To solve the key escrow problem of the identity-based cryptosystem, Girault introduced the notion of a self-certified public key, which not only eliminates the need to authenticate a public key but also solves the key...To solve the key escrow problem of the identity-based cryptosystem, Girault introduced the notion of a self-certified public key, which not only eliminates the need to authenticate a public key but also solves the key escrow problerrL This paper proposes a Self-Certified Signature (SCS) scheme with message recovery and two variants without using bilinear pairings: one is the authenticated encryption scheme in which only the designated re- ceiver can verify the signature, and the other is the authenticated encryption scheme with message linkage that deals with large messages. These three SCS schemes are provably secure in the random oracle model and are more efficient than previous schemes .展开更多
Multi-proxy signature schemes allow the original signer to delegate his/her signing power to n proxy signers such that all proxy signers must corporately generate a valid proxy signature on behalf of the original sign...Multi-proxy signature schemes allow the original signer to delegate his/her signing power to n proxy signers such that all proxy signers must corporately generate a valid proxy signature on behalf of the original signer. We first propose a multi-proxy signature scheme based on discrete logarithms and then adapt it to the elliptic curve cryptosystem. With the integration of self-certified public-key systems and the message recovery signature schemes,our proposed schemes have the following advan-tages:(1) They do not require the signing message to be transmitted,since the verifier can recover it from the signature;(2) The authentication of the public keys,verification of the signature,and recovery of the message can be simultaneously carried out in a single logical step;(3) No certificate is needed for validating the public keys. Further,the elliptic curve variant with short key lengths especially suits the cryptographic applications with limited computing power and storage space,e.g.,smart cards. As compared with the previous work that was implemented with the certificate-based public-key systems,the proposed schemes give better performance in terms of communication bandwidth and computation efforts.展开更多
A digital signature with message recovery is a signature that the message itself (or partial of the message) is not required to be transmitted together with the signature. It has the advantage of small data size of co...A digital signature with message recovery is a signature that the message itself (or partial of the message) is not required to be transmitted together with the signature. It has the advantage of small data size of communication comparing with the traditional digital signatures. In this paper, combining both advantages of the message recovery signatures and the certificateless cryptography, we propose the first certificatelss signature scheme with message recovery. The remarkable feature of our scheme is that it can achieve Girault's Level-3 security while the conventional certificateless signature scheme only achieves Level-2 security. The security of the scheme is rigorously proved in the random oracle model based on the hardness of the k bilinear Diffie-Hellman inverse (k-BDHI) problem.展开更多
Piveteau signature scheme allows message recovery but the methodology differs from that of the Nyberg-Rueppel schemes. This paper analyzes the security of the Piveteau scheme by designing some attacks. Two improved me...Piveteau signature scheme allows message recovery but the methodology differs from that of the Nyberg-Rueppel schemes. This paper analyzes the security of the Piveteau scheme by designing some attacks. Two improved methods to Piveteau signature scheme and Nyberg-Rueppel schemes were developed to avoid these weaknesses. Analyses of the security of the improved schemes prove that the improved methods can effectively handle the attacks proposed in this paper.展开更多
Strong security in public key cryptography is not enongh; the encryption has to be achieved in an efficient way. OAEP or SAEP is only suitable for special applications (e. g. key transport), and securely transportin...Strong security in public key cryptography is not enongh; the encryption has to be achieved in an efficient way. OAEP or SAEP is only suitable for special applications (e. g. key transport), and securely transporting message of any length is a challenge. Motivated by the hybrid encryption, we present a practical approach to achieve the (adaptively) chosen eiphertext security. The time cost of encryption/decryption of proposed scheme is similar to OAEP and the bandwidth of message recovery is 92% for standard security parameter, while RSA-OAEP is 84%. The scheme is also provably secure against adaptively chosen ciphertext attacks in the random oracle model. We conclude that the approach is practical in more extensive application.展开更多
The overload of traditional cryptosystems is too high for real-time applications so there is a need to design a new encryption and signature scheme for the multicast applications. In this paper, we use the elliptic cu...The overload of traditional cryptosystems is too high for real-time applications so there is a need to design a new encryption and signature scheme for the multicast applications. In this paper, we use the elliptic curve cryptosystem to design a source authentication scheme for real-time applications. The proposed scheme uses the message recovery signature to reduce the computation cost. Thus, the proposed source authentication scheme is more suitable for real-time applications, such as online meeting, online movie, and online music.展开更多
