In a strong designated verifier proxy signature scheme, a proxy signer can generate proxy signature on behalf of an original signer, but only the designated verifier can verify the validity of the proxy signature. In ...In a strong designated verifier proxy signature scheme, a proxy signer can generate proxy signature on behalf of an original signer, but only the designated verifier can verify the validity of the proxy signature. In this paper, we first define the security requirements for strong designated verifier proxy signature schemes. And then we construct an identity-based strong designated verifier proxy signature scheme. We argue that the proposed scheme satisfies all of the security requirements.展开更多
In this paper, we present an improved identity-based society oriented signature scheme with anonymous signers, which satisfies: (1) when members leave or join an organization, the public verification key and the si...In this paper, we present an improved identity-based society oriented signature scheme with anonymous signers, which satisfies: (1) when members leave or join an organization, the public verification key and the signature verification procedure are unchanged; (2) a user participates in several organizations at the same time, her secret key is only related with her identity. However, no previous schemes have these two properties.展开更多
Fair exchange of digital signatures is an important tool for signing digital contracts, e-payment and other electronic commerce actions. An ID-based scheme of fair exchange of digital signature is proposed in this pap...Fair exchange of digital signatures is an important tool for signing digital contracts, e-payment and other electronic commerce actions. An ID-based scheme of fair exchange of digital signature is proposed in this paper. The protocol relies on a trusted third party, but is "optimistic", in that the third party is only needed in cases where one player attempts to cheat or simply crashes. The proposed scheme has properties of short signature, low computation and verification cost. It can realize exchange of digital signatures fairly and effic, iently. A key feature of our scheme is that it is identity-based, which needs no certificates and has a simple key management. To our best knowledge, this is the first identity based scheme of fair exchange of digital signatures.展开更多
In 2006, Bao et al proposed an identlty-based threshold proxy signature scheme with known signers. In this paper, we show that Bao et al's scheme is vulnerable to the forgery attack. An adversary can forge a valid th...In 2006, Bao et al proposed an identlty-based threshold proxy signature scheme with known signers. In this paper, we show that Bao et al's scheme is vulnerable to the forgery attack. An adversary can forge a valid threshold proxy signature for any message with knowing a previously valid threshold proxy signature. In addition, their scheme also suffers from the weakness that the proxy signers might change the threshold value. That is, the proxy signers can arbitrarily modify the threshold strategy without being detected by the original signer or verifiers, which might violate the original signer's intent. Furthermore, we propose an improved scheme that remedies the weaknesses of Bao et al's scheme. The improved scheme satisfies all secure requirements for threshold proxy signature.展开更多
In a proxy blind signature scheme, the proxy signer is allowed to generate a blind signature on behalf of the original signer. The proxy blind signature scheme is useful in several applications such as e-voting and e-...In a proxy blind signature scheme, the proxy signer is allowed to generate a blind signature on behalf of the original signer. The proxy blind signature scheme is useful in several applications such as e-voting and e-payment. In this paper, we propose an identity-based proxy blind signature scheme which combines the advantages of proxy signature and of blind signature. Our scheme fulfills peffecdy the security requirements of a proxy blind signature. Comparing the previous scheme, our scheme needs less computational overhead and is more efficient.展开更多
ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we...ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we prove that our new scheme is secure against existential delegation forgery with the assumption that Hess's scheme-1 is existential unforgeable, and that our new scheme is secure against existential proxy multi-signature forgery under the hardness assumption of the computational Diffie-Hellman problem.展开更多
Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or ...Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or acquired optimized performance. To achieve the goals of both proven security and high efficiency, this paper proposed an efficient identity-based proxy signature scheme. The scheme is constructed from bilinear pairing and proved secure in the random oracle model, using the oracle replay attack technique introduced by Pointchval and Stern. The analysis shows that the scheme needs less computation costs and has a shorter signature than the other schemes.展开更多
