Efficient and Provably Secure Multi-Recipient Signcryption from Bilinear Pairings

Signcryption is a cryptographic primitive that performs signature and encryption simultaneously, at lower computational costs and communication overheads than the signature-then- encryption approach. In this paper, we propose an efficient multi-recipient signcryption scheme based on the bilinear pairings, which broadcasts a message to multiple users in a secure and authenticated manner. We prove its semantic security and unforgeability under the Gap Diffie-Hellman problem assumption in the random oracle model. The proposed scheme is more efficient than re-signcrypting a message n times using a signcryption scheme in terms of computational costs and communication overheads.

WiBPA:An Efficient Data Integrity Auditing Scheme Without Bilinear Pairings

The security of cloud data has always been a concern.Cloud server provider may maliciously tamper or delete user’s data for their own benefit,so data integrity audit is of great significance to verify whether data is modified or not.Based on the general three-party audit architecture,a dynamic auditing scheme without bilinear pairings is proposed in this paper.It utilizes exponential operation instead of bilinear mapping to verify the validity of evidence.By establishing the mapping relation between logic index and tag index of data block with index transformation table,our scheme can easily support dynamic data operation.By hiding random numbers in the integrity evidence,our scheme can protect users’privacy information.Detailed security analysis shows that our scheme is secure against attacks such as forgery,replaying and substitution.Further experiments demonstrate that our scheme has lower computational overhead.

A PROVABLY SECURE PROXY SIGNATURE SCHEME FROM BILINEAR PAIRINGS

A proxy signature allows an entity, called original signer, to delegate its signing power to another entity, called proxy signer, to sign messages on its behalf. Proxy signatures have many practical applications and are very important cryptographic protocol. In this paper, we propose an efficient proxy signature scheme from bilinear pairings. We prove it secure in the random oracle model and analyze computation cost of our scheme. Our scheme satisfies all the properties required for proxy signatures.

Research on k-anonymity privacy protection scheme based on bilinear pairings

Aimed at enhancing privacy protection of location-based services（ LBS） in mobile Internet environment,an improved privacy scheme of high service quality on the basis of bilinear pairings theory and k-anonymity is proposed. In circular region of Euclidian distance,mobile terminal evenly generates some false locations,from which half optimal false locations are screened out according to position entropy,location and mapping background information. The anonymity obtains the effective guarantee,so as to realize privacy protection. Through security analyses,the scheme is proved not only to be able to realize such security features as privacy,anonymity and nonforgeability,but also able to resist query tracing attack. And the result of simulation shows that this scheme not only has better evenness in selecting false locations,but also improves efficiency in generating and selecting false nodes.

Efficient Certificateless Authenticated Key Agreement Protocol from Pairings

In the area of secure Web information system, mutual authentication and key agreement are essential between Web clients and servers. An efficient certificateless authenticated key agreement protocol for Web client/server setting is proposed, which uses pairings on certain elliptic curves. We show that the newly proposed key agreement protocol is practical and of great efficiency, meanwhile, it satisfies every desired security require ments for key agreement protocols.

Identity Based Group Key Agreement from Bilinear Pairing

We present a provably secure authenticated tree based key agreement scheme for multicast. There is a wide variety of applications that can benefit from using our scheme, e. g. , pay-Tv, teleconferencing, software updates. Compared with the previous published schemes, our scheme provides group member authentication without introducing additional mechanism. Future, we give the security proof of our scheme under the random oracle model.

Provable Efficient Certificateless Group Key Exchange Protocol

Certificateless public key cryptography （CL-PKC） avoids the inherent escrow of identity-based cryptography and does not require certificates to guarantee the authenticity of public keys. Based on CL-PKC, we present an efficient constant-round group key exchange protocol, which is provably secure under the intractability of computation Diffie-Hellman problem. Our protocol is a contributory key exchange with perfect forward secrecy and has only two communication rounds. So it is more efficient than other protocols. Moreover, our protocol provides a method to design efficient constant-round group key exchange protocols and most secret sharing schemes could be adopted to construct our protocol.

A New ID-Based Proxy Blind Signature Scheme

An identity-based proxy blind signature scheme from bilinear pairings isintroduced, which combines the advantages of proxy signature and blind signature. Furthermore, ourscheme can prevent the original signer from generating the proxy blind signature, thus the profitsof the proxy signer are guaranteed. We introduce bilinear pairings to minimize computationaloverhead and to improve the related performance of our scheme. In addition, the proxy blindsignature presented is non-repudiable and it fulfills perfectly the security requirements of a proxyblind signature.

Efficient ID-Based Proxy Blind Signature Scheme

In a proxy blind signature scheme, the proxy signer is allowed to generate a blind signature on behalf of the original signer. The proxy blind signature scheme is useful in several applications such as e-voting and e-payment. In this paper, we propose an identity-based proxy blind signature scheme which combines the advantages of proxy signature and of blind signature. Our scheme fulfills peffecdy the security requirements of a proxy blind signature. Comparing the previous scheme, our scheme needs less computational overhead and is more efficient.

An Efficient Certificateless Ring Signature Scheme

To overcome the drawbacks such as high computational cost, unreasonable security model and long signature length in existing certificateless ring signature schemes, we propose an efficient certificateless ring signature scheme in this paper. Our construction is inspired by some efficient ID-based ring signature schemes, and uses bilinear pairings as a basic tool. Using a reasonable security model, the unforgeability of the proposed scheme is proven based on the intractability of the computational Diffie-Hellman （CDH） problem. The signature length of the new scheme is only ｜G2｜＋n｜G1｜ （｜Gi｜ is the bit length of an element in group Gi, i =1, 2）. Compared with other existing certificateless ring signature schemes, the newly proposed scheme has a shorter signature length and is more efficient and practical.