Multiple images steganography refers to hiding secret messages in multiple natural images to minimize the leakage of secret messages during transmission.Currently,the main multiple images steganography algorithms main...Multiple images steganography refers to hiding secret messages in multiple natural images to minimize the leakage of secret messages during transmission.Currently,the main multiple images steganography algorithms mainly distribute the payloads as sparsely as possible inmultiple cover images to improve the detection error rate of stego images.In order to enable the payloads to be accurately and efficiently distributed in each cover image,this paper proposes a multiple images steganography for JPEG images based on optimal payload redistribution.Firstly,the algorithm uses the principle of dynamic programming to redistribute the payloads of the cover images to reduce the time required in the process of payloads distribution.Then,by reducing the difference between the features of the cover images and the stego images to increase the detection error rate of the stego images.Secondly,this paper uses a data decomposition mechanism based on Vandermonde matrix.Even if part of the data is lost during the transmission of the secret messages,as long as the data loss rate is less than the data redundancy rate,the original secret messages can be recovered.Experimental results show that the method proposed in this paper improves the efficiency of payloads distribution compared with existing multiple images steganography.At the same time,the algorithm can achieve the optimal payload distribution of multiple images steganography to improve the anti-statistical detection performance of stego images.展开更多
Automatic dependent surveillance-broadcast (ADS-B) systems can broadcast satellitebased aircraft position, identification, etc., periodically, and are now on track to replace radar to become the backbone of next-gen...Automatic dependent surveillance-broadcast (ADS-B) systems can broadcast satellitebased aircraft position, identification, etc., periodically, and are now on track to replace radar to become the backbone of next-generation air traffic management (ATM) systems. However, ADS-B systems suffer severe cyber-security problems due to the broadcast-type data link and the lack of designed-in security measures. Especially, since ADS-B messages are unauthenticated, it is easy to insert fake aircraft into a system via spoofing or insertion of false messages. Unfortu- nately, the authentication for ADS-B messages has not yet been well studied. In this paper, based on identity-based signature with message recovery (IBS-MR), an efficient broadcast authentication scheme for ADS-B messages is proposed. The security analysis demonstrates that the scheme can achieve authenticity and integrity of ADS-B broadcast messages, as well as adaptive evolution of broadcasters' private keys. The performance evaluation shows that the scheme is computationally efficient for typical avionics devices with limited resources. Furthermore, the scheme achieves low communication overhead since broadcast messages can be recovered from signatures, and thus it is suitable for low-bandwidth ADS-B data link.展开更多
Recently, Tseng et al. proposed authenticated encryption scheme with message recovery using self-certified public keys. Hwang et al. proposed an attack to show that the Tseng et al.'s scheme was not secure. And Hwang...Recently, Tseng et al. proposed authenticated encryption scheme with message recovery using self-certified public keys. Hwang et al. proposed an attack to show that the Tseng et al.'s scheme was not secure. And Hwang et al. proposed an improved scheme and claimed to that the new scheme satisfy the security requirement. However, we will show that the improved signature proposed by Hwang et al. is still insecure.展开更多
基金This research was supported partially by the National Natural Science Foundation of China under Grants No. 61103247, No. 6110209 the Natural Science Foundation of Fujian Province under Grant No. 2011J05147+1 种基金 the Research Foundation of Education Bureau of Fujian Province under Grant No. JBll017 the Foundation for Excellent Young Teachers of Fujian Normal University under Grant No. fjsdjk2012049.
文摘To solve the key escrow problem of the identity-based cryptosystem, Girault introduced the notion of a self-certified public key, which not only eliminates the need to authenticate a public key but also solves the key escrow problerrL This paper proposes a Self-Certified Signature (SCS) scheme with message recovery and two variants without using bilinear pairings: one is the authenticated encryption scheme in which only the designated re- ceiver can verify the signature, and the other is the authenticated encryption scheme with message linkage that deals with large messages. These three SCS schemes are provably secure in the random oracle model and are more efficient than previous schemes .
基金Project (No. 94-2213-E-182-019) supported by the National Science Council, Taiwan, China
文摘Multi-proxy signature schemes allow the original signer to delegate his/her signing power to n proxy signers such that all proxy signers must corporately generate a valid proxy signature on behalf of the original signer. We first propose a multi-proxy signature scheme based on discrete logarithms and then adapt it to the elliptic curve cryptosystem. With the integration of self-certified public-key systems and the message recovery signature schemes,our proposed schemes have the following advan-tages:(1) They do not require the signing message to be transmitted,since the verifier can recover it from the signature;(2) The authentication of the public keys,verification of the signature,and recovery of the message can be simultaneously carried out in a single logical step;(3) No certificate is needed for validating the public keys. Further,the elliptic curve variant with short key lengths especially suits the cryptographic applications with limited computing power and storage space,e.g.,smart cards. As compared with the previous work that was implemented with the certificate-based public-key systems,the proposed schemes give better performance in terms of communication bandwidth and computation efforts.
文摘A digital signature with message recovery is a signature that the message itself (or partial of the message) is not required to be transmitted together with the signature. It has the advantage of small data size of communication comparing with the traditional digital signatures. In this paper, combining both advantages of the message recovery signatures and the certificateless cryptography, we propose the first certificatelss signature scheme with message recovery. The remarkable feature of our scheme is that it can achieve Girault's Level-3 security while the conventional certificateless signature scheme only achieves Level-2 security. The security of the scheme is rigorously proved in the random oracle model based on the hardness of the k bilinear Diffie-Hellman inverse (k-BDHI) problem.
