Provable security has become a popular approach for analyzing the security of cryptographic protocols.However,writing and verifying proofs by hand are prone to errors.This paper advocates the automatic security proof ...Provable security has become a popular approach for analyzing the security of cryptographic protocols.However,writing and verifying proofs by hand are prone to errors.This paper advocates the automatic security proof framework with sequences of games.We make slight modifications to Blanchet's calculus to make it easy for parsing the initial game.The main contribution of this work is that it introduces algebraic properties with observational equivalences to automatic security proofs,and thus can deal with some practical cryptographic schemes with hard problems.We illustrate the use of algebraic properties in the framework by proving the semantic security of the ElGamal encryption scheme.展开更多
Quantum cryptography exploits the quantum mechanical properties of communication lines to enhance the security of the so-called key distribution. In this work, we explain the role played by quantum mechanics in crypto...Quantum cryptography exploits the quantum mechanical properties of communication lines to enhance the security of the so-called key distribution. In this work, we explain the role played by quantum mechanics in cryptographic tasks and also investigate how secure is quantum cryptography. More importantly, we show by a simple security proof that for any state sent by the sender, the eavesdropper can only guess the output state with a probability that will allow her not to learn more than half of the classical Shannon information shared between the legitimate parties. This implies that with high probability, the shared key is secure.展开更多
Semi-device-independent quantum key distribution (SDI-QKD) has been proposed by applying the quantum dimension correlation, and the security relies on the violation of quantum dimension witness inequalities. We prov...Semi-device-independent quantum key distribution (SDI-QKD) has been proposed by applying the quantum dimension correlation, and the security relies on the violation of quantum dimension witness inequalities. We prove the security of the SDI-QKD protocol under the depolarization channel by considering the quantum dimension witness inequalities and minimum entropy and the specific process of the QKD protocol, combining with a four- quantum-state preparation and three measurement bases. We also provide the relationship between the dimension witness value, the error rate and the security key rate by the numerical simulation.展开更多
So fur, the security of many proxy signatures has seldom been considered in a formal way and most of them cannot satisfy nonepudiation. In this work, a novel ID-based (Identity-based) proxy signature scheme is propo...So fur, the security of many proxy signatures has seldom been considered in a formal way and most of them cannot satisfy nonepudiation. In this work, a novel ID-based (Identity-based) proxy signature scheme is proposed by combining the proxy signature with ID-based public cryptography, and they formalize the notion of security for ID-based proxy signature schemes. And show that the security of the proposed scheme is secure. Compured with other proxy signature schemes, it does not need a secure channel. Thus, it is particularly suitable for the unreliable network computation environment. Finally, they extend proposed scheme to a proxy multi-signature which has the following advantages (1) the size of proxy multi- signature is independent of the number of delegating users; (2) the computation cost of proxy multi-signature only need two Weil paring.展开更多
Partially blind signatures are introduced on the basis of blind signatures,which not only retain the advantages of blind signatures,but also solve the contradiction between anonymity and controllability in blind signa...Partially blind signatures are introduced on the basis of blind signatures,which not only retain the advantages of blind signatures,but also solve the contradiction between anonymity and controllability in blind signatures.With the development of quantum computing technology,it becomes more urgent to construct secure partially blind signature schemes in quantum environments.In this paper,we present a new partially blind signature scheme and prove the security under the Ring-SIS assumption in the random oracle model.To avoid the restart problem of signature schemes caused by rejection sampling,a large number of random numbers are sampled in advance,so that they only need to be re-selected at the current stage without terminating the whole signature process when the conditions are not met.In addition,the hash tree technology is used to reduce communication costs and improve interactive performance.In order to avoid the errors in the security proof of the previous scheme,our proof builds upon and extends the modular framework for blind signatures of Hauck et al.and the correctness,partial blindness,and one-more unforgeability of the scheme are proved in detail according to the properties of the linear hash function.展开更多
