Your search keyword '"random oracle model"' showing total 54 results

1. Robust Schnorr-based subgroup multi-signature scheme

Author

Zhenqi ZHANG, Qiuchi ZHU, Zhiwei WANG

Subjects

schnorr signature, multi-signature, robustness, discrete logarithmic assumption, random oracle model, Electronic computers. Computer science, QA75.5-76.95

Abstract

The consensus mechanism has been considered as the core technology of blockchain systems. However, current consensus mechanisms have encountered three issues: low consensus efficiency, low reliability and security, and high computational complexity. To address these issues, a new Schnorr-based subgroup multi-signature scheme was proposed. This scheme retained the advantage of low computational complexity inherent in the Schnorr digital signature cryptosystem while incorporating the benefits of subgroup multi-signature. It allowed an indeterminate number of members from the entire set to form subgroups to generate multi-signatures, which replaced the group signature. The unpredictability of the subgroups effectively avoided the occurrence of Byzantine traitors, thus enhancing security and solving the problems of low reliability, security, and high computational complexity in consensus mechanisms. Additionally, a public third party was introduced, implemented by automatically and publicly executed smart contracts. It was completely open and transparent, capable of resisting the rogue public-key attack, and reduced the total number of communication rounds and time overhead in the signing process, addressing the issue of low consensus efficiency. The robustness of this scheme was proven in detail, demonstrating an improvement in the security of consensus mechanisms. Based on the discrete logarithm assumption, the scheme was shown to be unforgeable in the random oracle model. Theoretical analysis and experimental results show that the scheme possesses smaller public key length, private key length, single signature length, and multi-signature length, with fewer communication rounds and reduced time overhead in the signature generation and verification algorithms, providing superior performance when applied to consensus mechanisms.

Published

2024

2. SEPCVN: Secure and Efficient Protocol for Cloud Vehicular Networking

Author

Vinod Kumar, Seema, Kamal Kumar, Ramakant Prasad, Khalid Almutib, and M. Shamim Hossain

Subjects

Cloud vehicular networking, authentication, security, encryption, AVISPA, random oracle model, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Cloud vehicular networking is a relatively new inter-vehicle communication paradigm. The ability of cloud vehicular networking to address critical safety issues in road traffic is highly rated by operators. This study examines cloud vehicular networking technology, its advantages, problems, and possible remedies. It focuses on overcoming control system issues while placing a stronger emphasis on security. Integrating vehicles into the cloud ecosystem presents numerous security and efficiency challenges. This study thoroughly examines the current protocols and suggests a brand-new, Secure, and Efficient Protocol for Cloud Vehicular Networking (SEPCVN). The proposed protocol aims to improve data transmission efficiency and address security flaws in cloud-connected vehicle networks. We discuss a specialized authentication method for secure vehicle-to-vehicle communication to tackle many challenges. According to the security study, formally and informally, our suggested protocol satisfies the necessary security requirements. Using the Automated Validation of Internet Security Protocols and Applications (AVISPA) tool, a simulation analysis was carried out on the proposed protocol, which is safe from man-in-the-middle and reply attacks. Compared to similar protocols, the proposed framework is computationally and communicably effective. The results indicate that the suggested plan for cloud vehicular networking is both effective and safe.

Published

2024

3. Blockchain-enhanced certificateless signature scheme in the standard model

Author

Xiaodong Yang, Haoqi Wen, Lei Liu, Ningning Ren, and Caifen Wang

Subjects

certificateless signature, forgery attack, random oracle model, blockchain, unforgeability, Biotechnology, TP248.13-248.65, Mathematics, QA1-939

Abstract

The Internet of Things (IoT), driven by wireless communication and other technologies, is gradually entering our lives and promoting the transformation of society from "informatization" to "intelligence". Certificateless signature (CLS) eliminates the characteristic of certificate management, making it an effective method for verifying large-scale data in the IoT environment. Nevertheless, hash functions are regarded as ideal random oracles in the security proofs of most CLS schemes, which cannot guarantee the security of CLS schemes in reality. In response to this problem, Shim devised a CLS scheme without random oracles in the standard model and declared it to be provably secure. Unfortunately, in this paper, we cryptanalyze Shim's CLS scheme and demonstrate that it is not resistant to public key replacement attacks from a Type Ⅰ attacker. Furthermore, to further improve the security of the Shim CLS scheme and avoid the single-point failure of the KGC and the signature forgery initiated, we propose a blockchain-based CLS scheme without a random oracle. Finally, we evaluate the comprehensive performance, and while maintaining the computational and communication performance of the Shim scheme, we resist both Type Ⅰ and Type Ⅱ attackers, as well as signature forgery initiated against public parameters.

Published

2023

4. A quantum resistant universal designated verifier signature proof

Author

P. Thanalakshmi, N. Anbazhagan, Gyanendra Prasad Joshi, and Eunmok Yang

Subjects

coding theory, random oracle model, syndrome decoding problem, universal designated verifier signature proof, Mathematics, QA1-939

Abstract

In order to ensure that only the designated person can verify the signer's signature on the message, Steinfeld et al. introduced the concept of Universal Designated Verifier Signature (UDVS), which enables a designator who has obtained a signature on a message from the signer to designate the signature to any desired designated verifier. This idea was developed to address the privacy concerns of the signature holder at the time of certificate distribution. They are appropriate for applications that demand the designer's secrecy. The fact that the designated verifier must generate a public key with regard to the signer's public parameter for signature verification is a significant drawback of UDVS methods. In cases where the verifier is unable to begin the key generation procedure, this constraint is inapplicable. Baek et al. developed the idea of "Universal Designated Verifier Signature Proof (UDVSP)", which does not require the verifier's public key for verification, to get around this restriction. All existing UDVSP constructions are based on a discrete logarithm problem, which is vulnerable to quantum computer attacks. As a result, an efficient quantum resistant UDVSP is built on a hard problem in coding theory, as suggested by NIST reports. The scheme's security against forgeability and impersonation attacks is examined using the random oracle model.

Published

2023

5. Enhancing Security and Efficiency: A Fine-Grained Searchable Scheme for Encryption of Big Data in Cloud-Based Smart Grids

Author

Jing Wen, Haifeng Li, Liangliang Liu, and Caihui Lan

Subjects

searchable encryption, attribute-based encryption, server-aided decryption, trapdoor indistinguishability, random oracle model, Mathematics, QA1-939

Abstract

The smart grid, as a crucial part of modern energy systems, handles extensive and diverse data, including inputs from various sensors, metering devices, and user interactions. Outsourcing data storage to remote cloud servers presents an economical solution for enhancing data management within the smart grid ecosystem. However, ensuring data privacy before transmitting it to the cloud is a critical consideration. Therefore, it is common practice to encrypt the data before uploading them to the cloud. While encryption provides data confidentiality, it may also introduce potential issues such as limiting data owners’ ability to query their data. The searchable attribute-based encryption (SABE) not only enables fine-grained access control in a dynamic large-scale environment but also allows for data searches on the ciphertext domain, making it an effective tool for cloud data sharing. Although SABE has become a research hotspot, existing schemes often have limitations in terms of computing efficiency on the client side, weak security of the ciphertext and the trapdoor. To address these issues, we propose an efficient server-aided ciphertext-policy searchable attribute-based encryption scheme (SA-CP-SABE). In SA-CP-SABE, the user’s data access authority is consistent with the search authority. During the search process, calculations are performed not only to determine whether the ciphertext matches the keyword in the trapdoor, but also to assist subsequent user ciphertext decryption by reducing computational complexity. Our scheme has been proven under the random oracle model to achieve the indistinguishability of the ciphertext and the trapdoor and to resist keyword-guessing attacks. Finally, the performance analysis and simulation of the proposed scheme are provided, and the results show that it performs with high efficiency.

