in the random oracle model into a standard-model secure scheme. The security of the scheme is based on computational assumptions, which is weaker than decisional assumptions used in Cramer- Shoup like schemes.
基金supported partially by the Projects of National Natural Science Foundation of China under Grants No.61272501 the National Key Basic Research Program (NK-BRP)(973 program)under Grant No.2012CB315900 the Specialized Research Fund for the Doctoral Program of Higher Education under Grant No.20091102110004
文摘A Verifiably Encrypted Signature (VES) plays an essential role in the construction of a fair data exchange. The paper proposes an Identity-based Proxy Verifiably Encrypted Signature (IPVES) to combine the advantages of a proxy signature and a VES in order to delegate the signing capability of the VES of an entity called the original signer to another entity, called the proxy signer. In this IPVES scheme, the original signer delegates his/her signing capability to the proxy signer. The proxy signer issues a signature by using a proxy signing key, encrypts the signature under a designated public key, and subsequently convinces a verifier that the resulting ciphertext contains such a signature. We prove that the proposed IPVES scheme is secure in a random oracle model under the computational Diffie-Hellman assumption.
基金This work was supported by the National Science Foundation of China(No.61872448)the Natural Science Basic Research Plan in Shanxi Province of China(No.2018JM6017).
文摘The Vehicular Ad-hoc Network(VANET)is the fundamental of smart transportation system in the future,but the security of the communication between vehicles and vehicles,between vehicles and roadside infrastructures have become increasingly prominent.Certificateless aggregate signature protocol is used to address this security issue,but the existing schemes still have many drawbacks in terms of security and efficiency:First,many schemes are not secure,and signatures can be forged by the attacker;Second,even if some scheme are secure,many schemes use a large number of bilinear pairing operation,and the computation overhead is large.At the same time,the length of the aggregated signature also increases linearly with the increase of user numbers,resulting in a large communication overhead.In order to overcome the above challenges,we propose a new certificateless aggregate signature scheme for VANET,and prove the security of the scheme under the random oracle model.The new scheme uses pseudonym to realize the conditional privacy protection of the vehicle’s information.The new scheme does not use bilinear pairing operation,and the calculation efficiency is high.At the same time,the length of the aggregate signature of the new scheme is constant,thereby greatly reducing the communication and storage overhead.The analysis results demonstrate that the new scheme is not only safer,but also superior in performance to the recent related schemes in computation overhead and communication cost.
基金Supported by the National Natural Science Foundation of China (No. 60970111, 61133014, 60903189, 60903020).
文摘Due to the compromise of the security of the underlying system or machine stonng the key, exposure of the private key can be a devastating attack on a cryptosystem. Key insulation is an important technique to protect private keys. To deal with the private (signing) key exposure problem in identity-based signature systems, we propose an identity-based threshold key-insulated signature (IBTKIS) scheme. It strengthens the security and flexibility of existing identity-based key-insulated signature schemes. Our scheme' s security is proven in the random oracle model and rests on the hardness of the computational Diffie-Helhnan problem in groups equipped with a pairing. To the best of our knowledge, it is the first IBTKIS scheme up to now.
基金Supported by the National Natural Science Foundation of China(61373140,61170246)the Program for Innovative Research Team in Science and Technology in Fujian Province University and 2018 Scientific Research and Innovation Special Project of Putian University(2018ZP11,2018ZP12)+1 种基金the Opening Project of Key Laboratory of Financial Mathematics of Fujian Province University(Putian University)(JR201806)Educational Research Projects of Young and Middle-aged Teachers in Fujian Education Department(JT180487)。
文摘A Certificateless Aggregate Signature(CLAS) scheme was proposed by Qu and Mu recently, which was published in "Int J. Electronic Security and Digital Forensics, 2018, 10(2)". They used discrete logarithm to ensure the scheme's security. However,we show by formulating an attack that their CLAS scheme cannot defend against Type I adversary. Furthermore, we point out an error that exists in the signature simulation of their security proof.After that we give a correct signature simulation for the security proof. Finally, to resist the Type I attack, we present two methods for improving Qu et al's CLAS scheme. Moreover, the second improving method can elevate the trust level of Qu et al's CLAS scheme to the highest trust level: Level 3.
文摘Based on decisional Difiie-Hcllman problem, we propose a simpleproxy-protected signature scheme In the random oracle model, we also carry out the strict securityproof for the proposed scheme. The security of the proposed scheme is not loosely related to thediscrete logarithm assumption hut tightly related to the decisional Diffie-Hellman assumption in therandom oracle model.
基金This work was supported by the Ministry of Science and Technology of Taiwan,R.O.C.,under Grant MOST 110-2622-E-468-002 and 110-2218-E-468-001-MBK.
