Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or ...Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or acquired optimized performance. To achieve the goals of both proven security and high efficiency, this paper proposed an efficient identity-based proxy signature scheme. The scheme is constructed from bilinear pairing and proved secure in the random oracle model, using the oracle replay attack technique introduced by Pointehval and Stern. The analysis shows that the scheme needs less computation costs and has a shorter signature than the other schemes.展开更多
With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smar...With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.展开更多
Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present ...Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.展开更多
In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc...In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.展开更多
Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we...Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.展开更多
A structure iterated by the unbalanced Feistel networks is introduced. It is showed that this structure is provable resistant against linear attack. The main result of this paper is that the upper bound of r-round (r...A structure iterated by the unbalanced Feistel networks is introduced. It is showed that this structure is provable resistant against linear attack. The main result of this paper is that the upper bound of r-round (r≥2m) linear hull probabilities are bounded by q^2 when around function F is bijective and the maximal linear hull probabilities of round function F is q. Application of this structure to block cipher designs brings out the provable security against linear attack with the upper bounds of probabilities.展开更多
In this paper,we show how to use the dual techniques in the subgroups to give a secure identity-based broadcast encryption(IBBE) scheme with constant-size ciphertexts. Our scheme achieves the full security(adaptive se...In this paper,we show how to use the dual techniques in the subgroups to give a secure identity-based broadcast encryption(IBBE) scheme with constant-size ciphertexts. Our scheme achieves the full security(adaptive security) under three static(i.e. non q-based) assumptions. It is worth noting that only recently Waters gives a short ciphertext broadcast encryption system that is even adaptively secure under the simple assumptions. One feature of our methodology is that it is relatively simple to leverage our techniques to get adaptive security.展开更多
Communication technology has advanced dramatically amid the 21st century,increasing the security risk in safeguarding sensitive information.The remote password authentication(RPA)scheme is the simplest cryptosystem th...Communication technology has advanced dramatically amid the 21st century,increasing the security risk in safeguarding sensitive information.The remote password authentication(RPA)scheme is the simplest cryptosystem that serves as the first line of defence against unauthorised entity attacks.Although the literature contains numerous RPA schemes,to the best of the authors’knowledge,only few schemes based on the integer factorisation problem(IFP)and the discrete logarithm problem(DLP)that provided a provision for session key agreement to ensure proper mutual authentication.Furthermore,none of the previous schemes provided formal security proof using the random oracle model.Therefore,this study proposed an improved RPA scheme with session key establishment between user and server.The design of the proposed RPA scheme is based on the widely established Dolev-Yao adversary model.Moreover,as the main contribution,a novel formal security analysis based on formal definitions of IFP and DLP under the random oracle model was presented.The proposed scheme’s performance was compared to that of other similar competitive schemes in terms of the transmission/computational cost and time complexity.The findings revealed that the proposed scheme required higher memory storage costs in smart cards.Nonetheless,the proposed scheme is more efficient regarding the transmission cost of login and response messages and the total time complexity compared to other scheme of similar security attributes.Overall,the proposed scheme outperformed the other RPA schemes based on IFP and DLP.Finally,the potential application of converting the RPA scheme to a user identification(UI)scheme is considered for future work.Since RPA and UI schemes are similar,the proposed approach can be expanded to develop a provably secure and efficientUI scheme based on IFP and DLP.展开更多
In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this pape...In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature (ID-PMS) schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.展开更多
To enhance the robustness of a proxy multi-signature scheme and improve its efficiency, a novel proxy signature paradigm is proposed referred to as In this paradigm, multiple proxy signer candidates identity-based pro...To enhance the robustness of a proxy multi-signature scheme and improve its efficiency, a novel proxy signature paradigm is proposed referred to as In this paradigm, multiple proxy signer candidates identity-based proxy multi-signature (IBPMS). are employed to play a role of the single proxy signer in the existing model. A provably secure IBPMS scheme is presented which requires only one round broadcast operation. Performance analysis demonstrates that the new scheme outperforms the existing multi-signature schemes in robustness and communication. These properties are rendered to our IBPMS scheme as a more practical solution to secure e-transaction delegation applications of proxy signatures.展开更多
