Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we...Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.展开更多
The security of cloud data has always been a concern.Cloud server provider may maliciously tamper or delete user’s data for their own benefit,so data integrity audit is of great significance to verify whether data is...The security of cloud data has always been a concern.Cloud server provider may maliciously tamper or delete user’s data for their own benefit,so data integrity audit is of great significance to verify whether data is modified or not.Based on the general three-party audit architecture,a dynamic auditing scheme without bilinear pairings is proposed in this paper.It utilizes exponential operation instead of bilinear mapping to verify the validity of evidence.By establishing the mapping relation between logic index and tag index of data block with index transformation table,our scheme can easily support dynamic data operation.By hiding random numbers in the integrity evidence,our scheme can protect users’privacy information.Detailed security analysis shows that our scheme is secure against attacks such as forgery,replaying and substitution.Further experiments demonstrate that our scheme has lower computational overhead.展开更多
Ring signature and proxy signature are of vital importance to secure electronic commerce. Recently, the bilinear pairing such as Well pairing or Tate pairing on elliptic curves and hyperelliptic curves is playing an i...Ring signature and proxy signature are of vital importance to secure electronic commerce. Recently, the bilinear pairing such as Well pairing or Tate pairing on elliptic curves and hyperelliptic curves is playing an important role in security solutions. Several ID-based signature schemes have been put forward, many of which are based on bilinear pairings. In key management and moderate security demand scenarios, ID-based public key cryptosystem is more preferable than other public key infrastructure based systems. In this paper, an improved ID-based proxy ring signature scheme from bilinear pairings is proposed which combines the advantages of proxy signature and of ring signatures. Our scheme can guarantee the profits of the proxy signer via preventing the original signer form generating the proxy ring signature. Furthermore, bilinear pairings are introduced to minimize the computation overhead and to improve the related performance of our scheme. In contrast with Zhang's scheme, our scheme is a computational efficiency improvement for signature verification because the computational cost of bilinear pairings required is reduced from O(n) to O( 1 ). In addition, the proxy ring signature presented in this paper can perfectly satisfy all the security requirements of proxy ring signature, i. e. signer-ambiguity, non-forgeability, verification, non-deniability and distinguishability.展开更多
Proxy signatures are very useful tools when one needs to delegate his/her signing capability to other parties. In this paper,a new multi-proxy signature scheme is proposed. The new scheme is constructed from bilinear ...Proxy signatures are very useful tools when one needs to delegate his/her signing capability to other parties. In this paper,a new multi-proxy signature scheme is proposed. The new scheme is constructed from bilinear pairings using Boneh,Lynn,and Shacham’s (BLS) short signatures. The proxy key for the proxy group is just a short signature on the proxy warrant generated by the original signer. Due to the use of short signatures,our scheme is not only efficient,but also satisfies all the security requirements of the strong proxy signature.展开更多
We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software upda...We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software updates. Compared with the previous published schemes, our scheme provides group member authentication without introducing additional mechanism. Future, we give the security proof of our scheme under the random oracle model.展开更多
A proxy signature allows an entity, called original signer, to delegate its signing power to another entity, called proxy signer, to sign messages on its behalf. Proxy signatures have many practical applications and a...A proxy signature allows an entity, called original signer, to delegate its signing power to another entity, called proxy signer, to sign messages on its behalf. Proxy signatures have many practical applications and are very important cryptographic protocol. In this paper, we propose an efficient proxy signature scheme from bilinear pairings. We prove it secure in the random oracle model and analyze computation cost of our scheme. Our scheme satisfies all the properties required for proxy signatures.展开更多
Two digital multisignature schemes based on bilinear pairings were proposed. One of them is the sequential digital multisignature, and the other is the broadcasting digital multisignature. The scheme has the same secu...Two digital multisignature schemes based on bilinear pairings were proposed. One of them is the sequential digital multisignature, and the other is the broadcasting digital multisignature. The scheme has the same security as JI and LIs multisignature scheme, but the new scheme has the lower computation. So the new scheme is the multisignature which has high security and low computation. It has the theory meaning and extensive application under the condition of SmartCard, etc.展开更多
