An enhanced formal model of security for proxy signature schemes is presented and a provably secure short proxy signature scheme is proposed from bilinear maps. The proposed proxy signature scheme is based on two shor...An enhanced formal model of security for proxy signature schemes is presented and a provably secure short proxy signature scheme is proposed from bilinear maps. The proposed proxy signature scheme is based on two short secure signature schemes. One is used for delegating the signing rights and computing the standard signature; the other is used for computing proxy signature. Finally, a security proof of the proposed proxy signature scheme is showed by reducing tightly the security of the proposed proxy signature scheme to the security of the two basic signature schemes. The proposed proxy signature scheme has the shortest ordinary signatures and proxy signatures. Moreover, the proxy signature generation needs no pairing operation and verification needs just two pairing operation.展开更多
The design and analysis of authenticated key exchange protocol is an important problem in information security area. At present, extended Canetti-Krawczyk (eCK) model provides the strongest definition of security for ...The design and analysis of authenticated key exchange protocol is an important problem in information security area. At present, extended Canetti-Krawczyk (eCK) model provides the strongest definition of security for two party key agreement protocol, however most of the current secure protocols can not be prove to secure without Gap assumption. To avoid this phenomenon, by using twinning key technology we propose a new two party key agreement protocol TUP which is obtained by modifying the UP protocol, then in conjunction with the trapdoor test, we prove strictly that the new protocol is secure in eCK model. Compared with previous protocols, the security assumption of new proposal is more standard and weaker, and it also solves an open problem in ProvSec'09.展开更多
The improved RSA signature scheme can be strictly proved to be equivalent to the factoring problem. In the improved RSA signature scheme, when the public exponent e=1, the scheme becomes the improved Rabin signature. ...The improved RSA signature scheme can be strictly proved to be equivalent to the factoring problem. In the improved RSA signature scheme, when the public exponent e=1, the scheme becomes the improved Rabin signature. Such an improved Rabin signature scheme is reviewed and the techniques from the provable security is applied to analyze its security.展开更多
Recently, He et al. (Computers and Mathematics with Applications, 2012) proposed an efficient pairing-free certificateless authenticated key agreement (CL-AKA) protocol and claimed their protocol was provably secu...Recently, He et al. (Computers and Mathematics with Applications, 2012) proposed an efficient pairing-free certificateless authenticated key agreement (CL-AKA) protocol and claimed their protocol was provably secure in the extended Canetti-Krawczyk (eCK) model. By giving concrete attacks, we indicate that their protocol is not secure in the eCK model. We propose an improved protocol and show our improvement is secure in the eCK model under the gap DiffieHellman (GDH) assumption. Furthermore, the proposed protocol is very efficient.展开更多
Hierarchical identity-based signature (HIBS) has wide applications in the large network. However,the existing works cannot solve the trade-off between the security and efficiency. The main challenge at present is to...Hierarchical identity-based signature (HIBS) has wide applications in the large network. However,the existing works cannot solve the trade-off between the security and efficiency. The main challenge at present is to construct a high efficient and strong secure HIBS with a low computation cost. In this paper,a new construction of HIBS scheme is proposed. The new scheme achieves the adaptive security which is a strong security in the identity-based cryptography. But our scheme has short public parameters and the private keys size shrinks as the hierarchy depth increases. The signature size is a constant and the cost of verification only requires four bilinear pairings,which are independent of hierarchy depth. Furthermore,under the q-strong computational diffie-Hellman problem (q-SDH) assumption,the scheme is provably secure against existential forgery for adaptive chosen message and identity attack in the standard model.展开更多
To give concurrent consideration both the efficiency and the security(intensity of intractable problem) in the standard model,a chosen ciphertext secure identity-based broadcast encryption is proposed.Against the chos...To give concurrent consideration both the efficiency and the security(intensity of intractable problem) in the standard model,a chosen ciphertext secure identity-based broadcast encryption is proposed.Against the chosen ciphertext security model,by using identity(ID) sequence and adding additional information in ciphertext,the self-adaptive chosen identity security(the full security) and the chosen ciphertext security are gained simultaneously.The reduction of scheme's security is the decisional bilinear Diffie-Hellman(BDH) intractable assumption,and the proof of security shows that the proposed scheme is indistinguishable against adaptive chosen ciphertext attacks in the standard model under the decisional BDH intractable assumption.So the security level is improved,and it is suitable for higher security environment.展开更多