The drawback of the first asynchronous proactive RSA scheme presented by Zhou in 2001, is that the security definition and security proof do not follow the approach of provable security. This paper presented a provabl...The drawback of the first asynchronous proactive RSA scheme presented by Zhou in 2001, is that the security definition and security proof do not follow the approach of provable security. This paper presented a provably secure asynchronous proactive RSA scheme, which includes three protocols: initial key distribution protocol, signature generation protocol and share refreshing protocol. Taken these protocols together, a complete provably secure proactive RSA scheme was obtained. And the efficiency of the scheme is approximate to that of the scheme of Zhou.展开更多
A proxy signature allows an entity, called original signer, to delegate its signing power to another entity, called proxy signer, to sign messages on its behalf. Proxy signatures have many practical applications and a...A proxy signature allows an entity, called original signer, to delegate its signing power to another entity, called proxy signer, to sign messages on its behalf. Proxy signatures have many practical applications and are very important cryptographic protocol. In this paper, we propose an efficient proxy signature scheme from bilinear pairings. We prove it secure in the random oracle model and analyze computation cost of our scheme. Our scheme satisfies all the properties required for proxy signatures.展开更多
An enhanced formal model of security for proxy signature schemes is presented and a provably secure short proxy signature scheme is proposed from bilinear maps. The proposed proxy signature scheme is based on two shor...An enhanced formal model of security for proxy signature schemes is presented and a provably secure short proxy signature scheme is proposed from bilinear maps. The proposed proxy signature scheme is based on two short secure signature schemes. One is used for delegating the signing rights and computing the standard signature; the other is used for computing proxy signature. Finally, a security proof of the proposed proxy signature scheme is showed by reducing tightly the security of the proposed proxy signature scheme to the security of the two basic signature schemes. The proposed proxy signature scheme has the shortest ordinary signatures and proxy signatures. Moreover, the proxy signature generation needs no pairing operation and verification needs just two pairing operation.展开更多
The mushroom growth of IoT has been accompanied by the generation of massive amounts of data.Subject to the limited storage and computing capabilities ofmost IoT devices,a growing number of institutions and organizati...The mushroom growth of IoT has been accompanied by the generation of massive amounts of data.Subject to the limited storage and computing capabilities ofmost IoT devices,a growing number of institutions and organizations outsource their data computing tasks to cloud servers to obtain efficient and accurate computation while avoiding the cost of local data computing.One of the most important challenges facing outsourcing computing is how to ensure the correctness of computation results.Linearly homomorphic proxy signature(LHPS)is a desirable solution to ensure the reliability of outsourcing computing in the case of authorized signing right.Blockchain has the characteristics of tamper-proof and traceability,and is a new technology to solve data security.However,as far as we know,constructions of LHPS have been few and far between.In addition,the existing LHPS scheme does not focus on homomorphic unforgeability and does not use blockchain technology.Herein,we improve the security model of the LHPS scheme,and the usual existential forgery and homomorphic existential forgery of two types of adversaries are considered.Under the new model,we present a blockchain-based LHPS scheme.The security analysis shows that under the adaptive chosen message attack,the unforgeability of the proposed scheme can be reduced to the CDH hard assumption,while achieving the usual and homomorphic existential unforgeability.Moreover,comparedwith the previous LHPS scheme,the performance analysis shows that our scheme has the same key size and comparable computational overhead,but has higher security.展开更多
