IDENTITY-BASED MULTISIGNATURE AND AGGREGATE SIGNATURE SCHEMES FROM M-TORSION GROUPS

An identity-based multisignature scheme and an identity-based aggregate signature scheme are proposed in this paper. They are both from m-torsion groups on super-singular elliptic curves or hyper-elliptic curves and based on the recently proposed identity-based signature scheme of Cha and Cheon. Due to the sound properties of m-torsion groups and the base scheme, it turns out that our schemes are very simple and efficient. Both schemes are proven to be secure against adaptive chosen message attack in the random oracle model under the normal security notions with the assumption that the Computational Diffie-Hellman problem is hard in the m-torsion groups.

Efficient Certificateless Aggregate Signature Scheme

In ubiquitous computing, data should be able to be accessed from any location, and the correctness of data becomes vital during the communication. Suppose that many users sign different messages respectively, before forwarding or sending these messages, then the verifier must spend a lot of computing time to verify their signatures. Consequently, the aggregate signature scheme is an effective method of improving efficiency in this kind of systems, which provides the convenience for the verifier. In this paper, we propose a new certificateless aggregate signature scheme which is efficient in generating a signature and verification. This scheme is provably secure under the extended computational Diffie-Hellman assumption.

An Efficient Certificateless Aggregate Signature Scheme Designed for VANET

The Vehicular Ad-hoc Network(VANET)is the fundamental of smart transportation system in the future,but the security of the communication between vehicles and vehicles,between vehicles and roadside infrastructures have become increasingly prominent.Certificateless aggregate signature protocol is used to address this security issue,but the existing schemes still have many drawbacks in terms of security and efficiency:First,many schemes are not secure,and signatures can be forged by the attacker;Second,even if some scheme are secure,many schemes use a large number of bilinear pairing operation,and the computation overhead is large.At the same time,the length of the aggregated signature also increases linearly with the increase of user numbers,resulting in a large communication overhead.In order to overcome the above challenges,we propose a new certificateless aggregate signature scheme for VANET,and prove the security of the scheme under the random oracle model.The new scheme uses pseudonym to realize the conditional privacy protection of the vehicle’s information.The new scheme does not use bilinear pairing operation,and the calculation efficiency is high.At the same time,the length of the aggregate signature of the new scheme is constant,thereby greatly reducing the communication and storage overhead.The analysis results demonstrate that the new scheme is not only safer,but also superior in performance to the recent related schemes in computation overhead and communication cost.

A Lightweight Certificate-Based Aggregate Signature Scheme Providing Key Insulation

Recently,with the advancement of Information and Communications Technology(ICT),Internet of Things(IoT)has been connected to the cloud and used in industrial sectors,medical environments,and smart grids.However,if data is transmitted in plain text when collecting data in an IoTcloud environment,it can be exposed to various security threats such as replay attacks and data forgery.Thus,digital signatures are required.Data integrity is ensured when a user(or a device)transmits data using a signature.In addition,the concept of data aggregation is important to efficiently collect data transmitted from multiple users(or a devices)in an industrial IoT environment.However,signatures based on pairing during aggregation compromise efficiency as the number of signatories increases.Aggregate signature methods(e.g.,identity-based and certificateless cryptography)have been studied.Both methods pose key escrow and key distribution problems.In order to solve these problems,the use of aggregate signatures in certificate-based cryptography is being studied,and studies to satisfy the prevention of forgery of signatures and other security problems are being conducted.In this paper,we propose a new lightweight signature scheme that uses a certificate-based aggregate signature and can generate and verify signed messages from IoT devices in an IoT-cloud environment.In this proposed method,by providing key insulation,security threats that occur when keys are exposed due to physical attacks such as side channels can be solved.This can be applied to create an environment in which data is collected safely and efficiently in IoT-cloud is environments.

Trusted Blockchain Oracle Scheme Based on Aggregate Signature

With the development of blockchain technology, more and more applications need out-of-chain data. Thus, blockchain oracles have become an important bridge for transferring data on and off the chain. This paper studies the mainstream blockchain oracles scheme, summarizes the shortcomings of the existing schemes and proposes a new blockchain oracle scheme based on BLS (Bohen-Lynn-Shacham) aggregation signature to ensure that off-chain data can be transferred into the blockchain in a trusted and reliable way. Specifically, the scheme uses multiple blockchain oracles to avoid the single point of failure or even a small number of malicious oracles, and improve the credibility of data. At the same time, it not only uses BLS aggregate signature to reduce the storage cost and communication overhead, but also uses commitment mechanisms to ensure the reliability and authenticity of the data. Besides, the simulation results show that the scheme can meet the practical application requirements.