Without the assumption that the private keys are kept secure perfectly, cryptographic primitives cannot be deployed in the insecure environments where the key leakage is inevitable. In order to reduce the damage cause...Without the assumption that the private keys are kept secure perfectly, cryptographic primitives cannot be deployed in the insecure environments where the key leakage is inevitable. In order to reduce the damage caused by the key exposure in the identity-based(ID-based) signature scenarios efficiently, we propose an ID-based key-insulated signature scheme in this paper, which eliminates the expensive bilinear pairing operations. Compared with the previous work, our scheme minimizes the computation cost without any extra cost. Under the discrete logarithm(DL) assumption, a security proof of our scheme in the random oracle model has also been given.展开更多
In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this pape...In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature (ID-PMS) schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.展开更多
Key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest private key generator (PKG) can forge the signature of any user, meanwhile, the user can deny the signature actually si...Key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest private key generator (PKG) can forge the signature of any user, meanwhile, the user can deny the signature actually signed by him/herself. To avoid the keyescrow problem, an ID-based signature scheme was presented without trusted PKG. The exact proof of security was presented to demonstrate that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other signature schemes, the proposed scheme is more efficient.展开更多
As the promising next-generation power grid,the smart grid has developed rapidly in recent years.The smart grid enables energy to be stored and delivered more efficiently and safely,but user data’s integrity protecti...As the promising next-generation power grid,the smart grid has developed rapidly in recent years.The smart grid enables energy to be stored and delivered more efficiently and safely,but user data’s integrity protection has been an important security issue in the smart grid.Although lots of digital signature protocols for the smart grid have been proposed to resolve this problem,they are vulnerable to quantum attacks.To deal with this problem,an efficient identity-based signature protocol on lattices is proposed in this paper.To improve our protocol’s efficiency,the tree of commitments is utilized.Moreover,a detailed performance evaluation of the proposed protocol is made.The performance analysis demonstrates that the potential utility of our protocol in the smart grid is huge.展开更多
Proxy signatures have been used to enable the transfer of digital signing power within some context and ring signatures can be used to provide the anonymity of a signer. By combining the functionalities of proxy signa...Proxy signatures have been used to enable the transfer of digital signing power within some context and ring signatures can be used to provide the anonymity of a signer. By combining the functionalities of proxy signatures and ring signatures, this paper introduces a new concept, named ring proxy signature, which is a proxy signature generated by an anonymous member from a set of potential signers. The paper also constructs the first concrete ring proxy signature scheme based on the provably secure Schnorr's signatures and two ID-based ring proxy signature schemes. The security analysis is provided as well.展开更多
Distributed Denial of Service (DDoS) attacks are performed from multiple agents towards a single victim. Essentially, all attacking agents generate multiple packets towards the victim to overwhelm it with requests, th...Distributed Denial of Service (DDoS) attacks are performed from multiple agents towards a single victim. Essentially, all attacking agents generate multiple packets towards the victim to overwhelm it with requests, thereby overloading the resources of the victim. Since it is very complex and expensive to conduct a real DDoS attack, most organizations and researchers result in using simulations to mimic an actual attack. The researchers come up with diverse algorithms and mechanisms for attack detection and prevention. Further, simulation is good practice for determining the efficacy of an intrusive detective measure against DDoS attacks. However, some mechanisms are ineffective and thus not applied in real life attacks. Nowadays, DDoS attack has become more complex and modern for most IDS to detect. Adjustable and configurable traffic generator is becoming more and more important. This paper first details the available datasets that scholars use for DDoS attack detection. The paper further depicts the a few tools that exist freely and commercially for use in the simulation programs of DDoS attacks. In addition, a traffic generator for normal and different types of DDoS attack has been developed. The aim of the paper is to simulate a cloud environment by OMNET++ simulation tool, with different DDoS attack types. Generation normal and attack traffic can be useful to evaluate developing IDS for DDoS attacks detection. Moreover, the result traffic can be useful to test an effective algorithm, techniques and procedures of DDoS attacks.展开更多
