Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we...Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.展开更多
The security of cloud data has always been a concern.Cloud server provider may maliciously tamper or delete user’s data for their own benefit,so data integrity audit is of great significance to verify whether data is...The security of cloud data has always been a concern.Cloud server provider may maliciously tamper or delete user’s data for their own benefit,so data integrity audit is of great significance to verify whether data is modified or not.Based on the general three-party audit architecture,a dynamic auditing scheme without bilinear pairings is proposed in this paper.It utilizes exponential operation instead of bilinear mapping to verify the validity of evidence.By establishing the mapping relation between logic index and tag index of data block with index transformation table,our scheme can easily support dynamic data operation.By hiding random numbers in the integrity evidence,our scheme can protect users’privacy information.Detailed security analysis shows that our scheme is secure against attacks such as forgery,replaying and substitution.Further experiments demonstrate that our scheme has lower computational overhead.展开更多
Ring signature and proxy signature are of vital importance to secure electronic commerce. Recently, the bilinear pairing such as Well pairing or Tate pairing on elliptic curves and hyperelliptic curves is playing an i...Ring signature and proxy signature are of vital importance to secure electronic commerce. Recently, the bilinear pairing such as Well pairing or Tate pairing on elliptic curves and hyperelliptic curves is playing an important role in security solutions. Several ID-based signature schemes have been put forward, many of which are based on bilinear pairings. In key management and moderate security demand scenarios, ID-based public key cryptosystem is more preferable than other public key infrastructure based systems. In this paper, an improved ID-based proxy ring signature scheme from bilinear pairings is proposed which combines the advantages of proxy signature and of ring signatures. Our scheme can guarantee the profits of the proxy signer via preventing the original signer form generating the proxy ring signature. Furthermore, bilinear pairings are introduced to minimize the computation overhead and to improve the related performance of our scheme. In contrast with Zhang's scheme, our scheme is a computational efficiency improvement for signature verification because the computational cost of bilinear pairings required is reduced from O(n) to O( 1 ). In addition, the proxy ring signature presented in this paper can perfectly satisfy all the security requirements of proxy ring signature, i. e. signer-ambiguity, non-forgeability, verification, non-deniability and distinguishability.展开更多
Two digital multisignature schemes based on bilinear pairings were proposed. One of them is the sequential digital multisignature, and the other is the broadcasting digital multisignature. The scheme has the same secu...Two digital multisignature schemes based on bilinear pairings were proposed. One of them is the sequential digital multisignature, and the other is the broadcasting digital multisignature. The scheme has the same security as JI and LIs multisignature scheme, but the new scheme has the lower computation. So the new scheme is the multisignature which has high security and low computation. It has the theory meaning and extensive application under the condition of SmartCard, etc.展开更多
A proxy signature allows an entity, called original signer, to delegate its signing power to another entity, called proxy signer, to sign messages on its behalf. Proxy signatures have many practical applications and a...A proxy signature allows an entity, called original signer, to delegate its signing power to another entity, called proxy signer, to sign messages on its behalf. Proxy signatures have many practical applications and are very important cryptographic protocol. In this paper, we propose an efficient proxy signature scheme from bilinear pairings. We prove it secure in the random oracle model and analyze computation cost of our scheme. Our scheme satisfies all the properties required for proxy signatures.展开更多
Based on the GDH signature (short signature scheme) a probabilistic signature scheme is proposed in this paper with security proof.Then a new threshold proxy signature from bilinear pairings is proposed as well by us ...Based on the GDH signature (short signature scheme) a probabilistic signature scheme is proposed in this paper with security proof.Then a new threshold proxy signature from bilinear pairings is proposed as well by us ing the new probabilistic signature scheme and the properties of the Gap Diffie-Hellman (GDH)group (where the Computational Diffie-Hellman problem is hard but the Decisional Diffie-Hellman problem is easy to solve).Our constructions are based on the recently proposed GDH signature scheme of Bonel et al.s article.Bilinear pairings could be built from Weil pairing or Tate pairing.So most our constructions would be simpler,but still with high security.The proposed threshold proxy signature is the first one which is built from bilinear pairings.At the end of this paper security and performance of the threshold proxy signature scheme is also analyzed.展开更多
