Universal composable secure protocol for EPC system

As an important component of internet of things, electronic product code （EPC） system is widely used in many areas. However, the mass deployment of EPC system is frequently degraded by security and privacy problems. Therefore, the major researches focus on the design of a secure EPC system with high efficiency. This paper discusses the security requirements of EPC system and presents a universal composable （UC） model for EPC system, the ideal functionality of EPC system is also formally defined with the UC framework. Then a secure protocol for EPC system under UC framework is proposed and the analysis of security and performance of the proposed protocol is given, in comparison with other protocols, the results show that the proposed protocol is UC secure and can provide privacy protection, untraceability, authorized access, anonymity and concurrent security for EPC system. Furthermore, less computation and storage resource are required by the proposed protocol.

Universally Composable Three Party Password-based Key Exchange Protocol

Within the framework of universal composability,an appropriate ideal functionality that captures the basic security requirements of three party password-based key exchange was defined. An efficient real-word three party password-based key exchange protocol was also proposed.This protocol securely realizes the ideal functionality with respect to static party corruption.Thus it provides security guarantees under arbitrary composition with other protocols.

Universally Composable Symbolic Analysis of Group Key Exchange Protocol

Canetti and Herzog have already proposed universally composable symbolic analysis(UCSA) to analyze mutual authentication and key exchange protocols. However,they do not analyze group key exchange protocol. Therefore,this paper explores an approach to analyze group key exchange protocols,which realize automation and guarantee the soundness of cryptography. Considered that there exist many kinds of group key exchange protocols and the participants’ number of each protocol is arbitrary. So this paper takes the case of Burmester-Desmedt(BD) protocol with three participants against passive adversary(3-BD-Passive) . In a nutshell,our works lay the root for analyzing group key exchange protocols automatically without sacrificing soundness of cryptography.

Universally composable anonymous Hash certification model

Ideal function is the fundamental component in the universally composable security model. However, the certification ideal function defined in the universally composable security model realizes the identity authentication by binding identity to messages and the signature, which fails to characterize the special security requirements of anonymous authentication with other kind of certificate. Therefore, inspired by the work of Marten, an anonymous hash certification ideal function and a more universal certificate CA model are proposed in this paper. We define the security requirements and security notions for this model in the framework of universal composable security and prove in the plain model （not in the random-oracle model） that these security notions can be achieved using combinations of a secure digital signature scheme, a symmetrical encryption mechanism, a family of pseudorandom functions, and a family of one-way collision-free hash functions. Considering the limitation of wireless environment and computation ability of wireless devices, this anonymous Hash certification ideal function is realized by using symmetry primitives.

Universally Composable Proactive Threshold RSA Signature

Recently some efforts were made towards capturing the security requirements within the composable security framework. This modeling has some significant advantages in designing and analyzing complex systems. The threshold signature was discussed and a definition was given based on the universal composability framework, which is proved to be equivalent to the standard security definition. Furthermore, a simple, efficient and proactive threshold RSA signature protocol was presented. It is proved to be correct, consistent and unforgeable relative to the environment that at most t - 1 parties are corrupted in each proactive stage. It is also secure under the universal composability framework. It is a UC based security and is proved to be equivalent to the standard security.

A Universal Composability Framework for Analysis of Proxy Threshold Signature

The universal composability framework is a new approach for designing and analyzing the security of cryptographic protocols.In this framework,the security of protocols is maintained under a general protocol composition operation.In the paper,we propose the universal composability framework for the analysis of proxy threshold signature and present a universally composable secure proxy threshold signature scheme which is the first one in this area.The proposed scheme is suitable for the mobile agents,which should migrate across different environment through network.Furthermore,we give the concrete analysis of the reduction to prove the security of the proposed scheme.

A new approach for UC security concurrent deniable authentication

Deniable authentication protocols allow a sender to authenticate a message for a receiver, in a way which the receiver cannot convince a third party that such authentication ever took place. When we consider an asynchronous multi-party network with open communications and an adversary that can adaptively corrupt as many parties as it wishes, we present a new approach to solve the problem of concurrent deniable authentication within the framework of universally composable （UC） security. We formulate a definition of an ideal functionality for deniable authentication. Our constructions rely on a modification of the verifiably smooth projective hashing （VSPH） with projection key function by trapdoor commitment. Our protocols are forward deniable and UC security against adaptive adversaries in the common reference string model. A new approach implies that security is preserved under concurrent composition of an unbounded number of protocol executions; it implies non-malleability with respect to arbitrary protocols and more. The novelty of our schemes is the use of witness indistinguishable protocols and the security is based on the decisional composite residuosity （DCR） assumption. This new approach is practically relevant as it leads to more efficient protocols and security reductions.

Quantum security analysis of a lattice-based oblivious transfer protocol

Because of the concise functionality of oblivious transfer （OT） protocols, they have been widely used as building blocks in secure multiparty computation and high-level protocols. The security of OT protocols built upon classical number theoretic problems, such as the discrete logarithm and factoring, however, is threatened as a result of the huge progress in quantum computing. Therefore, post-quantum cryptography is needed for protocols based on classical problems, and several proposals for post-quantum OT protocols exist. However, most post-quantum cryptosystems present their security proof only in the context of classical adversaries, not in the quantum setting. In this paper, we close this gap and prove the security of the lattice-based OT protocol proposed by Peikert et al. （CRYPTO, 2008）, which is universally composably secure under the assumption of learning with errors hardness, in the quantum setting. We apply three general quantum security analysis frameworks. First, we apply the quantum lifting theorem proposed by Unruh （EUROCRYPT, 2010） to prove that the security of the lattice-based OT protocol can be lifted into the quantum world. Then, we apply two more security analysis frameworks specified for post-quantum cryptographic primitives, i.e., simple hybrid arguments （CRYPTO, 2011） and game-preserving reduction （PQCrypto, 2014）.

Short Group Signatures Without Random Oracles

We propose short group signature （GS） schemes which are provably secure without random oracles. Our basic scheme is about 14 times shorter than the Boyen-Waters GS scheme at Eurocrypt 2006, and 42% shorter than the recent GS schemes due to Ateniese et al. The security proofs are provided in the Universally Composable model, which allows the proofs of security valid not only when our scheme is executed in isolation, but also in composition with other secure cryptographic primitives. We also present several new computational assumptions and justify them in the generic group model. These assumptions are useful in the design of high-level protocols and may be of independent interest.

Using IND-CVA for constructing secure communication

Within the framework of UC （universally composable） security, a general method is presented to construct a secure channel protocol with using IND-CVA （indistinguishability of encryption scheme under ciphertext verification attacks）. A channel protocol with using the method first invokes an ideal keyexchange protocol to get a session key, and then computes the messages with an authenticated encryption scheme. The paper shows that a channel protocol is UC secure if and only if the underlying authenticated encryption scheme is both IND-CVA secure and INT-PTXT secure. The condition about secure channel protocol in this paper is much weaker than IND-CCA secure and INT-CTXT secure. The IND-CVA can be presented for describing the privacy requirements of secure channels in detail. Moreover, the method for designing secure channel protocol in the paper reduces the UC security of secure channels, which are measured by action-simulation in the UC security framework, to the security of authenticated encryption schemes, which are measured semantically.