EIAS:An Efficient Identity-Based Aggregate Signature Scheme for WSNs Against Coalition Attack

Wireless sensor networks(WSNs)are the major contributors to big data acquisition.The authenticity and integrity of the data are two most important basic requirements for various services based on big data.Data aggregation is a promising method to decrease operation cost for resource-constrained WSNs.However,the process of data acquisitions in WSNs are in open environments,data aggregation is vulnerable to more special security attacks with hiding feature and subjective fraudulence,such as coalition attack.Aimed to provide data authenticity and integrity protection for WSNs,an efficient and secure identity-based aggregate signature scheme(EIAS)is proposed in this paper.Rigorous security proof shows that our proposed scheme can be secure against all kinds of attacks.The performance comparisons shows EIAS has clear advantages in term of computation cost and communication cost when compared with similar data aggregation scheme for WSNs.

Forward-Secure Digital Signature Scheme with Tamper Evidence

Based on the definition of tamper evidence, the authors define a new notion of tamper evidence forward secure signature scheme （TE-FSig）, and propose a general method to build a TE-FSig scheme. Based on this method, they also give out a concrete instance. A TE-FSig scheme is constructed by the standard signature scheme, forward secures signature scheme and the aggregate signature scheme. It has an additional property of tamper evidence besides the property of forward secure, which can detect the time period when the key is exposed. In the standard model, the scheme constructed in the paper is proved to satisfy the prop- erties of forward secure, strong forward tamper-evidence secure, and strongly unforgeable under the chosen-message attack.

Code-based Sequential Aggregate Signature Scheme

This paper proposes the first code-based quantum immune sequential aggregate signature(SAS)scheme and proves the security of the proposed scheme in the random oracle model.Aggregate signature(AS)schemes and sequential aggregate signature schemes allow a group of potential signers to sign different messages respectively,and all the signatures of those users on those messages can be aggregated into a single signature such that the size of the aggregate signature is much smaller than the total size of all individual signatures.Because of the aggregation of many signatures into a single short signature,AS and SAS schemes can reduce bandwidth and save storage;moreover,when a SAS is verified,not only the valid but also the order in which each signer signed can be verified.AS and SAS schemes can be applied to traffic control,banking transaction and military applications.Most of the existing AS and SAS schemes are based either on pairing or Rivest-Shamir-Adleman(RSA),and hence,can be broken by Shor’s quantum algorithm for Integer Factoring Problem(IFP)and Discrete Logarithm Problem(DLP).There are no quantum algorithms to solve syndrome decoding problems.Hence,code-based cryptography is seen as one of the promising candidates for post-quantum cryptography.This paper shows how to construct quantum immune sequential aggregate signatures based on coding theory.Specifically,we construct our scheme with the first code based signature scheme proposed by Courtois,Finiasz and Sendrier(CFS).Compared to the CFS signature scheme without aggregation,the proposed sequential aggregate signature scheme can save about 90%storage when the number of signers is asymptotically large.

APPLICATION OF ID-BASED AGGREGATE SIGNATURE IN MANETS

Aggregate signatures are a useful primitive which allows aggregating many signatures on different messages computed by different users into a single and constant-length signature and adapts to Mobile Ad hoc NETwork (MANETs) very much. Jumin Song, et al. presented an ID-based aggregate signature, applied it to MANETs and proposed a secure routing scheme. In this work, we analyze Jumin Song, et al.’s aggregate signature scheme and find some limitations on its batch verification. In addition, in this work, we apply Craig Gentry, et al.’s ID-based aggregate signature to on-demand routing pro-tocol to present a secure routing scheme. Our scheme not only provides sound authentication and a secure routing protocol in ad hoc networks, but also meets the nature of MANETs.

Provably Secure General Aggregate Signcryption Scheme in the Random Oracle Model

To reduce the size of certificate chains and the ciphertext size in secure routing protocols, a General Aggregate Signcryption Scheme (GASC) is presented. In GASC, an identity-based signcryption algorithm and an aggregate signature algorithm are combined in a practical and secure manner to form the general aggregate signcryption scheme's schema and concept, and a new secure, efficiently general aggregate signcryption scheme, which allows the aggregation of n distinct signcryptions by n distinct users on n distinct messages, is proposed. First, the correction of the GASC scheme is analyzed. Then, we formally prove the security of GASC in the random oracle models IND-CCA2 and EUF-CMA under the DBDHP assumption and the DLP assumption, respectively. The results show that the GASC scheme is not only secure against any probabilistic polynomial-time IND-GASC-CCA2 and EUF-GASC-CMA adversary in the random oracle models but also efficient in pairing ê computations. In addition, the GASC scheme gives an effective remedy to the key escrow problem, which is an inherent issue in IBC by splitting the private key into two parts, and reduces the communication complexity by eliminating the interaction among the senders (signers) before the signcryption generation.