An“Intrusion Detection System”(IDS)is a security measure designed to perceive and be aware of unauthorized access or malicious activity on a computer system or network.Signature-based IDSs employ an attack signature...An“Intrusion Detection System”(IDS)is a security measure designed to perceive and be aware of unauthorized access or malicious activity on a computer system or network.Signature-based IDSs employ an attack signature database to identify intrusions.This indicates that the system can only identify known attacks and cannot identify brand-new or unidentified assaults.In Wireless 6G IoT networks,signature-based IDSs can be useful to detect a wide range of known attacks such as viruses,worms,and Trojans.However,these networks have specific requirements and constraints,such as the need for real-time detection and low-power operation.To meet these requirements,the IDS algorithm should be designed to be efficient in terms of resource usage and should include a mechanism for updating the attack signatures to keep up with evolving threats.This paper provides a solution for a signature-based intrusion detection system in wireless 6G IoT Networks,in which three different algorithms were used and implemented by using python and JavaScript programming languages and an accuracy of 98.9%is achieved.展开更多
Restrictive partially blind signatures incorporate the advantages of restrictive blind signatures and partially blind signatures, which play an important role in electronic commerce. Recently, Chen-Zhang-Liu first pro...Restrictive partially blind signatures incorporate the advantages of restrictive blind signatures and partially blind signatures, which play an important role in electronic commerce. Recently, Chen-Zhang-Liu first proposed an ID-based restrictive partially blind (IRPB) signature from bilinear pairings. Later, Hu-Huang showed that the Chen-Zhang-Liu’s scheme has a security weakness, and pointed out that their scheme does not satisfy the property of restrictiveness as they claimed. In this paper, we improve Chen-Zhang-Liu’s scheme and propose a new signature scheme from bilinear pairings. The improved scheme can resist the Hu-Huang’s attack.展开更多
Proxy signature schemes allow an original signer to delegate his signing rights to a proxy signer. However, many proxy signature schemes have the defect which is the inability to solve the proxy revocation problem. In...Proxy signature schemes allow an original signer to delegate his signing rights to a proxy signer. However, many proxy signature schemes have the defect which is the inability to solve the proxy revocation problem. In this article, we firstly propose an identity-based threshold signature scheme and show that it has the properties of unforgeability and robustness. In our threshold signature scheme, we adopt such a method that the private key associated with an identity rather than the master key is shared. Then, based on the threshold signature scheme, an identity-based mediated proxy signature scheme is proposed where a security mediator (SEM) is introduced to help a proxy signer to generate valid proxy signatures, examine whether a proxy signer signs according to the warrant, and check the revocation of a proxy signer. It is shown that the proposed scheme satisfies all the security requirements of a secure proxy signature. Moreover, a proxy signer must cooperate with the SEM to generate a valid proxy signature, which makes the new scheme have an effective and fast proxy revocation.展开更多
With the rapid development of electronic information technology,digital signature has become an indispensable part of our lives.Traditional public key certificate cryptosystems cannot overcome the limitations of certi...With the rapid development of electronic information technology,digital signature has become an indispensable part of our lives.Traditional public key certificate cryptosystems cannot overcome the limitations of certificate management.Identity-based cryptosystems can avoid the certificate management issues.The development of quantum computers has brought serious challenges to traditional cryptography.Post-quantum cryptography research is imperative.At present,almost all post-quantum identity-based signature(IBS)schemes are constructed using Gaussian sampling or trapdoor technologies.However,these two technologies have a great impact on computational efficiency.To overcome this problem,we construct an IBS scheme on lattices by employing Lyubashevsky’s signature scheme.Based on the shortest vector problem on lattices,our scheme does not use Gaussian sampling or trapdoor technologies.In the random oracle model,it is proved that our scheme is strongly unforgeable against adaptive chosen messages and identity attacks.The security level of our scheme is strongly unforgeable,which is a higher level than the existential unforgeability of other schemes.Compared with other efficient schemes,our scheme has advantages in computation complexity and security.展开更多
