Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we...Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.展开更多
Anonymity is a very important security objective in network communications.Recently,Pang et al.proposed a novel multirecipient signcryption scheme with complete anonymity and claimed that the new concrete scheme was s...Anonymity is a very important security objective in network communications.Recently,Pang et al.proposed a novel multirecipient signcryption scheme with complete anonymity and claimed that the new concrete scheme was strong existential unforgeability under selective multi-ID,chosen message attack.Unfortunately,by giving concrete attacks,named " inside attack" and " outside attack" respectively,we indicate that Pang et al.'s scheme is not secure in their security model.展开更多
The vehicular sensor network (VSN) is an important part of intelligent transportation, which is used for real-timedetection and operation control of vehicles and real-time transmission of data and information. In the ...The vehicular sensor network (VSN) is an important part of intelligent transportation, which is used for real-timedetection and operation control of vehicles and real-time transmission of data and information. In the environmentofVSN, massive private data generated by vehicles are transmitted in open channels and used by other vehicle users,so it is crucial to maintain high transmission efficiency and high confidentiality of data. To deal with this problem, inthis paper, we propose a heterogeneous fault-tolerant aggregate signcryption scheme with an equality test (HFTASET).The scheme combines fault-tolerant and aggregate signcryption,whichnot onlymakes up for the deficiency oflow security of aggregate signature, but alsomakes up for the deficiency that aggregate signcryption cannot tolerateinvalid signature. The scheme supports one verification pass when all signcryptions are valid, and it supportsunbounded aggregation when the total number of signcryptions grows dynamically. In addition, this schemesupports heterogeneous equality test, and realizes the access control of private data in different cryptographicenvironments, so as to achieve flexibility in the application of our scheme and realize the function of quick searchof plaintext or ciphertext. Then, the security of HFTAS-ET is demonstrated by strict theoretical analysis. Finally, weconduct strict and standardized experimental operation and performance evaluation, which shows that the schemehas better performance.展开更多
Ring signcryption enables a user to send a message confidentially and authentically to a specific receiver in an anonymous way.One of the main reasons for the slow adoption of identity-based cryptography is the inhere...Ring signcryption enables a user to send a message confidentially and authentically to a specific receiver in an anonymous way.One of the main reasons for the slow adoption of identity-based cryptography is the inherent key escrow problem.In this paper a new certificateless ring signcryption scheme from pairings is presented.It is escrow free in that no KGC is able to decrypt ciphertexts itself.We then formally prove the security of the new scheme in the random oracle model IND-CCA2 and EUF-CMA.展开更多
Signcryption, which was introduced by ZHEN~ is a cryptographic primitive that fulfils the functions of both digital signature and encryption and guarantees confidentiality, integrity and non-repudiation in a more effi...Signcryption, which was introduced by ZHEN~ is a cryptographic primitive that fulfils the functions of both digital signature and encryption and guarantees confidentiality, integrity and non-repudiation in a more effi- cient way. Certificateless signcryption and pro- xy signcryption in identity-based cryptography were proposed for different applications. Most of these schemes are constructed by bilinear pairings from elliptic curves. However, some schemes were recently presented without pai- rings. In this paper, we present a certificateless proxy identity-based signcryption scheme with- out bilinear pairings, which is efficient and secure.展开更多
To reduce the size of certificate chains and the ciphertext size in secure routing protocols, a General Aggregate Signcryption Scheme (GASC) is presented. In GASC, an identity-based signcryption algorithm and an aggre...To reduce the size of certificate chains and the ciphertext size in secure routing protocols, a General Aggregate Signcryption Scheme (GASC) is presented. In GASC, an identity-based signcryption algorithm and an aggregate signature algorithm are combined in a practical and secure manner to form the general aggregate signcryption scheme's schema and concept, and a new secure, efficiently general aggregate signcryption scheme, which allows the aggregation of n distinct signcryptions by n distinct users on n distinct messages, is proposed. First, the correction of the GASC scheme is analyzed. Then, we formally prove the security of GASC in the random oracle models IND-CCA2 and EUF-CMA under the DBDHP assumption and the DLP assumption, respectively. The results show that the GASC scheme is not only secure against any probabilistic polynomial-time IND-GASC-CCA2 and EUF-GASC-CMA adversary in the random oracle models but also efficient in pairing ê computations. In addition, the GASC scheme gives an effective remedy to the key escrow problem, which is an inherent issue in IBC by splitting the private key into two parts, and reduces the communication complexity by eliminating the interaction among the senders (signers) before the signcryption generation.展开更多