A Verifiable Credentials System with Privacy-Preserving Based on Blockchain

Decentralized identity authentication is generally based on blockchain, with the protection of user privacy as the core appeal. But traditional decentralized credential system requires users to show all the information of the entire credential to the verifier, resulting in unnecessary overexposure of personal information. From the perspective of user privacy, this paper proposed a verifiable credential scheme with selective disclosure based on BLS (Bohen- Lynn-Shacham) aggregate signature. Instead of signing the credentials, we sign the claims in the credentials. When the user needs to present the credential to verifier, the user can select a part of but not all claims to be presented. To reduce the number of signatures of claims after selective disclosure, BLS aggregate signature is achieved to aggregate signatures of claims into one signature. In addition, our scheme also supports the aggregation of credentials from different users. As a result, verifier only needs to verify one signature in the credential to achieve the purpose of batch verification of credentials. We analyze the security of our aggregate signature scheme, which can effectively resist aggregate signature forgery attack and credential theft attack. The simulation results show that our selective disclosure scheme based on BLS aggregate signature is acceptable in terms of verification efficiency, and can reduce the storage cost and communication overhead. As a result, our scheme is suitable for blockchain, which is strict on bandwidth and storage overhead.

Design of improved PBFT algorithm based on aggregate signature and node reputation

The alliance chain system is a distributed ledger system based on blockchain technology,which can realize data sharing and collaboration among multiple parties while ensuring data security and reliability.The Practical Byzantine Fault Tolerance(PBFT)consensus algorithm is the most popular consensus protocol in the alliance chain,but the algorithm has problems such as high complexity and too simple election of the master node,which will make PBFT unable to be applied in scenarios with too many nodes.At the same time,there are certain security issues.In order to solve these problems,this paper proposes an improved Byzantine consensus algorithm,Polymerization Signature and Reputation Value PBFT(P-V PBFT).Firstly,the consistency protocol process is improved based on the aggregate signature technology.The simulation results show that the P-V PBFT algorithm can effectively reduce the overhead of network transmission,and the time complexity of the algorithm decreases exponentially,which improves the efficiency of the consensus process.Secondly,the node reputation election mechanism is introduced to elect the primary node,and the security analysis is carried out to verify the fairness and security of the primary node election of the P-V PBFT algorithm.Therefore,as a feasible improvement of the blockchain consensus protocol,the P-V PBFT algorithm can provide more efficient and secure guarantee for the blockchain system in practical application.

An Efficient Certificateless Aggregate Signature Scheme

Aggregate signature can aggregate n signatures on n messages from n signers into a single signature that convinces any verifier that n signers sign the n messages, respectively. In this paper, by combining certificateless public key cryptography and aggregate signatures, we propose an efficient certificateless aggregate signature scheme and prove its security. The new scheme is proved secure against the two representative types adversaries in certificateless aggregate signature under the assumption that computational Diffie-Hellman problem is hard. Furthermore, from the comparison of the computation cost of the new scheme with some existing certificateless aggregate signature schemes in group sum computation, scalar multiplication computation, Hash computation and abilinear pairings computation, it concludes that the new scheme reduces the computation cost in scalar multiplication computation in half and maintains the same in the other computation costs.

Designing efficient proxy signature schemes for mobile communication

Proxy signature is an active cryptographic research area, and a wide range of literatures can be found nowadays suggesting improvement and generalization of existing protocols in various directions. However, from the efficiency view, many proposed proxy signature schemes in these literatures are not satisfying and cannot fit to the mobile communication. Therefore, there is a desire to design efficient proxy signature schemes. Based on Boneh et al＇s pairing-based short signature, this paper presents two proxy signature schemes. One is proxy-protected signature scheme, and the other is proxy aggregate signature scheme. Since both of them can achieve high efficiency, it is believed that they are specially suitable for mobile communication environment.