Hierarchical identity-based signature (HIBS) has wide applications in the large network. However,the existing works cannot solve the trade-off between the security and efficiency. The main challenge at present is to...Hierarchical identity-based signature (HIBS) has wide applications in the large network. However,the existing works cannot solve the trade-off between the security and efficiency. The main challenge at present is to construct a high efficient and strong secure HIBS with a low computation cost. In this paper,a new construction of HIBS scheme is proposed. The new scheme achieves the adaptive security which is a strong security in the identity-based cryptography. But our scheme has short public parameters and the private keys size shrinks as the hierarchy depth increases. The signature size is a constant and the cost of verification only requires four bilinear pairings,which are independent of hierarchy depth. Furthermore,under the q-strong computational diffie-Hellman problem (q-SDH) assumption,the scheme is provably secure against existential forgery for adaptive chosen message and identity attack in the standard model.展开更多
Identity-based (ID-based) cryptography has drawn great concerns in recent years, and most of ID-based schemes are constructed from bilinear parings. Therefore, ID-based scheme without pairing is of great interest in...Identity-based (ID-based) cryptography has drawn great concerns in recent years, and most of ID-based schemes are constructed from bilinear parings. Therefore, ID-based scheme without pairing is of great interest in the field of cryptography. Up to now, there still remains a challenge to construct ID-based signature scheme from quadratic residues. Thus, we aim to meet this challenge by proposing a concrete scheme. In this paper, we first introduce the technique of how to calculate a 2^lth root of a quadratic residue, and then give a concrete ID-based signature scheme using such technique. We also prove that our scheme is chosen message and ID secure in the random oracle model, assuming the hardness of factoring.展开更多
Blind signature allows a user to get a signature of a signer on an arbitrary message,and the verifier can convince that the signature is indeed signed by the signer without leaking any information about the message.Th...Blind signature allows a user to get a signature of a signer on an arbitrary message,and the verifier can convince that the signature is indeed signed by the signer without leaking any information about the message.This property is necessary when the user’s privacy needs protection,such as a bank bill,a trade secret,etc.As an alternative of public key infrastructure,the identity-based system can simplify the key management procedures in certificate-based public key systems.Inspired by the requirement of identity-based blind signature in the post quantum world,we research on identity-based blind signature based on hard lattice problems under the random Oracle model.We propose a construction built upon the blind signature by Rückert,and it is proved to be one-more unforgeable against selective identity and chosen message attacks(s ID-CMA)and unconditionally blind.The proposed scheme has 2 moves,and its security can be reduced to the small integer solution(SIS)problem.展开更多
基金Supported by the National Natural Science Foun-dation of Chinafor Distinguished Young Scholars(60225007) the Na-tional Research Fundfor the Doctoral Programof Higher Education ofChina(20020248024) the Science and Technology Research Pro-ject of Shanghai (04DZ07067)
文摘In a strong designated verifier proxy signature scheme, a proxy signer can generate proxy signature on behalf of an original signer, but only the designated verifier can verify the validity of the proxy signature. In this paper, we first define the security requirements for strong designated verifier proxy signature schemes. And then we construct an identity-based strong designated verifier proxy signature scheme. We argue that the proposed scheme satisfies all of the security requirements.
基金Supported by the National Natural Science Foundation of China (90604034, 10371127)
文摘In this paper, we present an improved identity-based society oriented signature scheme with anonymous signers, which satisfies: (1) when members leave or join an organization, the public verification key and the signature verification procedure are unchanged; (2) a user participates in several organizations at the same time, her secret key is only related with her identity. However, no previous schemes have these two properties.
基金Supported by the National Natural Science Foun-dation of China (60372046 ,60573043)
文摘Fair exchange of digital signatures is an important tool for signing digital contracts, e-payment and other electronic commerce actions. An ID-based scheme of fair exchange of digital signature is proposed in this paper. The protocol relies on a trusted third party, but is "optimistic", in that the third party is only needed in cases where one player attempts to cheat or simply crashes. The proposed scheme has properties of short signature, low computation and verification cost. It can realize exchange of digital signatures fairly and effic, iently. A key feature of our scheme is that it is identity-based, which needs no certificates and has a simple key management. To our best knowledge, this is the first identity based scheme of fair exchange of digital signatures.