Published

2024

6. A Secure and Privacy-Preserving Lightweight Authentication and Key Exchange Algorithm for Smart Agriculture Monitoring System

Author

Samiulla Itoo, Akber Ali Khan, Musheer Ahmad, and M. Javed Idrisi

Subjects

Agriculture sensors, Elliptic curve cryptography, Gateway, Scyther tool, Wireless sensor networks, Random oracle model, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Agriculture plays a vital role in the economic life cycle of an agrarian country and considers the backbone of the economy. It supplies not just raw food materials, but also a vast number of job opportunities. Therefore, modern technology is required in agriculture to increase productivity. Wireless Sensor Networks (WSN) could be used to monitor climatic parameters in an agriculture field, such as the acidity level of soil, soil moisture, humidity, light, and so on. Climate variables have a significant impact on crop growth, quality, and productivity. These factors contribute to increased agricultural productivity in terms of both quantity and quality. WSN, on the other hand, has security risks such as impersonation, alteration, interference, and interception all of which have negative effects on crop production and other agricultural activities. The primary issues for agricultural WSN are hence privacy preservation and security enhancement. In this paper, we proposed a privacy-preserving and efficient key agreement framework for smart agriculture monitoring systems by using elliptic curve cryptography and hash function. The proposed framework is secure against various security assaults and provides secure communication in smart agriculture monitoring systems. We demonstrate the accuracy of the proposed protocol for mutual authentication and key exchange using BAN logic, and we also simulate the security correctness of the encrypted proposed framework using the well-known security verification Scyther tool. Using the ROR model, we formalize the security of the proposed system. Further, we provide a comparison based on security features, computation, and communication overheads comparison between the proposed protocol and similar protocols in the same context. Hence, when compared to other similar protocols in the same environment, the proposed protocol provides superior security and efficiency than other existing protocols. For the practical implementation of smart agriculture monitoring systems, the proposed protocol is better than comparable protocols.

Published

2023

7. Robust Subgroup ID-based Multi-signature Scheme

Author

TIAN Chen, WANG Zhi-wei

Subjects

id-based signature, multi-signatures, computational diffie-hellman(cdh) problem, random oracle model, forking lemma, Computer software, QA76.75-76.765, Technology (General), T1-995

Abstract

The existing multi-signature scheme applied in the consensus mechanism scenario defaults that the signers are honest entities,so the security and validity of the signature could not be guaranteed when malicious nodes existed.In order to improve the robustness of multi-signature in the typical adversarial scenarios in consensus protocols,this paper proposes an ID-based multi-signature scheme based on the advantages of the ID-based cryptography system.In this signature scheme,non-fixed subgroup generates randomly cooperated to generate multi-signatures representing the entire group,and the validity of all subgroup signatures must be verified before signature aggregation.The bilinear pairings required by this scheme to generate multi-signatures are related to the number of subgroup members,which improve the security of the scheme at the cost of certain efficiency.This paper introduces a notion of robustness for robust subgroup ID-based multi-signatures,and the corresponding proof of the proposed scheme is given.Furthermore,under the random oracle model,relying on the hardness of the computational Diffie-Helman(CDH) problem,the scheme is proved is proved to be unforgeable under adaptive selection message attack.In addition,theoretical analysis and prototype implementation of the signature scheme are carried out,and the experimental results are compared with the performance of relevant signature schemes.

Published

2022

8. Pairing-free certificateless blind signature scheme for smart grid

Author

ShuangGen Liu, Yu Zhu, and RuiYun Wang

Subjects

Smart grid, Certificateless blind signature, Batch verification, Elliptic curve discrete logarithm, Random oracle model, Electronic computers. Computer science, QA75.5-76.95

Abstract

The smart grid is an emerging power system that can realize the information exchange between users and power companies in two-way communication and adjust power companies’ power supply according to the real-time power requests from smart meters on the users’ side. However, since malicious attackers can eavesdrop on two-way communication to collect and transmit information, they may leak users’ information. Therefore, this paper proposes a new certificateless blind signature (CLBS) scheme with batch verification function and improves a power request system model for the smart grid to protect users’ privacy. In addition, the proposed CLBS scheme simplifies the certificate management process in the traditional public key cryptosystem and eliminates the hidden key escrow in the identity-based public key cryptosystem. The unforgeability of the scheme is proved through the random oracle model, and the scheme’s security can be reduced to the intractability of the elliptic curve discrete logarithm problem (ECDLP). The analysis results show that our scheme does not use the time-consuming bilinear pairing operation, and has obvious advantages in computing performance compared with the existing signature schemes.

Published

2022

9. A Secure Authentication Protocol Supporting Efficient Handover for UAV

Author

Kang Wen, Shengbao Wang, Yixiao Wu, Jie Wang, Lidong Han, and Qi Xie

Subjects

Unmanned Aerial Vehicle, handover authentication, ProVerif, random oracle model, Mathematics, QA1-939

Abstract

Unmanned Aerial Vehicles (UAVs) are increasingly pivotal in operations such as flood rescue, wildfire surveillance, and covert military endeavors, with their integration into the Internet of Things (IoT) networks broadening the scope of services they provide. Amidst this expansion, security concerns for UAVs have come to the forefront, particularly in open communication environments where they face authentication challenges and risks of sensitive data, including location information, being exposed to unauthorized parties. To address these issues, we propose a secure and lightweight authentication scheme that combines the use of anonymity mechanisms and Physical Unclonable Functions (PUFs). Specifically, we employ pseudo- and temporary identities to maintain the anonymity of UAVs, while also utilizing PUF technology to strengthen the security of Ground Station Servers (GSSs) against physical threats. Rigorous validation through ProVerif and the Random Oracle (ROR) Model indicates our scheme’s superior performance over existing protocols in terms of both efficiency and security.

Published

2024

10. Secure and efficient two-party collaborative SM9 signature scheme suitable for smart home

Author

Shuang Gen Liu, Ru Liu, and Si Yuan Rao

Subjects

Smart home, SM9 algorithm, Two-party collaborative signature, Random oracle model, Provable security, Electronic computers. Computer science, QA75.5-76.95

Abstract

The smart home usually has poor security and is vulnerable to attack since it adopts embedded processors that are limited by volume and power consumption. To improve the communication security of the smart home system, identity-based signature schemes are widely used in wireless network communications. However, the user’s signature private key is generally stored in a single device, it is easy to be stolen by attackers to control the smart home devices. To reduce the risk of leakage of the signature private key, a two-party collaborative signature scheme based on the SM9 algorithm is proposed in this paper. The user’s signature private key is generated through the collaboration of the two-party key generation center (KGC), and the integer secrets related to the signature private key are stored in two devices respectively. During the signing process, the two devices sign collaboratively to prevent the complete private key from being leaked. The security of the scheme is proved in the random oracle model. Theoretical analysis and experimental results show that our proposed scheme can achieve higher security with lower computation cost and communication cost when compared with the existing two-party SM9 signature schemes.

Published

2022

11. A Secure User Authentication Protocol for Heterogeneous Mobile Environments

Author

Alzubair Hassan, Rafik Hamza, Fagen Li, Awad Ali, Mohammed Bakri Bashir, Samar M. Alqhtani, Tawfeeg Mohmmed Tawfeeg, and Adil Yousif

Subjects

User authentication, key agreement, random oracle model, heterogeneous environment, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Mobile devices have become very important for our daily needs. The user authentication protocols with the key agreement are required to deal with the security issues that arise from the use of mobile devices through Internet applications. However, existing user authentication protocols are only suitable if the client and the server use a similar cryptographic approach. Therefore, it is important to develop an authentication protocol for mobile environments with heterogeneous cryptographic approaches. In this paper, an efficient user authentication and key agreement protocol is proposed for a heterogeneous client-server mobile environment. The security of the proposed scheme is formally proved under the ${q}$ -strong Diffie-Hellman problem ( ${q}$ -SDH), the ${q}$ -bilinear Diffie-Hellman inversion problem ( ${q}$ -BDHI), and the modified bilinear Diffie-Hellman inversion problem (mBDHI), respectively. Our scheme has reasonable processing costs and communication costs on the client and server sides. Moreover, our scheme is suitable for applications that use different cryptographic approaches. In particular, the proposed protocol can work when the client applies the identity-based cryptosystem and the server applies the certificateless cryptosystem.