文摘The Internet of Vehicles(IoV)has evolved as an advancement over the conventional Vehicular Ad-hoc Networks(VANETs)in pursuing a more optimal intelligent transportation system that can provide various intelligent solutions and enable a variety of applications for vehicular traffic.Massive volumes of data are produced and communicated wirelessly among the different relayed entities in these vehicular networks,which might entice adversaries and endanger the system with a wide range of security attacks.To ensure the security of such a sensitive network,we proposed a distributed authentication mechanism for IoV based on blockchain technology as a distributed ledger with an ouroboros algorithm.Using timestamp and challenge-responsemechanisms,the proposed authentication model can withstand several security attacks such asMan-in-Middle(MiM)attacks,Distributed Denial of Service(DDoS)attacks,server spoofing attacks and more.The proposed method also provides a solution for single-point failure,forward secrecy,revocability,etc.We exhibit the security of our proposed model by using formal(mathematical)analysis and informal analysis.We used Random Oracle Model to perform themathematical analysis.In addition,we compared the communication cost,computation cost,and security of the proposed model with the related existing studies.We have verified the security of the model by using AVISPA tool simulation.The security analysis and computation analysis show that the proposed protocol is viable.
基金This research was supported partially by the National Natural Science Foundation of China under Grants No. 61103247, No. 6110209 the Natural Science Foundation of Fujian Province under Grant No. 2011J05147+1 种基金 the Research Foundation of Education Bureau of Fujian Province under Grant No. JBll017 the Foundation for Excellent Young Teachers of Fujian Normal University under Grant No. fjsdjk2012049.
文摘To solve the key escrow problem of the identity-based cryptosystem, Girault introduced the notion of a self-certified public key, which not only eliminates the need to authenticate a public key but also solves the key escrow problerrL This paper proposes a Self-Certified Signature (SCS) scheme with message recovery and two variants without using bilinear pairings: one is the authenticated encryption scheme in which only the designated re- ceiver can verify the signature, and the other is the authenticated encryption scheme with message linkage that deals with large messages. These three SCS schemes are provably secure in the random oracle model and are more efficient than previous schemes .
基金supported by the National Natural Science Foundation of China (60803151)the Major Joint Research Foundation of NSFC and Guangdong Province (U0835004).
文摘The research on the identification scheme is an important and active area in computer and communication security. A series of identification schemes were proposed to improve the efficiency and security of the protocols by various methods. Based on the hardness assumption of the discrete logarithm problem in a gap Diffie-Hellman group and the difficulty of the collusion attack algorithm with k traitors, an efficient identification scheme is presented. Without random oracle models, the proposed scheme is then proved secure against impersonation and reset attacks in both concurrent and reset attack setting. Since the proposed scheme is simple, memory-saving, computation-efficient, and perfectly-secure, it is well suitable for use in smart cards.
基金Supported by the National Natural Science Foundation of China (60673070)the Natural Science Foundation of Jiangsu Province, China (BK2006217)
文摘In this paper, an efficient hybrid proxy re-encryption scheme that allows the transformation of the ciphertexts in a traditional public key cryptosystem into the ciphertexts in an identity-based system is proposed. The scheme is non-interactive, unidirectional and collude "safe". Furthermore, it is compatible with current IBE (identity-based encryption) deployments. The scheme has chosen ciphertext security in the random oracle model assuming the hardness of the Decisional Bilinear Diffie-Hellman problem.
基金This paper is supported by the National Natural Science Foundation of China under Grant No. 61072140, 61373171 the Program of Introducing Talents of Discipline to Universities NO. B08038 the Specialized Research Fund for the Doctoral Program of Higher Education No. 20100203110003.
文摘Group signature schemes are fundamental cryptographic tools. A group signature scheme allows members of a group to anonymously sign misuse, the anonymity messages. To counter can be revoked by the group manager. The group joining operation is a critical component of group signature scheme, the framing attack can be prevented by group joining processes. This paper presents an efficient group signature scheme with a simple joining protocol that is based on a "single message and signature response" interaction between the prospective user and the group manager. The security of our group signature is based on the Discrete Logarithm assumption and Decisional Linear Diffie- Hellman assumption. The formal security proof of our scheme is given in the random oracle model. Our scheme is also a very efficient short group signature scheme with efficient concurrent join.
基金Supported by the National Natural Science Foun-dation of China (60403027)
文摘Strong security in public key cryptography is not enongh; the encryption has to be achieved in an efficient way. OAEP or SAEP is only suitable for special applications (e. g. key transport), and securely transporting message of any length is a challenge. Motivated by the hybrid encryption, we present a practical approach to achieve the (adaptively) chosen eiphertext security. The time cost of encryption/decryption of proposed scheme is similar to OAEP and the bandwidth of message recovery is 92% for standard security parameter, while RSA-OAEP is 84%. The scheme is also provably secure against adaptively chosen ciphertext attacks in the random oracle model. We conclude that the approach is practical in more extensive application.
基金supported by the Network and Data Security Key Laboratory of Sichuan Province under the Grant No.NDS2021-2in part by Science and Technology Project of Educational Commission of Jiangxi Province under the Grant No.GJJ190464in part by National Natural Science Foundation of China under the Grant No.71661012.