基金Supported by the National Natural Science Foun-dation of China (60473029)
文摘In 2006, Bao et al proposed an identlty-based threshold proxy signature scheme with known signers. In this paper, we show that Bao et al's scheme is vulnerable to the forgery attack. An adversary can forge a valid threshold proxy signature for any message with knowing a previously valid threshold proxy signature. In addition, their scheme also suffers from the weakness that the proxy signers might change the threshold value. That is, the proxy signers can arbitrarily modify the threshold strategy without being detected by the original signer or verifiers, which might violate the original signer's intent. Furthermore, we propose an improved scheme that remedies the weaknesses of Bao et al's scheme. The improved scheme satisfies all secure requirements for threshold proxy signature.
基金Supported by the Major Research Plan of the National Natural Science Foundation of China(90604023), the National Natural Science Foundation of China (60373059) and the National Research Foundation for the Doctoral Program of Higher Education of China(20040013007)
文摘In a proxy blind signature scheme, the proxy signer is allowed to generate a blind signature on behalf of the original signer. The proxy blind signature scheme is useful in several applications such as e-voting and e-payment. In this paper, we propose an identity-based proxy blind signature scheme which combines the advantages of proxy signature and of blind signature. Our scheme fulfills peffecdy the security requirements of a proxy blind signature. Comparing the previous scheme, our scheme needs less computational overhead and is more efficient.
基金Supported bythe National Key Basic Research andDevelopment Program (973 Program G1999035804),the NationalNatural Science Foundation of China (90204015 ,60473021) and theElitist Youth Foundation of Henan Province (021201400)
文摘ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we prove that our new scheme is secure against existential delegation forgery with the assumption that Hess's scheme-1 is existential unforgeable, and that our new scheme is secure against existential proxy multi-signature forgery under the hardness assumption of the computational Diffie-Hellman problem.
基金National Natural Science Foundation of Chi-na for Distinguished Young Scholars (No.60225007)National Research Fund for theDoctoral Program of Higher Education ofChina (No.20020248024)Grant-in-Aid forScientific Research(C) (No.14540100)
文摘Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or acquired optimized performance. To achieve the goals of both proven security and high efficiency, this paper proposed an efficient identity-based proxy signature scheme. The scheme is constructed from bilinear pairing and proved secure in the random oracle model, using the oracle replay attack technique introduced by Pointchval and Stern. The analysis shows that the scheme needs less computation costs and has a shorter signature than the other schemes.
基金supported by the National Natural Science Foundation of China under Grant No.61003230,No.61370026,No.61103206,and No.61300191Chongqing Key Lab of Computer Network and Communication Technology under Grant No.CY-CNCL-2012-02
文摘Without the assumption that the private keys are kept secure perfectly, cryptographic primitives cannot be deployed in the insecure environments where the key leakage is inevitable. In order to reduce the damage caused by the key exposure in the identity-based(ID-based) signature scenarios efficiently, we propose an ID-based key-insulated signature scheme in this paper, which eliminates the expensive bilinear pairing operations. Compared with the previous work, our scheme minimizes the computation cost without any extra cost. Under the discrete logarithm(DL) assumption, a security proof of our scheme in the random oracle model has also been given.
基金Supported by the National Natural Science Foundation of China (60473021) and the Science Foundation of Henan Province (0511010900)
文摘In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature (ID-PMS) schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.
文摘Key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest private key generator (PKG) can forge the signature of any user, meanwhile, the user can deny the signature actually signed by him/herself. To avoid the keyescrow problem, an ID-based signature scheme was presented without trusted PKG. The exact proof of security was presented to demonstrate that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other signature schemes, the proposed scheme is more efficient.
基金supported by Science and Technology project of State Grid Customer Service Center(SGKF0000DFQT2200030)。
文摘As the promising next-generation power grid,the smart grid has developed rapidly in recent years.The smart grid enables energy to be stored and delivered more efficiently and safely,but user data’s integrity protection has been an important security issue in the smart grid.Although lots of digital signature protocols for the smart grid have been proposed to resolve this problem,they are vulnerable to quantum attacks.To deal with this problem,an efficient identity-based signature protocol on lattices is proposed in this paper.To improve our protocol’s efficiency,the tree of commitments is utilized.Moreover,a detailed performance evaluation of the proposed protocol is made.The performance analysis demonstrates that the potential utility of our protocol in the smart grid is huge.