Published

2022

12. Security Analysis and Improvement of Strongly Secure Certificateless Digital Signature Scheme

Author

YE Sheng-nan, CHEN Jian-hua

Subjects

certificateless signature, bilinear pairings, security analysis, elliptic curve discrete diffie-hellman problem, random oracle model, Computer software, QA76.75-76.765, Technology (General), T1-995

Abstract

Certificateless public key cryptosystem combines the advantages of identity-based cryptosystem and traditional PKI public key cryptosystem,overcomes the key escrow problem of identity-based public key cryptosystem and the certificate management problem of PKI system,and has obvious advantages.By analysing the security of a strongly secure certificateless signature scheme proposed by Hassouna,et al,it shows that the scheme cannot resist the attack of falsifying messages and do not use private key generated by system master key to sign.So it is not a certificateless signature scheme.On this basis,an improved certificateless signature scheme is proposed and it proves the scheme can resist the attack of the first class of strong adversaries and the second class of adversaries.In the random oracle model and under the assumption of the Diffie-Hellman problem of the elliptic curve,the improved scheme satisfies the existential forgery.

Published

2021

13. RDAF-IIoT: Reliable Device-Access Framework for the Industrial Internet of Things

Author

Hisham Alasmary

Subjects

sensing device, random oracle model, key agreement, security, formal analysis, Mathematics, QA1-939

Abstract

The Internet of Things (IoT) has experienced significant growth and is now a fundamental part of the next-generation Internet. Alongside improving daily life, IoT devices generate and collect vast amounts of data that can be leveraged by AI-enabled big data analytics for diverse applications. However, due to the machine-to-machine communication inherent in IoT, ensuring data security and privacy is crucial to mitigate various malicious cyber attacks, including man-in-the-middle, impersonation, and data poisoning attacks. Nevertheless, designing an efficient and adaptable IoT security framework poses challenges due to the limited computational and communication power of IoT devices, as well as their wide-ranging variety. To address these challenges, this paper proposes an Access Key Agreement (AKA) scheme called the “Reliable Device-Access Framework for the Industrial IoT (RDAF-IIoT)”. RDAF-IIoT verifies the user’s authenticity before granting access to real-time information from IIoT devices deployed in an industrial plant. Once authenticated at the gateway node, the user and IIoT device establish a session key for future encrypted communication. The security of the proposed RDAF-IIoT is validated using a random oracle model, while the Scyther tool is employed to assess its resilience against various security attacks. Performance evaluations demonstrate that the proposed scheme requires lower computational and communication costs compared to related security frameworks while providing enhanced security features.

Published

2023

14. A Resource-Friendly Certificateless Proxy Signcryption Scheme for Drones in Networks beyond 5G

Author

Muhammad Asghar Khan, Hosam Alhakami, Insaf Ullah, Wajdi Alhakami, Syed Agha Hassnain Mohsan, Usman Tariq, and Nisreen Innab

Subjects

drones, security, proxy signcryption, hyperelliptic curve cryptography, random oracle model, 5G, Motor vehicles. Aeronautics. Astronautics, TL1-4050

Abstract

Security and privacy issues were long a subject of concern with drones from the past few years. This is due to the lack of security and privacy considerations in the design of the drone, which includes unsecured wireless channels and insufficient computing capability to perform complex cryptographic algorithms. Owing to the extensive real-time applications of drones and the ubiquitous wireless connection of beyond 5G (B5G) networks, efficient security measures are required to prevent unauthorized access to sensitive data. In this article, we proposed a resource-friendly proxy signcryption scheme in certificateless settings. The proposed scheme was based on elliptic curve cryptography (ECC), which has a reduced key size, i.e., 160 bits, and is, therefore, suitable for drones. Using the random oracle model (ROM), the security analysis of the proposed scheme was performed and shown to be secure against well-known attacks. The performance analysis of the proposed scheme was also compared to relevant existing schemes in terms of computation and communication costs. The findings validate the practicability of the proposed scheme.

Published

2023

15. Secure Threshold Ring Signature Based on SM9

Author

Shuanggen Liu, Kang Chen, Zikang Liu, and Teng Wang

Subjects

Digital signatures, provably safe, random oracle model, SM9 identity-based cryptography, threshold ring signature, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Nowadays, it becomes a major issue that has become increasingly prominent to ensure the privacy and security of information. With the wide application of SM9 algorithm in various fields, it is particularly important to improve the security of SM9 algorithm. Therefore, many researchers use the SM9 algorithm for supporting the underlying cryptography. And group signature, ring signature and two-party signature are introduced in succession to design the related scheme with significant effecting. In order to further improve the signature security and promote the promotion of SM9 algorithm. First, the SM9 identification and cipher algorithm is improved by using multi-KGC(Key Generation Center) to generate system parameters to achieve the purpose of improving the security of the key in this paper. Second, a threshold ring signature scheme based on SM9 is proposed by combining SM9 with threshold ring signature. The analysis shows that, compared with the existing schemes, the proposed scheme has more advantages in security, such as higher anonymity, unforgeability and non-repudiation, while resisting malicious user attacks and malicious KGC attacks. This scheme extends SM9 from single user signature to multi-users signature, and increases the application scenarios of SM9, which plays a positive role in the promotion of SM9.

Published

2021

16. An Anonymous Certificateless Signcryption Scheme for Internet of Health Things

Author

Insaf Ullah, Ali Alkhalifah, Sajjad Ur Rehman, Neeraj Kumar, and Muhammad Asghar Khan

Subjects

Internet of things, IoHT, security, signcryption, hyperelliptic curve cryptosystem, random oracle model, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Internet of Health Things (IoHT) is a hot topic of research presently, which provides a reliable and intelligent healthcare system for monitoring the physical conditions of the patients over the Internet from anywhere and anytime. The ease of time-independent interaction from geographically remote areas is a core advantage of the IoHT system, which offers preventive or proactive healthcare facilities at a lower cost. IoHT communication, on the other hand, is usually carried out with a range of low-power biomedical sensors, rendering them vulnerable to cyber-attacks and incompatible with traditional cryptographic techniques. The most critical security concern in IoHT is ensuring the authenticity of patients’ health-related messages sent over the internet. Other key concerns include receiver anonymity and forward security, which means that only the sender knows the identities of the recipients. As a result, even if the private key of senders compromised, the adversary will be unable to decrypt the ciphertext. Existing signcryption schemes that employ certificateless cryptography for the healthcare system failed to guarantee both receiver anonymity and forward security simultaneously. Therefore, in this article, we propose an anonymous certificateless signcryption scheme for IoHT applications, which is based on the notion of the Hyperelliptic Curve (HEC) cryptosystem to satisfy these security requirements. The proposed scheme guarantees formal security analysis for confidentiality, unforgeability, and receiver anonymity using the Random Oracle Model (ROM). The results authenticate that the proposed scheme improves security while lowering computation and communication costs.