Lattice-based sequential aggregate signatures with lazy verification

This paper proposes the first lattice-based sequential aggregate signature （SAS） scheme with lazy verification that is provably secure in the random oracle model. As opposed to large integer factoring and discrete logarithm based systems, the security of the construction relies on worst-case lattice problem, namely, under the small integer solution （SIS） assumption. Generally speaking, SAS schemes enable any group of signers ordered in a chain to sequentially combine their signatures such that the size of the aggregate signature is much smaller than the total size of all individual signatures. Unlike prior such proposals, the new scheme does not require a signer to retrieve the keys of other signers and verify the aggregate-so-far before adding its own signature, and the signer can add its own signature to an unverified aggregate and forward it along immediately, postponing verification until load permits or the necessary public keys are obtained. Indeed, the new scheme does not even require a signer to know the public keys of other signers.

Attack on an Efficient Certificateless Aggregate Signature without Pairing

A Certificateless Aggregate Signature(CLAS) scheme was proposed by Qu and Mu recently, which was published in "Int J. Electronic Security and Digital Forensics, 2018, 10(2)". They used discrete logarithm to ensure the scheme's security. However,we show by formulating an attack that their CLAS scheme cannot defend against Type I adversary. Furthermore, we point out an error that exists in the signature simulation of their security proof.After that we give a correct signature simulation for the security proof. Finally, to resist the Type I attack, we present two methods for improving Qu et al's CLAS scheme. Moreover, the second improving method can elevate the trust level of Qu et al's CLAS scheme to the highest trust level: Level 3.

Key-insulated aggregate signature

In order to minimize the damage caused by key exposure in aggregate signatures, a key-insulated aggregate signature scheme is proposed in this paper. We give the def- inition and the security model of the key-insulated aggregate signature. We also construct a concrete key-insulated aggre- gate signature scheme that meets our definition. Our scheme has the properties of efficient verification and short signature length. We prove the security of our scheme in the random oracle model under the computation Diffie-Hellman assump- tion.

Practical Identity-Based Aggregate Signature from Bilinear Maps

A new identity-based （ID-based） aggregate signature scheme which does not need any kind of interaction among the signers was proposed to provide partial aggregation. Compared with the existing ID-based aggregate signatures, the scheme is more efficient in terms of computational cost, Security in the random oracle model based on a variant of the computation Diflle-Hellman （CDH） problem is captured.

Consensus algorithm for medical data storage and sharing based on master–slave multi-chain of alliance chain

The safe storage and sharing of medical data have promoted the development of the public medical field.At the same time,blockchain technology guarantees the safe storage and sharing of medical data.However,the consensus algorithm in the current medical blockchain cannot meet the requirements of low delay and high throughput in the large-scale network,and the identity of the primary node is exposed and vulnerable to attack.Therefore,this paper proposes an efficient consensus algorithm for medical data storage and sharing based on a master–slave multi-chain of alliance chain(ECA_MDSS).Firstly,institutional nodes in the healthcare alliance chain are clustered according to geographical location and medical system structure to form a multi-zones network.The system adopts master–slave multi-chain architecture to ensure security,and each zone processes transactions in parallel to improve consensus efficiency.Secondly,the aggregation signature is used to improve the practical Byzantine fault-tolerant(PBFT)consensus to reduce the communication interaction of consensus in each zone.Finally,an efficient ring signature is used to ensure the anonymity and privacy of the primary node in each zone and to prevent adaptive attacks.Meanwhile,a trust model is introduced to evaluate the trust degree of the node to reduce the evil done by malicious nodes.The experimental results show that ECA_MDSS can effectively reduce communication overhead and consensus delay,improve transaction throughput,and enhance system scalability.

Authentication scheme for industrial Internet of things based on DAG blockchain

Internet of things(IoT) can provide the function of product traceability for industrial systems. Emerging blockchain technology can solve the problem that the current industrial Internet of things(IIoT) system lacks unified product data sharing services. Blockchain technology based on the directed acyclic graph(DAG) structure is more suitable for high concurrency environments. But due to its distributed architecture foundation, direct storage of product data will cause authentication problems in data management. In response, IIoT based on DAG blockchain is proposed in this paper, which can provide efficient data management for product data stored on DAG blockchain, and an authentication scheme suitable for this structure is given. The security of the scheme is based on a discrete-logarithm-based assumption put forth by Lysyanskaya, Rivest, Sahai and Wolf(LRSW) who also show that it holds for generic groups. The sequential aggregation signature scheme is more secure and efficient, and the new scheme is safe in theory and it is more efficient in engineering.