Aimed at enhancing privacy protection of location-based services( LBS) in mobile Internet environment,an improved privacy scheme of high service quality on the basis of bilinear pairings theory and k-anonymity is pr...Aimed at enhancing privacy protection of location-based services( LBS) in mobile Internet environment,an improved privacy scheme of high service quality on the basis of bilinear pairings theory and k-anonymity is proposed. In circular region of Euclidian distance,mobile terminal evenly generates some false locations,from which half optimal false locations are screened out according to position entropy,location and mapping background information. The anonymity obtains the effective guarantee,so as to realize privacy protection. Through security analyses,the scheme is proved not only to be able to realize such security features as privacy,anonymity and nonforgeability,but also able to resist query tracing attack. And the result of simulation shows that this scheme not only has better evenness in selecting false locations,but also improves efficiency in generating and selecting false nodes.展开更多
In the area of secure Web information system, mutual authentication and key agreement are essential between Web clients and servers. An efficient certificateless authenticated key agreement protocol for Web client/ser...In the area of secure Web information system, mutual authentication and key agreement are essential between Web clients and servers. An efficient certificateless authenticated key agreement protocol for Web client/server setting is proposed, which uses pairings on certain elliptic curves. We show that the newly proposed key agreement protocol is practical and of great efficiency, meanwhile, it satisfies every desired security require ments for key agreement protocols.展开更多
We argue that traditional identity-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we first propose new ID-based public key systems wit...We argue that traditional identity-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we first propose new ID-based public key systems without trusted PKG (Private Key Generator) from bilinear pairings. In our new ID-based systems, if the dishonest PKG impersonates an honest user to communicate with others, the user can provide a proof of treachery of the PKG afterwards, which is similar to certificate-based systems. Therefore, our systems reach the Girault’s trusted level 3. We then propose a group signature scheme under the new ID-based systems, the security and performance of which rely on the new systems. The size of the group public key and the length of the signature are independent on the numbers of the group.展开更多
Proxy signatures are very useful tools when one needs to delegate his/her signing capability to other parties. In this paper,a new multi-proxy signature scheme is proposed. The new scheme is constructed from bilinear ...Proxy signatures are very useful tools when one needs to delegate his/her signing capability to other parties. In this paper,a new multi-proxy signature scheme is proposed. The new scheme is constructed from bilinear pairings using Boneh,Lynn,and Shacham’s (BLS) short signatures. The proxy key for the proxy group is just a short signature on the proxy warrant generated by the original signer. Due to the use of short signatures,our scheme is not only efficient,but also satisfies all the security requirements of the strong proxy signature.展开更多
We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software upda...We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software updates. Compared with the previous published schemes, our scheme provides group member authentication without introducing additional mechanism. Future, we give the security proof of our scheme under the random oracle model.展开更多
Because the modified remote user authentication scheme proposed by Shen, Lin and Hwang is insecure, the Shen-Lin-Hwang' s scheme is improved and a new secure remote user authentication scheme based on the bi- linear ...Because the modified remote user authentication scheme proposed by Shen, Lin and Hwang is insecure, the Shen-Lin-Hwang' s scheme is improved and a new secure remote user authentication scheme based on the bi- linear parings is proposed. Moreover, the effectiveness of the new scheme is analyzed, and it is proved that the new scheme can prevent from all kinds of known attack. The one-way hash function is effective in the new scheme. The new scheme is proved that it has high effectiveness and fast convergence speed. Moreover, the ap- plication of the new scheme is easy and operational.展开更多