Published

2021

17. Towards Identity-Based Conditional Privacy-Preserving Authentication Scheme for Vehicular Ad Hoc Networks

Author

Mahmood A. Al-Shareeda, Mohammed Anbar, Selvakumar Manickam, and Iznan Husainy Hasbullah

Subjects

Vehicular ad-hoc network (VANET), side-channel attacks, unlinkability, random oracle model, privacy preserving, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Vehicular ad hoc networks (VANETs) have become increasingly common in the past decades and provides essential and efficient communication for vehicles within intelligent transportation systems. Securing the VANETs wireless communication channel is one of the principal challenges in VANETs since existing security schemes are still vulnerable to security and privacy issues and have substantial computational and communicational overheads. To overcome these issues, this paper focuses on enhancing an authentication scheme based on conditional privacy-preserving and improving its performance efficiency. This paper reviews the security vulnerabilities of the existing schemes. It also proposes enhancements to the identity-based conditional privacy-preserving authentication scheme to secure and improve the efficiency of VANETs communications. The proposed scheme not only satisfies the security and privacy requirements but also has been proven secure under the random oracle model. Finally, the performance evaluation shows that the proposed scheme is more efficient computationally and communicational than the existing schemes in signing and verifying VANETs messages.

Published

2021

18. Full-Resilient Memory-Optimum Multi-Party Non-Interactive Key Exchange

Author

Majid Salimi, Hamid Mala, Honorio Martin, and Pedro Peris-Lopez

Subjects

Multi-party non-interactive key exchange, broadcast encryption, Internet of Things, random oracle model, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Multi-Party Non-Interactive Key Exchange (MP-NIKE) is a fundamental cryptographic primitive in which users register into a key generation centre and receive a public/private key pair each. After that, any subset of these users can compute a shared key without any interaction. Nowadays, IoT devices suffer from a high number and large size of messages exchanged in the Key Management Protocol (KMP). To overcome this, an MP-NIKE scheme can eliminate the airtime and latency of messages transferred between IoT devices. MP-NIKE schemes can be realized by using multilinear maps. There are several attempts for constructing multilinear maps based on indistinguishable obfuscation, lattices and the Chinese Remainder Theorem (CRT). Nevertheless, these schemes are inefficient in terms of computation cost and memory overhead. Besides, several attacks have been recently reported against CRT-based and lattice-based multilinear maps. There is only one modular exponentiation-based MP-NIKE scheme in the literature which has been claimed to be both secure and efficient. In this article, we present an attack on this scheme based on the Euclidean algorithm, in which two colluding users can obtain the shared key of any arbitrary subgroup of users. We also propose an efficient and secure MP-NIKE scheme. We show how our proposal is secure in the random oracle model assuming the hardness of the root extraction modulo a composite number.

Published

2020

19. Efficient and Provably Secure Anonymous User Authentication Scheme for Patient Monitoring Using Wireless Medical Sensor Networks

Author

Guoai Xu, Feifei Wang, Miao Zhang, and Junhao Peng

Subjects

Internet of Things, wireless medical sensor networks, authentication, user anonymity, random oracle model, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Wireless medical sensor networks (WMSNs) are playing an increasingly important role in smart healthcare applications. Since the data transmitted in WMSNs is closely related to patient's life and health, and considering the resource-constrain feature of the sensor node, constructing an authentication scheme for WMSNs is a formidable task. Recently, Soni et al. presented an elliptic curve cryptosystem based three-factor authentication scheme for WMSNs. However, we discover that their scheme suffers from serious vulnerabilities, such as sensor node capture attack, no forward secrecy, and the violation of three-factor security. To enhance the security and efficiency, we present a novel scheme using Rabin cryptosystem and chaotic maps. We use several widely-accepted security analysis methods to verify the correctness and security of our scheme. The Burrows-Abadi-Needham logic proof confirms the completeness of our scheme. The heuristic analysis indicates that our scheme is resistant to potential attacks and provides various security attributes like forward secrecy and three-factor security. Furthermore, we demonstrate that our scheme is provably secure in the random oracle model. Finally, the performance comparisons indicate that our scheme is superior to the related schemes both in security and efficiency and is more applicable to WMSNs owing to low overhead of the sensor node.

Published

2020

20. Leveled Certificateless Fully Homomorphic Encryption Schemes From Learning With Errors

Author

Mingxiang Li

Subjects

Certificateless fully homomorphic encryption, learning with errors, random oracle model, standard model, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Fully homomorphic encryption (FHE) is a form of public-key encryption that allows the computation of arbitrary functions on encrypted data without decrypting the data. As a result, it is a useful tool with numerous applications. Certificateless encryption (CLE) is a type of public-key encryption that combines the advantages of PKI-based public-key encryption with those of identity-based encryption (IBE). Thus, certificateless fully homomorphic encryption (CLFHE) has aroused considerable research interest. Recently, Chen, Hu, and Lian proposed a leveled certificateless homomorphic encryption (CLHE) scheme and proved its semantic security based on the learning with errors (LWE) problem in the random oracle model. However, their scheme supports only homomorphic addition, but not homomorphic multiplication. In this work, we construct two leveled CLFHE schemes using the approximate eigenvector method presented by Gentry, Sahai, and Waters. Based on the hardness of the LWE problem, we prove that one scheme satisfies adaptive semantic security and anonymity in the random oracle model, whereas the other satisfies selective semantic security and anonymity in the standard model.

Published

2020

21. RKA Security for Identity-Based Signature Scheme

Author

Jinyong Chang, Huiqun Wang, Fei Wang, Anling Zhang, and Yanyan Ji

Subjects

Related-key attack, identity-based signature, random oracle model, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Related-key attack (RKA) is a kind of side-channel attack considered for kinds of cryptographic primitives, such as public key encryption, digital signature, pseudorandom functions etc. However, we note that the RKA-security seems to be not considered for identity-based signature (IBS), which is an important primitive for identity-based cryptography and proposed by Shamir in 1984. In this paper, for the first time, we introduce the RKA security into IBS schemes and try to define the security model for it. More specifically, we consider the RKA occurs in the users' signing key or the master key of the key-generation center (KGC), which derives two kinds of RKA securities for IBS. Meanwhile, we illustrate that the most efficient Schnorr-like IBS scheme proposed by Galindo and Garcia is RKA-insecure by launching a simple RKA. However, a slight modification of it yields a RKA-secure IBS scheme, for which we give the detailed security proof in the random oracle. Finally, the performance analysis shows that the modified scheme is still extremely efficient but has higher security.

Published

2020

22. Efficient Conditional Privacy Preservation With Mutual Authentication in Vehicular Ad Hoc Networks

Author

Mahmood A. Al-Shareeda, Mohammed Anbar, Iznan Husainy Hasbullah, Selvakumar Manickam, and Sabri M. Hanshi

Subjects

Vehicular ad-hoc network (VANET), privacy-preserving, elliptic curve, random oracle model, identity-based cryptography, domain public key, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Vehicle Ad hoc Networks (VANETs) are an emergent wireless communication technology that has the potential to reduce the risk of accidents caused by drivers and provide a wide range of entertainment facilities. Because of the nature of VANETs' open-access environment, security attacks can affect the messages broadcast by a vehicle. VANET is therefore vulnerable to security and privacy issues. Recently, many schemes for addressing these problems of VANET have been proposed. However, most of them are affected by massive computation overhead and security issues. In this paper, we propose a scheme named efficient conditional privacy preservation with mutual authentication to address the problems mentioned above in VANET. This scheme depends on the division of geographical areas into a number domains and their distribution, where each domain stores the Certificate Revocation List (CRL) in all Road-side Units (RSUs) located inside the domain. During the mutual authentication phase, the vehicle should authenticate with the TA. After the vehicle obtains a pool of pseudo-identities and the corresponding secret keys from RSU, it is allowed to transmit a message to the other components in the VANET. Because our scheme does not use the bilinear pairing, the performance evaluation shows that our scheme has a lower system cost in terms of computation and communication than other existing methods. Meanwhile, the proposed scheme reduces the computation costs of signing the message and verifying the message by 99.85% and 99.93%, respectively. While the proposed scheme reduces the communication costs of the message size by 13.3%.

