In this paper, we present an identity-based explicit authenticated key agreement protocol that is provably secure without random oracles. The protocol employs a new method to isolate a session key from key confirmatio...In this paper, we present an identity-based explicit authenticated key agreement protocol that is provably secure without random oracles. The protocol employs a new method to isolate a session key from key confirmation keys so that there is no direct usage of hash functions in the protocol. The protocol is proved secure without random oracles in a variant of Bellare and Rogaway style model, an exception to current proof method in this style model in the ID-based setting. We believe that this key isolation method is novel and can be further studied for constructing more efficient protocols.展开更多
Anonymous proxy signature scheme can provide the privacy protection for the proxy signer. Recently, Yu et al. proposed an anonymous proxy signature, which can be viewed as the organic combination of proxy signature an...Anonymous proxy signature scheme can provide the privacy protection for the proxy signer. Recently, Yu et al. proposed an anonymous proxy signature, which can be viewed as the organic combination of proxy signature and ring signature. However, the efficiency is low. In this paper, we propose an efficient and secure proxy signature with the properties of anonymity and traceability, and it is provably secure in the random oracle model. Compared with Yu et al.'s scheme, the scheme has higher efficiency.展开更多
In this paper, we re-formalize the security notions of universal designated multi verifier signature (UDMVS) schemes. Then the first UDMVS scheme is presented in the standard model (i.e. without random oracles) ba...In this paper, we re-formalize the security notions of universal designated multi verifier signature (UDMVS) schemes. Then the first UDMVS scheme is presented in the standard model (i.e. without random oracles) based on Waters' signature scheme. In this setting, a signature holder can to designate the signature to multi verifiers. Moreover, the security of our proposed scheme is based on the Gap Bilinear Difffie-Hellman assumption.展开更多
Proxy signature schemes enable an entity to del- egate its signing rights to any other party, called proxy signer. As a variant of proxy signature primitive, proxy multi- signature allows a group of original signers t...Proxy signature schemes enable an entity to del- egate its signing rights to any other party, called proxy signer. As a variant of proxy signature primitive, proxy multi- signature allows a group of original signers to delegate their signing capabilities to a single proxy signer in such a way that the proxy signer can sign a message on behalf of the group of original signers. We propose a concrete ID-based proxy multi-signature scheme from bilinear pairings. The proposed scheme is existential unforgeable against adaptively chosen message and given ID-attack in random oracle model under the computational Diltie-Hellman (CDH) assumption. The fascinating property of new scheme is that the size of a proxy multi-signature is independent of the number of original sign- ers. Furthermore the proposed scheme is simple and com- putationally more efficient than other ID-based proxy multi- signature schemes.展开更多
This paper focuses on the instantiation of random oracles in public key encryption schemes. A misunderstanding in the former instantiations is pointed out and analyzed. A method of using this primitive as a substituti...This paper focuses on the instantiation of random oracles in public key encryption schemes. A misunderstanding in the former instantiations is pointed out and analyzed. A method of using this primitive as a substitution of random oracles is also proposed. The partial and full instantiations of random oracles in optimal asymmetric encryption padding (OAEP) implemented by pseudorandom functions are described and the resulted schemes are proven to be indistinguishable secure against adaptive chosen ciphertext attack (IND-CCA2) secure. Using this method, one can transform a practical public key encryption scheme secure in the random oracle model into a standard-model secure scheme. The security of the scheme is based on computational assumptions, which is weaker than decisional assumptions used in Cramer- Shoup like schemes.展开更多
The Vehicular Ad-hoc Network(VANET)is the fundamental of smart transportation system in the future,but the security of the communication between vehicles and vehicles,between vehicles and roadside infrastructures have...The Vehicular Ad-hoc Network(VANET)is the fundamental of smart transportation system in the future,but the security of the communication between vehicles and vehicles,between vehicles and roadside infrastructures have become increasingly prominent.Certificateless aggregate signature protocol is used to address this security issue,but the existing schemes still have many drawbacks in terms of security and efficiency:First,many schemes are not secure,and signatures can be forged by the attacker;Second,even if some scheme are secure,many schemes use a large number of bilinear pairing operation,and