In this paper, we point out that Libert and Quisquater’s signcryption scheme cannot provide public verifiability. Then we present a new identity based signcryption scheme using quadratic residue and pairings over ell...In this paper, we point out that Libert and Quisquater’s signcryption scheme cannot provide public verifiability. Then we present a new identity based signcryption scheme using quadratic residue and pairings over elliptic curves. It combines the functionalities of both public verifiability and forward security at the same time. Under the Bilinear Diffie-Hellman and quadratic residue assumption, we describe the new scheme that is more secure and can be some-what more efficient than Libert and Quisquater’s one.展开更多
In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc...In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.展开更多
In this paper, we analyze two signcryption schemes on elliptic curves proposed by Zheng Yu-liang and Hideki Imai. We point out a serious problem with the schemes that the elliptic curve based signcryption schemes lose...In this paper, we analyze two signcryption schemes on elliptic curves proposed by Zheng Yu-liang and Hideki Imai. We point out a serious problem with the schemes that the elliptic curve based signcryption schemes lose confidentiality to gain non-repudiation. We also propose two improvement versions that not only overcome the security leak inherent in the schemes but also provide public verifiability or forward security. Our improvement versions require smaller computing cost than that required by signature-then-encryption methods.展开更多
The emerging edge computing technology for the Internet of Things has been playing an important role in our daily life. It is promising to utilize a multi-receiver signcryption scheme to protect the transmission data ...The emerging edge computing technology for the Internet of Things has been playing an important role in our daily life. It is promising to utilize a multi-receiver signcryption scheme to protect the transmission data when an edge device broadcasts its sensing data to many different end devices at a time.There are several things to consider when we design a signcryption scheme. First existing schemes need to maintain a secure channel to generate the user private key, which may increase economic costs. Second the system private key of those schemes is kept secret by a single key generation center(KGC), and the single point of failure of KGC may compromise the whole system. For this, we propose a multi-receiver multimessage signcryption scheme without the secure channel. Firstly the scheme allows KGC to send secrets through the public channel, which reduces maintenance costs. Secondly, to eliminate the single point of failure, the scheme utilizes multiple KGCs to manage the system private key, and updates the secret of each KGC periodically to resist advanced persistent threat attacks. We demonstrate that the proposed scheme can achieve expected security properties. Performance analysis shows that it is with shorter ciphertext length and higher efficiency.展开更多
In the existing Electronic Health Records(EHRs),the medical information of patients is completely controlled by various medical institutions.As such,patients have no dominant power over their own EHRs.These personal d...In the existing Electronic Health Records(EHRs),the medical information of patients is completely controlled by various medical institutions.As such,patients have no dominant power over their own EHRs.These personal data are not only inconvenient to access and share,but are also prone to cause privacy disclosure.The blockchain technology provides a new development direction in the medical field.Blockchain-based EHRs are characterized by decentralization,openness and non-tampering of records,which enable patients to better manage their own EHRs.In order to better protect the privacy of patients,only designated receivers can access EHRs,and receivers can authenticate the sharer to ensure that the EHRs are real and effective.In this study,we propose an identity-based signcryption scheme with multiple authorities for multiple receivers,which can resist N-1 collusion attacks among N authorities.In addition,the identity information of receivers is anonymous,so the relationship between them and the sharer is not disclosed.Under the random oracle model,it was proved that our scheme was secure and met the unforgeability and confidentiality requirements of signcryption.Moreover,we evaluated the performance of the scheme and found that it had the moderate signcryption efficiency and excellent signcryption attributes.展开更多
In 1996, Mambo et al introduced the concept of proxy signature. However, proxy signature can only provide the delegated authenticity and cannot provide confidentiality. Recently, Gamage et al and Chan and Wei proposed...In 1996, Mambo et al introduced the concept of proxy signature. However, proxy signature can only provide the delegated authenticity and cannot provide confidentiality. Recently, Gamage et al and Chan and Wei proposed different proxy signcryption schemes respectively, which extended the concept of proxy signature. However, only the specified receiver can decrypt and verify the validity of proxy signcryption in their schemes. To protect the receiver's benefit in case of a later dispute, Wu and Hsu proposed a convertible authenticated encryption scheme, which can enable the receiver to convert signature into an ordinary one that can be verified by anyone. Based on Wu and Hsu' s scheme and improved Kim's scheme, we propose a convertible proxy signcryption scheme. The security of the proposed scheme is based on the intractability of reversing the one-way hash function and solving the discrete logarithm problem. The proposed scheme can satisfy all properties of strong proxy signature and withstand the public key substitution attack and does not use secure channel. In addition, the proposed scheme can be extended to convertible threshold proxy signcryption scheme.展开更多