Published

2020

23. VPPCS: VANET-Based Privacy-Preserving Communication Scheme

Author

Mahmood A. Al-Shareeda, Mohammed Anbar, Selvakumar Manickam, and Ali A. Yassin

Subjects

BAN logic, privacy-preserving, elliptic curve, random oracle model, identity-based cryptography, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Over the past years, vehicular ad hoc networks (VANETs) have been commonly used in intelligent traffic systems. VANET's design encompasses critical features that include autonomy, distributed networking, and rapidly changing topology. The characteristics of VANET and its implementations for road safety have attracted considerable industry and academia interest, particularly in research involving transport systems enhancement that could potentially save lives. Message broadcasting in an open access system, such as VANET, is the main and utmost challenging problem with regard to security and privacy in VANETs. Various studies on VANET security and privacy have been proposed. Nevertheless, none has considered overall privacy requirements such as unobservability. In order to address these shortcomings, we propose a VANET based privacy-preserving communication scheme (VPPCS), which meets the requirements for content and contextual privacy. It leverages elliptic curve cryptography (ECC) and an identity-based encryption scheme. We have carried out a detailed security analysis (burrows-abadi-needham (BAN) logic, random oracle model, security of proof, and security attributes) to validate and verify the proposed scheme. The analysis has shown that our scheme is secure and also shown to be effective in a performance evaluation. The proposed scheme does not only meet the previously mentioned security and privacy requirements, but also impervious to various types of attacks such as replay, impersonation, modification, and man-in-the-middle attacks.

Published

2020

24. LSWBVM: A Lightweight Security Without Using Batch Verification Method Scheme for a Vehicle Ad Hoc Network

Author

Mahmood A. Al-Shareeda, Mohammed Anbar, Murtadha A. Alazzawi, Selvakumar Manickam, and Ahmed Shakir Al-Hiti

Subjects

Vehicular ad-hoc network (VANET), batch verification, authentication, random oracle model, BAN logic, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Recently, Vehicle Ad Hoc Networks (VANETs) have been increasingly developed in Intelligent Transportation Systems (ITSs). However, VANETs are vulnerable to security issues because of the open-medium nature of Vehicle-To-Vehicle (V2V) and Vehicle-To-Infrastructure (V2I) communication. Recently, many studies have proposed security schemes to address these issues. However, many of these schemes have massive computational overheads, especially in the process of batch verification method, which verifies multiple messages simultaneously. In this article, a Lightweight Security Without Using Batch Verification Method (LSWBVM) scheme is proposed based on Elliptic Curve Cryptography (ECC). The proposed LSWBVM scheme uses the XOR operation and general hash function during mutual authentication. Meanwhile, to verify a large number of messages, the proposed scheme uses an efficient single verification instead of batch verification in a high traffic density-area. BAN logic proves that the LSWBVM achieves the security goals to mutually authenticate between the nodes. The security analysis indicates that the LSWBVM satisfies the security requirements, such as: identity privacy preserving, tractability and revocability; and secure non-forgery under the random oracle model in an adaptively chosen message attack. The preference evaluation shows that the single verification of proposed LSWBVM is more efficient when compared with batch verification of the related works.

Published

2020

25. Practical Lattice-Based Multisignature Schemes for Blockchains

Author

Changshe Ma and Mei Jiang

Subjects

Lattice, multisignature scheme, public key aggregation, random oracle model, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Compact multisignature is vital for shrinking the signature size of decentralized blockchain. All practical compact multisignature schemes have been constructed from the discrete logarithm problem which is potentially vulnerable to quantum computing attacks. Lattice-based multisignature schemes are potential candidates for resisting quantum attacks. However, the existing lattice-based multisignature schemes suffer either loose signatures or large public key and signature sizes after compressing, which makes them unsuitable for blockchains. In this paper, we first present a practical lattice-based multisignature scheme with much smaller signature sizes than previous lattice-based multisignature schemes. Then, we extend our scheme to support public key aggregation with almost the same performance. Both of our multisignature schemes are provably secure in the random oracle model under the ring version of the short integer solution (Ring-SIS) assumption. They outperform the recent lattice-based multisignature scheme proposed by Bansarkhani and Sturm (BS) in terms of both signature size and communication overhead.

Published

2019

26. Efficient Arbitrarily Divisible E-Cash Applicable to Secure Massive Transactions

Author

Jianhua Liu

Subjects

Bilinear pairings, divisible E-cash, linked list, random oracle model, standard model, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

A conventional divisible E-cash (DEC) system allows each user to withdraw a coin of value 2n, then spend it in several times by dividing it into small ones of value 2l, for some l ∈ {0, 1, ⋯, n}. Observing that the price of many commodities is not just 2l, it requires to pay more than one coin in a transaction. In order to improve the efficiency of spend protocol, we propose a new construction called arbitrarily DEC (ADEC) which can divide a large coin into several small ones with arbitrarily integer values. We propose a new construction of ADEC based on a public linked list. Using bilinear pairings, we instantiate two ADEC systems: one holds its useful properties in the standard model and the other one in the random oracle model. These two systems allow users to pay for transactions in constant time. Moreover, our construction can be applied to secure the E-commerce of merchant with high volumes of transactions, a merchant can get a result in constant time for depositing a coin and can complete the deposit procedure in a reasonable time, even if he/she deposits massive coins. Our schemes are quite practical for users/merchants using resource-constrained mobile devices.

Published

2019

27. Identity-Based Linkable Ring Signature Scheme

Author

Lunzhi Deng, Yuhong Jiang, and Bingqin Ning

Subjects

Identity-based cryptography, ring signature, linkable, pairing, random oracle model, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

A ring signature is an anonymous signature that implements both the authentication of the message and the anonymity of the signer. In a “normal” ring signature scheme, the same signer can generate multiple ring signatures, but the verifier cannot find this fact. Linkable ring signature (LRS) solves the problem. In the setting, the identity of the signer is still anonymous, and if the same signer generates multiple ring signatures, the verifier can confirm the fact. Linkable ring signatures are applied to some actual scenarios, such as e-cash, e-voting and ad-hoc network authentication. In this paper, we presented a new identity-based linkable ring signature scheme that avoids certificate management. We then gave the security proofs in the random oracle model (ROM) and compared the efficiency of it with the previous schemes. The new scheme requires only 7 pairing operations in signing and verifying. It is the most efficient linkable ring signature in the identity-based setting.

Published

2019

28. Certificateless Deniable Authenticated Encryption for Location-Based Privacy Protection

Author

Guanhua Chen, Jianyang Zhao, Ying Jin, Quanyin Zhu, Chunhua Jin, Jinsong Shan, and Hui Zong

Subjects

Deniable authenticated encryption (DAE), certificateless cryptography, random oracle model, location-based services (LBSs), Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Deniable authenticated encryption (DAE) is a cryptographic primitive that supports data confidentiality with deniable authentication in an efficient manner. The DAE plays a significant role in location-based service systems for privacy protection. In this paper, we construct a certificateless DAE (CLDAE) scheme. The CLDAE is based on certificateless cryptosystems (CLCs), which avoids the need to manage public key certificates in public key infrastructure (PKI)-based cryptosystems and key escrow problems in identity-based cryptosystems (IBCs). Our design utilizes hybrid methods: tag-key encapsulation mechanism (TKEM) and data encapsulation mechanism (DEM). This technique is more suitable for location-based applications. We show how to construct a CLDAE scheme utilizing a certificateless deniable authenticated tag-KEM (CLDATK) and a DEM. We also design a CLDATK scheme and provide formal security proof using the random oracle model (ROM). We conduct a comprehensive performance analysis, which shows that CLDAE is highly efficient in terms of communication overhead. We also provide an application of the CLDAE for a location-based service (LBS) system.

