A Provable Secure ID-Based Explicit Authenticated Key Agreement Protocol Without Random Oracles

In this paper, we present an identity-based explicit authenticated key agreement protocol that is provably secure without random oracles. The protocol employs a new method to isolate a session key from key confirmation keys so that there is no direct usage of hash functions in the protocol. The protocol is proved secure without random oracles in a variant of Bellare and Rogaway style model, an exception to current proof method in this style model in the ID-based setting. We believe that this key isolation method is novel and can be further studied for constructing more efficient protocols.

Universal Designated Multi Verifier Signature Scheme without Random Oracles

In this paper, we re-formalize the security notions of universal designated multi verifier signature （UDMVS） schemes. Then the first UDMVS scheme is presented in the standard model （i.e. without random oracles） based on Waters＇ signature scheme. In this setting, a signature holder can to designate the signature to multi verifiers. Moreover, the security of our proposed scheme is based on the Gap Bilinear Difffie-Hellman assumption.

Efficient and provably secure identification scheme without random oracles

The research on the identification scheme is an important and active area in computer and communication security. A series of identification schemes were proposed to improve the efficiency and security of the protocols by various methods. Based on the hardness assumption of the discrete logarithm problem in a gap Diffie-Hellman group and the difficulty of the collusion attack algorithm with k traitors, an efficient identification scheme is presented. Without random oracle models, the proposed scheme is then proved secure against impersonation and reset attacks in both concurrent and reset attack setting. Since the proposed scheme is simple, memory-saving, computation-efficient, and perfectly-secure, it is well suitable for use in smart cards.

Instantiate Random Oracles in OAEP with Pseudorandom Functions

This paper focuses on the instantiation of random oracles in public key encryption schemes. A misunderstanding in the former instantiations is pointed out and analyzed. A method of using this primitive as a substitution of random oracles is also proposed. The partial and full instantiations of random oracles in optimal asymmetric encryption padding （OAEP） implemented by pseudorandom functions are described and the resulted schemes are proven to be indistinguishable secure against adaptive chosen ciphertext attack （IND-CCA2） secure. Using this method, one can transform a practical public key encryption scheme secure in the random oracle model into a standard-model secure scheme. The security of the scheme is based on computational assumptions, which is weaker than decisional assumptions used in Cramer- Shoup like schemes.

A Public Verifiable Identity Based Signcryption in the Random Oracle Model

Since Libert and Quisquater's identity based signcryption scheme cannot provide public verifiability after research, the paper proposes a new identity based signcryption scheme. The scheme uses quadratic residue and pairings over elliptic curves to realize public verifiability. By analysis the scheme is proved to be more efficient than Libert and Quisquater's scheme. Moreover, a security proof of the original scheme is presented in the random oracle model.

Parallel Key-insulated Signature: Framework and Construction

To deal with the key-exposure problem in signature systems, a new framework named parallel key-insulated signature (PKIS) was introduced, and a concrete PKIS scheme was proposed. Compared with traditional key-insulated signature (KIS) schemes, the proposed PKIS scheme allows a frequent updating for temporary secret keys without increasing the risk of helper key-exposure. Moreover, the proposed PKIS scheme does not collapse even if some (not all) of the helper keys and some of the temporary secret keys are simultaneously exposed. As a result, the security of the PKIS scheme is greatly enhanced, and the damage caused by key-exposure is successfully minimized.

Identity-Based Proxy Verifiably Encrypted Signature Scheme

A Verifiably Encrypted Signature (VES) plays an essential role in the construction of a fair data exchange. The paper proposes an Identity-based Proxy Verifiably Encrypted Signature (IPVES) to combine the advantages of a proxy signature and a VES in order to delegate the signing capability of the VES of an entity called the original signer to another entity, called the proxy signer. In this IPVES scheme, the original signer delegates his/her signing capability to the proxy signer. The proxy signer issues a signature by using a proxy signing key, encrypts the signature under a designated public key, and subsequently convinces a verifier that the resulting ciphertext contains such a signature. We prove that the proposed IPVES scheme is secure in a random oracle model under the computational Diffie-Hellman assumption.

Identity-based ring signature scheme based on quadratic residues

Identity-based （ID-based） ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are constructed from bilinear pairings, a powerful but computationally expensive primitive. Hence, ID-based ring signature without pairing is of great interest in the field of cryptography. In this paper, the authors firstly propose an ID-based ring signature scheme based on quadratic residues. The proposed scheme is proved to be existentially unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the hardness of factoring. The proposed scheme is more efficient than those which are constructed from bilinear pairings.