the computation overhead is large.At the same time,the length of the aggregated signature also increases linearly with the increase of user numbers,resulting in a large communication overhead.In order to overcome the above challenges,we propose a new certificateless aggregate signature scheme for VANET,and prove the security of the scheme under the random oracle model.The new scheme uses pseudonym to realize the conditional privacy protection of the vehicle’s information.The new scheme does not use bilinear pairing operation,and the calculation efficiency is high.At the same time,the length of the aggregate signature of the new scheme is constant,thereby greatly reducing the communication and storage overhead.The analysis results demonstrate that the new scheme is not only safer,but also superior in performance to the recent related schemes in computation overhead and communication cost.展开更多
Based on decisional Difiie-Hcllman problem, we propose a simpleproxy-protected signature scheme In the random oracle model, we also carry out the strict securityproof for the proposed scheme. The security of the propo...Based on decisional Difiie-Hcllman problem, we propose a simpleproxy-protected signature scheme In the random oracle model, we also carry out the strict securityproof for the proposed scheme. The security of the proposed scheme is not loosely related to thediscrete logarithm assumption hut tightly related to the decisional Diffie-Hellman assumption in therandom oracle model.展开更多
Digital signature is one of the most important cryptographic primitives. We proposed a new digital signature scheme based on Catalano’s trapdoor. Since Catalano’s trapdoor is more efficient than existing trapdoors i...Digital signature is one of the most important cryptographic primitives. We proposed a new digital signature scheme based on Catalano’s trapdoor. Since Catalano’s trapdoor is more efficient than existing trapdoors in number theory, our scheme need not modular exponentiation but several modular multiplications in the signing algorithm. We also proved our scheme is provably secure against adap-tively chosen message attack by using the Forking lemma.展开更多
The Internet of Vehicles(IoV)has evolved as an advancement over the conventional Vehicular Ad-hoc Networks(VANETs)in pursuing a more optimal intelligent transportation system that can provide various intelligent solut...The Internet of Vehicles(IoV)has evolved as an advancement over the conventional Vehicular Ad-hoc Networks(VANETs)in pursuing a more optimal intelligent transportation system that can provide various intelligent solutions and enable a variety of applications for vehicular traffic.Massive volumes of data are produced and communicated wirelessly among the different relayed entities in these vehicular networks,which might entice adversaries and endanger the system with a wide range of security attacks.To ensure the security of such a sensitive network,we proposed a distributed authentication mechanism for IoV based on blockchain technology as a distributed ledger with an ouroboros algorithm.Using timestamp and challenge-responsemechanisms,the proposed authentication model can withstand several security attacks such asMan-in-Middle(MiM)attacks,Distributed Denial of Service(DDoS)attacks,server spoofing attacks and more.The proposed method also provides a solution for single-point failure,forward secrecy,revocability,etc.We exhibit the security of our proposed model by using formal(mathematical)analysis and informal analysis.We used Random Oracle Model to perform themathematical analysis.In addition,we compared the communication cost,computation cost,and security of the proposed model with the related existing studies.We have verified the security of the model by using AVISPA tool simulation.The security analysis and computation analysis show that the proposed protocol is viable.展开更多
Concurrent signature was introduced as an efficient approach to solving the problem of fair exchange of signatures. Almost all fair exchange e-commerce protocols based on concurrent signature that have been proposed u...Concurrent signature was introduced as an efficient approach to solving the problem of fair exchange of signatures. Almost all fair exchange e-commerce protocols based on concurrent signature that have been proposed until now either do not provide message privacy protection or adopt the sign-then-encrypt scheme to provide confidentiality. However,confidentiality is an important requirement of fair exchange e-commerce protocol. In this paper,a new concept called concurrent signcryption which combines the concepts of concurrent signature and signcryption together to resolve the confidentiality problem in e-commerce systems based on concurrent signature. We also propose a concurrent signcryption scheme using bilinear pairings and prove its security in the random oracle model. Compared with the sign-then-encrypt scheme using bilinear pairings,our scheme enjoys shorter message length and less operation cost. Moreover,in our scheme the two ambiguous signcryptions can be published in any order.展开更多