To realize delegation between different users in a mixed cryptosystem,a proxy signature scheme for ID-based original signers and certificated-based proxy signers(PSS-ID-CER)is defined.Using the bilinear properties o...To realize delegation between different users in a mixed cryptosystem,a proxy signature scheme for ID-based original signers and certificated-based proxy signers(PSS-ID-CER)is defined.Using the bilinear properties of the pairings and the characters of key generations of certificate-based cryptosystems and ID-based cryptosystems,a construction for such a scheme is also presented.To prove the security of the proposed scheme,a general security model for this scheme under adaptive chosen-PKG,chosen-ID,chosen-delegation,chosen-ProxySigner-public-key,chosen-proxy-key and chosen-message attack is defined.The proposed scheme is provably secure under the random oracle model and the hardness assumption of computational Diffie-Hellman problem.展开更多
Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present ...Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.展开更多
In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc...In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.展开更多
An identity-based proxy blind signature scheme from bilinear pairings isintroduced, which combines the advantages of proxy signature and blind signature. Furthermore, ourscheme can prevent the original signer from gen...An identity-based proxy blind signature scheme from bilinear pairings isintroduced, which combines the advantages of proxy signature and blind signature. Furthermore, ourscheme can prevent the original signer from generating the proxy blind signature, thus the profitsof the proxy signer are guaranteed. We introduce bilinear pairings to minimize computationaloverhead and to improve the related performance of our scheme. In addition, the proxy blindsignature presented is non-repudiable and it fulfills perfectly the security requirements of a proxyblind signature.展开更多
In proxy signature schemes,the proxy signer B is permitted to produce a signature on behalf of the original signer A. However,exposure of proxy signing keys can be the most devastating attack on a proxy signature sche...In proxy signature schemes,the proxy signer B is permitted to produce a signature on behalf of the original signer A. However,exposure of proxy signing keys can be the most devastating attack on a proxy signature scheme since any adversary can sign messages on behalf of the proxy signer. In this paper,we applied Dodis,et al.’s key-insulation mechanism and proposed an Identity-Based (ID-based) Key-Insulated Proxy Signature (IBKIPS) scheme with secure key-updates. The proposed scheme is strong key-insulated and perfectly key-insulated. Our scheme also supports unbounded period numbers and random-access key-updates.展开更多
To deal with the key-exposure problem in signature systems, a new framework named parallel key-insulated signature (PKIS) was introduced, and a concrete PKIS scheme was proposed. Compared with traditional key-insulate...To deal with the key-exposure problem in signature systems, a new framework named parallel key-insulated signature (PKIS) was introduced, and a concrete PKIS scheme was proposed. Compared with traditional key-insulated signature (KIS) schemes, the proposed PKIS scheme allows a frequent updating for temporary secret keys without increasing the risk of helper key-exposure. Moreover, the proposed PKIS scheme does not collapse even if some (not all) of the helper keys and some of the temporary secret keys are simultaneously exposed. As a result, the security of the PKIS scheme is greatly enhanced, and the damage caused by key-exposure is successfully minimized.展开更多
In a proxy blind signature scheme, the proxy signer is allowed to generate a blind signature on behalf of the original signer. The proxy blind signature scheme is useful in several applications such as e-voting and e-...In a proxy blind signature scheme, the proxy signer is allowed to generate a blind signature on behalf of the original signer. The proxy blind signature scheme is useful in several applications such as e-voting and e-payment. In this paper, we propose an identity-based proxy blind signature scheme which combines the advantages of proxy signature and of blind signature. Our scheme fulfills peffecdy the security requirements of a proxy blind signature. Comparing the previous scheme, our scheme needs less computational overhead and is more efficient.展开更多
Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or ...Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or acquired optimized performance. To achieve the goals of both proven security and high efficiency, this paper proposed an efficient identity-based proxy signature scheme. The scheme is constructed from bilinear pairing and proved secure in the random oracle model, using the oracle replay attack technique introduced by Pointehval and Stern. The analysis shows that the scheme needs less computation costs and has a shorter signature than the other schemes.展开更多
基金Supported by the National Natural Science Foundation of China (60473029)
文摘Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.