An Efficient Certificateless Aggregate Signature Scheme Designed for VANET

The Vehicular Ad-hoc Network(VANET)is the fundamental of smart transportation system in the future,but the security of the communication between vehicles and vehicles,between vehicles and roadside infrastructures have become increasingly prominent.Certificateless aggregate signature protocol is used to address this security issue,but the existing schemes still have many drawbacks in terms of security and efficiency:First,many schemes are not secure,and signatures can be forged by the attacker;Second,even if some scheme are secure,many schemes use a large number of bilinear pairing operation,and the computation overhead is large.At the same time,the length of the aggregated signature also increases linearly with the increase of user numbers,resulting in a large communication overhead.In order to overcome the above challenges,we propose a new certificateless aggregate signature scheme for VANET,and prove the security of the scheme under the random oracle model.The new scheme uses pseudonym to realize the conditional privacy protection of the vehicle’s information.The new scheme does not use bilinear pairing operation,and the calculation efficiency is high.At the same time,the length of the aggregate signature of the new scheme is constant,thereby greatly reducing the communication and storage overhead.The analysis results demonstrate that the new scheme is not only safer,but also superior in performance to the recent related schemes in computation overhead and communication cost.

Identity-based threshold key-insulated signature

Due to the compromise of the security of the underlying system or machine stonng the key, exposure of the private key can be a devastating attack on a cryptosystem. Key insulation is an important technique to protect private keys. To deal with the private （signing） key exposure problem in identity-based signature systems, we propose an identity-based threshold key-insulated signature （IBTKIS） scheme. It strengthens the security and flexibility of existing identity-based key-insulated signature schemes. Our scheme＇ s security is proven in the random oracle model and rests on the hardness of the computational Diffie-Helhnan problem in groups equipped with a pairing. To the best of our knowledge, it is the first IBTKIS scheme up to now.

A Proxy Signature Scheme as Secure as Decisional Diffie-Hellman Problem

Based on decisional Difiie-Hcllman problem, we propose a simpleproxy-protected signature scheme In the random oracle model, we also carry out the strict securityproof for the proposed scheme. The security of the proposed scheme is not loosely related to thediscrete logarithm assumption hut tightly related to the decisional Diffie-Hellman assumption in therandom oracle model.

A Ring Signature Suitable for Wireless Sensor Networks

Wireless Sensor Network （WSN） nodes are severely limited by their power, communication bandwidth, and storage space, and the traditional signature algorithm is not suitable for WSN environments. In this paper, we present a ring signature scheme designed for WSNs. In this scheme, all of the wireless sensor nodes are divided into several sub-groups and the sub-group nodes are used to generate the signature instead of the WSN cluster nodes. This scheme can effectively avoid the single node failure problem, and it also has a high availability. All nodes are flee to sign their own message, and the nodes that generate signatures can simultaneously calculate their own part of the signature, meeting the distributed parallel computing requirements. Compared with the traditional ring signature, this scheme reduces the energy consumption, and therefore is very suitable for WSNs.

AN EFFICIENT SIGNATURE SCHEME FROM CATALANO’S TRAPDOOR

Digital signature is one of the most important cryptographic primitives. We proposed a new digital signature scheme based on Catalano’s trapdoor. Since Catalano’s trapdoor is more efficient than existing trapdoors in number theory, our scheme need not modular exponentiation but several modular multiplications in the signing algorithm. We also proved our scheme is provably secure against adap-tively chosen message attack by using the Forking lemma.

Concurrent Signcryption Using Bilinear Pairings for E-commerce

Concurrent signature was introduced as an efficient approach to solving the problem of fair exchange of signatures. Almost all fair exchange e-commerce protocols based on concurrent signature that have been proposed until now either do not provide message privacy protection or adopt the sign-then-encrypt scheme to provide confidentiality. However,confidentiality is an important requirement of fair exchange e-commerce protocol. In this paper,a new concept called concurrent signcryption which combines the concepts of concurrent signature and signcryption together to resolve the confidentiality problem in e-commerce systems based on concurrent signature. We also propose a concurrent signcryption scheme using bilinear pairings and prove its security in the random oracle model. Compared with the sign-then-encrypt scheme using bilinear pairings,our scheme enjoys shorter message length and less operation cost. Moreover,in our scheme the two ambiguous signcryptions can be published in any order.

Pairing-Free Certificateless Key-Insulated Encryption with Provable Security

Certificateless encryption attracts a lot of attention so far by eliminating the key escrow problem in identity-based encryption and public key certificates in the traditional public key cryptography. By considering the threat from the key exposure, it is desirable to incorporate the idea of key-insulated cryptosystem into the certificateless encryption. In this paper, we have designed an efficient certificateless keyinsulated encryption(CL-KIE) scheme to achieve this goal. By our approach, the computational performance of our scheme has been improved significantly in terms of reduction on running time and storage. We also gave the security proof of the new CL-KIE scheme against the chosen plaintext attacks(CPAs) in the random oracle, considering the assumption of the computational Diffie-Hellman(CDH) problem.