Certificateless encryption attracts a lot of attention so far by eliminating the key escrow problem in identity-based encryption and public key certificates in the traditional public key cryptography. By considering t...Certificateless encryption attracts a lot of attention so far by eliminating the key escrow problem in identity-based encryption and public key certificates in the traditional public key cryptography. By considering the threat from the key exposure, it is desirable to incorporate the idea of key-insulated cryptosystem into the certificateless encryption. In this paper, we have designed an efficient certificateless keyinsulated encryption(CL-KIE) scheme to achieve this goal. By our approach, the computational performance of our scheme has been improved significantly in terms of reduction on running time and storage. We also gave the security proof of the new CL-KIE scheme against the chosen plaintext attacks(CPAs) in the random oracle, considering the assumption of the computational Diffie-Hellman(CDH) problem.展开更多
Blockchain is an emerging decentralized architecture and distributed computing paradigm underlying Bitcoin and other cryptocurrencies,and has recently attracted intensive attention from governments,financial instituti...Blockchain is an emerging decentralized architecture and distributed computing paradigm underlying Bitcoin and other cryptocurrencies,and has recently attracted intensive attention from governments,financial institutions,high-tech enterprises,and the capital markets.Its cryptographic security relies on asymmetric cryptography,such as ECC,RSA.However,with the surprising development of quantum technology,asymmetric cryptography schemes mentioned above would become vulnerable.Recently,lattice-based cryptography scheme was proposed to be secure against attacks in the quantum era.In 2018,with the aid of Bonsai Trees technology,Yin et al.[Yin,Wen,Li et al.(2018)]proposed a lattice-based authentication method which can extend a lattice space to multiple lattice spaces accompanied by the corresponding key.Although their scheme has theoretical significance,it is unpractical in actual situation due to extremely large key size and signature size.In this paper,aiming at tackling the critical issue of transaction size,we propose a post quantum blockchain over lattice.By using SampleMat and signature without trapdoor,we can reduce the key size and signature size of our transaction authentication approach by a significant amount.Instead of using a whole set of vectors as a basis,we can use only one vector and rotate it enough times to form a basis.Based on the hardness assumption of Short Integer Solution(SIS),we demonstrate that the proposed anti-quantum transaction authentication scheme over lattice provides existential unforgeability against adaptive chosen-message attacks in the random oracle.As compared to the Yin et al.[Yin,Wen,Li et al.(2018)]scheme,our scheme has better performance in terms of energy consumption,signature size and signing key size.As the underlying lattice problem is intractable even for quantum computers,our scheme would work well in the quantum age.展开更多
Strong security in public key cryptography is not enongh; the encryption has to be achieved in an efficient way. OAEP or SAEP is only suitable for special applications (e. g. key transport), and securely transportin...Strong security in public key cryptography is not enongh; the encryption has to be achieved in an efficient way. OAEP or SAEP is only suitable for special applications (e. g. key transport), and securely transporting message of any length is a challenge. Motivated by the hybrid encryption, we present a practical approach to achieve the (adaptively) chosen eiphertext security. The time cost of encryption/decryption of proposed scheme is similar to OAEP and the bandwidth of message recovery is 92% for standard security parameter, while RSA-OAEP is 84%. The scheme is also provably secure against adaptively chosen ciphertext attacks in the random oracle model. We conclude that the approach is practical in more extensive application.展开更多
The introduction of the electronic medical record(EHR)sharing system has made a great contribution to the management and sharing of healthcare data.Considering referral treatment for patients,the original signature ne...The introduction of the electronic medical record(EHR)sharing system has made a great contribution to the management and sharing of healthcare data.Considering referral treatment for patients,the original signature needs to be converted into a re-signature that can be verified by the new organization.Proxy re-signature(PRS)can be applied to this scenario so that authenticity and nonrepudiation can still be insured for data.Unfortunately,the existing PRS schemes cannot realize forward and backward security.Therefore,this paper proposes the first PRS scheme that can provide key-insulated property,which can guarantee both the forward and backward security of the key.Although the leakage of the private key occurs at a certain moment,the forward and backward key will not be attacked.Thus,the purpose of key insulation is implemented.What’s more,it can update different corresponding private keys in infinite time periods without changing the identity information of the user as the public key.Besides,the unforgeability of our scheme is proved based on the extended Computational Diffie-Hellman assumption in the random oracle model.Finally,the experimental simulation demonstrates that our scheme is feasible and in possession of promising properties.展开更多