基金This work is supported by the National Key R&D Program of China(2016YFB0800402)partially supported by the National Natural Science Foundation of China under Grant No.61232004and the Fundamental Research Funds for the Central Universities(2016YXMS020).
文摘The security of cloud data has always been a concern.Cloud server provider may maliciously tamper or delete user’s data for their own benefit,so data integrity audit is of great significance to verify whether data is modified or not.Based on the general three-party audit architecture,a dynamic auditing scheme without bilinear pairings is proposed in this paper.It utilizes exponential operation instead of bilinear mapping to verify the validity of evidence.By establishing the mapping relation between logic index and tag index of data block with index transformation table,our scheme can easily support dynamic data operation.By hiding random numbers in the integrity evidence,our scheme can protect users’privacy information.Detailed security analysis shows that our scheme is secure against attacks such as forgery,replaying and substitution.Further experiments demonstrate that our scheme has lower computational overhead.
基金Sponsored by the National Natural Science Foundation of China(Grant No.90104033).
文摘Ring signature and proxy signature are of vital importance to secure electronic commerce. Recently, the bilinear pairing such as Well pairing or Tate pairing on elliptic curves and hyperelliptic curves is playing an important role in security solutions. Several ID-based signature schemes have been put forward, many of which are based on bilinear pairings. In key management and moderate security demand scenarios, ID-based public key cryptosystem is more preferable than other public key infrastructure based systems. In this paper, an improved ID-based proxy ring signature scheme from bilinear pairings is proposed which combines the advantages of proxy signature and of ring signatures. Our scheme can guarantee the profits of the proxy signer via preventing the original signer form generating the proxy ring signature. Furthermore, bilinear pairings are introduced to minimize the computation overhead and to improve the related performance of our scheme. In contrast with Zhang's scheme, our scheme is a computational efficiency improvement for signature verification because the computational cost of bilinear pairings required is reduced from O(n) to O( 1 ). In addition, the proxy ring signature presented in this paper can perfectly satisfy all the security requirements of proxy ring signature, i. e. signer-ambiguity, non-forgeability, verification, non-deniability and distinguishability.
基金Natural Science Foundation of Fujian Province of China( Z0511024)
文摘Two digital multisignature schemes based on bilinear pairings were proposed. One of them is the sequential digital multisignature, and the other is the broadcasting digital multisignature. The scheme has the same security as JI and LIs multisignature scheme, but the new scheme has the lower computation. So the new scheme is the multisignature which has high security and low computation. It has the theory meaning and extensive application under the condition of SmartCard, etc.
基金Supported by the National Natural Science Foundation of China (No. 60842002, 60673070)The National High-tech Research and Development Plan of China (No. 2007AA01- Z409)+2 种基金The Fundamental Research Funds for the Central Universities Grant No. B1020211China Postdoctoral Science Foundation Funded ProjectThe "Six Talent Peaks Program" of Jiangsu Province of China and Pro-gram for New Century Excellent Talents in Hohai Uni-versity
文摘A proxy signature allows an entity, called original signer, to delegate its signing power to another entity, called proxy signer, to sign messages on its behalf. Proxy signatures have many practical applications and are very important cryptographic protocol. In this paper, we propose an efficient proxy signature scheme from bilinear pairings. We prove it secure in the random oracle model and analyze computation cost of our scheme. Our scheme satisfies all the properties required for proxy signatures.
文摘Based on the GDH signature (short signature scheme) a probabilistic signature scheme is proposed in this paper with security proof.Then a new threshold proxy signature from bilinear pairings is proposed as well by us ing the new probabilistic signature scheme and the properties of the Gap Diffie-Hellman (GDH)group (where the Computational Diffie-Hellman problem is hard but the Decisional Diffie-Hellman problem is easy to solve).Our constructions are based on the recently proposed GDH signature scheme of Bonel et al.s article.Bilinear pairings could be built from Weil pairing or Tate pairing.So most our constructions would be simpler,but still with high security.The proposed threshold proxy signature is the first one which is built from bilinear pairings.At the end of this paper security and performance of the threshold proxy signature scheme is also analyzed.