The mushroom growth of IoT has been accompanied by the generation of massive amounts of data.Subject to the limited storage and computing capabilities ofmost IoT devices,a growing number of institutions and organizati...The mushroom growth of IoT has been accompanied by the generation of massive amounts of data.Subject to the limited storage and computing capabilities ofmost IoT devices,a growing number of institutions and organizations outsource their data computing tasks to cloud servers to obtain efficient and accurate computation while avoiding the cost of local data computing.One of the most important challenges facing outsourcing computing is how to ensure the correctness of computation results.Linearly homomorphic proxy signature(LHPS)is a desirable solution to ensure the reliability of outsourcing computing in the case of authorized signing right.Blockchain has the characteristics of tamper-proof and traceability,and is a new technology to solve data security.However,as far as we know,constructions of LHPS have been few and far between.In addition,the existing LHPS scheme does not focus on homomorphic unforgeability and does not use blockchain technology.Herein,we improve the security model of the LHPS scheme,and the usual existential forgery and homomorphic existential forgery of two types of adversaries are considered.Under the new model,we present a blockchain-based LHPS scheme.The security analysis shows that under the adaptive chosen message attack,the unforgeability of the proposed scheme can be reduced to the CDH hard assumption,while achieving the usual and homomorphic existential unforgeability.Moreover,comparedwith the previous LHPS scheme,the performance analysis shows that our scheme has the same key size and comparable computational overhead,but has higher security.展开更多
In this paper, a general framework for designing and analyzing password-based security protocols is presented. First we introduce the concept of "weak computational indistinguishability" based on current progress of...In this paper, a general framework for designing and analyzing password-based security protocols is presented. First we introduce the concept of "weak computational indistinguishability" based on current progress of password-based security protocols. Then, we focus on cryptographic foundations for password-based security protocols, i.e., the theory of "weak pseudorandomness". Furthermore, based on the theory of weak pseudorandomness, we present a modular approach to design and analysis of password-based security protocols. Finally, applying the modular approach, we design two kinds of password-based security protocols, i.e., password-based session key distribution (PSKD) protocol and protected password change (PPC) protocol. In addition to having forward secrecy and improved efficiency, new protocols are proved secure.展开更多
基金The National Natural Science Foundationof China (No.60703048)the Natural Science Foundationof Hubei Province (No.2007ABA313)
文摘An enhanced formal model of security for proxy signature schemes is presented and a provably secure short proxy signature scheme is proposed from bilinear maps. The proposed proxy signature scheme is based on two short secure signature schemes. One is used for delegating the signing rights and computing the standard signature; the other is used for computing proxy signature. Finally, a security proof of the proposed proxy signature scheme is showed by reducing tightly the security of the proposed proxy signature scheme to the security of the two basic signature schemes. The proposed proxy signature scheme has the shortest ordinary signatures and proxy signatures. Moreover, the proxy signature generation needs no pairing operation and verification needs just two pairing operation.
文摘The design and analysis of authenticated key exchange protocol is an important problem in information security area. At present, extended Canetti-Krawczyk (eCK) model provides the strongest definition of security for two party key agreement protocol, however most of the current secure protocols can not be prove to secure without Gap assumption. To avoid this phenomenon, by using twinning key technology we propose a new two party key agreement protocol TUP which is obtained by modifying the UP protocol, then in conjunction with the trapdoor test, we prove strictly that the new protocol is secure in eCK model. Compared with previous protocols, the security assumption of new proposal is more standard and weaker, and it also solves an open problem in ProvSec'09.
文摘The improved RSA signature scheme can be strictly proved to be equivalent to the factoring problem. In the improved RSA signature scheme, when the public exponent e=1, the scheme becomes the improved Rabin signature. Such an improved Rabin signature scheme is reviewed and the techniques from the provable security is applied to analyze its security.