Through cryptanalysis of the improved scheme of a generalized group-oriented threshold signcryption schemes,it is found that the improved scheme can effectively resist conspiracy attack and forgery attack,but does not...Through cryptanalysis of the improved scheme of a generalized group-oriented threshold signcryption schemes,it is found that the improved scheme can effectively resist conspiracy attack and forgery attack,but does not have semantic security and public verification function,and sends threshold signcryption by the secret secure channel,which increases the communication costs and potential safety hazards of the system.A new group-oriented publicly verifiable threshold signcryption scheme is proposed on the basis of the improved scheme,the new scheme overcomes the drawbacks of the improved scheme,which not only provides with semantic security and public verification function,but also can send threshold signcryption by the public channel.展开更多
When the Wireless Sensor Network(WSN)is combined with the Internet of Things(IoT),it can be employed in a wide range of applications,such as agriculture,industry 4.0,health care,smart homes,among others.Accessing the ...When the Wireless Sensor Network(WSN)is combined with the Internet of Things(IoT),it can be employed in a wide range of applications,such as agriculture,industry 4.0,health care,smart homes,among others.Accessing the big data generated by these applications in Cloud Servers(CSs),requires higher levels of authenticity and confidentiality during communication conducted through the Internet.Signcryption is one of the most promising approaches nowadays for overcoming such obstacles,due to its combined nature,i.e.,signature and encryption.A number of researchers have developed schemes to address issues related to access control in the IoT literature,however,the majority of these schemes are based on homogeneous nature.This will be neither adequate nor practical for heterogeneous IoT environments.In addition,these schemes are based on bilinear pairing and elliptic curve cryptography,which further requires additional processing time and more communication overheads that is inappropriate for real-time communication.Consequently,this paper aims to solve the above-discussed issues,we proposed an access control scheme for IoT environments using heterogeneous signcryption scheme with the efficiency and security hardiness of hyperelliptic curve.Besides the security services such as replay attack prevention,confidentiality,integrity,unforgeability,non-repudiations,and forward secrecy,the proposed scheme has very low computational and communication costs,when it is compared to existing schemes.This is primarily because of hyperelliptic curve lighter nature of key and other parameters.The AVISPA tool is used to simulate the security requirements of our proposed scheme and the results were under two backbends(Constraint Logic-based Attack Searcher(CL-b-AtSER)and On-the-Fly Model Checker(ON-t-FL-MCR))proved to be SAFE when the presented scheme is coded in HLPSL language.This scheme was proven to be capable of preventing a variety of attacks,including confidentiality,integrity,unforgeability,non-repudiation,forward secrecy,and replay attacks.展开更多
Concurrent signature was introduced as an efficient approach to solving the problem of fair exchange of signatures. Almost all fair exchange e-commerce protocols based on concurrent signature that have been proposed u...Concurrent signature was introduced as an efficient approach to solving the problem of fair exchange of signatures. Almost all fair exchange e-commerce protocols based on concurrent signature that have been proposed until now either do not provide message privacy protection or adopt the sign-then-encrypt scheme to provide confidentiality. However,confidentiality is an important requirement of fair exchange e-commerce protocol. In this paper,a new concept called concurrent signcryption which combines the concepts of concurrent signature and signcryption together to resolve the confidentiality problem in e-commerce systems based on concurrent signature. We also propose a concurrent signcryption scheme using bilinear pairings and prove its security in the random oracle model. Compared with the sign-then-encrypt scheme using bilinear pairings,our scheme enjoys shorter message length and less operation cost. Moreover,in our scheme the two ambiguous signcryptions can be published in any order.展开更多
Signcryption has been a rapidly emerging efficient approach to achieve authenticity and confidentiality within a logic single step. However, it is still a difficult problem to realize public verifiability of signcrypt...Signcryption has been a rapidly emerging efficient approach to achieve authenticity and confidentiality within a logic single step. However, it is still a difficult problem to realize public verifiability of signcryption in an efficient and secure way. Here, we present a generic solution to realize public verifiability based on quadratic residue.展开更多
