Improved ID-Based Signature Scheme Solving Key Escrow

Introduction Inatraditionalpublickeycryptosystem(PKC),theassociationbetweenauser'sidentity andhispublickeyisobtainedthroughadigitalcer-tificateissuedbyacertificationauthority(CA).TheCAchecksthecredentialsofauserbeforeis-suingacertificatetohim.Tosimplifythecertifi-catemanagementprocess,Shamir[1]introducedthe conceptofID-basedcryptosystemin1984,which allowedforauser'sidentityinformationsuchas hisname,IPaddress,telephonenumber,email address,etc.toserveashispublickey.Sucha publickeyisclearlyb…     

ID-based Key-insulated Authenticated Key Agreement Protocol

The basic idea behind an ID-based cryptosystem is that end user's public key can be determined by his identity information.Comparing with the traditional certificate-based cryptography,identity-based cryptography can eliminate much of the overhead associated with the deployment and management of certificate.However,exposure of private keys can be the most devastating attack on a public key based cryptosystem since such that all security guarantees are lost.In this paper,an ID-based authenticated key agreement protocol was presented.For solving the problem of key exposure of the basic scheme,the technique of key insulation was applied and a key insulated version is developed.     

On constructing certificateless proxy signature from certificateless signature

In proxy signature schemes, an original signer A delegates its signing capability to a proxy signer B, in such a way that B can sign message on behalf of A.The recipient of the final message verifies at the same time that B computes the signature and that A has delegated its signing capability to B.Recently many identity-based(ID-based) proxy signature schemes have been proposed, however, the problem of key escrow is inherent in this setting.Certificateless cryptography can overcome the key escrow problem.In this paper, we present a general security model for certificateless proxy signature scheme.Then, we give a method to construct a secure certificateless proxy scheme from a secure certificateless signature scheme, and prove that the security of the construction can be reduced to the security of the original certificateless signature scheme.     

Certificateless strong key-insulated signature without random oracles

It is important to ensure the private key secure in cryptosystem. To reduce the underlying danger caused by the private key leakage, Dodis et al. (2003) introduced the notion of key-insulated security. To handle the private key leakage problems in certificateless signature schemes, we propose a new certificateless strong key-insulated signature scheme. Our scheme has two desirable properties. First, its security can be proved without utilizing the random oracle model. Second, it solves the key escrow problems in identity-based key-insulated signatures (IBKISs).     

对两种代理盲签名体制的密码学分析

代理盲签名结合了代理签名与盲签名的优点，而多级代理签名实现了签名权利在许可范围内逐级向下代理的要求。利用椭圆曲线上的双线性对，陈玲玲等人提出了一种基于身份的代理盲签名方案，胡江红等人提出了一种基于身份的多级强代理盲签名方案。给出了这两个方案的密码学分析，指出在陈玲玲等人的方案中，代理签名人可以利用授权证书计算得到原始签名人的私钥，从而可直接伪造原始签名人的签名或授权，同时指出所提的两个方案也无法满足不可追踪性．代理签名人可以将自己在签名协议中的签名和签名的消息联系起来从而跟踪消息的拥有者，从而证明了这两个方案是不安全的。     

DESIGN OF A DIGITAL SIGNATURE SCHEME BASED ON FACTORING AND DISCRETE LOGARITHMS

Objective Focusing on the security problem of authentication and confidentiality in the context of computer networks, a digital signature scheme was proposed based on the public key cryptosystem. Methods Firstly,the course of digital signature based on the public key cryptosystem was given. Then, RSA and ELGamal schemes were described respectively. They were the basis of the proposed scheme. Generalized ELGamal type signature schemes were listed. After comparing with each other, one scheme, whose Signature equation was (m r)x=j s modФ(p) , was adopted in the designing. Results Based on two well-known cryptographic assumptions, the factorization and the discrete logarithms, a digital signature scheme was presented. It must be required that s“ was not equal to p‘q“ in the signing procedure, because attackers could forge the signatures with high probabilities if the discrete logarithms modulo a large prime were solvable. The variable public key “e“ is used instead of the invariable parameter “3“ in Ham‘s signature scheme to enhance the security. One generalized ELGamal type scheme made the proposed scheme escape one multiplicative inverse operation in the signing procedure and one modular exponentiation in the verification procedure.Conclusion The presented scheme obtains the security that Harn‘s scheme was originally claimed. It is secure if the factorization and the discrete logarithms are simultaneously unsolvable.     