As an improtant cryptographic scheme, signcryption scheme has been widely used in applications since it could provide both of signature and encryption. With the development of the certificateless public key cryptograp...As an improtant cryptographic scheme, signcryption scheme has been widely used in applications since it could provide both of signature and encryption. With the development of the certificateless public key cryptography (CLPKC), many certificatelss signcryption (CLSC) schemes using bilinear pairing hve been proposed. Comparated other operations, the bilinear pairing operaion is much more compulicated. Therefore, CLSC scheme without bilinear pairing is more suitable for applications. Recently, Jing et al. proposed a CLSC scheme without bilinear pairing and claimed their scheme is secure against two types of adversaries. In this paper, we will show their scheme provide neither unforgeability property nor confidentiality property. To improve security, we also propose a new CLSC scheme without pairing and demonstrate it is provably secure in the random oracle model.展开更多
Based on the GDH signature (short signature scheme) a probabilistic signature scheme is proposed in this paper with security proof.Then a new threshold proxy signature from bilinear pairings is proposed as well by us ...Based on the GDH signature (short signature scheme) a probabilistic signature scheme is proposed in this paper with security proof.Then a new threshold proxy signature from bilinear pairings is proposed as well by us ing the new probabilistic signature scheme and the properties of the Gap Diffie-Hellman (GDH)group (where the Computational Diffie-Hellman problem is hard but the Decisional Diffie-Hellman problem is easy to solve).Our constructions are based on the recently proposed GDH signature scheme of Bonel et al.s article.Bilinear pairings could be built from Weil pairing or Tate pairing.So most our constructions would be simpler,but still with high security.The proposed threshold proxy signature is the first one which is built from bilinear pairings.At the end of this paper security and performance of the threshold proxy signature scheme is also analyzed.展开更多
Aimed at enhancing privacy protection of location-based services( LBS) in mobile Internet environment,an improved privacy scheme of high service quality on the basis of bilinear pairings theory and k-anonymity is pr...Aimed at enhancing privacy protection of location-based services( LBS) in mobile Internet environment,an improved privacy scheme of high service quality on the basis of bilinear pairings theory and k-anonymity is proposed. In circular region of Euclidian distance,mobile terminal evenly generates some false locations,from which half optimal false locations are screened out according to position entropy,location and mapping background information. The anonymity obtains the effective guarantee,so as to realize privacy protection. Through security analyses,the scheme is proved not only to be able to realize such security features as privacy,anonymity and nonforgeability,but also able to resist query tracing attack. And the result of simulation shows that this scheme not only has better evenness in selecting false locations,but also improves efficiency in generating and selecting false nodes.展开更多
Using Shamir's secret sharing scheme to indi- rectly share the identity-based private key in the form of a pairing group element, we propose an efficient identity-based threshold decryption scheme from pairings and p...Using Shamir's secret sharing scheme to indi- rectly share the identity-based private key in the form of a pairing group element, we propose an efficient identity-based threshold decryption scheme from pairings and prove its se- curity in the random oracle model. This new paring-based scheme features a few improvements compared with other schemes in the literature. The two most noticeable features are its efficiency, by drastically reducing the number of pair- ing computations, and the ability it gives the user to share the identity-based private key without requiring any access to a private key generator. With the ability it gives the user to share the identity-based private key, our ID-based threshold decryption (IBTD) scheme, the second of its kind, is signif- icantly more efficient than the first scheme, which was de- veloped by Baek and Zheng, at the expense of a slightly in- creased ciphertext length. In fact, our IBTD scheme tries to use as few bilinear pairings as possible, especially without depending on the suite of Baek-Zheng secret sharing tools based on pairings.展开更多
To solve the problem of security and efficiency of anonymous authentication in the vehicle Ad-hoc network(VANET), a conditional privacy protection authentication scheme for vehicular networks is proposed based on bili...To solve the problem of security and efficiency of anonymous authentication in the vehicle Ad-hoc network(VANET), a conditional privacy protection authentication scheme for vehicular networks is proposed based on bilinear pairings. In this scheme, the tamper-proof device in the roadside unit(RSU) is used to complete the message signature and authentication process together with the vehicle, which makes it more secure to communicate between RSU and trusted authority(TA) and faster to update system parameters and revoke the vehicle. And this is also cheaper than installing tamper-proof devices in each vehicle unit. Moreover, the scheme provide provable security proof under random oracle model(ROM), which shows that the proposed scheme can meet the security requirements such as conditional privacy, unforgeability, traceability, etc. And the results of simulation experiment demonstrate that this scheme not only of achieves high efficiency, but also has low message loss rate.展开更多