Mobile commerce uses wireless device and wireless link to result in the transfer of values in exchange of information, services or goods. Wireless mobile ad hoc networks (MANETs) will bring a revolution to the busin...Mobile commerce uses wireless device and wireless link to result in the transfer of values in exchange of information, services or goods. Wireless mobile ad hoc networks (MANETs) will bring a revolution to the business model of mobile commerce if such networks are used as the underlying network technology for mobile commerce. Mobile commerce will remain in a niche market until the security issue is properly addressed. Hence, security is also very important for MANET applications in mobile commerce. Robust key management is one of the most crucial technologies for security of MANETs. In this paper, a new solution for key management is proposed using identity-based (ID-based) signcryption and threshold secret sharing. It enables flexible and efficient key management while respecting the constraints of MANETs. In our solution, each mobile host uses its globally unique identity as its public key. It greatly decreases the computation and storage costs of mobile hosts, as well as communication cost for system key management.展开更多
Recent years have witnessed growing scientific research interest in the Internet of Things(IoT)technologies,which supports the development of a variety of applications such as health care,Industry 4.0,agriculture,ecol...Recent years have witnessed growing scientific research interest in the Internet of Things(IoT)technologies,which supports the development of a variety of applications such as health care,Industry 4.0,agriculture,ecological data management,and other various domains.IoT utilizes the Internet as a prime medium of communication for both single documents as well as multi-digital messages.However,due to the wide-open nature of the Internet,it is important to ensure the anonymity,untraceably,confidentiality,and unforgeability of communication with efficient computational complexity and low bandwidth.We designed a light weight and secure proxy blind signcryption for multi-digital messages based on a hyperelliptic curve(HEC).Our results outperform the available schemes in terms of computational cost and communication bandwidth.The designed scheme also has the desired authentication,unforgeability of warrants and/or plaintext,confidentiality,integrity,and blindness,respectively.Further,our scheme is more suitable for devices with low computation power such as mobiles and tablets.展开更多
In order to protect historical ciphertext when the private key leaked in the broadcasting system,the forward-secure multi-receiver signcryption scheme is designed based on the generic graded multilinear mapping encodi...In order to protect historical ciphertext when the private key leaked in the broadcasting system,the forward-secure multi-receiver signcryption scheme is designed based on the generic graded multilinear mapping encoding structure,which effectively prevents illegal access from intruder to the ciphertext in the past time period when the private key in current time period is revealed.Through the generalization of the existing multilinear mapping encoding system,it proposes the generic graded multilinear mapping encoding structure and the generic graded decision Diffie-Hellman problem.Because of the generic graded multilinear mapping encoding system adopted,almost all candidate multilinear mapping encoding systems can automatically adapt to our scheme.Under the assumption of generic graded decision Diffie-Hellman problem,it has proved that the scheme has the information confidentiality and unforgeability in the current time period.After putting forward the security model of forward-secure multi-receiver signcryption scheme,and under the assumption of generic graded decision Diffie-Hellman problem,it has proved that the scheme has the message forward-confidentiality and forward-unforgeability.Compared with other forward-secure public key encryption schemes,the relationship between our scheme and time periods is sub-linear,so it is less complex.展开更多
The functions of digital signature and public key encryption are simultaneously fulfilled by signcryption,which is a cryptographic primitive.To securely communicate very large messages,the cryptographic primitive call...The functions of digital signature and public key encryption are simultaneously fulfilled by signcryption,which is a cryptographic primitive.To securely communicate very large messages,the cryptographic primitive called signcryption efficiently implements the same and while most of the public key based systems are suitable for small messages,hybrid encryption(KEM-DEM)provides a competent and practical way.In this paper,we develop a hybrid signcryption technique.The hybrid signcryption is based on the KEM and DEM technique.The KEM algorithm utilizes the KDF technique to encapsulate the symmetric key.The DEM algorithm utilizes the Adaptive Genetic Algorithm based Elliptic curve cryptography algorithm to encrypt the original message.Here,for the security purpose,we introduce the three games and we proved the attackers fail to find the security attributes of our proposed signcryption algorithm.The proposed algorithm is analyzed with Daniel of Service(DOS),Brute Force attack and Man In Middle(MIM)attacks to ensure the secure data transaction.展开更多
基金Supported by the National Natural Science Foundation of China (60473029)
文摘Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.