ID-Based Authenticated Dynamic Group Key Agreement

IntroductionIn many modern collaborative and distributedapplications such as multicast communication, au-dio-video conference and collaborative tools, scal-able and reliable group communication is one of thecritical problems. A group key agreement (GKA)protocol allows a group of users to share a key,which may later be used to achieve some crypto-graphic goals. In addition to this basic tool an au-thentication mechanism provides an assurance ofkey shared with intended users. A protocol achiev…     

An Efficient Forward Secure Signature Scheme

Introduction Exposureofsecretkeysthreatensthesecurity ofadigitalsignaturegreatly.Totacklethisprob-lem,severaldifferentmethodshavebeenpro-posed,includingsecretsharing[1],thresholdsigna-ture[2],andproactivesignature[3].Thesemethods,however,needcooperativeandinteractivecompu-tationsinmultiplesevers,whicharequitecostly.Forwardsecuresignatureschemecanreducethe damageofkeyexposurewithoutcooperativeand interactivecomputations.Intheparadigmoffor-wardsecuresignature,thewholelifetimeofsigna-tureisdivid…     

Identity-based key-insulated proxy signature without random oracles

In an identity based proxy signature (IBPS) scheme, a designated proxy signer can generate the signature on behalf of an original signer. Traditional IBPS schemes normally rely on the assumption that private keys are kept perfectly secure. However, due to viruses, worms or other break-ins allowed by operating-system holes, key exposure seems inevitable. To minimize the damage caused by key exposure in IBPS, we propose an identity-based key-insulated proxy signature (IBKIPS) scheme in the standard model, i.e. without random oracles.     

Efficient Dynamic Threshold Group Signature Scheme Based on Elliptic Curve Cryptosystem

The short secret key characteristic of elliptic curve cryptosystem （ECC） are integrated with the （ t, n ） threshold method to create a practical threshold group signature scheme characterized by simultaneous signing. The scheme not only meets the requirements of anonymity and traceability of group signature but also can withstand Tseng and Wang＇s conspiracy attack. It allows the group manager to add new members and delete old members according to actual application, while the system parameters have a little change. Cryptanalysis result shows that the scheme is efficient and secure.     

An Efficient Provable Secure ID-Based Proxy Signature Scheme Based on CDH Assumption

IntroductionMambo, et al.[1]first introduced the conceptof proxy signature. In their scheme, an originalsigner delegates his signing right to a proxy signerin such a way that the proxy signer can sign anymessage on behalf of the original signer and theverifier can verify and distinguish proxy signaturefrom original signature. Proxy signature is of greatuse in such a case that a manager needs to autho-rize his secretary to sign documents on behalf ofhimself before his leaving for a vacation. Du…     

Strong key-insulated signature in the standard model

The only known construction of key-insulated signature (KIS) that can be proven secure in the standard model is based on the approach of using double signing. That is, the scheme requires two signatures: a signature with a master key and a signature with the signer’s secret key. This folklore construction method leads to an inefficient scheme. Therefore it is desirable to devise an efficient KIS scheme. We present the first scheme with such a construction. Our construction derives from some variations of the Waters’ signature scheme. It is computationally efficient and the signatures are short. The scheme is provably secure based on the difficulty of computational Diffie-Hellman (CDH) problem in the standard model.     

无线传感器网络针对多维网格的密钥预分配方案的改进

WSN自身特点决定了安全是对WSN研究中最为重要和最为基本的问题,尤其是密钥管理机制.本文在深入分析基于二元多项式的多维网格密钥预分配机制的基础上,对该方案进行了改进,保留其在内存需求方面较目前提出的其他方案都要小的优点,克服了不具备密钥更新功能,安全性不够理想的缺点.新的多维网格密钥预分配方案可以进行密钥更新,在只增加少量的内存需求的条件下大大提高了系统的安全性,更适用于WSN的实际应用.     