基金Supported by the National Natural Science Foundation of China (No. 60403007, No. 60503006, No. 60572059)the Natural Science Foundation of Guangdong Province, China (No.05300706).
文摘Proxy signatures have been used to enable the transfer of digital signing power within some context and ring signatures can be used to provide the anonymity of a signer. By combining the functionalities of proxy signatures and ring signatures, this paper introduces a new concept, named ring proxy signature, which is a proxy signature generated by an anonymous member from a set of potential signers. The paper also constructs the first concrete ring proxy signature scheme based on the provably secure Schnorr's signatures and two ID-based ring proxy signature schemes. The security analysis is provided as well.
文摘Distributed Denial of Service (DDoS) attacks are performed from multiple agents towards a single victim. Essentially, all attacking agents generate multiple packets towards the victim to overwhelm it with requests, thereby overloading the resources of the victim. Since it is very complex and expensive to conduct a real DDoS attack, most organizations and researchers result in using simulations to mimic an actual attack. The researchers come up with diverse algorithms and mechanisms for attack detection and prevention. Further, simulation is good practice for determining the efficacy of an intrusive detective measure against DDoS attacks. However, some mechanisms are ineffective and thus not applied in real life attacks. Nowadays, DDoS attack has become more complex and modern for most IDS to detect. Adjustable and configurable traffic generator is becoming more and more important. This paper first details the available datasets that scholars use for DDoS attack detection. The paper further depicts the a few tools that exist freely and commercially for use in the simulation programs of DDoS attacks. In addition, a traffic generator for normal and different types of DDoS attack has been developed. The aim of the paper is to simulate a cloud environment by OMNET++ simulation tool, with different DDoS attack types. Generation normal and attack traffic can be useful to evaluate developing IDS for DDoS attacks detection. Moreover, the result traffic can be useful to test an effective algorithm, techniques and procedures of DDoS attacks.
文摘An“Intrusion Detection System”(IDS)is a security measure designed to perceive and be aware of unauthorized access or malicious activity on a computer system or network.Signature-based IDSs employ an attack signature database to identify intrusions.This indicates that the system can only identify known attacks and cannot identify brand-new or unidentified assaults.In Wireless 6G IoT networks,signature-based IDSs can be useful to detect a wide range of known attacks such as viruses,worms,and Trojans.However,these networks have specific requirements and constraints,such as the need for real-time detection and low-power operation.To meet these requirements,the IDS algorithm should be designed to be efficient in terms of resource usage and should include a mechanism for updating the attack signatures to keep up with evolving threats.This paper provides a solution for a signature-based intrusion detection system in wireless 6G IoT Networks,in which three different algorithms were used and implemented by using python and JavaScript programming languages and an accuracy of 98.9%is achieved.
文摘Restrictive partially blind signatures incorporate the advantages of restrictive blind signatures and partially blind signatures, which play an important role in electronic commerce. Recently, Chen-Zhang-Liu first proposed an ID-based restrictive partially blind (IRPB) signature from bilinear pairings. Later, Hu-Huang showed that the Chen-Zhang-Liu’s scheme has a security weakness, and pointed out that their scheme does not satisfy the property of restrictiveness as they claimed. In this paper, we improve Chen-Zhang-Liu’s scheme and propose a new signature scheme from bilinear pairings. The improved scheme can resist the Hu-Huang’s attack.
基金the National Natural Science Foundation of China (60573043, 60372046).
文摘Proxy signature schemes allow an original signer to delegate his signing rights to a proxy signer. However, many proxy signature schemes have the defect which is the inability to solve the proxy revocation problem. In this article, we firstly propose an identity-based threshold signature scheme and show that it has the properties of unforgeability and robustness. In our threshold signature scheme, we adopt such a method that the private key associated with an identity rather than the master key is shared. Then, based on the threshold signature scheme, an identity-based mediated proxy signature scheme is proposed where a security mediator (SEM) is introduced to help a proxy signer to generate valid proxy signatures, examine whether a proxy signer signs according to the warrant, and check the revocation of a proxy signer. It is shown that the proposed scheme satisfies all the security requirements of a secure proxy signature. Moreover, a proxy signer must cooperate with the SEM to generate a valid proxy signature, which makes the new scheme have an effective and fast proxy revocation.