Cloud storage is an incipient technology in today’s world.Lack of security in cloud environment is one of the primary challenges faced these days.This scenario poses new security issues and it forms the crux of the c...Cloud storage is an incipient technology in today’s world.Lack of security in cloud environment is one of the primary challenges faced these days.This scenario poses new security issues and it forms the crux of the current work.The current study proposes Secure Interactional Proof System(SIPS)to address this challenge.This methodology has a few key essential components listed herewith to strengthen the security such as authentication,confidentiality,access control,integrity and the group of components such as AVK Scheme(Access List,Verifier and Key Generator).It is challenging for every user to prove their identity to the verifier who maintains the access list.Verification is conducted by following Gulliou-Quisquater protocol which determines the security level of the user in multi-step authentication process.Here,RSA algorithm performs the key generation process while the proposed methodology provides data integrity as well as confidentiality using asymmetric encryption.Various methodological operations such as time consumption have been used as performance evaluators in the proposed SIPS protocol.The proposed solution provides a secure system for firm data sharing in cloud environment with confidentiality,authentication and access control.Stochastic Timed Petri(STPN)Net evaluation tool was used to verify and prove the formal analysis of SIPS methodology.This evidence established the effectiveness of the proposed methodology in secure data sharing in cloud environment.展开更多
The majority of existing escrowable identity-based key agreement protocols only provide partial forward secrecy. Such protocols are, arguably, not suitable for many real-word applications, as the latter tends to requi...The majority of existing escrowable identity-based key agreement protocols only provide partial forward secrecy. Such protocols are, arguably, not suitable for many real-word applications, as the latter tends to require a stronger sense of forward secrecy--perfect forward secrecy. In this paper, we propose an efficient perfect forward-secure identity-based key agreement protocol in the escrow mode. We prove the security of our protocol in the random oracle model, assuming the intractability of the Gap Bilinear Diffie-Hellman (GBDH) problem.展开更多
As the only approved Identity-Based Encryption scheme in China that is also standardized by ISO,SM9-IBE has been widely adopted in many real-world applications.However,similar to other IBE standard algorithms,SM9-IBE ...As the only approved Identity-Based Encryption scheme in China that is also standardized by ISO,SM9-IBE has been widely adopted in many real-world applications.However,similar to other IBE standard algorithms,SM9-IBE currently lacks revocation mechanism,which is vital for a real system.Worse still,we find that existing revocable techniques may not be suitable and efficient when applying to SM9-IBE.Given the widespread use of SM9-IBE,an efficient and robust user revocation mechanism becomes an urgent issue.In this work,we propose a dedicated server-aided revocation mechanism,which for the first time achieves the secure,immediate and robust user revocation for SM9-IBE.Provided with a compact system model,the proposed method leverages an existing server to perform all heavy workloads during user revocation,thus leaving no communication and computation costs for the key generation center and users.Moreover,the mechanism supports key-exposure resistance,meaning the user revocation mechanism is robust even if the revocation key leaks.We then formally define and prove the security.At last,we present theoretical comparisons and an implementation in terms of computational latency and throughput.The results indicate the efficiency and practicability of the proposed mechanism.展开更多
As the only approved Identity-Based Encryption scheme in China that is also standardized by ISO,SM9-IBE has been widely adopted in many real-world applications.However,similar to other IBE standard algorithms,SM9-IBE ...As the only approved Identity-Based Encryption scheme in China that is also standardized by ISO,SM9-IBE has been widely adopted in many real-world applications.However,similar to other IBE standard algorithms,SM9-IBE currently lacks revocation mechanism,which is vital for a real system.Worse still,we find that existing revocable techniques may not be suitable and efficient when applying to SM9-IBE.Given the widespread use of SM9-IBE,an efficient and robust user revocation mechanism becomes an urgent issue.In this work,we propose a dedicated server-aided revocation mechanism,which for the first time achieves the secure,immediate and robust user revocation for SM9-IBE.Provided with a compact system model,the proposed method leverages an existing server to perform all heavy workloads during user revocation,thus leaving no communication and computation costs for the key generation center and users.Moreover,the mechanism supports key-exposure resistance,meaning the user revocation mechanism is robust even if the revocation key leaks.We then formally define and prove the security.At last,we present theoretical comparisons and an implementation in terms of computational latency and throughput.The results indicate the efficiency and practicability of the proposed mechanism.展开更多
基金National High Technical Research and Development Program of China(863 program)under Grant No. 2007AA01Z471
文摘Provable security has become a popular approach for analyzing the security of cryptographic protocols.However,writing and verifying proofs by hand are prone to errors.This paper advocates the automatic security proof framework with sequences of games.We make slight modifications to Blanchet's calculus to make it easy for parsing the initial game.The main contribution of this work is that it introduces algebraic properties with observational equivalences to automatic security proofs,and thus can deal with some practical cryptographic schemes with hard problems.We illustrate the use of algebraic properties in the framework by proving the semantic security of the ElGamal encryption scheme.