基金Shandong Provincial Natural Science Foundation,China(No.ZR2014FL011)Higher Educational Science and Technology Program of Shandong Province,China(No.J13LN21)
文摘Anonymity is a very important security objective in network communications.Recently,Pang et al.proposed a novel multirecipient signcryption scheme with complete anonymity and claimed that the new concrete scheme was strong existential unforgeability under selective multi-ID,chosen message attack.Unfortunately,by giving concrete attacks,named " inside attack" and " outside attack" respectively,we indicate that Pang et al.'s scheme is not secure in their security model.
基金supported in part by the Open Fund of Advanced Cryptography and System Security Key Laboratory of Sichuan Province under Grant SKLACSS-202102in part by the Intelligent Terminal Key Laboratory of Sichuan Province under Grant SCITLAB-1019.
文摘The vehicular sensor network (VSN) is an important part of intelligent transportation, which is used for real-timedetection and operation control of vehicles and real-time transmission of data and information. In the environmentofVSN, massive private data generated by vehicles are transmitted in open channels and used by other vehicle users,so it is crucial to maintain high transmission efficiency and high confidentiality of data. To deal with this problem, inthis paper, we propose a heterogeneous fault-tolerant aggregate signcryption scheme with an equality test (HFTASET).The scheme combines fault-tolerant and aggregate signcryption,whichnot onlymakes up for the deficiency oflow security of aggregate signature, but alsomakes up for the deficiency that aggregate signcryption cannot tolerateinvalid signature. The scheme supports one verification pass when all signcryptions are valid, and it supportsunbounded aggregation when the total number of signcryptions grows dynamically. In addition, this schemesupports heterogeneous equality test, and realizes the access control of private data in different cryptographicenvironments, so as to achieve flexibility in the application of our scheme and realize the function of quick searchof plaintext or ciphertext. Then, the security of HFTAS-ET is demonstrated by strict theoretical analysis. Finally, weconduct strict and standardized experimental operation and performance evaluation, which shows that the schemehas better performance.
基金supported by National Key Basic Research Program of China(973 program) under Grant No. 2011CB302903National Natural Science Foundation of China under Grant No.60873231,No.61073188+1 种基金China Postdoctoral Science Foundation under Grant No.20100471355Natural Science Foundation of Jiangsu Province under Grant No. BK2009426
文摘Ring signcryption enables a user to send a message confidentially and authentically to a specific receiver in an anonymous way.One of the main reasons for the slow adoption of identity-based cryptography is the inherent key escrow problem.In this paper a new certificateless ring signcryption scheme from pairings is presented.It is escrow free in that no KGC is able to decrypt ciphertexts itself.We then formally prove the security of the new scheme in the random oracle model IND-CCA2 and EUF-CMA.
基金supported by the National Natural Science Foundation of China under Grants No.61272499,No.10990011
文摘Signcryption, which was introduced by ZHEN~ is a cryptographic primitive that fulfils the functions of both digital signature and encryption and guarantees confidentiality, integrity and non-repudiation in a more effi- cient way. Certificateless signcryption and pro- xy signcryption in identity-based cryptography were proposed for different applications. Most of these schemes are constructed by bilinear pairings from elliptic curves. However, some schemes were recently presented without pai- rings. In this paper, we present a certificateless proxy identity-based signcryption scheme with- out bilinear pairings, which is efficient and secure.
基金supported by the National Grand Fundamental Research 973 Program of China under Grant No.2011CB302903 the National Natural Science Foundation of China under Grants No.61073188,No.61073115+1 种基金 the Key University Science Research Project of Jiangsu Province under Grant No.11KJA520002 the Priority Academic Program Development of Jiangsu Higher Education Institutions under Grant No.yx002001
文摘To reduce the size of certificate chains and the ciphertext size in secure routing protocols, a General Aggregate Signcryption Scheme (GASC) is presented. In GASC, an identity-based signcryption algorithm and an aggregate signature algorithm are combined in a practical and secure manner to form the general aggregate signcryption scheme's schema and concept, and a new secure, efficiently general aggregate signcryption scheme, which allows the aggregation of n distinct signcryptions by n distinct users on n distinct messages, is proposed. First, the correction of the GASC scheme is analyzed. Then, we formally prove the security of GASC in the random oracle models IND-CCA2 and EUF-CMA under the DBDHP assumption and the DLP assumption, respectively. The results show that the GASC scheme is not only secure against any probabilistic polynomial-time IND-GASC-CCA2 and EUF-GASC-CMA adversary in the random oracle models but also efficient in pairing ê computations. In addition, the GASC scheme gives an effective remedy to the key escrow problem, which is an inherent issue in IBC by splitting the private key into two parts, and reduces the communication complexity by eliminating the interaction among the senders (signers) before the signcryption generation.