Active Authentication Protocol for IoV Environment with Distributed Servers

The Internet of Vehicles(IoV)has evolved as an advancement over the conventional Vehicular Ad-hoc Networks(VANETs)in pursuing a more optimal intelligent transportation system that can provide various intelligent solutions and enable a variety of applications for vehicular traffic.Massive volumes of data are produced and communicated wirelessly among the different relayed entities in these vehicular networks,which might entice adversaries and endanger the system with a wide range of security attacks.To ensure the security of such a sensitive network,we proposed a distributed authentication mechanism for IoV based on blockchain technology as a distributed ledger with an ouroboros algorithm.Using timestamp and challenge-responsemechanisms,the proposed authentication model can withstand several security attacks such asMan-in-Middle(MiM)attacks,Distributed Denial of Service(DDoS)attacks,server spoofing attacks and more.The proposed method also provides a solution for single-point failure,forward secrecy,revocability,etc.We exhibit the security of our proposed model by using formal(mathematical)analysis and informal analysis.We used Random Oracle Model to perform themathematical analysis.In addition,we compared the communication cost,computation cost,and security of the proposed model with the related existing studies.We have verified the security of the model by using AVISPA tool simulation.The security analysis and computation analysis show that the proposed protocol is viable.

Pairing-Free ID-Based Key-Insulated Signature Scheme

Without the assumption that the private keys are kept secure perfectly, cryptographic primitives cannot be deployed in the insecure environments where the key leakage is inevitable. In order to reduce the damage caused by the key exposure in the identity-based（ID-based） signature scenarios efficiently, we propose an ID-based key-insulated signature scheme in this paper, which eliminates the expensive bilinear pairing operations. Compared with the previous work, our scheme minimizes the computation cost without any extra cost. Under the discrete logarithm（DL） assumption, a security proof of our scheme in the random oracle model has also been given.

Provably Secure Self-Certified Signature Schemes with Message Recovery

To solve the key escrow problem of the identity-based cryptosystem, Girault introduced the notion of a self-certified public key, which not only eliminates the need to authenticate a public key but also solves the key escrow problerrL This paper proposes a Self-Certified Signature （SCS） scheme with message recovery and two variants without using bilinear pairings： one is the authenticated encryption scheme in which only the designated re- ceiver can verify the signature, and the other is the authenticated encryption scheme with message linkage that deals with large messages. These three SCS schemes are provably secure in the random oracle model and are more efficient than previous schemes .

Post-Quantum Blockchain over Lattice

Blockchain is an emerging decentralized architecture and distributed computing paradigm underlying Bitcoin and other cryptocurrencies,and has recently attracted intensive attention from governments,financial institutions,high-tech enterprises,and the capital markets.Its cryptographic security relies on asymmetric cryptography,such as ECC,RSA.However,with the surprising development of quantum technology,asymmetric cryptography schemes mentioned above would become vulnerable.Recently,lattice-based cryptography scheme was proposed to be secure against attacks in the quantum era.In 2018,with the aid of Bonsai Trees technology,Yin et al.[Yin,Wen,Li et al.(2018)]proposed a lattice-based authentication method which can extend a lattice space to multiple lattice spaces accompanied by the corresponding key.Although their scheme has theoretical significance,it is unpractical in actual situation due to extremely large key size and signature size.In this paper,aiming at tackling the critical issue of transaction size,we propose a post quantum blockchain over lattice.By using SampleMat and signature without trapdoor,we can reduce the key size and signature size of our transaction authentication approach by a significant amount.Instead of using a whole set of vectors as a basis,we can use only one vector and rotate it enough times to form a basis.Based on the hardness assumption of Short Integer Solution(SIS),we demonstrate that the proposed anti-quantum transaction authentication scheme over lattice provides existential unforgeability against adaptive chosen-message attacks in the random oracle.As compared to the Yin et al.[Yin,Wen,Li et al.(2018)]scheme,our scheme has better performance in terms of energy consumption,signature size and signing key size.As the underlying lattice problem is intractable even for quantum computers,our scheme would work well in the quantum age.

Short Group Signatures with Efficient Concurrent Join

Group signature schemes are fundamental cryptographic tools. A group signature scheme allows members of a group to anonymously sign misuse, the anonymity messages. To counter can be revoked by the group manager. The group joining operation is a critical component of group signature scheme, the framing attack can be prevented by group joining processes. This paper presents an efficient group signature scheme with a simple joining protocol that is based on a ＂single message and signature response＂ interaction between the prospective user and the group manager. The security of our group signature is based on the Discrete Logarithm assumption and Decisional Linear Diffie- Hellman assumption. The formal security proof of our scheme is given in the random oracle model. Our scheme is also a very efficient short group signature scheme with efficient concurrent join.