文摘Recently, He et al. (Computers and Mathematics with Applications, 2012) proposed an efficient pairing-free certificateless authenticated key agreement (CL-AKA) protocol and claimed their protocol was provably secure in the extended Canetti-Krawczyk (eCK) model. By giving concrete attacks, we indicate that their protocol is not secure in the eCK model. We propose an improved protocol and show our improvement is secure in the eCK model under the gap DiffieHellman (GDH) assumption. Furthermore, the proposed protocol is very efficient.
基金supported by the National Natural Science Foundation of China (60970119, 60803149)the National Basic Research Program of China (2007CB311201)the Fundamental Research Funds for the Central Universities
文摘Hierarchical identity-based signature (HIBS) has wide applications in the large network. However,the existing works cannot solve the trade-off between the security and efficiency. The main challenge at present is to construct a high efficient and strong secure HIBS with a low computation cost. In this paper,a new construction of HIBS scheme is proposed. The new scheme achieves the adaptive security which is a strong security in the identity-based cryptography. But our scheme has short public parameters and the private keys size shrinks as the hierarchy depth increases. The signature size is a constant and the cost of verification only requires four bilinear pairings,which are independent of hierarchy depth. Furthermore,under the q-strong computational diffie-Hellman problem (q-SDH) assumption,the scheme is provably secure against existential forgery for adaptive chosen message and identity attack in the standard model.
基金the National Natural Science Foundation of China (No.60970119)the National Basic Research Program (973) of China (No.2007CB311201)
文摘To give concurrent consideration both the efficiency and the security(intensity of intractable problem) in the standard model,a chosen ciphertext secure identity-based broadcast encryption is proposed.Against the chosen ciphertext security model,by using identity(ID) sequence and adding additional information in ciphertext,the self-adaptive chosen identity security(the full security) and the chosen ciphertext security are gained simultaneously.The reduction of scheme's security is the decisional bilinear Diffie-Hellman(BDH) intractable assumption,and the proof of security shows that the proposed scheme is indistinguishable against adaptive chosen ciphertext attacks in the standard model under the decisional BDH intractable assumption.So the security level is improved,and it is suitable for higher security environment.
基金funded by the Special Innovation Project forGeneral Colleges and Universities in Guangdong Province (Grant No.2020KTSCX126).
文摘The mushroom growth of IoT has been accompanied by the generation of massive amounts of data.Subject to the limited storage and computing capabilities ofmost IoT devices,a growing number of institutions and organizations outsource their data computing tasks to cloud servers to obtain efficient and accurate computation while avoiding the cost of local data computing.One of the most important challenges facing outsourcing computing is how to ensure the correctness of computation results.Linearly homomorphic proxy signature(LHPS)is a desirable solution to ensure the reliability of outsourcing computing in the case of authorized signing right.Blockchain has the characteristics of tamper-proof and traceability,and is a new technology to solve data security.However,as far as we know,constructions of LHPS have been few and far between.In addition,the existing LHPS scheme does not focus on homomorphic unforgeability and does not use blockchain technology.Herein,we improve the security model of the LHPS scheme,and the usual existential forgery and homomorphic existential forgery of two types of adversaries are considered.Under the new model,we present a blockchain-based LHPS scheme.The security analysis shows that under the adaptive chosen message attack,the unforgeability of the proposed scheme can be reduced to the CDH hard assumption,while achieving the usual and homomorphic existential unforgeability.Moreover,comparedwith the previous LHPS scheme,the performance analysis shows that our scheme has the same key size and comparable computational overhead,but has higher security.
基金the National Natural Science Foundation of China (Grant Nos. 60025205 and 60673083)
文摘In this paper, a general framework for designing and analyzing password-based security protocols is presented. First we introduce the concept of "weak computational indistinguishability" based on current progress of password-based security protocols. Then, we focus on cryptographic foundations for password-based security protocols, i.e., the theory of "weak pseudorandomness". Furthermore, based on the theory of weak pseudorandomness, we present a modular approach to design and analysis of password-based security protocols. Finally, applying the modular approach, we design two kinds of password-based security protocols, i.e., password-based session key distribution (PSKD) protocol and protected password change (PPC) protocol. In addition to having forward secrecy and improved efficiency, new protocols are proved secure.