In the area of secure Web information system, mutual authentication and key agreement are essential between Web clients and servers. An efficient certificateless authenticated key agreement protocol for Web client/ser...In the area of secure Web information system, mutual authentication and key agreement are essential between Web clients and servers. An efficient certificateless authenticated key agreement protocol for Web client/server setting is proposed, which uses pairings on certain elliptic curves. We show that the newly proposed key agreement protocol is practical and of great efficiency, meanwhile, it satisfies every desired security require ments for key agreement protocols.展开更多
We argue that traditional identity-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we first propose new ID-based public key systems wit...We argue that traditional identity-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we first propose new ID-based public key systems without trusted PKG (Private Key Generator) from bilinear pairings. In our new ID-based systems, if the dishonest PKG impersonates an honest user to communicate with others, the user can provide a proof of treachery of the PKG afterwards, which is similar to certificate-based systems. Therefore, our systems reach the Girault’s trusted level 3. We then propose a group signature scheme under the new ID-based systems, the security and performance of which rely on the new systems. The size of the group public key and the length of the signature are independent on the numbers of the group.展开更多
The digitization of patient health information has brought many benefits and challenges for both the patients and physicians. However, security and privacy preservation have remained important challenges for remote he...The digitization of patient health information has brought many benefits and challenges for both the patients and physicians. However, security and privacy preservation have remained important challenges for remote health monitoring systems. Since a patient’s health information is sensitive and the communication channel (i.e. the Internet) is insecure, it is important to protect them against unauthorized entities. Otherwise, failure to do so will not only lead to compromise of a patient’s privacy, but will also put his/her life at risk. How to provide for confidentiality, patient anonymity and un-traceability, access control to a patient’s health information and even key exchange between a patient and her physician are critical issues that need to be addressed if a wider adoption of remote health monitoring systems is to be realized. This paper proposes an authenticated privacy preserving pairing-based scheme for remote health monitoring systems. The scheme is based on the concepts of bilinear paring, identity-based cryptography and non-interactive identity-based key agreement protocol. The scheme also incorporates an efficient batch signature verification scheme to reduce computation cost during multiple simultaneous signature verifications.展开更多
基金Supported by the National Natural Science Foundation of China (60473029)
文摘Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.
基金This work is supported by the National Key R&D Program of China(2016YFB0800402)partially supported by the National Natural Science Foundation of China under Grant No.61232004and the Fundamental Research Funds for the Central Universities(2016YXMS020).
文摘The security of cloud data has always been a concern.Cloud server provider may maliciously tamper or delete user’s data for their own benefit,so data integrity audit is of great significance to verify whether data is modified or not.Based on the general three-party audit architecture,a dynamic auditing scheme without bilinear pairings is proposed in this paper.It utilizes exponential operation instead of bilinear mapping to verify the validity of evidence.By establishing the mapping relation between logic index and tag index of data block with index transformation table,our scheme can easily support dynamic data operation.By hiding random numbers in the integrity evidence,our scheme can protect users’privacy information.Detailed security analysis shows that our scheme is secure against attacks such as forgery,replaying and substitution.Further experiments demonstrate that our scheme has lower computational overhead.
基金Sponsored by the National Natural Science Foundation of China(Grant No.90104033).
文摘Ring signature and proxy signature are of vital importance to secure electronic commerce. Recently, the bilinear pairing such as Well pairing or Tate pairing on elliptic curves and hyperelliptic curves is playing an important role in security solutions. Several ID-based signature schemes have been put forward, many of which are based on bilinear pairings. In key management and moderate security demand scenarios, ID-based public key cryptosystem is more preferable than other public key infrastructure based systems. In this paper, an improved ID-based proxy ring signature scheme from bilinear pairings is proposed which combines the advantages of proxy signature and of ring signatures. Our scheme can guarantee the profits of the proxy signer via preventing the original signer form generating the proxy ring signature. Furthermore, bilinear pairings are introduced to minimize the computation overhead and to improve the related performance of our scheme. In contrast with Zhang's scheme, our scheme is a computational efficiency improvement for signature verification because the computational cost of bilinear pairings required is reduced from O(n) to O( 1 ). In addition, the proxy ring signature presented in this paper can perfectly satisfy all the security requirements of proxy ring signature, i. e. signer-ambiguity, non-forgeability, verification, non-deniability and distinguishability.
