Key agreement protocols are essential for secure communications. In this paper, to solve the inherent key escrow problem of identity-based cryptography, an escrow-free certificate-based authenticated key agreement (C...Key agreement protocols are essential for secure communications. In this paper, to solve the inherent key escrow problem of identity-based cryptography, an escrow-free certificate-based authenticated key agreement (CB-AK) protocol with perfect forward secrecy is proposed. Our protocol makes use of pairings on elliptic curves. The protocol is described and its properties are discussed though comparison with Smart's protocol.展开更多
Key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest private key generator (PKG) can forge the signature of any user, meanwhile, the user can deny the signature actually si...Key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest private key generator (PKG) can forge the signature of any user, meanwhile, the user can deny the signature actually signed by him/herself. To avoid the keyescrow problem, an ID-based signature scheme was presented without trusted PKG. The exact proof of security was presented to demonstrate that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other signature schemes, the proposed scheme is more efficient.展开更多
An accountable authority attribute-based encryption (A-ABE) scheme is presented in this paper. The notion of accountable authority identity-based encryption (A-IBE) was first introduced by Goyal at Crypto'07. It ...An accountable authority attribute-based encryption (A-ABE) scheme is presented in this paper. The notion of accountable authority identity-based encryption (A-IBE) was first introduced by Goyal at Crypto'07. It is a novel approach to mitigate the (inherent) key escrow problem in identity-based cryptosystems. In this work, the concept of accountable authority to attribute-based encryption (ABE) setting is generalized for the first time, and then a construction is given. The scheme non-trivially integrates an A-IBE scheme proposed by Libert et al. with an ABE scheme. In our construction, a user will be identified by a pair ( id, o~), where id denotes the user' s identity and ω denotes the set of attributes associated to the user. In addition, our construction is shown to be secure under some reasonable assumptions.展开更多
In the realm of vehicular ad hoc networks(VANETs),data aggregation plays a pivotal role in bringing together data from multiple vehicles for further processing and sharing.Erroneous data feedback can significantly imp...In the realm of vehicular ad hoc networks(VANETs),data aggregation plays a pivotal role in bringing together data from multiple vehicles for further processing and sharing.Erroneous data feedback can significantly impact vehicle operations,control,and overall safety,necessitating the assurance of security in vehicular data aggregation.Addressing the security risks and challenges inherent in data aggregation within VANETs,this paper introduces a blockchain-based scheme for secure and anonymous data aggregation.The proposed scheme integrates cloud computing with blockchain technology,presenting a novel blockchain-based data aggregation system that robustly supports efficient and secure data collection in VANETs.Leveraging key escrow resilience mechanisms,the solution ensures the security of system keys,preventing the security problems caused by keys generated by third parties alone in the past.Furthermore,through secondary data aggregation,fine-grained data aggregation is achieved,providing effective support for cloud services in VANETs.The effectiveness of the proposed scheme is confirmed through security analysis and performance evaluations,demonstrating superior computational and communication efficiency compared existing alternatives.展开更多
In key escrow field it is important to solve the problem thatuser's secret key completely depends on the trusted escrow agency. In 1995, some methods of solving the problem were presented. But these methods are no...In key escrow field it is important to solve the problem thatuser's secret key completely depends on the trusted escrow agency. In 1995, some methods of solving the problem were presented. But these methods are no better than that of directly using threshold cryptography. In this paper, we present a common pattern of threshold key escrow scheme based on public key cryptosystem, and a detailed design based on the improved RSA algorithm is given. The above problem is solved by this scheme.展开更多
Security of wireless sensor network (WSN) is a considerable challenge, because of limitation in energy, communication bandwidth and storage. ID-based cryptosystem without checking and storing certificate is a suitab...Security of wireless sensor network (WSN) is a considerable challenge, because of limitation in energy, communication bandwidth and storage. ID-based cryptosystem without checking and storing certificate is a suitable way used in WSN. But key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest key generation center (KGC) can forge the signature of any node and on the other hand the node can deny the signature actually signed by him/herself. To solving this problem, we propose an ID-based ring signature scheme without trusted KGC. We also present the accurate secure proof to prove that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other ring signature schemes, we think proposed scheme is more efficient.展开更多
In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencry...In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.展开更多
This paper defines the security notion for Certificateless Threshold Signatures (CLTHS). Different from the adversarial model defined by Wang, et al. (2007), our definition considers Type I and Type II adversary s...This paper defines the security notion for Certificateless Threshold Signatures (CLTHS). Different from the adversarial model defined by Wang, et al. (2007), our definition considers Type I and Type II adversary separately. At the same time, the authors develop the simulatability and relationship between certificateless threshold signature and the underlying certificateless signature. We also propose the first CLTHS scheme which is proved existentially unforgeable against adaptively chosen message attack without random oracles. Compared with the previous scheme by Wang, et al. (2007), our scheme does not use hash function and is more efficient.展开更多
Many identity-based signature (IBS) schemes solving key escrow were proposed, But the updating of the private keys wasn't discussed in these literatures. For the problem of key update, an identity-based key-insulat...Many identity-based signature (IBS) schemes solving key escrow were proposed, But the updating of the private keys wasn't discussed in these literatures. For the problem of key update, an identity-based key-insulated signature scheme with secure key-updates has been proposed. But their scheme inherited the key escrow property. In this paper, we propose a new identity-based strong key-insulated signature scheme without key escrow. It makes the IBS scheme more applicable to the real world. After analyzing the security and the performance, an application example in E-passport passive authentication scenario is described.展开更多
基金Supported by the National Natural Science Founda-tion of China (60225007, 60572155) and the Science and Technology Research Project of Shanghai (04DZ07067)
文摘Key agreement protocols are essential for secure communications. In this paper, to solve the inherent key escrow problem of identity-based cryptography, an escrow-free certificate-based authenticated key agreement (CB-AK) protocol with perfect forward secrecy is proposed. Our protocol makes use of pairings on elliptic curves. The protocol is described and its properties are discussed though comparison with Smart's protocol.