Public Key Encryption with Keyword Search (PEKS), an indispensable part of searchable encryption, is stock-in- trade for both protecting data and providing operability of encrypted data. So far most of PEKS schemes ...Public Key Encryption with Keyword Search (PEKS), an indispensable part of searchable encryption, is stock-in- trade for both protecting data and providing operability of encrypted data. So far most of PEKS schemes have been established on Identity-Based Cryptography (IBC) with key escrow problem inherently. Such problem severely restricts the promotion of IBC-based Public Key Infrastructure including PEKS component. Hence, Certificateless Public Key Cryptography (CLPKC) is efficient to remove such problem. CLPKC is introduced into PEKS, and a general model of Certificateless PEKS (CLPEKS) is formalized. In addition, a practical CLPEKS scheme is constructed with security and efficiency analyses. The proposal is secure channel free, and semantically secure against adaptive chosen keyword attack and keyword guessing attack. To illustrate the superiority, massive experiments are conducted on Enron Email dataset which is famous in information retrieval field. Compared with existed constructions, CLPEKS improves the efficiency in theory and removes the key escrow problem.展开更多
Mobile devices are widely used for data access,communications and storage.However,storing a private key for signature and other cryptographic usage on a single mobile device can be challenging,due to its computational...Mobile devices are widely used for data access,communications and storage.However,storing a private key for signature and other cryptographic usage on a single mobile device can be challenging,due to its computational limitations.Thus,a number of(t,n)threshold secret sharing schemes designed to minimize private key from leakage have been proposed in the literature.However,existing schemes generally suffer from key reconstruction attack.In this paper,we propose an efficient and secure two-party distributed signing protocol for the SM2 signature algorithm.The latter has been mandated by the Chinese government for all electronic commerce applications.The proposed protocol separates the private key to storage on two devices and can generate a valid signature without the need to reconstruct the entire private key.We prove that our protocol is secure under nonstandard assumption.Then,we implement our protocol using MIRACL Cryptographic SDK to demonstrate that the protocol can be deployed in practice to prevent key disclosure.展开更多
This paper provides theoretical foundations for the secure proxy signatureprimitive. We pres-enta formal model for the security of proxy signature schemes, which defines thecapabilities of the adversary and the securi...This paper provides theoretical foundations for the secure proxy signatureprimitive. We pres-enta formal model for the security of proxy signature schemes, which defines thecapabilities of the adversary and the security goals to capture which mean for a prox-ysignaturescheme to be secure. Then, we present an example of proxy signature scheme that can be proven securein the standard model.展开更多
Identity-based (ID-based) ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are const...Identity-based (ID-based) ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are constructed from bilinear pairings, a powerful but computationally expensive primitive. Hence, ID-based ring signature without pairing is of great interest in the field of cryptography. In this paper, the authors firstly propose an ID-based ring signature scheme based on quadratic residues. The proposed scheme is proved to be existentially unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the hardness of factoring. The proposed scheme is more efficient than those which are constructed from bilinear pairings.展开更多
ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we...ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we prove that our new scheme is secure against existential delegation forgery with the assumption that Hess's scheme-1 is existential unforgeable, and that our new scheme is secure against existential proxy multi-signature forgery under the hardness assumption of the computational Diffie-Hellman problem.展开更多
Provable security has been widely used for analyzing the security of cryptosystems. Its main idea is to reduce the security to some well-defined computational assumption. The reduction process is called the security p...Provable security has been widely used for analyzing the security of cryptosystems. Its main idea is to reduce the security to some well-defined computational assumption. The reduction process is called the security proof. In this paper, we find a flaw in the security proof of BDOP-PEKS and PEKS-STAT, present a new conclusion for the security of BDOP-PEKS, and give a security proof. The flaw in the security proof of PEKS-STAT can be fixed in the same way. Finally we conclude some steps of security proof, and emphasize that the probability is as important as the construction.展开更多
基金National Natural Science Foundation of Chi-na for Distinguished Young Scholars (No.60225007)National Research Fund for theDoctoral Program of Higher Education ofChina (No.20020248024)Grant-in-Aid forScientific Research(C) (No.14540100)
文摘Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or acquired optimized performance. To achieve the goals of both proven security and high efficiency, this paper proposed an efficient identity-based proxy signature scheme. The scheme is constructed from bilinear pairing and proved secure in the random oracle model, using the oracle replay attack technique introduced by Pointehval and Stern. The analysis shows that the scheme needs less computation costs and has a shorter signature than the other schemes.