基金Supported by the Jiangsu Educational Committee (No.03KJA520066)Key Lab. (Xidian University) of Ministry of Education of China on Computer Networks and Information Security.
文摘Proxy signatures are very useful tools when one needs to delegate his/her signing capability to other parties. In this paper,a new multi-proxy signature scheme is proposed. The new scheme is constructed from bilinear pairings using Boneh,Lynn,and Shacham’s (BLS) short signatures. The proxy key for the proxy group is just a short signature on the proxy warrant generated by the original signer. Due to the use of short signatures,our scheme is not only efficient,but also satisfies all the security requirements of the strong proxy signature.
基金Supported by the National Natural Science Foun-dation of China (90304007) the National Basic Research Programof China(973 Program2004CB318004)
文摘We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software updates. Compared with the previous published schemes, our scheme provides group member authentication without introducing additional mechanism. Future, we give the security proof of our scheme under the random oracle model.
基金Supported by the National Natural Science Foundation of China (No. 60842002, 60673070)The National High-tech Research and Development Plan of China (No. 2007AA01- Z409)+2 种基金The Fundamental Research Funds for the Central Universities Grant No. B1020211China Postdoctoral Science Foundation Funded ProjectThe "Six Talent Peaks Program" of Jiangsu Province of China and Pro-gram for New Century Excellent Talents in Hohai Uni-versity
文摘A proxy signature allows an entity, called original signer, to delegate its signing power to another entity, called proxy signer, to sign messages on its behalf. Proxy signatures have many practical applications and are very important cryptographic protocol. In this paper, we propose an efficient proxy signature scheme from bilinear pairings. We prove it secure in the random oracle model and analyze computation cost of our scheme. Our scheme satisfies all the properties required for proxy signatures.
基金Natural Science Foundation of Fujian Province of China( Z0511024)
文摘Two digital multisignature schemes based on bilinear pairings were proposed. One of them is the sequential digital multisignature, and the other is the broadcasting digital multisignature. The scheme has the same security as JI and LIs multisignature scheme, but the new scheme has the lower computation. So the new scheme is the multisignature which has high security and low computation. It has the theory meaning and extensive application under the condition of SmartCard, etc.
基金This research was supported by the National Natural Science Foundation of China (Grant No. 61202447), Natural Science Foundation of Hebei Province of China (F2013501066), Northeastern University at Qinhuangdao Science and Technology Support Program (xnk201307).
文摘As an improtant cryptographic scheme, signcryption scheme has been widely used in applications since it could provide both of signature and encryption. With the development of the certificateless public key cryptography (CLPKC), many certificatelss signcryption (CLSC) schemes using bilinear pairing hve been proposed. Comparated other operations, the bilinear pairing operaion is much more compulicated. Therefore, CLSC scheme without bilinear pairing is more suitable for applications. Recently, Jing et al. proposed a CLSC scheme without bilinear pairing and claimed their scheme is secure against two types of adversaries. In this paper, we will show their scheme provide neither unforgeability property nor confidentiality property. To improve security, we also propose a new CLSC scheme without pairing and demonstrate it is provably secure in the random oracle model.
文摘Based on the GDH signature (short signature scheme) a probabilistic signature scheme is proposed in this paper with security proof.Then a new threshold proxy signature from bilinear pairings is proposed as well by us ing the new probabilistic signature scheme and the properties of the Gap Diffie-Hellman (GDH)group (where the Computational Diffie-Hellman problem is hard but the Decisional Diffie-Hellman problem is easy to solve).Our constructions are based on the recently proposed GDH signature scheme of Bonel et al.s article.Bilinear pairings could be built from Weil pairing or Tate pairing.So most our constructions would be simpler,but still with high security.The proposed threshold proxy signature is the first one which is built from bilinear pairings.At the end of this paper security and performance of the threshold proxy signature scheme is also analyzed.
