Democratic group signatures with threshold traceability

This paper presents a concrete democratic group signature scheme which holds (t, n)-threshold trace-ability. In the scheme, the capability of tracing the actual signer is distributed among n group members. It gives a valid democratic group signature such that any subset with more than t members can jointly reconstruct a secret and reveal the identity of the signer. Any active adversary cannot do this even if he can corrupt up to t - 1 group members.     

Efficient democratic group signatures with threshold traceability

Democratic group signature (DGS) is a group-oriented primitive with great flexibilities, i.e., no group manager, anonymity, and traceability. In a DGS scheme with (t, n)-threshold traceability, any subset of not less than t members can jointly reveal the identity of the signer while preserving security even in the presence of an active adversary can corrupt up to t − 1 group members. This paper proposes an efficient DGS scheme. We use publicly verifiable secret sharing (PVSS) to distribute the trapdoor via which the real signer is revealed. The computation cost and communication overhead of our DGS signatures are greatly reduced, compared with the existing work. For example, the size of the resulting signature contains only 2n + 1 elements of Z _q , except the PVSS output.     

An efficient threshold key-insulated signature scheme

To tackle the key-exposure problem in signature settings, this paper introduces a new cryptographic primitive named threshold key-insulated signature (TKIS) and proposes a concrete TKIS scheme. For a TKIS system, at least k out of n helpers are needed to update a user’s temporary private key. On the one hand, even if up to k−1 helpers are compromised in addition to the exposure of any of temporary private keys, security of the non-exposed periods is still assured. On the other hand, even if all the n helpers are compromised, we can still ensure the security of all periods as long as none of temporary private keys is exposed. Compared with traditional key-insulated signature (KIS) schemes, the proposed TKIS scheme not only greatly enhances the security of the system, but also provides flexibility and efficiency.     

Some remarks on the TKIP key mixing function of IEEE 802.11i

Temporal key integrity protocol (TKIP) is a sub-protocol of IEEE 802.11i. TKIP remedies some security flaws in wired equivalent privacy (WEP) protocol. TKIP adds four new algorithms to WEP: a message integrity code (MIC) called Michael, an initialization vector (IV) sequencing discipline, a key mixing function and a re-keying mechanism. The key mixing function, also called temporal key hash, de-correlates the IVs from weak keys. Some cryptographic properties of the substitution box (S-box) used in the key mixing function are investigated in this paper, such as regularity, avalanche effect, differ uniform and linear structure. Moen et al pointed out that there existed a temporal key recovery attack in TKIP key mixing function. In this paper a method is proposed to defend against the attack, and the resulting effect on performance is discussed.     

Filling the gap between voters and cryptography in e-voting

Cryptography is an important tool in the design and implementation of e-voting schemes since it can provide verifiability, which is not provided in the traditional voting. But in the real life, most voters can neither understand the profound theory of cryptography nor perform the complicated cryptographic computation. An e-voting system is presented in this paper to leverage the use of cryptography. It combines the advantages of voting scheme of Moran-Naor and voting scheme based on homomorphic encryption. It makes use of the cryptographic technique, but it hides the details of cryptographic computation from voters. Compared with voting scheme of Moran-Naor, the new system has three advantages: the ballots can be recovered when the voting machine breaks down, the costly cut-and-choose zero-knowledge proofs for shuffling votes made by the voting machine are avoided and the partial tally result in each voting machine can be kept secret. Foundation item: the National Natural Science Foundation of China (No. 60673076) and the National High Technology Research and Development Program (863) of China (No. 2008AA01Z403)     

Secure Authentication of WLAN Based on Elliptic Curve Cryptosystem

The security of wireless local area network (WLAN) becomes a bottleneck for its further applications. At present, many standard organizations and manufacturers of WLAN try to solve this problem. However, owing to the serious secure leak in IEEE802.11 standards, it is impossible to utterly solve the problem by simply adding some remedies. Based on the analysis on the security mechanism of WLAN and the latest techniques of WLAN security, a solution to WLAN security was presented. The solution makes preparation for the further combination of WLAN and Internet.     

A Practical SSL Server Performance Improvement Algorithm Based on Batch RSA Decryption

The secure socket layer/ transport layer security（SSL/TLS） handshake protocol uses public key cryptographic algorithms such as RSA for key establishment. Typically, public key cryptographic algorithm is computational intensive due to the modular multiplications. Therefore, SSL/TLS servers often become swamped while performing public key decryptions when the simultaneous requests increase quickly. A batch RSA decryption algorithm was proposed. The novel algorithm provides the reasonable response time and optimizes server performance significantly. The decryption speedup is proportional to the batch size b, for instance, the speedup factor is 4, while in Shacham＇s scheme the acceleration rate is only 2.5 when b = 4.     

Analysis of Information Leakage in Quantum Key Agreement

Introduction Quantumkeyagreement(QKA)enablestwo userstosharesecretrandombitsthroughaquan-tumchannel.Thesesecretbitscanbeusedasa conventionalsecretkeyforsecurecommunications overaclassicalchannel.TheadvantageofQKA overtraditionalkeyagreementmethodsisthatthe exchangeofquantumbitscanbeshowntobeun-conditionallysecure(orinformation-theoretically secure).ThefirstQKAprotocolwasproposedbyBen-nettetalinRef.[1].Bennettetalconsidered quantumkeyagreementbetweentwolegalusers AliceandBob.Thephysicalca…     

Verifiably Encrypted Signatures Without Random Oracles

Introduction SincethepioneeringworkduetoBonehand Franklin[1],bilinearmapshavebecomeaveryfash-ionablebuildingblockandallowedtheopeningup ofcompletelynewterritoryincryptography,mak-ingitpossibletodesigncryptographicprimitives thatwerepreviouslyunknownorimpractical,for instance,identity-basedcryptosystem,ringsigna-tures,andshortsignatures,etc[2-6].Therearemanyapplicationsfordigitalsigna-tureswithsmallsize,suchaslow-bandwidthcom-municationenvironments.Thefirstpairing-based shortsignatureschemepro…     

Efficient and provably-secure certificateless proxy re-encryption scheme for secure cloud data sharing

In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption （PRE） as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE （CL-PRE） scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman （CDH） problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.