Quantum algorithms bring great challenges to classical public key cryptosystems, which makes cryptosystems based on non-commutative algebraic systems hop topic. The braid groups, which are non-commutative, have attrac...Quantum algorithms bring great challenges to classical public key cryptosystems, which makes cryptosystems based on non-commutative algebraic systems hop topic. The braid groups, which are non-commutative, have attracted much attention as a new platform for constructing quantum attack-resistant cryptosystems. A ring signature scheme is proposed based on the difficulty of the root extraction problem over braid groups, which can resist existential forgery against the adaptively cho-sen-message attack under the random oracle model.展开更多
Without the assumption that the private keys are kept secure perfectly, cryptographic primitives cannot be deployed in the insecure environments where the key leakage is inevitable. In order to reduce the damage cause...Without the assumption that the private keys are kept secure perfectly, cryptographic primitives cannot be deployed in the insecure environments where the key leakage is inevitable. In order to reduce the damage caused by the key exposure in the identity-based(ID-based) signature scenarios efficiently, we propose an ID-based key-insulated signature scheme in this paper, which eliminates the expensive bilinear pairing operations. Compared with the previous work, our scheme minimizes the computation cost without any extra cost. Under the discrete logarithm(DL) assumption, a security proof of our scheme in the random oracle model has also been given.展开更多
As an improtant cryptographic scheme, signcryption scheme has been widely used in applications since it could provide both of signature and encryption. With the development of the certificateless public key cryptograp...As an improtant cryptographic scheme, signcryption scheme has been widely used in applications since it could provide both of signature and encryption. With the development of the certificateless public key cryptography (CLPKC), many certificatelss signcryption (CLSC) schemes using bilinear pairing hve been proposed. Comparated other operations, the bilinear pairing operaion is much more compulicated. Therefore, CLSC scheme without bilinear pairing is more suitable for applications. Recently, Jing et al. proposed a CLSC scheme without bilinear pairing and claimed their scheme is secure against two types of adversaries. In this paper, we will show their scheme provide neither unforgeability property nor confidentiality property. To improve security, we also propose a new CLSC scheme without pairing and demonstrate it is provably secure in the random oracle model.展开更多
Identity-based (ID-based) cryptography has drawn great concerns in recent years, and most of ID-based schemes are constructed from bilinear parings. Therefore, ID-based scheme without pairing is of great interest in...Identity-based (ID-based) cryptography has drawn great concerns in recent years, and most of ID-based schemes are constructed from bilinear parings. Therefore, ID-based scheme without pairing is of great interest in the field of cryptography. Up to now, there still remains a challenge to construct ID-based signature scheme from quadratic residues. Thus, we aim to meet this challenge by proposing a concrete scheme. In this paper, we first introduce the technique of how to calculate a 2^lth root of a quadratic residue, and then give a concrete ID-based signature scheme using such technique. We also prove that our scheme is chosen message and ID secure in the random oracle model, assuming the hardness of factoring.展开更多
In this paper, a general framework for designing and analyzing password-based security protocols is presented. First we introduce the concept of "weak computational indistinguishability" based on current progress of...In this paper, a general framework for designing and analyzing password-based security protocols is presented. First we introduce the concept of "weak computational indistinguishability" based on current progress of password-based security protocols. Then, we focus on cryptographic foundations for password-based security protocols, i.e., the theory of "weak pseudorandomness". Furthermore, based on the theory of weak pseudorandomness, we present a modular approach to design and analysis of password-based security protocols. Finally, applying the modular approach, we design two kinds of password-based security protocols, i.e., password-based session key distribution (PSKD) protocol and protected password change (PPC) protocol. In addition to having forward secrecy and improved efficiency, new protocols are proved secure.展开更多
基金supported by the National Natural Science Foundation of China under Grant No. 60473027by Sun Yat-Sen University under Grant Nos. 35000-2910025 and 35000-3171912.