Published

2019

29. A Hash-Based Quantum-Resistant Designated Verifier Signature Scheme

Author

P. Thanalakshmi, R. Anitha, N. Anbazhagan, Chulho Park, Gyanendra Prasad Joshi, and Changho Seo

Subjects

digital signatures, hash-based cryptography, designated verifier signatures, homomorphic hash function, preimage resistance, random oracle model, Mathematics, QA1-939

Abstract

Digital signatures are unsuitable for specific applications that are sensitive on a personal or commercial level because they are universally verifiable. Jakobsson et al. proposed the Designated Verifier Signature (DVS) system, which only allows the intended verifier to validate a message’s signature. It prohibits the disclosure of a conviction to a third party. This functionality is useful in applications that require both authenticity and signer privacy, such as electronic voting and tender calls. The vast majority of current DVS schemes are based on difficult number theory problems such as integer factorization or discrete log problems over various groups. The development of a large-scale quantum computer would render these schemes unsafe. As a result, it is critical to develop quantum-resistant DVS methods. In both quantum and classical computers, signatures based on one-way functions are more efficient and secure. They have several advantages over digital signatures based on trapdoor functions. As a result, hash-based signatures are now considered viable alternatives to number-theoretic signatures. Existing hash-based signatures, on the other hand, are easily verifiable by anyone. As a result, they do not protect the signer’s identity. In addition, they are one-time signatures. This paper presents a hash-based multi-time designated verifier signature scheme that ensures signer anonymity. The unforgeability of the signature scheme is also tested in the random oracle model under chosen message attack. The properties such as non-transferability and non-delegatability are investigated.

Published

2022

30. RAFI: Robust Authentication Framework for IoT-Based RFID Infrastructure

Author

Vikas Kumar, Rahul Kumar, Akber Ali Khan, Vinod Kumar, Yu-Chi Chen, and Chin-Chieh Chang

Subjects

IoT, RFID, security, authentication, random oracle model, Chemical technology, TP1-1185

Abstract

The Internet of Things (IoT) is a future trend that uses the Internet to connect a variety of physical things with the cyber world. IoT technology is rapidly evolving, and it will soon have a significant impact on our daily lives. While the growing number of linked IoT devices makes our daily lives easier, it also puts our personal data at risk. In IoT applications, Radio Frequency Identification (RFID) helps in the automatic identification of linked devices, and the dataflow of the system forms a symmetry in communication between the tags and the readers. However, the security and privacy of RFID-tag-connected devices are the key concerns. The communication link is thought to be wireless or insecure, making the RFID system open to several known threats. In order to address these security issues, we propose a robust authentication framework for IoT-based RFID infrastructure. We use formal security analysis in the random oracle model, as well as information analysis to support the claim of secure communication. Regarding the desirable performance characteristics, we describe and analyze the proposed framework’s performance and compare it to similar systems. According to our findings, the proposed framework satisfies all security requirements while also improving the communication.

Published

2022

31. A Secure Pseudonym-Based Conditional Privacy-Preservation Authentication Scheme in Vehicular Ad Hoc Networks

Author

Mahmood A. Al-Shareeda, Mohammed Anbar, Selvakumar Manickam, and Iznan H. Hasbullah

Subjects

Vehicular Ad hoc Networks (VANETs), security and privacy requirements, random oracle model, pseudonym identity scheme, Elliptic Curve Cryptography (ECC), Chemical technology, TP1-1185

Abstract

Existing identity-based schemes utilized in Vehicular Ad hoc Networks (VANETs) rely on roadside units to offer conditional privacy-preservation authentication and are vulnerable to insider attacks. Achieving rapid message signing and verification for authentication is challenging due to complex operations, such as bilinear pairs. This paper proposes a secure pseudonym-based conditional privacy-persevering authentication scheme for communication security in VANETs. The Elliptic Curve Cryptography (ECC) and secure hash cryptographic function were used in the proposed scheme for signing and verifying messages. After a vehicle receives a significant amount of pseudo-IDs and the corresponding signature key from the Trusted Authority (TA), it uses them to sign a message during the broadcasting process. Thus, the proposed scheme requires each vehicle to check all the broadcasting messages received. Besides, in the proposed scheme, the TA can revoke misbehaving vehicles from continuously broadcasting signed messages, thus preventing insider attacks. The security analysis proved that the proposed scheme fulfilled the security requirements, including identity privacy-preservation, message integrity and authenticity, unlinkability, and traceability. The proposed scheme also withstood common security attacks such as man-in-the-middle, impersonation, modification, and replay attacks. Besides, our scheme was resistant against an adaptive chosen-message attack under the random oracle model. Furthermore, our scheme did not employ bilinear pairing operations; therefore, the performance analysis and comparison showed a lower resulting overhead than other identity-based schemes. The computation costs of the message signing, individual signature authentication, and batch signature authentication were reduced by 49%, 33.3%, and 90.2%, respectively.

Published

2022

32. Research on pairing-free certificateless batch anonymous authentication scheme for VANET

Author

Cheng SONG, Ming-yue ZHANG, Wei-ping PENG, Zong-pu JIA, Zhi-zhong LIU, and Xi-xi YAN

Subjects

vehicular ad hoc network, pairing-free, certificateless, anonymous authentication, random oracle model, Telecommunication, TK5101-6720

Abstract

To solve the problem of security and efficiency of anonymous authentication in vehicular ad hoc network,a pairing-free certificateless batch anonymous authentication scheme was proposed.The public and private keys and pseudonyms were jointly generated by the trusted third party and vehicle,so the system security didn't depend on the tamper device.The scheme can realize authentication,anonymity,traceability,unforgeability,forward or backward security,and so on.Furthermore,under the random oracle model,the scheme can resist Type I and Type II attacks.Because there is no need to use certificates during authentication,the system storage load is effectively reduced.At the same time,the scheme realizes the batch message authentication on the basis of pairing-free operation,so the authentication efficiency is improved.Therefore,the scheme has important theoretical significance and application value in the resource-limited internet of things or embedded environment.

Published

2017

33. Two-factor authenticated key agreement protocol based on biometric feature and password

Author

Xiao-wei LI, Deng-qi YANG, Ben-hui CHEN, and Yu-qing ZHANG

Subjects

authenticated key agreement protocol, biometric authentication, password, random oracle model, Telecommunication, TK5101-6720

Abstract

A new two-factor authenticated key agreement protocol based on biometric feature and password was proposed.The protocol took advantages of the user’s biological information and password to achieve the secure communication without bringing the smart card.The biometric feature was not stored in the server by using the fuzzy extractor technique,so the sensitive information of the user cannot be leaked when the server was corrupted.The authentication messages of the user were protected by the server’s public key,so the protocol can resist the off-line dictionary attack which often appears in the authentication protocols based on password.The security of the proposed protocol was given in the random oracle model provided the elliptic computational Diffie-Hellman assumption holds.The performance analysis shows the proposed protocol has better security.

Published

2017

34. Multi-authority ABS supporting dendritic access structure

Author

Ruo MO, Jian-feng MA, Xi-meng LIU, and Qi LI

Subjects

attribute-based signature, dendritic access structure, multi-authority, random oracle model, Telecommunication, TK5101-6720

Abstract

Attribute-based signature (ABS),which could realize fine-grained access control,was considered to be an important method for anonymous authentication in cloud computing.However,normal ABS only provided simple access control through threshold structure and thus could not cope with the large-scale attribute sets of users in the cloud.Moreover,the attribute sets were supervised by only one attribute authority,which increased the cost of computation and storage.The whole system was in danger of collapsing once the attribute authority was breached.Aiming at tackling the problems above,a novel scheme,was proposed called multi-authority ABS supporting dendritic access structure which supported any AND,OR and threshold gates and affords more flexible access control.Meanwhile,the attribute sets of users were classified by diverse attribute authorities which reduced the overhead and the risk of systems.Besides,the scheme is proved to be selective predicate chosen message attack secure in the random oracle model.