基金Project supported by the National Natural Science Foundation of China(Nos.61672412 and 61972457)the National Cryptography Development Fund of China(No.MMJJ20170104)the Young and Middle-Aged Teacher Education Research Project of Fujian Province,China(Nos.JT180308 and JAT190372)。
文摘With the rapid development of electronic information technology,digital signature has become an indispensable part of our lives.Traditional public key certificate cryptosystems cannot overcome the limitations of certificate management.Identity-based cryptosystems can avoid the certificate management issues.The development of quantum computers has brought serious challenges to traditional cryptography.Post-quantum cryptography research is imperative.At present,almost all post-quantum identity-based signature(IBS)schemes are constructed using Gaussian sampling or trapdoor technologies.However,these two technologies have a great impact on computational efficiency.To overcome this problem,we construct an IBS scheme on lattices by employing Lyubashevsky’s signature scheme.Based on the shortest vector problem on lattices,our scheme does not use Gaussian sampling or trapdoor technologies.In the random oracle model,it is proved that our scheme is strongly unforgeable against adaptive chosen messages and identity attacks.The security level of our scheme is strongly unforgeable,which is a higher level than the existential unforgeability of other schemes.Compared with other efficient schemes,our scheme has advantages in computation complexity and security.
基金supported by the National Natural Science Foundation of China (60970119, 60803149)the National Basic Research Program of China (2007CB311201)the Fundamental Research Funds for the Central Universities
文摘Hierarchical identity-based signature (HIBS) has wide applications in the large network. However,the existing works cannot solve the trade-off between the security and efficiency. The main challenge at present is to construct a high efficient and strong secure HIBS with a low computation cost. In this paper,a new construction of HIBS scheme is proposed. The new scheme achieves the adaptive security which is a strong security in the identity-based cryptography. But our scheme has short public parameters and the private keys size shrinks as the hierarchy depth increases. The signature size is a constant and the cost of verification only requires four bilinear pairings,which are independent of hierarchy depth. Furthermore,under the q-strong computational diffie-Hellman problem (q-SDH) assumption,the scheme is provably secure against existential forgery for adaptive chosen message and identity attack in the standard model.
基金the National Natural Science Foundation of China(Grant Nos.60572155 and 60673079)the National High Technology DevelopmentProgram of China (Grant No.2006AA01Z424)the National Research Fund for the Doctoral Program of Higher Education of China(Grant No.20060248008)
文摘Identity-based (ID-based) cryptography has drawn great concerns in recent years, and most of ID-based schemes are constructed from bilinear parings. Therefore, ID-based scheme without pairing is of great interest in the field of cryptography. Up to now, there still remains a challenge to construct ID-based signature scheme from quadratic residues. Thus, we aim to meet this challenge by proposing a concrete scheme. In this paper, we first introduce the technique of how to calculate a 2^lth root of a quadratic residue, and then give a concrete ID-based signature scheme using such technique. We also prove that our scheme is chosen message and ID secure in the random oracle model, assuming the hardness of factoring.
基金Supported by the National Natural Science Foundation of China(61472309,61572390,61672412,61402353)
文摘Blind signature allows a user to get a signature of a signer on an arbitrary message,and the verifier can convince that the signature is indeed signed by the signer without leaking any information about the message.This property is necessary when the user’s privacy needs protection,such as a bank bill,a trade secret,etc.As an alternative of public key infrastructure,the identity-based system can simplify the key management procedures in certificate-based public key systems.Inspired by the requirement of identity-based blind signature in the post quantum world,we research on identity-based blind signature based on hard lattice problems under the random Oracle model.We propose a construction built upon the blind signature by Rückert,and it is proved to be one-more unforgeable against selective identity and chosen message attacks(s ID-CMA)and unconditionally blind.The proposed scheme has 2 moves,and its security can be reduced to the small integer solution(SIS)problem.