文摘In this paper, we present an identity-based explicit authenticated key agreement protocol that is provably secure without random oracles. The protocol employs a new method to isolate a session key from key confirmation keys so that there is no direct usage of hash functions in the protocol. The protocol is proved secure without random oracles in a variant of Bellare and Rogaway style model, an exception to current proof method in this style model in the ID-based setting. We believe that this key isolation method is novel and can be further studied for constructing more efficient protocols.
基金supported by the National Natural Science Foundation of China (61121061, 90812001, 61272519)
文摘Anonymous proxy signature scheme can provide the privacy protection for the proxy signer. Recently, Yu et al. proposed an anonymous proxy signature, which can be viewed as the organic combination of proxy signature and ring signature. However, the efficiency is low. In this paper, we propose an efficient and secure proxy signature with the properties of anonymity and traceability, and it is provably secure in the random oracle model. Compared with Yu et al.'s scheme, the scheme has higher efficiency.
基金Supported by the National Natural Science Foundation of China (60772136)
文摘In this paper, we re-formalize the security notions of universal designated multi verifier signature (UDMVS) schemes. Then the first UDMVS scheme is presented in the standard model (i.e. without random oracles) based on Waters' signature scheme. In this setting, a signature holder can to designate the signature to multi verifiers. Moreover, the security of our proposed scheme is based on the Gap Bilinear Difffie-Hellman assumption.
文摘Proxy signature schemes enable an entity to del- egate its signing rights to any other party, called proxy signer. As a variant of proxy signature primitive, proxy multi- signature allows a group of original signers to delegate their signing capabilities to a single proxy signer in such a way that the proxy signer can sign a message on behalf of the group of original signers. We propose a concrete ID-based proxy multi-signature scheme from bilinear pairings. The proposed scheme is existential unforgeable against adaptively chosen message and given ID-attack in random oracle model under the computational Diltie-Hellman (CDH) assumption. The fascinating property of new scheme is that the size of a proxy multi-signature is independent of the number of original sign- ers. Furthermore the proposed scheme is simple and com- putationally more efficient than other ID-based proxy multi- signature schemes.
基金supported by the National Natural Science Foundation of China (60803151)the Major Joint Research Foundation of NSFC and Guangdong Province (U0835004).
基金Supported by the National Basic Research Program of China (973 Program) (2007CB311201)the National High-Technology Research and Development Program of China (863 Program) (2006AA01Z427)the National Natural Science Foundation of China (60673073)
文摘This paper focuses on the instantiation of random oracles in public key encryption schemes. A misunderstanding in the former instantiations is pointed out and analyzed. A method of using this primitive as a substitution of random oracles is also proposed. The partial and full instantiations of random oracles in optimal asymmetric encryption padding (OAEP) implemented by pseudorandom functions are described and the resulted schemes are proven to be indistinguishable secure against adaptive chosen ciphertext attack (IND-CCA2) secure. Using this method, one can transform a practical public key encryption scheme secure in the random oracle model into a standard-model secure scheme. The security of the scheme is based on computational assumptions, which is weaker than decisional assumptions used in Cramer- Shoup like schemes.
基金This work was supported by the National Science Foundation of China(No.61872448)the Natural Science Basic Research Plan in Shanxi Province of China(No.2018JM6017).