基金supported by the National Natural Science Foundation of China(61772159,61300124,61300216)the Science and Technology Research Program of Henan Province(172102310677)
文摘Aimed at enhancing privacy protection of location-based services( LBS) in mobile Internet environment,an improved privacy scheme of high service quality on the basis of bilinear pairings theory and k-anonymity is proposed. In circular region of Euclidian distance,mobile terminal evenly generates some false locations,from which half optimal false locations are screened out according to position entropy,location and mapping background information. The anonymity obtains the effective guarantee,so as to realize privacy protection. Through security analyses,the scheme is proved not only to be able to realize such security features as privacy,anonymity and nonforgeability,but also able to resist query tracing attack. And the result of simulation shows that this scheme not only has better evenness in selecting false locations,but also improves efficiency in generating and selecting false nodes.
文摘Using Shamir's secret sharing scheme to indi- rectly share the identity-based private key in the form of a pairing group element, we propose an efficient identity-based threshold decryption scheme from pairings and prove its se- curity in the random oracle model. This new paring-based scheme features a few improvements compared with other schemes in the literature. The two most noticeable features are its efficiency, by drastically reducing the number of pair- ing computations, and the ability it gives the user to share the identity-based private key without requiring any access to a private key generator. With the ability it gives the user to share the identity-based private key, our ID-based threshold decryption (IBTD) scheme, the second of its kind, is signif- icantly more efficient than the first scheme, which was de- veloped by Baek and Zheng, at the expense of a slightly in- creased ciphertext length. In fact, our IBTD scheme tries to use as few bilinear pairings as possible, especially without depending on the suite of Baek-Zheng secret sharing tools based on pairings.
文摘To solve the problem of security and efficiency of anonymous authentication in the vehicle Ad-hoc network(VANET), a conditional privacy protection authentication scheme for vehicular networks is proposed based on bilinear pairings. In this scheme, the tamper-proof device in the roadside unit(RSU) is used to complete the message signature and authentication process together with the vehicle, which makes it more secure to communicate between RSU and trusted authority(TA) and faster to update system parameters and revoke the vehicle. And this is also cheaper than installing tamper-proof devices in each vehicle unit. Moreover, the scheme provide provable security proof under random oracle model(ROM), which shows that the proposed scheme can meet the security requirements such as conditional privacy, unforgeability, traceability, etc. And the results of simulation experiment demonstrate that this scheme not only of achieves high efficiency, but also has low message loss rate.
基金Supported bythe National Natural Science Foundationof China (60225007 ,60572155) the Science and Technology ResearchProject of Shanghai (04DZ07067)
文摘In the area of secure Web information system, mutual authentication and key agreement are essential between Web clients and servers. An efficient certificateless authenticated key agreement protocol for Web client/server setting is proposed, which uses pairings on certain elliptic curves. We show that the newly proposed key agreement protocol is practical and of great efficiency, meanwhile, it satisfies every desired security require ments for key agreement protocols.
基金Supported by National Natural Science Foundation of China (No.60503006 and No.60403007) and Natural Science Foundation of Guangdong, China (No. 04205407).
文摘We argue that traditional identity-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we first propose new ID-based public key systems without trusted PKG (Private Key Generator) from bilinear pairings. In our new ID-based systems, if the dishonest PKG impersonates an honest user to communicate with others, the user can provide a proof of treachery of the PKG afterwards, which is similar to certificate-based systems. Therefore, our systems reach the Girault’s trusted level 3. We then propose a group signature scheme under the new ID-based systems, the security and performance of which rely on the new systems. The size of the group public key and the length of the signature are independent on the numbers of the group.
文摘The digitization of patient health information has brought many benefits and challenges for both the patients and physicians. However, security and privacy preservation have remained important challenges for remote health monitoring systems. Since a patient’s health information is sensitive and the communication channel (i.e. the Internet) is insecure, it is important to protect them against unauthorized entities. Otherwise, failure to do so will not only lead to compromise of a patient’s privacy, but will also put his/her life at risk. How to provide for confidentiality, patient anonymity and un-traceability, access control to a patient’s health information and even key exchange between a patient and her physician are critical issues that need to be addressed if a wider adoption of remote health monitoring systems is to be realized. This paper proposes an authenticated privacy preserving pairing-based scheme for remote health monitoring systems. The scheme is based on the concepts of bilinear paring, identity-based cryptography and non-interactive identity-based key agreement protocol. The scheme also incorporates an efficient batch signature verification scheme to reduce computation cost during multiple simultaneous signature verifications.