Highly resilient key distribution strategy for multi-level heterogeneous sensor networks by using deployment knowledge

The most important problem in the security of wireless sensor network (WSN) is to distribute keys for the sensor nodes and to establish a secure channel in an insecure environment. Since the sensor node has limited resources, for instance, low battery life and low computational power, the key distribution scheme must be designed in an efficient manner. Recently many studies added a few high-level nodes into the network, called the heterogeneous sensor network (HSN). Most of these studies considered an application for two-level HSN instead of multi-level one. In this paper, we propose some definitions for multi-level HSN, and design a novel key management strategy based on the polynomial hash tree (PHT) method by using deployment knowledge. Our proposed strategy has lower computation and communication overheads but higher connectivity and resilience.     

Practical identity-based aggregate signature from bilinear maps

A new identity-based(ID-based) aggregate signature scheme which does not need any kind of interaction among the signers was proposed to provide partial aggregation.Compared with the existing ID-based aggregate signatures, the scheme is more effcient in terms of computational cost.Security in the random oracle model based on a variant of the computation Diffe-Hellman(CDH) problem is captured.     

Attribute-based signature on lattices

Attribute-based signature is a versatile class of digital signatures. In attribute-based signature, a signer obtains his private key corresponding to the set of his attributes from a trusted authority, and then he can sign a message with any predicate that is satisfied by his attributes set. Unfortunately, there does not exist an attribute- based signature which is resistance to the quantum attacks. This means we do not have secure attribute-based signature schemes in a post-quantum world. Based on this consideration, an attribute-based signature on lattices, which could resist quantum attacks, is proposed. This scheme employs ＂bonsai tree＂ techniques, and could be proved secure under the hardness assumption of small integer solution problem.     

Identity-based verifiably committed signature scheme without random oracles

An identity-based verifiably committed signature scheme （IB-VCS） was proposed, which is proved secure in the standard model （i.e., without random oracles）. It enjoys the setup-free property and stand-alone property, both of which make an exchange protocol more practical. The scheme is unconditionally secure against the cheating signer, its security against the cheating verifier is reduced to the computational Diffie-Hellman （CDH） problem in the underlying group, it is secure against the cheating trusted third party if the underlying Paterson Schuldt＇s identity based signature （IBS） scheme is secure, which is proven true based on the CDH assumption in the standard model.     

Can the Polynomial Based Key Predistribution Scheme Be Used Many Times in One Wireless Sensor Network Key Establishment Protocol？

Key establishment is the basic step for the wireless sensor network (WSN) security. The polynomial based key predistribution scheme of Blom and Blundo et al. has been the basic ingredient for the key establishment for WSNs. It is tempting to use many random and different instances of polynomial based key predistribution scheme for various parts of the WSN to enhance the efficiency of WSN key establishment protocols. This paper indicates that it is not secured in general to use many instances of Blom-Blundo et al. polynomial based key predistribution scheme in a WSN key establishment protocol. Thus the previously constructed group-based type WSN key predistribution schemes using polynomial based key predistribution scheme are insecure. We propose new generalized Blom-Blundo et al. key predistribution schemes. These new generalized Blom-Blundo et al. key predistribution schemes can be used many times in one WSN key establishment protocol with only a small increase of cost. The application to group-based WSN key predistribution schemes is given.     

破译Merkle-Hellman背包加密方案的DNA计算模型

背包公钥密码体制是第一个公钥体制,其攻击算法是NP完全问题.首先对背包问题和背包公钥体制进行了描述,然后给出了2种破译Merkle-Hellman背包加密方案DNA计算模型,即分步排除法和二分法,分步排除法是一种基本算法,二分法对分步排除法进行了改进,提高了破译背包密码的效率.     

An ID-Based Authenticated Key Agreement Protocol for Peer-to-Peer Computing

Introduction Overrecentyears,withtheemergenceofdis-tributedapplicationsovertheInternet,anewmod-elofcommunicationandcomputation,calledpeer-to-peer(P2P)computing,hasgainedgreatpopu-larity[1-3].Contrarytothetraditionalclient-server model,P2Pcomputingeliminatesthenotionof“server”,andallpeersinP2Psystemcanactas clientsandserversatthesametime.Therefore,thesinglepointoffailureandthebottleneckof“server”encounteredinthetraditionalclient-serv-ermodelcanbeeliminated,andtheperformance andreliabilit…