文摘In this paper, we point out that Libert and Quisquater’s signcryption scheme cannot provide public verifiability. Then we present a new identity based signcryption scheme using quadratic residue and pairings over elliptic curves. It combines the functionalities of both public verifiability and forward security at the same time. Under the Bilinear Diffie-Hellman and quadratic residue assumption, we describe the new scheme that is more secure and can be some-what more efficient than Libert and Quisquater’s one.
文摘In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.
文摘In this paper, we analyze two signcryption schemes on elliptic curves proposed by Zheng Yu-liang and Hideki Imai. We point out a serious problem with the schemes that the elliptic curve based signcryption schemes lose confidentiality to gain non-repudiation. We also propose two improvement versions that not only overcome the security leak inherent in the schemes but also provide public verifiability or forward security. Our improvement versions require smaller computing cost than that required by signature-then-encryption methods.
基金supported by National Key Research and Development Program of China (2020YFB1005404)National Natural Science Foundation of China (62172010)Henan Province Higher Education Key Research Project (22A520048)。
文摘The emerging edge computing technology for the Internet of Things has been playing an important role in our daily life. It is promising to utilize a multi-receiver signcryption scheme to protect the transmission data when an edge device broadcasts its sensing data to many different end devices at a time.There are several things to consider when we design a signcryption scheme. First existing schemes need to maintain a secure channel to generate the user private key, which may increase economic costs. Second the system private key of those schemes is kept secret by a single key generation center(KGC), and the single point of failure of KGC may compromise the whole system. For this, we propose a multi-receiver multimessage signcryption scheme without the secure channel. Firstly the scheme allows KGC to send secrets through the public channel, which reduces maintenance costs. Secondly, to eliminate the single point of failure, the scheme utilizes multiple KGCs to manage the system private key, and updates the secret of each KGC periodically to resist advanced persistent threat attacks. We demonstrate that the proposed scheme can achieve expected security properties. Performance analysis shows that it is with shorter ciphertext length and higher efficiency.
基金This work was supported by the National Key Research and Development Project of China(Grant No.2017YFB0802302)the Science and Technology Support Project of Sichuan Province(Grant Nos.2016FZ0112,2017GZ0314,and 2018GZ0204)+2 种基金the Academic and Technical Leaders Training Funding Support Projects of Sichuan Province(Grant No.2016120080102643)the Application Foundation Project of Sichuan Province(Grant No.2017JY0168)the Science and Technology Project of Chengdu(Grant Nos.2017-RK00-00103-ZF,and 2016-HM01-00217-SF).
文摘In the existing Electronic Health Records(EHRs),the medical information of patients is completely controlled by various medical institutions.As such,patients have no dominant power over their own EHRs.These personal data are not only inconvenient to access and share,but are also prone to cause privacy disclosure.The blockchain technology provides a new development direction in the medical field.Blockchain-based EHRs are characterized by decentralization,openness and non-tampering of records,which enable patients to better manage their own EHRs.In order to better protect the privacy of patients,only designated receivers can access EHRs,and receivers can authenticate the sharer to ensure that the EHRs are real and effective.In this study,we propose an identity-based signcryption scheme with multiple authorities for multiple receivers,which can resist N-1 collusion attacks among N authorities.In addition,the identity information of receivers is anonymous,so the relationship between them and the sharer is not disclosed.Under the random oracle model,it was proved that our scheme was secure and met the unforgeability and confidentiality requirements of signcryption.Moreover,we evaluated the performance of the scheme and found that it had the moderate signcryption efficiency and excellent signcryption attributes.