基金Supported by the National Natural Science Foundation of China(No.90104032)
文摘Piveteau signature scheme allows message recovery but the methodology differs from that of the Nyberg-Rueppel schemes. This paper analyzes the security of the Piveteau scheme by designing some attacks. Two improved methods to Piveteau signature scheme and Nyberg-Rueppel schemes were developed to avoid these weaknesses. Analyses of the security of the improved schemes prove that the improved methods can effectively handle the attacks proposed in this paper.
基金Supported by the National Natural Science Foun-dation of China (60403027)
文摘Strong security in public key cryptography is not enongh; the encryption has to be achieved in an efficient way. OAEP or SAEP is only suitable for special applications (e. g. key transport), and securely transporting message of any length is a challenge. Motivated by the hybrid encryption, we present a practical approach to achieve the (adaptively) chosen eiphertext security. The time cost of encryption/decryption of proposed scheme is similar to OAEP and the bandwidth of message recovery is 92% for standard security parameter, while RSA-OAEP is 84%. The scheme is also provably secure against adaptively chosen ciphertext attacks in the random oracle model. We conclude that the approach is practical in more extensive application.
文摘The overload of traditional cryptosystems is too high for real-time applications so there is a need to design a new encryption and signature scheme for the multicast applications. In this paper, we use the elliptic curve cryptosystem to design a source authentication scheme for real-time applications. The proposed scheme uses the message recovery signature to reduce the computation cost. Thus, the proposed source authentication scheme is more suitable for real-time applications, such as online meeting, online movie, and online music.
基金This work was supported by the National Natural Science Foundation of China(Nos.U1736214,U1804263,U1636219,61772281,61772549,and 61872448)the National Key R&D Program of China(Nos.2016YFB0801303,2016QY01W0105)the Science and Technology Innovation Talent Project of Henan Province(No.184200510018).
文摘Multiple images steganography refers to hiding secret messages in multiple natural images to minimize the leakage of secret messages during transmission.Currently,the main multiple images steganography algorithms mainly distribute the payloads as sparsely as possible inmultiple cover images to improve the detection error rate of stego images.In order to enable the payloads to be accurately and efficiently distributed in each cover image,this paper proposes a multiple images steganography for JPEG images based on optimal payload redistribution.Firstly,the algorithm uses the principle of dynamic programming to redistribute the payloads of the cover images to reduce the time required in the process of payloads distribution.Then,by reducing the difference between the features of the cover images and the stego images to increase the detection error rate of the stego images.Secondly,this paper uses a data decomposition mechanism based on Vandermonde matrix.Even if part of the data is lost during the transmission of the secret messages,as long as the data loss rate is less than the data redundancy rate,the original secret messages can be recovered.Experimental results show that the method proposed in this paper improves the efficiency of payloads distribution compared with existing multiple images steganography.At the same time,the algorithm can achieve the optimal payload distribution of multiple images steganography to improve the anti-statistical detection performance of stego images.
基金co-supported by the National Natural Science Foundation of China (Nos. U1233108, U1333127, 2014H H0029, 61103207)the Research Funds for Science & Technology Department of Sichuan Province (No. 2012GZ0001)+1 种基金the Fundamental Research Funds for Chinese Central Universities (No. ZYGX2011J059)the Shanghai Science and Technology Committee (No. 11511505300)
文摘Automatic dependent surveillance-broadcast (ADS-B) systems can broadcast satellitebased aircraft position, identification, etc., periodically, and are now on track to replace radar to become the backbone of next-generation air traffic management (ATM) systems. However, ADS-B systems suffer severe cyber-security problems due to the broadcast-type data link and the lack of designed-in security measures. Especially, since ADS-B messages are unauthenticated, it is easy to insert fake aircraft into a system via spoofing or insertion of false messages. Unfortu- nately, the authentication for ADS-B messages has not yet been well studied. In this paper, based on identity-based signature with message recovery (IBS-MR), an efficient broadcast authentication scheme for ADS-B messages is proposed. The security analysis demonstrates that the scheme can achieve authenticity and integrity of ADS-B broadcast messages, as well as adaptive evolution of broadcasters' private keys. The performance evaluation shows that the scheme is computationally efficient for typical avionics devices with limited resources. Furthermore, the scheme achieves low communication overhead since broadcast messages can be recovered from signatures, and thus it is suitable for low-bandwidth ADS-B data link.
基金This project is supported by National Natural Science Foundation of China(60673053 90718011)
文摘Recently, Tseng et al. proposed authenticated encryption scheme with message recovery using self-certified public keys. Hwang et al. proposed an attack to show that the Tseng et al.'s scheme was not secure. And Hwang et al. proposed an improved scheme and claimed to that the new scheme satisfy the security requirement. However, we will show that the improved signature proposed by Hwang et al. is still insecure.