基金supported by the National Natural Science Foundation of China(61772159,61300124,61300216)the Science and Technology Research Program of Henan Province(172102310677)
文摘Aimed at enhancing privacy protection of location-based services( LBS) in mobile Internet environment,an improved privacy scheme of high service quality on the basis of bilinear pairings theory and k-anonymity is proposed. In circular region of Euclidian distance,mobile terminal evenly generates some false locations,from which half optimal false locations are screened out according to position entropy,location and mapping background information. The anonymity obtains the effective guarantee,so as to realize privacy protection. Through security analyses,the scheme is proved not only to be able to realize such security features as privacy,anonymity and nonforgeability,but also able to resist query tracing attack. And the result of simulation shows that this scheme not only has better evenness in selecting false locations,but also improves efficiency in generating and selecting false nodes.
基金Supported bythe National Natural Science Foundationof China (60225007 ,60572155) the Science and Technology ResearchProject of Shanghai (04DZ07067)
文摘In the area of secure Web information system, mutual authentication and key agreement are essential between Web clients and servers. An efficient certificateless authenticated key agreement protocol for Web client/server setting is proposed, which uses pairings on certain elliptic curves. We show that the newly proposed key agreement protocol is practical and of great efficiency, meanwhile, it satisfies every desired security require ments for key agreement protocols.
基金Supported by National Natural Science Foundation of China (No.60503006 and No.60403007) and Natural Science Foundation of Guangdong, China (No. 04205407).
文摘We argue that traditional identity-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we first propose new ID-based public key systems without trusted PKG (Private Key Generator) from bilinear pairings. In our new ID-based systems, if the dishonest PKG impersonates an honest user to communicate with others, the user can provide a proof of treachery of the PKG afterwards, which is similar to certificate-based systems. Therefore, our systems reach the Girault’s trusted level 3. We then propose a group signature scheme under the new ID-based systems, the security and performance of which rely on the new systems. The size of the group public key and the length of the signature are independent on the numbers of the group.
基金Supported by the Jiangsu Educational Committee (No.03KJA520066)Key Lab. (Xidian University) of Ministry of Education of China on Computer Networks and Information Security.
文摘Proxy signatures are very useful tools when one needs to delegate his/her signing capability to other parties. In this paper,a new multi-proxy signature scheme is proposed. The new scheme is constructed from bilinear pairings using Boneh,Lynn,and Shacham’s (BLS) short signatures. The proxy key for the proxy group is just a short signature on the proxy warrant generated by the original signer. Due to the use of short signatures,our scheme is not only efficient,but also satisfies all the security requirements of the strong proxy signature.
基金Supported by the National Natural Science Foun-dation of China (90304007) the National Basic Research Programof China(973 Program2004CB318004)
文摘We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software updates. Compared with the previous published schemes, our scheme provides group member authentication without introducing additional mechanism. Future, we give the security proof of our scheme under the random oracle model.
基金Supported by the National Science Foundation for Young Scholars of China(61001091)~~
文摘Because the modified remote user authentication scheme proposed by Shen, Lin and Hwang is insecure, the Shen-Lin-Hwang' s scheme is improved and a new secure remote user authentication scheme based on the bi- linear parings is proposed. Moreover, the effectiveness of the new scheme is analyzed, and it is proved that the new scheme can prevent from all kinds of known attack. The one-way hash function is effective in the new scheme. The new scheme is proved that it has high effectiveness and fast convergence speed. Moreover, the ap- plication of the new scheme is easy and operational.