Published

2017

35. Research on batch anonymous authentication scheme for VANET based on bilinear pairing

Author

Cheng SONG, Ming-yue ZHANG, Wei-ping PENG, Zong-pu JIA, Zhi-zhong LIU, and Xi-xi YAN

Subjects

bilinear pairing, anonymous authentication, privacy protection, vehicular network, random oracle model, Telecommunication, TK5101-6720

Abstract

To solve the problem of efficiency of anonymous authentication in vehicular ad hoc network,a batch anonymous authentication scheme was proposed by using bilinear pairing on elliptic curves .The signature was generated by the roadside unit node (RSU) and the vehicle together.Thus,the burden of VANET certification center was reduced and the authentication efficiency was proved.Meanwhile,the difficulty of the attacker to extract the key was increased.Furthermore,security proofs were given to the scheme in the random oracle model.Analysis shows that the proposed scheme can meet the needs of many kinds of security requirements,the computational overhead is significantly reduced,and the authentication efficiency is improved effectively too.Therefore,the scheme has important theoretical significance and application value under computational capability constrained Internet of things (IoT) environment.

Published

2017

36. Two improved content extraction signature schemes

Author

Min WANG, Jin-hua MA, Jiang-hua LIU, and Wei WU

Subjects

content extraction signature, batch signature, commit vector, RSA, random oracle model, Electronic computers. Computer science, QA75.5-76.95

Abstract

Motivated by the idea of batch signatures,two variants of content extraction signature schemes based on commit vector and RSA respectively were presented.In the proposed schemes,the efficiency of signing and verification were improved by unifying certain message.The analysis show that the proposed schemes are existentially unforgeable under chosen message attacks in the random oracle model.

Published

2017

37. Two improved content extraction signature schemes

Author

Min WANG,Jin-hua MA,Jiang-hua LIU,Wei WU

Subjects

content extraction signature, batch signature, commit vector, rsa, random oracle model, Electronic computers. Computer science, QA75.5-76.95

Abstract

Motivated by the idea of batch signatures,two variants of content extraction signature schemes based on commit vector and RSA respectively were presented.In the proposed schemes,the efficiency of signing and verification were improved by unifying certain message.The analysis show that the proposed schemes are existentially unforgeable under chosen message attacks in the random oracle model.

Published

2017

38. Efficient identity-based fully homomorphic encryption over NTRU

Author

Ran DUAN, Chun-xiang GU, Yue-fei ZHU, Yong-hui ZHENG, and Li CHEN

Subjects

fully homomorphic encryption, identity-based encryption, NTRU lattice, random oracle model, approximate eigenvector, Telecommunication, TK5101-6720

Abstract

Fully homomorphic encryption is the best solution for solving privacy concerns for data over cloud so far,while large public key size is a general shortcoming for existing schemes.First,by introducing the concept of Kullback-Leibler divergence,an identity-based public key scheme over NTRU lattice with modified ciphertext form was proposed.Analysis on parameter setting showed its small key size and ciphertext size,and experiments revealed its high computational efficiency.Second,with the idea of approximate eigenvector,an improved method to convert the scheme into an identity-based fully homomorphic encryption one was put forward to further reduce ciphertext size.Compared with existing schemes,the converted scheme not only abandons evaluation keys to make it fully identity-based,but also has smaller keys and ciphertext,which results in higher computational and transmission efficiency.

Published

2017

39. Enabling Telecare Medical Information Systems With Strong Authentication and Anonymity

Author

Hu Xiong, Junyi Tao, and Chen Yuan

Subjects

Authentication, anonymity, telecare medical information system, random oracle model, BAN-logic, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

Telecare medical information system (TMIS) is highly desirable to users by allowing them to remotely access medical services or medical information and security, such as authentication and privacy preserving of users is challenging. Recently, some smart card-based password authentication (two-factor authentication) schemes have been proposed. In this paper, we use Chaudhry et al.'s scheme as a case study and demonstrate that a family of two-factor authentication schemes for the TMIS are not secure against offline dictionary attack and fail to revoke the stolen/lost smart card. Furthermore, an improved two-factor authentication scheme with anonymity has been proposed to remedy the weakness of these schemes. The security analysis of the proposed solution is formally given with the random oracle model and Burrows-Abadi-Needham logic.

Published

2017

40. Revisiting NIZK-Based Technique for Chosen-Ciphertext Security: Security Analysis and Corrected Proofs

Author

Youngkyung Lee, Dong Hoon Lee, and Jong Hwan Park

Subjects

NIZK, chosen-ciphertext security, tight security reduction, random oracle model, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

Non-interactive zero-knowledge (NIZK) proofs for chosen-ciphertext security are generally considered to give an impractical construction. An interesting recent work by Seo, Abdalla, Lee, and Park (Information Sciences, July 2019) proposed an efficient semi-generic conversion method for achieving chosen-ciphertext security based on NIZK proofs in the random oracle model. The recent work by Seo et al. demonstrated that the semi-generic conversion method transforms a one-way (OW)-secure key encapsulation mechanism (KEM) into a chosen-ciphertext secure KEM while preserving tight security reduction. This paper shows that the security analysis of the semi-generic conversion method has a flaw, which comes from the OW security condition of the underlying KEM. Without changing the conversion method, this paper presents a revised security proof under the changed conditions that (1) the underlying KEM must be chosen-plaintext secure in terms of indistinguishability and (2) an NIZK proof derived from the underlying KEM via the Fiat–Shamir transform must have the properties of zero-knowledge and simulation soundness. This work extended the security proof strategy to the case of identity-based KEM (IBKEM) and also revise the security proof for IBKEM of previous method by Seo et al. Finally, this work gives a corrected security proof by applying the new proofs to several existing (IB)KEMs.

Published

2021

41. An Efficient Identity-Based Conditional Privacy-Preserving Authentication Scheme for Secure Communication in a Vehicular Ad Hoc Network

Author

Mahmood A. Al-shareeda, Mohammed Anbar, Selvakumar Manickam, and Iznan H. Hasbullah

Subjects

vehicular ad-hoc network (VANET), privacy-preserving, side-channel attack, random oracle model, identity-based cryptography, Mathematics, QA1-939

Abstract

The security and privacy issues in vehicular ad hoc networks (VANETs) are often addressed with schemes based on either public key infrastructure, group signature, or identity. However, none of these schemes appropriately address the efficient verification of multiple VANET messages in high-density traffic areas. Attackers could obtain sensitive information kept in a tamper-proof device (TPD) by using a side-channel attack. In this paper, we propose an identity-based conditional privacy-preserving authentication scheme that supports a batch verification process for the simultaneous verification of multiple messages by each node. Furthermore, to thwart side-channel attacks, vehicle information in the TPD is periodically and frequently updated. Finally, since the proposed scheme does not utilize the bilinear pairing operation or the Map-To-Point hash function, its performance outperforms other schemes, making it viable for large-scale VANETs deployment.

Published

2020

42. Improved certificateless sequential multi-signature scheme

Author

Hong-zhen DU and Qiao-yan WEN

Subjects

certificateless public key cryptography, sequential multi-signature, random oracle model, bilinear pairing, Telecommunication, TK5101-6720

Abstract

A sequential multi-signature enabled multiple users to jointly sign a document in order.Xu,et al proposed a provably-secure certificateless sequential multi-signature scheme with constant signature length and pairing computations.However,it was shown that the scheme had a drawback in the verifying algorithm,and then it overcame the drawback.But,the efficiency of the corrected scheme was greatly reduced.An efficient certificateless sequential multi-signature scheme is constructed,and the multi-signature generated by proposed scheme consists of one group element and the verification algorithm requires only 2 bilinear pairings.