文摘Quantum cryptography exploits the quantum mechanical properties of communication lines to enhance the security of the so-called key distribution. In this work, we explain the role played by quantum mechanics in cryptographic tasks and also investigate how secure is quantum cryptography. More importantly, we show by a simple security proof that for any state sent by the sender, the eavesdropper can only guess the output state with a probability that will allow her not to learn more than half of the classical Shannon information shared between the legitimate parties. This implies that with high probability, the shared key is secure.
基金Supported by the National Basic Research Program of China under Grant No 2013CB338002the National Natural Science Foundation of China under Grant Nos 11304397 and 61505261
文摘Semi-device-independent quantum key distribution (SDI-QKD) has been proposed by applying the quantum dimension correlation, and the security relies on the violation of quantum dimension witness inequalities. We prove the security of the SDI-QKD protocol under the depolarization channel by considering the quantum dimension witness inequalities and minimum entropy and the specific process of the QKD protocol, combining with a four- quantum-state preparation and three measurement bases. We also provide the relationship between the dimension witness value, the error rate and the security key rate by the numerical simulation.
基金Supported by the Scientific Research Common Program of Beijing Municipal Commission of Education (KM200610009011) and the Open Foundation of State Key Laboratory of Information Security (04002)
文摘So fur, the security of many proxy signatures has seldom been considered in a formal way and most of them cannot satisfy nonepudiation. In this work, a novel ID-based (Identity-based) proxy signature scheme is proposed by combining the proxy signature with ID-based public cryptography, and they formalize the notion of security for ID-based proxy signature schemes. And show that the security of the proposed scheme is secure. Compured with other proxy signature schemes, it does not need a secure channel. Thus, it is particularly suitable for the unreliable network computation environment. Finally, they extend proposed scheme to a proxy multi-signature which has the following advantages (1) the size of proxy multi- signature is independent of the number of delegating users; (2) the computation cost of proxy multi-signature only need two Weil paring.
基金supported in part by the Key Research and Development Program of Shaanxi(2021 ZDLGY06-04)in part by the Youth Innovation Team of Shaanxi Universities.The review of this article was coordinated by Dr.Changyu Dong.
文摘Partially blind signatures are introduced on the basis of blind signatures,which not only retain the advantages of blind signatures,but also solve the contradiction between anonymity and controllability in blind signatures.With the development of quantum computing technology,it becomes more urgent to construct secure partially blind signature schemes in quantum environments.In this paper,we present a new partially blind signature scheme and prove the security under the Ring-SIS assumption in the random oracle model.To avoid the restart problem of signature schemes caused by rejection sampling,a large number of random numbers are sampled in advance,so that they only need to be re-selected at the current stage without terminating the whole signature process when the conditions are not met.In addition,the hash tree technology is used to reduce communication costs and improve interactive performance.In order to avoid the errors in the security proof of the previous scheme,our proof builds upon and extends the modular framework for blind signatures of Hauck et al.and the correctness,partial blindness,and one-more unforgeability of the scheme are proved in detail according to the properties of the linear hash function.