基金This work was supported in part by the National Natural Science Foundation of China(Nos.62072074,62076054,62027827,62002047)the Sichuan Science and Technology Innovation Platform and Talent Plan(Nos.2020JDJQ0020,2022JDJQ0039)+2 种基金the Sichuan Science and Technology Support Plan(Nos.2020YFSY0010,2022YFQ0045,2022YFS0220,2023YFG0148,2021YFG0131)the YIBIN Science and Technology Support Plan(No.2021CG003)the Medico-Engineering Cooperation Funds from University of Electronic Science and Technology of China(Nos.ZYGX2021YGLH212,ZYGX2022YGRH012).
文摘With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.
基金Supported by the National Natural Science Foundation of China (90204012, 60573035, 60573036) and the University IT Research Center Project of Korea
文摘Certificateless public key cryptography (CL-PKC) avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.
文摘In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.
基金Supported by the National Natural Science Foundation of China (60473029)
文摘Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.
基金Supported by the fund of National Laboratory for Modern Communications (5143603ZDS0601),the outstanding youth science foundation of Henan (0312001800).
文摘A structure iterated by the unbalanced Feistel networks is introduced. It is showed that this structure is provable resistant against linear attack. The main result of this paper is that the upper bound of r-round (r≥2m) linear hull probabilities are bounded by q^2 when around function F is bijective and the maximal linear hull probabilities of round function F is q. Application of this structure to block cipher designs brings out the provable security against linear attack with the upper bounds of probabilities.
基金supported by the Nature Science Foundation of China under grant 60970119, 60803149the National Basic Research Program of China(973) under grant 2007CB311201
文摘In this paper,we show how to use the dual techniques in the subgroups to give a secure identity-based broadcast encryption(IBBE) scheme with constant-size ciphertexts. Our scheme achieves the full security(adaptive security) under three static(i.e. non q-based) assumptions. It is worth noting that only recently Waters gives a short ciphertext broadcast encryption system that is even adaptively secure under the simple assumptions. One feature of our methodology is that it is relatively simple to leverage our techniques to get adaptive security.
基金This research is funded by UKM under Grant No.GUP-2020-029.
文摘Communication technology has advanced dramatically amid the 21st century,increasing the security risk in safeguarding sensitive information.The remote password authentication(RPA)scheme is the simplest cryptosystem that serves as the first line of defence against unauthorised entity attacks.Although the literature contains numerous RPA schemes,to the best of the authors’knowledge,only few schemes based on the integer factorisation problem(IFP)and the discrete logarithm problem(DLP)that provided a provision for session key agreement to ensure proper mutual authentication.Furthermore,none of the previous schemes provided formal security proof using the random oracle model.Therefore,this study proposed an improved RPA scheme with session key establishment between user and server.The design of the proposed RPA scheme is based on the widely established Dolev-Yao adversary model.Moreover,as the main contribution,a novel formal security analysis based on formal definitions of IFP and DLP under the random oracle model was presented.The proposed scheme’s performance was compared to that of other similar competitive schemes in terms of the transmission/computational cost and time complexity.The findings revealed that the proposed scheme required higher memory storage costs in smart cards.Nonetheless,the proposed scheme is more efficient regarding the transmission cost of login and response messages and the total time complexity compared to other scheme of similar security attributes.Overall,the proposed scheme outperformed the other RPA schemes based on IFP and DLP.Finally,the potential application of converting the RPA scheme to a user identification(UI)scheme is considered for future work.Since RPA and UI schemes are similar,the proposed approach can be expanded to develop a provably secure and efficientUI scheme based on IFP and DLP.
基金Supported by the National Natural Science Foundation of China (60473021) and the Science Foundation of Henan Province (0511010900)
文摘In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature (ID-PMS) schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.