文摘The Vehicular Ad-hoc Network(VANET)is the fundamental of smart transportation system in the future,but the security of the communication between vehicles and vehicles,between vehicles and roadside infrastructures have become increasingly prominent.Certificateless aggregate signature protocol is used to address this security issue,but the existing schemes still have many drawbacks in terms of security and efficiency:First,many schemes are not secure,and signatures can be forged by the attacker;Second,even if some scheme are secure,many schemes use a large number of bilinear pairing operation,and the computation overhead is large.At the same time,the length of the aggregated signature also increases linearly with the increase of user numbers,resulting in a large communication overhead.In order to overcome the above challenges,we propose a new certificateless aggregate signature scheme for VANET,and prove the security of the scheme under the random oracle model.The new scheme uses pseudonym to realize the conditional privacy protection of the vehicle’s information.The new scheme does not use bilinear pairing operation,and the calculation efficiency is high.At the same time,the length of the aggregate signature of the new scheme is constant,thereby greatly reducing the communication and storage overhead.The analysis results demonstrate that the new scheme is not only safer,but also superior in performance to the recent related schemes in computation overhead and communication cost.
文摘Based on decisional Difiie-Hcllman problem, we propose a simpleproxy-protected signature scheme In the random oracle model, we also carry out the strict securityproof for the proposed scheme. The security of the proposed scheme is not loosely related to thediscrete logarithm assumption hut tightly related to the decisional Diffie-Hellman assumption in therandom oracle model.
基金Supported by the National Natural Science Foundation of China (No. 60703086)Program for Excellent Talents in Nanjing University of Posts and Telecommunications(No. NY209014)
文摘Digital signature is one of the most important cryptographic primitives. We proposed a new digital signature scheme based on Catalano’s trapdoor. Since Catalano’s trapdoor is more efficient than existing trapdoors in number theory, our scheme need not modular exponentiation but several modular multiplications in the signing algorithm. We also proved our scheme is provably secure against adap-tively chosen message attack by using the Forking lemma.
基金This work was supported by the Ministry of Science and Technology of Taiwan,R.O.C.,under Grant MOST 110-2622-E-468-002 and 110-2218-E-468-001-MBK.
文摘The Internet of Vehicles(IoV)has evolved as an advancement over the conventional Vehicular Ad-hoc Networks(VANETs)in pursuing a more optimal intelligent transportation system that can provide various intelligent solutions and enable a variety of applications for vehicular traffic.Massive volumes of data are produced and communicated wirelessly among the different relayed entities in these vehicular networks,which might entice adversaries and endanger the system with a wide range of security attacks.To ensure the security of such a sensitive network,we proposed a distributed authentication mechanism for IoV based on blockchain technology as a distributed ledger with an ouroboros algorithm.Using timestamp and challenge-responsemechanisms,the proposed authentication model can withstand several security attacks such asMan-in-Middle(MiM)attacks,Distributed Denial of Service(DDoS)attacks,server spoofing attacks and more.The proposed method also provides a solution for single-point failure,forward secrecy,revocability,etc.We exhibit the security of our proposed model by using formal(mathematical)analysis and informal analysis.We used Random Oracle Model to perform themathematical analysis.In addition,we compared the communication cost,computation cost,and security of the proposed model with the related existing studies.We have verified the security of the model by using AVISPA tool simulation.The security analysis and computation analysis show that the proposed protocol is viable.
基金supported by the National Natural Science Foundation of China under contract No. 60803131
文摘Concurrent signature was introduced as an efficient approach to solving the problem of fair exchange of signatures. Almost all fair exchange e-commerce protocols based on concurrent signature that have been proposed until now either do not provide message privacy protection or adopt the sign-then-encrypt scheme to provide confidentiality. However,confidentiality is an important requirement of fair exchange e-commerce protocol. In this paper,a new concept called concurrent signcryption which combines the concepts of concurrent signature and signcryption together to resolve the confidentiality problem in e-commerce systems based on concurrent signature. We also propose a concurrent signcryption scheme using bilinear pairings and prove its security in the random oracle model. Compared with the sign-then-encrypt scheme using bilinear pairings,our scheme enjoys shorter message length and less operation cost. Moreover,in our scheme the two ambiguous signcryptions can be published in any order.