基金Sponsored by the National Natural Science Foudnation of China (Grant No. 60072018,60273082)National Outstanding Youth Science Foundation of China (Grant No. 60225007)
文摘In 1996, Mambo et al introduced the concept of proxy signature. However, proxy signature can only provide the delegated authenticity and cannot provide confidentiality. Recently, Gamage et al and Chan and Wei proposed different proxy signcryption schemes respectively, which extended the concept of proxy signature. However, only the specified receiver can decrypt and verify the validity of proxy signcryption in their schemes. To protect the receiver's benefit in case of a later dispute, Wu and Hsu proposed a convertible authenticated encryption scheme, which can enable the receiver to convert signature into an ordinary one that can be verified by anyone. Based on Wu and Hsu' s scheme and improved Kim's scheme, we propose a convertible proxy signcryption scheme. The security of the proposed scheme is based on the intractability of reversing the one-way hash function and solving the discrete logarithm problem. The proposed scheme can satisfy all properties of strong proxy signature and withstand the public key substitution attack and does not use secure channel. In addition, the proposed scheme can be extended to convertible threshold proxy signcryption scheme.
基金Supported by the National Natural Science Foundation of China(No.61179026)the Fundamental Research funds for the Centeral Universities(No.3122013K001)
文摘Through cryptanalysis of the improved scheme of a generalized group-oriented threshold signcryption schemes,it is found that the improved scheme can effectively resist conspiracy attack and forgery attack,but does not have semantic security and public verification function,and sends threshold signcryption by the secret secure channel,which increases the communication costs and potential safety hazards of the system.A new group-oriented publicly verifiable threshold signcryption scheme is proposed on the basis of the improved scheme,the new scheme overcomes the drawbacks of the improved scheme,which not only provides with semantic security and public verification function,but also can send threshold signcryption by the public channel.
文摘When the Wireless Sensor Network(WSN)is combined with the Internet of Things(IoT),it can be employed in a wide range of applications,such as agriculture,industry 4.0,health care,smart homes,among others.Accessing the big data generated by these applications in Cloud Servers(CSs),requires higher levels of authenticity and confidentiality during communication conducted through the Internet.Signcryption is one of the most promising approaches nowadays for overcoming such obstacles,due to its combined nature,i.e.,signature and encryption.A number of researchers have developed schemes to address issues related to access control in the IoT literature,however,the majority of these schemes are based on homogeneous nature.This will be neither adequate nor practical for heterogeneous IoT environments.In addition,these schemes are based on bilinear pairing and elliptic curve cryptography,which further requires additional processing time and more communication overheads that is inappropriate for real-time communication.Consequently,this paper aims to solve the above-discussed issues,we proposed an access control scheme for IoT environments using heterogeneous signcryption scheme with the efficiency and security hardiness of hyperelliptic curve.Besides the security services such as replay attack prevention,confidentiality,integrity,unforgeability,non-repudiations,and forward secrecy,the proposed scheme has very low computational and communication costs,when it is compared to existing schemes.This is primarily because of hyperelliptic curve lighter nature of key and other parameters.The AVISPA tool is used to simulate the security requirements of our proposed scheme and the results were under two backbends(Constraint Logic-based Attack Searcher(CL-b-AtSER)and On-the-Fly Model Checker(ON-t-FL-MCR))proved to be SAFE when the presented scheme is coded in HLPSL language.This scheme was proven to be capable of preventing a variety of attacks,including confidentiality,integrity,unforgeability,non-repudiation,forward secrecy,and replay attacks.
基金supported by the National Natural Science Foundation of China under contract No. 60803131
文摘Concurrent signature was introduced as an efficient approach to solving the problem of fair exchange of signatures. Almost all fair exchange e-commerce protocols based on concurrent signature that have been proposed until now either do not provide message privacy protection or adopt the sign-then-encrypt scheme to provide confidentiality. However,confidentiality is an important requirement of fair exchange e-commerce protocol. In this paper,a new concept called concurrent signcryption which combines the concepts of concurrent signature and signcryption together to resolve the confidentiality problem in e-commerce systems based on concurrent signature. We also propose a concurrent signcryption scheme using bilinear pairings and prove its security in the random oracle model. Compared with the sign-then-encrypt scheme using bilinear pairings,our scheme enjoys shorter message length and less operation cost. Moreover,in our scheme the two ambiguous signcryptions can be published in any order.
基金Supported by the National Natural Science Foun-dation of China (60273049 ,60303026 ,90104005)
文摘Signcryption has been a rapidly emerging efficient approach to achieve authenticity and confidentiality within a logic single step. However, it is still a difficult problem to realize public verifiability of signcryption in an efficient and secure way. Here, we present a generic solution to realize public verifiability based on quadratic residue.