基金Supported by the National Basic Research Program of China(No.2012CB315905)the National Natural Science Foundation of China(No.61272501)the Fund of Tianjin Key Laboratory of Civil Aircraft Airworthiness and Maintenance in CAUC and a General grant from Civil Aviation Flight University of China(No.J2013-31,Q2014-48)
文摘To enhance the robustness of a proxy multi-signature scheme and improve its efficiency, a novel proxy signature paradigm is proposed referred to as In this paradigm, multiple proxy signer candidates identity-based proxy multi-signature (IBPMS). are employed to play a role of the single proxy signer in the existing model. A provably secure IBPMS scheme is presented which requires only one round broadcast operation. Performance analysis demonstrates that the new scheme outperforms the existing multi-signature schemes in robustness and communication. These properties are rendered to our IBPMS scheme as a more practical solution to secure e-transaction delegation applications of proxy signatures.
文摘The drawback of the first asynchronous proactive RSA scheme presented by Zhou in 2001, is that the security definition and security proof do not follow the approach of provable security. This paper presented a provably secure asynchronous proactive RSA scheme, which includes three protocols: initial key distribution protocol, signature generation protocol and share refreshing protocol. Taken these protocols together, a complete provably secure proactive RSA scheme was obtained. And the efficiency of the scheme is approximate to that of the scheme of Zhou.
基金Supported by the National Natural Science Foundation of China (No. 60842002, 60673070)The National High-tech Research and Development Plan of China (No. 2007AA01- Z409)+2 种基金The Fundamental Research Funds for the Central Universities Grant No. B1020211China Postdoctoral Science Foundation Funded ProjectThe "Six Talent Peaks Program" of Jiangsu Province of China and Pro-gram for New Century Excellent Talents in Hohai Uni-versity
文摘A proxy signature allows an entity, called original signer, to delegate its signing power to another entity, called proxy signer, to sign messages on its behalf. Proxy signatures have many practical applications and are very important cryptographic protocol. In this paper, we propose an efficient proxy signature scheme from bilinear pairings. We prove it secure in the random oracle model and analyze computation cost of our scheme. Our scheme satisfies all the properties required for proxy signatures.
基金The National Natural Science Foundationof China (No.60703048)the Natural Science Foundationof Hubei Province (No.2007ABA313)
文摘An enhanced formal model of security for proxy signature schemes is presented and a provably secure short proxy signature scheme is proposed from bilinear maps. The proposed proxy signature scheme is based on two short secure signature schemes. One is used for delegating the signing rights and computing the standard signature; the other is used for computing proxy signature. Finally, a security proof of the proposed proxy signature scheme is showed by reducing tightly the security of the proposed proxy signature scheme to the security of the two basic signature schemes. The proposed proxy signature scheme has the shortest ordinary signatures and proxy signatures. Moreover, the proxy signature generation needs no pairing operation and verification needs just two pairing operation.
基金funded by the Special Innovation Project forGeneral Colleges and Universities in Guangdong Province (Grant No.2020KTSCX126).
文摘The mushroom growth of IoT has been accompanied by the generation of massive amounts of data.Subject to the limited storage and computing capabilities ofmost IoT devices,a growing number of institutions and organizations outsource their data computing tasks to cloud servers to obtain efficient and accurate computation while avoiding the cost of local data computing.One of the most important challenges facing outsourcing computing is how to ensure the correctness of computation results.Linearly homomorphic proxy signature(LHPS)is a desirable solution to ensure the reliability of outsourcing computing in the case of authorized signing right.Blockchain has the characteristics of tamper-proof and traceability,and is a new technology to solve data security.However,as far as we know,constructions of LHPS have been few and far between.In addition,the existing LHPS scheme does not focus on homomorphic unforgeability and does not use blockchain technology.Herein,we improve the security model of the LHPS scheme,and the usual existential forgery and homomorphic existential forgery of two types of adversaries are considered.Under the new model,we present a blockchain-based LHPS scheme.The security analysis shows that under the adaptive chosen message attack,the unforgeability of the proposed scheme can be reduced to the CDH hard assumption,while achieving the usual and homomorphic existential unforgeability.Moreover,comparedwith the previous LHPS scheme,the performance analysis shows that our scheme has the same key size and comparable computational overhead,but has higher security.