基金in part by the National Natural Science Foundation of China under Grants No.61003230,No.61370026,No.61300191,and No.61202445
文摘Certificateless encryption attracts a lot of attention so far by eliminating the key escrow problem in identity-based encryption and public key certificates in the traditional public key cryptography. By considering the threat from the key exposure, it is desirable to incorporate the idea of key-insulated cryptosystem into the certificateless encryption. In this paper, we have designed an efficient certificateless keyinsulated encryption(CL-KIE) scheme to achieve this goal. By our approach, the computational performance of our scheme has been improved significantly in terms of reduction on running time and storage. We also gave the security proof of the new CL-KIE scheme against the chosen plaintext attacks(CPAs) in the random oracle, considering the assumption of the computational Diffie-Hellman(CDH) problem.
基金This work was supported by the Major Program of National Natural Science Foundation of China(11290141).
文摘Blockchain is an emerging decentralized architecture and distributed computing paradigm underlying Bitcoin and other cryptocurrencies,and has recently attracted intensive attention from governments,financial institutions,high-tech enterprises,and the capital markets.Its cryptographic security relies on asymmetric cryptography,such as ECC,RSA.However,with the surprising development of quantum technology,asymmetric cryptography schemes mentioned above would become vulnerable.Recently,lattice-based cryptography scheme was proposed to be secure against attacks in the quantum era.In 2018,with the aid of Bonsai Trees technology,Yin et al.[Yin,Wen,Li et al.(2018)]proposed a lattice-based authentication method which can extend a lattice space to multiple lattice spaces accompanied by the corresponding key.Although their scheme has theoretical significance,it is unpractical in actual situation due to extremely large key size and signature size.In this paper,aiming at tackling the critical issue of transaction size,we propose a post quantum blockchain over lattice.By using SampleMat and signature without trapdoor,we can reduce the key size and signature size of our transaction authentication approach by a significant amount.Instead of using a whole set of vectors as a basis,we can use only one vector and rotate it enough times to form a basis.Based on the hardness assumption of Short Integer Solution(SIS),we demonstrate that the proposed anti-quantum transaction authentication scheme over lattice provides existential unforgeability against adaptive chosen-message attacks in the random oracle.As compared to the Yin et al.[Yin,Wen,Li et al.(2018)]scheme,our scheme has better performance in terms of energy consumption,signature size and signing key size.As the underlying lattice problem is intractable even for quantum computers,our scheme would work well in the quantum age.
基金Supported by the National Natural Science Foun-dation of China (60403027)
文摘Strong security in public key cryptography is not enongh; the encryption has to be achieved in an efficient way. OAEP or SAEP is only suitable for special applications (e. g. key transport), and securely transporting message of any length is a challenge. Motivated by the hybrid encryption, we present a practical approach to achieve the (adaptively) chosen eiphertext security. The time cost of encryption/decryption of proposed scheme is similar to OAEP and the bandwidth of message recovery is 92% for standard security parameter, while RSA-OAEP is 84%. The scheme is also provably secure against adaptively chosen ciphertext attacks in the random oracle model. We conclude that the approach is practical in more extensive application.
基金supported by the Network and Data Security Key Laboratory of Sichuan Province under the Grant No.NDS2021-2in part by Science and Technology Project of Educational Commission of Jiangxi Province under the Grant No.GJJ190464in part by National Natural Science Foundation of China under the Grant No.71661012.
文摘The introduction of the electronic medical record(EHR)sharing system has made a great contribution to the management and sharing of healthcare data.Considering referral treatment for patients,the original signature needs to be converted into a re-signature that can be verified by the new organization.Proxy re-signature(PRS)can be applied to this scenario so that authenticity and nonrepudiation can still be insured for data.Unfortunately,the existing PRS schemes cannot realize forward and backward security.Therefore,this paper proposes the first PRS scheme that can provide key-insulated property,which can guarantee both the forward and backward security of the key.Although the leakage of the private key occurs at a certain moment,the forward and backward key will not be attacked.Thus,the purpose of key insulation is implemented.What’s more,it can update different corresponding private keys in infinite time periods without changing the identity information of the user as the public key.Besides,the unforgeability of our scheme is proved based on the extended Computational Diffie-Hellman assumption in the random oracle model.Finally,the experimental simulation demonstrates that our scheme is feasible and in possession of promising properties.