文摘Cloud storage is an incipient technology in today’s world.Lack of security in cloud environment is one of the primary challenges faced these days.This scenario poses new security issues and it forms the crux of the current work.The current study proposes Secure Interactional Proof System(SIPS)to address this challenge.This methodology has a few key essential components listed herewith to strengthen the security such as authentication,confidentiality,access control,integrity and the group of components such as AVK Scheme(Access List,Verifier and Key Generator).It is challenging for every user to prove their identity to the verifier who maintains the access list.Verification is conducted by following Gulliou-Quisquater protocol which determines the security level of the user in multi-step authentication process.Here,RSA algorithm performs the key generation process while the proposed methodology provides data integrity as well as confidentiality using asymmetric encryption.Various methodological operations such as time consumption have been used as performance evaluators in the proposed SIPS protocol.The proposed solution provides a secure system for firm data sharing in cloud environment with confidentiality,authentication and access control.Stochastic Timed Petri(STPN)Net evaluation tool was used to verify and prove the formal analysis of SIPS methodology.This evidence established the effectiveness of the proposed methodology in secure data sharing in cloud environment.
基金Supported in part by the National High-Tech Research & Development Program of China (Grant No. 2006AA01Z424)the National NaturalScience Foundation of China (Grant Nos. 60673079, 60773086)the National Basic Research Program of China (Grant No. 2007CB311201)
文摘The majority of existing escrowable identity-based key agreement protocols only provide partial forward secrecy. Such protocols are, arguably, not suitable for many real-word applications, as the latter tends to require a stronger sense of forward secrecy--perfect forward secrecy. In this paper, we propose an efficient perfect forward-secure identity-based key agreement protocol in the escrow mode. We prove the security of our protocol in the random oracle model, assuming the intractability of the Gap Bilinear Diffie-Hellman (GBDH) problem.
基金This work was partially supported by National Natural Science Foundation of China(Nos.61772520,61802392,61972094,61472416,61632020)Key Research and Development Project of Zhejiang Province(Nos.2017C01062,2020C01078)Beijing Municipal Science&Technology Commission(Project Number.Z191100007119007,Z191100007119002).
文摘As the only approved Identity-Based Encryption scheme in China that is also standardized by ISO,SM9-IBE has been widely adopted in many real-world applications.However,similar to other IBE standard algorithms,SM9-IBE currently lacks revocation mechanism,which is vital for a real system.Worse still,we find that existing revocable techniques may not be suitable and efficient when applying to SM9-IBE.Given the widespread use of SM9-IBE,an efficient and robust user revocation mechanism becomes an urgent issue.In this work,we propose a dedicated server-aided revocation mechanism,which for the first time achieves the secure,immediate and robust user revocation for SM9-IBE.Provided with a compact system model,the proposed method leverages an existing server to perform all heavy workloads during user revocation,thus leaving no communication and computation costs for the key generation center and users.Moreover,the mechanism supports key-exposure resistance,meaning the user revocation mechanism is robust even if the revocation key leaks.We then formally define and prove the security.At last,we present theoretical comparisons and an implementation in terms of computational latency and throughput.The results indicate the efficiency and practicability of the proposed mechanism.
基金partially supported by National Natural Science Foundation of China(Nos.61772520,61802392,61972094,61472416,61632020)Key Research and Development Project of Zhejiang Province(Nos.2017C01062,2020C01078)Beijing Municipal Science&Technology Commission(Project Number.Z191100007119007,Z191100007119002).
文摘As the only approved Identity-Based Encryption scheme in China that is also standardized by ISO,SM9-IBE has been widely adopted in many real-world applications.However,similar to other IBE standard algorithms,SM9-IBE currently lacks revocation mechanism,which is vital for a real system.Worse still,we find that existing revocable techniques may not be suitable and efficient when applying to SM9-IBE.Given the widespread use of SM9-IBE,an efficient and robust user revocation mechanism becomes an urgent issue.In this work,we propose a dedicated server-aided revocation mechanism,which for the first time achieves the secure,immediate and robust user revocation for SM9-IBE.Provided with a compact system model,the proposed method leverages an existing server to perform all heavy workloads during user revocation,thus leaving no communication and computation costs for the key generation center and users.Moreover,the mechanism supports key-exposure resistance,meaning the user revocation mechanism is robust even if the revocation key leaks.We then formally define and prove the security.At last,we present theoretical comparisons and an implementation in terms of computational latency and throughput.The results indicate the efficiency and practicability of the proposed mechanism.