基金The National Natural Science Foundation of China(No.60473028)the Natural Science Foundation of Zhengzhou University of Light Industry(No.2006XXJ18)the Doctor Foundation of Zhengzhou University of Light Industry(No.20080014)
文摘To realize delegation between different users in a mixed cryptosystem,a proxy signature scheme for ID-based original signers and certificated-based proxy signers(PSS-ID-CER)is defined.Using the bilinear properties of the pairings and the characters of key generations of certificate-based cryptosystems and ID-based cryptosystems,a construction for such a scheme is also presented.To prove the security of the proposed scheme,a general security model for this scheme under adaptive chosen-PKG,chosen-ID,chosen-delegation,chosen-ProxySigner-public-key,chosen-proxy-key and chosen-message attack is defined.The proposed scheme is provably secure under the random oracle model and the hardness assumption of computational Diffie-Hellman problem.
基金Supported by the National Natural Science Foundation of China (90204012, 60573035, 60573036) and the University IT Research Center Project of Korea
文摘Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.
文摘In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.
文摘An identity-based proxy blind signature scheme from bilinear pairings isintroduced, which combines the advantages of proxy signature and blind signature. Furthermore, ourscheme can prevent the original signer from generating the proxy blind signature, thus the profitsof the proxy signer are guaranteed. We introduce bilinear pairings to minimize computationaloverhead and to improve the related performance of our scheme. In addition, the proxy blindsignature presented is non-repudiable and it fulfills perfectly the security requirements of a proxyblind signature.
基金Supported by the National Natural Science Foundation of China (No. 60573032, 60773092, 90604036, 60873229, 60903178, 60672072, 60832003)Zhejiang Provincial Natural Science Foundation of China (No. Y106505)
文摘In proxy signature schemes,the proxy signer B is permitted to produce a signature on behalf of the original signer A. However,exposure of proxy signing keys can be the most devastating attack on a proxy signature scheme since any adversary can sign messages on behalf of the proxy signer. In this paper,we applied Dodis,et al.’s key-insulation mechanism and proposed an Identity-Based (ID-based) Key-Insulated Proxy Signature (IBKIPS) scheme with secure key-updates. The proposed scheme is strong key-insulated and perfectly key-insulated. Our scheme also supports unbounded period numbers and random-access key-updates.
基金The National Natural Science Foundation of China (No. 90704003, 60573030, 60673077, 60703030)
文摘To deal with the key-exposure problem in signature systems, a new framework named parallel key-insulated signature (PKIS) was introduced, and a concrete PKIS scheme was proposed. Compared with traditional key-insulated signature (KIS) schemes, the proposed PKIS scheme allows a frequent updating for temporary secret keys without increasing the risk of helper key-exposure. Moreover, the proposed PKIS scheme does not collapse even if some (not all) of the helper keys and some of the temporary secret keys are simultaneously exposed. As a result, the security of the PKIS scheme is greatly enhanced, and the damage caused by key-exposure is successfully minimized.
基金Supported by the Major Research Plan of the National Natural Science Foundation of China(90604023), the National Natural Science Foundation of China (60373059) and the National Research Foundation for the Doctoral Program of Higher Education of China(20040013007)
文摘In a proxy blind signature scheme, the proxy signer is allowed to generate a blind signature on behalf of the original signer. The proxy blind signature scheme is useful in several applications such as e-voting and e-payment. In this paper, we propose an identity-based proxy blind signature scheme which combines the advantages of proxy signature and of blind signature. Our scheme fulfills peffecdy the security requirements of a proxy blind signature. Comparing the previous scheme, our scheme needs less computational overhead and is more efficient.
基金National Natural Science Foundation of Chi-na for Distinguished Young Scholars (No.60225007)National Research Fund for theDoctoral Program of Higher Education ofChina (No.20020248024)Grant-in-Aid forScientific Research(C) (No.14540100)
文摘Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or acquired optimized performance. To achieve the goals of both proven security and high efficiency, this paper proposed an efficient identity-based proxy signature scheme. The scheme is constructed from bilinear pairing and proved secure in the random oracle model, using the oracle replay attack technique introduced by Pointehval and Stern. The analysis shows that the scheme needs less computation costs and has a shorter signature than the other schemes.