基金Supported by the National Natural Science Foundation of China (No. 10501053)
文摘Quantum algorithms bring great challenges to classical public key cryptosystems, which makes cryptosystems based on non-commutative algebraic systems hop topic. The braid groups, which are non-commutative, have attracted much attention as a new platform for constructing quantum attack-resistant cryptosystems. A ring signature scheme is proposed based on the difficulty of the root extraction problem over braid groups, which can resist existential forgery against the adaptively cho-sen-message attack under the random oracle model.
基金supported by the National Natural Science Foundation of China under Grant No.61003230,No.61370026,No.61103206,and No.61300191Chongqing Key Lab of Computer Network and Communication Technology under Grant No.CY-CNCL-2012-02
文摘Without the assumption that the private keys are kept secure perfectly, cryptographic primitives cannot be deployed in the insecure environments where the key leakage is inevitable. In order to reduce the damage caused by the key exposure in the identity-based(ID-based) signature scenarios efficiently, we propose an ID-based key-insulated signature scheme in this paper, which eliminates the expensive bilinear pairing operations. Compared with the previous work, our scheme minimizes the computation cost without any extra cost. Under the discrete logarithm(DL) assumption, a security proof of our scheme in the random oracle model has also been given.
基金This research was supported by the National Natural Science Foundation of China (Grant No. 61202447), Natural Science Foundation of Hebei Province of China (F2013501066), Northeastern University at Qinhuangdao Science and Technology Support Program (xnk201307).
文摘As an improtant cryptographic scheme, signcryption scheme has been widely used in applications since it could provide both of signature and encryption. With the development of the certificateless public key cryptography (CLPKC), many certificatelss signcryption (CLSC) schemes using bilinear pairing hve been proposed. Comparated other operations, the bilinear pairing operaion is much more compulicated. Therefore, CLSC scheme without bilinear pairing is more suitable for applications. Recently, Jing et al. proposed a CLSC scheme without bilinear pairing and claimed their scheme is secure against two types of adversaries. In this paper, we will show their scheme provide neither unforgeability property nor confidentiality property. To improve security, we also propose a new CLSC scheme without pairing and demonstrate it is provably secure in the random oracle model.
基金the National Natural Science Foundation of China(Grant Nos.60572155 and 60673079)the National High Technology DevelopmentProgram of China (Grant No.2006AA01Z424)the National Research Fund for the Doctoral Program of Higher Education of China(Grant No.20060248008)
文摘Identity-based (ID-based) cryptography has drawn great concerns in recent years, and most of ID-based schemes are constructed from bilinear parings. Therefore, ID-based scheme without pairing is of great interest in the field of cryptography. Up to now, there still remains a challenge to construct ID-based signature scheme from quadratic residues. Thus, we aim to meet this challenge by proposing a concrete scheme. In this paper, we first introduce the technique of how to calculate a 2^lth root of a quadratic residue, and then give a concrete ID-based signature scheme using such technique. We also prove that our scheme is chosen message and ID secure in the random oracle model, assuming the hardness of factoring.
基金the National Natural Science Foundation of China (Grant Nos. 60025205 and 60673083)
文摘In this paper, a general framework for designing and analyzing password-based security protocols is presented. First we introduce the concept of "weak computational indistinguishability" based on current progress of password-based security protocols. Then, we focus on cryptographic foundations for password-based security protocols, i.e., the theory of "weak pseudorandomness". Furthermore, based on the theory of weak pseudorandomness, we present a modular approach to design and analysis of password-based security protocols. Finally, applying the modular approach, we design two kinds of password-based security protocols, i.e., password-based session key distribution (PSKD) protocol and protected password change (PPC) protocol. In addition to having forward secrecy and improved efficiency, new protocols are proved secure.