文摘The introduction of the electronic medical record(EHR)sharing system has made a great contribution to the management and sharing of healthcare data.Considering referral treatment for patients,the original signature needs to be converted into a re-signature that can be verified by the new organization.Proxy re-signature(PRS)can be applied to this scenario so that authenticity and nonrepudiation can still be insured for data.Unfortunately,the existing PRS schemes cannot realize forward and backward security.Therefore,this paper proposes the first PRS scheme that can provide key-insulated property,which can guarantee both the forward and backward security of the key.Although the leakage of the private key occurs at a certain moment,the forward and backward key will not be attacked.Thus,the purpose of key insulation is implemented.What’s more,it can update different corresponding private keys in infinite time periods without changing the identity information of the user as the public key.Besides,the unforgeability of our scheme is proved based on the extended Computational Diffie-Hellman assumption in the random oracle model.Finally,the experimental simulation demonstrates that our scheme is feasible and in possession of promising properties.
基金Supported by the National Natural Science Foundation of China (10701040)National Key Technology Research and Development Pro-gram of China (2006BAJ05A01)the Scientific Research Fund of Jiangxi Provincial Education Department, China (273)
文摘A group-oriented (t, n) threshold signature scheme employs the cryptographic techniques of secret share, allows any subset of t players out of n players to sign message on behalf of the group and disallows the creation of a valid signature if fewer than t players take part in the signature protocol. In this paper, we proposed a new group-oriented (t, n) threshold signature schemes with traceable signers based on Schnorr signature. The proposed scheme is proved traceable, robust and unforgeable against the "static" adversary with the discrete logarithm assumption in the random oracle model and existence of broadcast channel. The proofs of the strongest security (existential unforgeability against adaptively chosen message attacks under the discrete logarithm assumption) are provided in the random oracle model.
基金the National Natural Science Foundation of China (Nos.60970111,60903189 and 60903020)the National High Technology Research and Development Program (863) of China (No.2009AA01Z418)the National Basic Research Program (973) of China(No.2007CB311201)
文摘To tackle the key-exposure problem in signature settings,this paper introduces a new cryptographic primitive named threshold key-insulated signature(TKIS) and proposes a concrete TKIS scheme.For a TKIS system,at least k out of n helpers are needed to update a user's temporary private key.On the one hand,even if up to k 1 helpers are compromised in addition to the exposure of any of temporary private keys,security of the non-exposed periods is still assured.On the other hand,even if all the n helpers are compromised,we can still ensure the security of all periods as long as none of temporary private keys is exposed.Compared with traditional key-insulated signature(KIS) schemes,the proposed TKIS scheme not only greatly enhances the security of the system,but also provides flexibility and efficiency.
文摘The improved RSA signature scheme can be strictly proved to be equivalent to the factoring problem. In the improved RSA signature scheme, when the public exponent e=1, the scheme becomes the improved Rabin signature. Such an improved Rabin signature scheme is reviewed and the techniques from the provable security is applied to analyze its security.
基金Supported by the National Natural Science Foundation of China (No. 10501053)
文摘Quantum algorithms bring great challenges to classical public key cryptosystems, which makes cryptosystems based on non-commutative algebraic systems hop topic. The braid groups, which are non-commutative, have attracted much attention as a new platform for constructing quantum attack-resistant cryptosystems. A ring signature scheme is proposed based on the difficulty of the root extraction problem over braid groups, which can resist existential forgery against the adaptively cho-sen-message attack under the random oracle model.
基金This research was supported by the National Natural Science Foundation of China (Grant No. 61202447), Natural Science Foundation of Hebei Province of China (F2013501066), Northeastern University at Qinhuangdao Science and Technology Support Program (xnk201307).
文摘As an improtant cryptographic scheme, signcryption scheme has been widely used in applications since it could provide both of signature and encryption. With the development of the certificateless public key cryptography (CLPKC), many certificatelss signcryption (CLSC) schemes using bilinear pairing hve been proposed. Comparated other operations, the bilinear pairing operaion is much more compulicated. Therefore, CLSC scheme without bilinear pairing is more suitable for applications. Recently, Jing et al. proposed a CLSC scheme without bilinear pairing and claimed their scheme is secure against two types of adversaries. In this paper, we will show their scheme provide neither unforgeability property nor confidentiality property. To improve security, we also propose a new CLSC scheme without pairing and demonstrate it is provably secure in the random oracle model.
文摘A publicly verifiable secret sharing (PVSS) scheme is a verifiable secret sharing scheme with the special property that anyone is able to verify the shares whether they are correctly distributed by a dealer. PVSS plays an important role in many applications such as electronic voting, payment systems with revocable anonymity, and key escrow. Up to now, all PVSS schemes are based on the traditional public-key systems. Recently, the pairing-based cryptography has received much attention from cryp- tographic researchers. Many pairing-based schemes and protocols have been proposed. However, no PVSS scheme using bilinear pairings is proposed. This paper presents the first pairing-based PVSS scheme. In the random oracle model and under the bilinear Diffie-HeUman assumption, the authors prove that the proposed scheme is a secure PVSS scheme.