Provable Security of ID-Based Proxy Multi-Signature Schemes

In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature （ID-PMS） schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.

Improvement of Identity-Based Threshold Proxy Signature Scheme with Known Signers

In 2006, Bao et al proposed an identlty-based threshold proxy signature scheme with known signers. In this paper, we show that Bao et al＇s scheme is vulnerable to the forgery attack. An adversary can forge a valid threshold proxy signature for any message with knowing a previously valid threshold proxy signature. In addition, their scheme also suffers from the weakness that the proxy signers might change the threshold value. That is, the proxy signers can arbitrarily modify the threshold strategy without being detected by the original signer or verifiers, which might violate the original signer＇s intent. Furthermore, we propose an improved scheme that remedies the weaknesses of Bao et al＇s scheme. The improved scheme satisfies all secure requirements for threshold proxy signature.

一种可证安全的无证书环签密方案(英文)

Ring signcryption enables a user to send a message confidentially and authentically to a specific receiver in an anonymous way.One of the main reasons for the slow adoption of identity-based cryptography is the inherent key escrow problem.In this paper a new certificateless ring signcryption scheme from pairings is presented.It is escrow free in that no KGC is able to decrypt ciphertexts itself.We then formally prove the security of the new scheme in the random oracle model IND-CCA2 and EUF-CMA.

An Identity-Based Strong Designated Verifier Proxy Signature Scheme

In a strong designated verifier proxy signature scheme, a proxy signer can generate proxy signature on behalf of an original signer, but only the designated verifier can verify the validity of the proxy signature. In this paper, we first define the security requirements for strong designated verifier proxy signature schemes. And then we construct an identity-based strong designated verifier proxy signature scheme. We argue that the proposed scheme satisfies all of the security requirements.

Identity Based Group Key Agreement in Multiple PKG Environment

Secure and reliable group communication is an increasingly active research area by growing popularity in group-oriented and collaborative applications. In this paper, we propose the first identity-based authenticated group key agreement in multiple private key generators （PKG） environment. It is inspired on a new two-party identity-based key agreement protocol first proposed by Hoonjung Lee et al. In our scheme, although each member comes from different domain and belongs to different PKGs which do not share the common system parameters, they can agree on a shared secret group key. We show that our scheme satisfies every security requirements of the group key agreement protocols.

Improvement of an ID-Based Deniable Authentication Protocol

The deniable authentication protocol is an important notion that allows a receiver to identify the source of a given message, but not to prove the identity of the sender to a third party. Such property is very useful for providing secure negotiation over the Internet. The ID-based deniable authentication protocol based on elliptic Diffie-Hellman key agreement protocol cannot defend the sender spoofing attack and message modification attack. In this paper, we present an improved protocol based on double elliptic Diffie- Hellman scheme. According to the comparison result, the proposed protocol performs better.

Cost Effective Decentralized Key Management Framework for IoT

Security is a primary concern in communication for reliable transfer ofinformation between the authenticated members, which becomes more complexin a network of Internet of Things (IoT). To provide security for group communication a key management scheme incorporating Bilinear pairing technique withMulticast and Unicast key management protocol (BMU-IOT) for decentralizednetworks has been proposed. The first part of the proposed work is to dividethe network into clusters where sensors are connected to and is administered bycluster head. Each sensor securely shares its secret keys with the cluster headusing unicast. Based on these decryption keys, the cluster head generates a common encryption key using bilinear pairing. Any sensor in the subgroup candecrypt the message, which is encrypted by the common encryption key. Theremaining part focuses to reduce communication, computation and storage costsof the proposed framework and the resilience against various attacks. The implementation is carried out and results are compared with the existing schemes thathave given considerably better results. Thus, the lightweight devices of IoT canprovide efficiency and security by reducing their overhead in terms of complexity.

The Development of Proxy Re-Encryption

With the diversification of electronic devices,cloud-based services have become the link between different devices.As a cryptosystem with secure conversion function,proxy re-encryption enables secure sharing of data in a cloud environment.Proxy re-encryption is a public key encryption system with ciphertext security conversion function.A semi-trusted agent plays the role of ciphertext conversion,which can convert the user ciphertext into the same plaintext encrypted by the principal’s public key.Proxy re-encryption has been a hotspot in the field of information security since it was proposed by Blaze et al.[Blaze,Bleumer and Strauss(1998)].After 20 years of development,proxy re-encryption has evolved into many forms been widely used.This paper elaborates on the definition,characteristics and development status of proxy re-encryption,and classifies proxy re-encryption from the perspectives of user identity,conversion condition,conversion hop count and conversion direction.The aspects of the existing program were compared and briefly reviewed from the aspects of features,performance,and security.Finally,this paper looks forward to the possible development direction of proxy re-encryption in the future.

Cryptanalysis and improvement of a certificateless signcryption scheme without bilinear pairing

As an improtant cryptographic scheme, signcryption scheme has been widely used in applications since it could provide both of signature and encryption. With the development of the certificateless public key cryptography （CLPKC）, many certificatelss signcryption （CLSC） schemes using bilinear pairing hve been proposed. Comparated other operations, the bilinear pairing operaion is much more compulicated. Therefore, CLSC scheme without bilinear pairing is more suitable for applications. Recently, Jing et al. proposed a CLSC scheme without bilinear pairing and claimed their scheme is secure against two types of adversaries. In this paper, we will show their scheme provide neither unforgeability property nor confidentiality property. To improve security, we also propose a new CLSC scheme without pairing and demonstrate it is provably secure in the random oracle model.