文摘Key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest private key generator (PKG) can forge the signature of any user, meanwhile, the user can deny the signature actually signed by him/herself. To avoid the keyescrow problem, an ID-based signature scheme was presented without trusted PKG. The exact proof of security was presented to demonstrate that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other signature schemes, the proposed scheme is more efficient.
基金Supported by the National Natural Science Foundation of China(No.60970111,60903189,60903020)the National High Technology Research and Development Programme of China(No.2009AA012418)+1 种基金the National Basic Research Program of China(No.2007CB311201)the Foundation of NLMC(No.9140C1103020803)
文摘An accountable authority attribute-based encryption (A-ABE) scheme is presented in this paper. The notion of accountable authority identity-based encryption (A-IBE) was first introduced by Goyal at Crypto'07. It is a novel approach to mitigate the (inherent) key escrow problem in identity-based cryptosystems. In this work, the concept of accountable authority to attribute-based encryption (ABE) setting is generalized for the first time, and then a construction is given. The scheme non-trivially integrates an A-IBE scheme proposed by Libert et al. with an ABE scheme. In our construction, a user will be identified by a pair ( id, o~), where id denotes the user' s identity and ω denotes the set of attributes associated to the user. In addition, our construction is shown to be secure under some reasonable assumptions.
基金supported by the National Natural Science Foundation of China(61662089).
文摘In the realm of vehicular ad hoc networks(VANETs),data aggregation plays a pivotal role in bringing together data from multiple vehicles for further processing and sharing.Erroneous data feedback can significantly impact vehicle operations,control,and overall safety,necessitating the assurance of security in vehicular data aggregation.Addressing the security risks and challenges inherent in data aggregation within VANETs,this paper introduces a blockchain-based scheme for secure and anonymous data aggregation.The proposed scheme integrates cloud computing with blockchain technology,presenting a novel blockchain-based data aggregation system that robustly supports efficient and secure data collection in VANETs.Leveraging key escrow resilience mechanisms,the solution ensures the security of system keys,preventing the security problems caused by keys generated by third parties alone in the past.Furthermore,through secondary data aggregation,fine-grained data aggregation is achieved,providing effective support for cloud services in VANETs.The effectiveness of the proposed scheme is confirmed through security analysis and performance evaluations,demonstrating superior computational and communication efficiency compared existing alternatives.
基金This work was supported by the National Natural Science Foundation of China (Grant Nos. 69772037, 60072018).
文摘In key escrow field it is important to solve the problem thatuser's secret key completely depends on the trusted escrow agency. In 1995, some methods of solving the problem were presented. But these methods are no better than that of directly using threshold cryptography. In this paper, we present a common pattern of threshold key escrow scheme based on public key cryptosystem, and a detailed design based on the improved RSA algorithm is given. The above problem is solved by this scheme.
基金the National Natural Science Foundationof China(No.60773085)
文摘Security of wireless sensor network (WSN) is a considerable challenge, because of limitation in energy, communication bandwidth and storage. ID-based cryptosystem without checking and storing certificate is a suitable way used in WSN. But key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest key generation center (KGC) can forge the signature of any node and on the other hand the node can deny the signature actually signed by him/herself. To solving this problem, we propose an ID-based ring signature scheme without trusted KGC. We also present the accurate secure proof to prove that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other ring signature schemes, we think proposed scheme is more efficient.
基金the National Natural Science Foundation of China(No.61133014)
文摘In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.
基金This research is supported by the National Natural Science Foundation of China under Grant Nos. 60773086, 60970110, 60972034, and the National 973 Program under Grant No. 2007CB311201.
文摘This paper defines the security notion for Certificateless Threshold Signatures (CLTHS). Different from the adversarial model defined by Wang, et al. (2007), our definition considers Type I and Type II adversary separately. At the same time, the authors develop the simulatability and relationship between certificateless threshold signature and the underlying certificateless signature. We also propose the first CLTHS scheme which is proved existentially unforgeable against adaptively chosen message attack without random oracles. Compared with the previous scheme by Wang, et al. (2007), our scheme does not use hash function and is more efficient.
基金Supported by the Science and Technology Planned Projects of Wuhan, China (20061005119)
文摘Many identity-based signature (IBS) schemes solving key escrow were proposed, But the updating of the private keys wasn't discussed in these literatures. For the problem of key update, an identity-based key-insulated signature scheme with secure key-updates has been proposed. But their scheme inherited the key escrow property. In this paper, we propose a new identity-based strong key-insulated signature scheme without key escrow. It makes the IBS scheme more applicable to the real world. After analyzing the security and the performance, an application example in E-passport passive authentication scenario is described.