基金Supported by the National Natural Science Foun-dation of China (60473021 ,60503012)the Natural Science Foun-dation of Henan Province (511010900)
文摘Mobile commerce uses wireless device and wireless link to result in the transfer of values in exchange of information, services or goods. Wireless mobile ad hoc networks (MANETs) will bring a revolution to the business model of mobile commerce if such networks are used as the underlying network technology for mobile commerce. Mobile commerce will remain in a niche market until the security issue is properly addressed. Hence, security is also very important for MANET applications in mobile commerce. Robust key management is one of the most crucial technologies for security of MANETs. In this paper, a new solution for key management is proposed using identity-based (ID-based) signcryption and threshold secret sharing. It enables flexible and efficient key management while respecting the constraints of MANETs. In our solution, each mobile host uses its globally unique identity as its public key. It greatly decreases the computation and storage costs of mobile hosts, as well as communication cost for system key management.
文摘Recent years have witnessed growing scientific research interest in the Internet of Things(IoT)technologies,which supports the development of a variety of applications such as health care,Industry 4.0,agriculture,ecological data management,and other various domains.IoT utilizes the Internet as a prime medium of communication for both single documents as well as multi-digital messages.However,due to the wide-open nature of the Internet,it is important to ensure the anonymity,untraceably,confidentiality,and unforgeability of communication with efficient computational complexity and low bandwidth.We designed a light weight and secure proxy blind signcryption for multi-digital messages based on a hyperelliptic curve(HEC).Our results outperform the available schemes in terms of computational cost and communication bandwidth.The designed scheme also has the desired authentication,unforgeability of warrants and/or plaintext,confidentiality,integrity,and blindness,respectively.Further,our scheme is more suitable for devices with low computation power such as mobiles and tablets.
基金Sponsored by the National Natural Science Foundation of China(Grant No.61401226,61672270,61602216)the MOE(Ministry of Education in China) Project of Humanities and Social Sciences(Grant No.14YJAZH023,15YJCZH129)+2 种基金the Basic Research Program of Jiangsu University of Technology(Grant No.KYY14007)the Qing Lan Project for Young Researchers of Jiangsu Province of China(Grant No.KYQ14004)the Open Fund of State Key Laboratory of Information Security,Institute of Information Engineering,Chinese Academy of Sciences(Grant No.2015-MSB-10)
文摘In order to protect historical ciphertext when the private key leaked in the broadcasting system,the forward-secure multi-receiver signcryption scheme is designed based on the generic graded multilinear mapping encoding structure,which effectively prevents illegal access from intruder to the ciphertext in the past time period when the private key in current time period is revealed.Through the generalization of the existing multilinear mapping encoding system,it proposes the generic graded multilinear mapping encoding structure and the generic graded decision Diffie-Hellman problem.Because of the generic graded multilinear mapping encoding system adopted,almost all candidate multilinear mapping encoding systems can automatically adapt to our scheme.Under the assumption of generic graded decision Diffie-Hellman problem,it has proved that the scheme has the information confidentiality and unforgeability in the current time period.After putting forward the security model of forward-secure multi-receiver signcryption scheme,and under the assumption of generic graded decision Diffie-Hellman problem,it has proved that the scheme has the message forward-confidentiality and forward-unforgeability.Compared with other forward-secure public key encryption schemes,the relationship between our scheme and time periods is sub-linear,so it is less complex.
文摘The functions of digital signature and public key encryption are simultaneously fulfilled by signcryption,which is a cryptographic primitive.To securely communicate very large messages,the cryptographic primitive called signcryption efficiently implements the same and while most of the public key based systems are suitable for small messages,hybrid encryption(KEM-DEM)provides a competent and practical way.In this paper,we develop a hybrid signcryption technique.The hybrid signcryption is based on the KEM and DEM technique.The KEM algorithm utilizes the KDF technique to encapsulate the symmetric key.The DEM algorithm utilizes the Adaptive Genetic Algorithm based Elliptic curve cryptography algorithm to encrypt the original message.Here,for the security purpose,we introduce the three games and we proved the attackers fail to find the security attributes of our proposed signcryption algorithm.The proposed algorithm is analyzed with Daniel of Service(DOS),Brute Force attack and Man In Middle(MIM)attacks to ensure the secure data transaction.