基金This research was supported by the National Science Foundation of China for Funding Projects (61173089,61472298) and National Statistical Science Program of China(2013LZ46).
文摘Public Key Encryption with Keyword Search (PEKS), an indispensable part of searchable encryption, is stock-in- trade for both protecting data and providing operability of encrypted data. So far most of PEKS schemes have been established on Identity-Based Cryptography (IBC) with key escrow problem inherently. Such problem severely restricts the promotion of IBC-based Public Key Infrastructure including PEKS component. Hence, Certificateless Public Key Cryptography (CLPKC) is efficient to remove such problem. CLPKC is introduced into PEKS, and a general model of Certificateless PEKS (CLPEKS) is formalized. In addition, a practical CLPEKS scheme is constructed with security and efficiency analyses. The proposal is secure channel free, and semantically secure against adaptive chosen keyword attack and keyword guessing attack. To illustrate the superiority, massive experiments are conducted on Enron Email dataset which is famous in information retrieval field. Compared with existed constructions, CLPEKS improves the efficiency in theory and removes the key escrow problem.
基金supported in part by the National Key Research and Development Program of China(2018YFC1315404)the National Natural Science Foundation of China(Grant Nos.61572379,and 61501333)the fund of the Jiangsu Key Laboratory of Big Data Security&Intelligent Processing(BDSIP1807).
文摘Mobile devices are widely used for data access,communications and storage.However,storing a private key for signature and other cryptographic usage on a single mobile device can be challenging,due to its computational limitations.Thus,a number of(t,n)threshold secret sharing schemes designed to minimize private key from leakage have been proposed in the literature.However,existing schemes generally suffer from key reconstruction attack.In this paper,we propose an efficient and secure two-party distributed signing protocol for the SM2 signature algorithm.The latter has been mandated by the Chinese government for all electronic commerce applications.The proposed protocol separates the private key to storage on two devices and can generate a valid signature without the need to reconstruct the entire private key.We prove that our protocol is secure under nonstandard assumption.Then,we implement our protocol using MIRACL Cryptographic SDK to demonstrate that the protocol can be deployed in practice to prevent key disclosure.
文摘This paper provides theoretical foundations for the secure proxy signatureprimitive. We pres-enta formal model for the security of proxy signature schemes, which defines thecapabilities of the adversary and the security goals to capture which mean for a prox-ysignaturescheme to be secure. Then, we present an example of proxy signature scheme that can be proven securein the standard model.
基金Supported by the National High Technology Research and Development Program of China (No. 2006AA01Z428)the National Natural Science Foundation of China ( No. 60673075)
文摘Identity-based (ID-based) ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are constructed from bilinear pairings, a powerful but computationally expensive primitive. Hence, ID-based ring signature without pairing is of great interest in the field of cryptography. In this paper, the authors firstly propose an ID-based ring signature scheme based on quadratic residues. The proposed scheme is proved to be existentially unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the hardness of factoring. The proposed scheme is more efficient than those which are constructed from bilinear pairings.
基金Supported bythe National Key Basic Research andDevelopment Program (973 Program G1999035804),the NationalNatural Science Foundation of China (90204015 ,60473021) and theElitist Youth Foundation of Henan Province (021201400)
文摘ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we prove that our new scheme is secure against existential delegation forgery with the assumption that Hess's scheme-1 is existential unforgeable, and that our new scheme is secure against existential proxy multi-signature forgery under the hardness assumption of the computational Diffie-Hellman problem.
基金Supported by the National Natural Science Foundation of China (60473021)
文摘Provable security has been widely used for analyzing the security of cryptosystems. Its main idea is to reduce the security to some well-defined computational assumption. The reduction process is called the security proof. In this paper, we find a flaw in the security proof of BDOP-PEKS and PEKS-STAT, present a new conclusion for the security of BDOP-PEKS, and give a security proof. The flaw in the security proof of PEKS-STAT can be fixed in the same way. Finally we conclude some steps of security proof, and emphasize that the probability is as important as the construction.