Published

2015

43. Security analysis and improvement of a certificateless signcryption scheme

Author

Zhen-guo ZHAO

Subjects

signcryption, certificateless, random oracle model, bilinear pairing, Telecommunication, TK5101-6720

Abstract

To solve the certificate management problem in the traditional public key cryptography and the key escrow problem in the identity-based public key cryptography, Al-Riyami and Paterson proposed the concept of the certificateless public key cryptography.Recently,Zhu et al.proposed a certificateless signcryption without bilinear pairings.However， their scheme was completely insecure against with two concrete attacks. A strongly secure certificateless signcryption without bilinear pairings was also proposed, which was provably secure in the random oracle model under the assumption that the discrete logarithm problem and the computational Diffie-Hellman problems were intractable. Furthermore, the efficiency of the proposed scheme is very high since only four modular exponentiations and five modular exponentiations are needed in the signcryption algoriahm and unsigncryption algorithm separately.

Published

2015

44. Certificateless

Author

Ziba Eslami and Nasrollah Pakniat

Subjects

Certificateless cryptography, Aggregate signcryption, Random oracle model, Bilinear pairing, Electronic computers. Computer science, QA75.5-76.95

Abstract

The concept of aggregate signcryption was first introduced in 2009 by Selvi et al. [Identity based aggregate signcryption schemes, Lecture Notes in Computer Science 5922 LNCS, 2009, pp. 378–397]. The aggregation process of these schemes reduces the amount of exchanged information and is particularly useful in low-bandwidth communication networks and computationally-restricted environments such as wireless sensor networks. Selvi et al.’s scheme is in the identity-based setting and suffers from the key escrow problem. The goal of this paper is to overcome this problem and propose a suitable security model for aggregate signcryption in the certificateless setting. We further propose a concrete certificateless aggregate signcryption scheme which is based on Barbosa and Farshim’s certificateless signcryption scheme [Certificateless signcryption. In: M. Abe, V. Gligor (Eds.), Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security (ASIACCS-08), ACM, New York. pp. 369–372]. We then prove the security of the proposed scheme in the random oracle model under the gap Bilinear Diffie–Hellman and computational Diffie–Hellman intractability assumptions.

Published

2014

45. Fair multi-party concurrent signature scheme

Author

Qing YE, Yun YANG, Shi-hui ZHENG, Li-wei CHANG, Da XIAO, and Yi-xian YANG

Subjects

multi-party concurrent signature, fairness, bilinear pairing, random oracle model, Telecommunication, TK5101-6720

Abstract

Multi-party concurrent signatures were first proposed by Tonien et al at ISC2006,but Xie and Tan pointed Tonien et al's scheme doesn't satisfy fairness and they reconstructed multi-party concurrent signature schemes respectively.Through analysis,the multi-party concurrent signature schemes proposed by Xie and Tan don't satisfy fairness either,so a formal security model of fair multi-party concurrent signatures was proposed and a multi-party concurrent signature scheme based on bilinear pairing and multi-party key agreement was also reconstructed.Analysis shows that the new scheme satisfies correctness,unforgeability,ambiguity,concurrency and fairness in the random oracle model assuming the CDH problem is intractable and highly efficient in signature size,computation cost and communication cost compared with other schemes of its kind.

Published

2014

46. Identity-based fully homomorphic encryption from learning with error problem

Author

Yan GUANG, Yue-fei ZHU, Jin-long FEI, Chun-xiang GU, and Yong-hui ZHENG

Subjects

learning with error problem, fully homomorphic encryption, identity-based encryption, random oracle model, Telecommunication, TK5101-6720

Abstract

The fully homomorphic encryption schemes based on learning with errors problem own a great potential value in the cloud computing security. However, the existing schemes share a common flaw of large sized public keys, which may cause inefficiency of such schemes in the key and identity management. An identity-based fully homomorphic en-cryption scheme was presented. The scheme compromises the merits of both identity-based and fully homomorphic en-cryption schemes, and it overcomes the above mentioned flaw. The security of the proposed scheme reduces to the hard-ness of learning with errors problem and the one-wayness of trapdoor function in the random oracle model.

Published

2014

47. An Aggregate Signature Scheme Based on a Trapdoor Hash Function for the Internet of Things

Author

Hong Shu, Fulong Chen, Dong Xie, Liping Sun, Ping Qi, and Yongqing Huang

Subjects

internet of things (iot), aggregate signature, trapdoor hash function, elliptic curve discrete logarithm, random oracle model, Chemical technology, TP1-1185

Abstract

With the rapid development of the Internet of Things (IoT), it becomes challenging to ensure its security. Identity authentication and integrity verification can be achieved by secure hash functions and digital signature algorithms for IoT applications. In order to solve the issues of bandwidth limitation and computational efficiency of secure communication in IoT applications, an aggregate signature scheme based on multi- trapdoor hash function is proposed in this paper. Firstly, to prevent key exposition, based on the elliptic curve discrete logarithm problem (ECDLP), we constructed a double trapdoor hash function (DTH) and proved its reliability. Secondly, the multi-trapdoor hash function (MTH) based on DTH is presented. Finally, an MTH-based aggregate signature scheme (MTH-AS) with constant signature length is proposed. Based on the assumption of ECDLP, the proposed scheme is proven unforgeable against adaptive chosen message attacks with the Forking Lemma. Different from the most signature schemes with bilinear mapping, the proposed scheme has higher computational efficiency and shorter aggregate signature length. Moreover, it is independent of the number of signers. Security analysis and performance evaluation has revealed that the proposed scheme is an ideal solution for secure IoT applications with limited computing power, storage capacity, or limited bandwidth, such as wireless sensor networks, vehicular ad hoc networks, or healthcare sensor networks.

Published

2019

48. Identity-Based Encryption with Filtered Equality Test for Smart City Applications

Author

Yang Ming and Erxiu Wang

Subjects

smart healthcare, identity-based encryption, filtered equality test, random oracle model, Chemical technology, TP1-1185

Abstract

With the growth of the urban population, the rapid development of smart cities has become the focus of urban regional development. Smart medical care is an indispensable part of smart city construction, which promotes the development of the medical industry. However, the security of data and timely service are the current problems faced by intelligent medical systems. Based on the public key encryption with filtered equality test and identity-based cryptography, an identity-based encryption with the filtered equality test (IBE-FET) is proposed for smart healthcare, in which a data receiver can use the private key and the message set to generate a warrant and send it to the cloud server. A cloud server can verify the equality between ciphertexts without decryption and check whether the encrypted message belongs to the same message set. Furthermore, the security analysis shows that the proposed scheme satisfies one-way security against the chosen identity and ciphertext attack in the random oracle model under the computational bilinear Diffie-Hellman assumption. The performance comparison shows that the scheme is feasible and practical in real life.

Published

2019

49. Provably secure private key protection scheme for smart mobile terminal

Author

Jun MA, Jian-feng MA, and Yuan-bo GUO

Subjects

private key protection, provable security, random oracle model, Telecommunication, TK5101-6720

Abstract

A provable security scheme for private key protection of smart mobile terminal (SMT) was presented.In the scheme a improved security mechanism is incorporated,which includes password protection,key division and partial key retrieval from server of strong computing capability in order to protect private key security.Compared with previous proposals,the scheme has the following advantages.It reduces computation amount and storage of SMT,and simplifies parameter setting for interaction processes.It takes time synchronization between SMT and server into account.The latter characteristic not only provides better protection of scheme from replay attacks,but also offers a highly efficient mechanism of user private key disabling,and avoiding complex operation of user and extra storage of other device.The investigation has indicated that improved private key protection to SMT can be well achieved with this scheme.The scheme has also been proved to provide satisfactory security in the random oracle model.

Published

2012

50. Provably Secure Covert Communication on Blockchain

Author

Juha Partala

Subjects

cryptography, steganography, privacy, random oracle model, Technology

Abstract

Blockchain is a public open ledger that provides data integrity in a distributed manner. It is the underlying technology of cryptocurrencies and an increasing number of related applications, such as smart contracts. The open nature of blockchain together with strong integrity guarantees on the stored data makes it a compelling platform for covert communication. In this paper, we suggest a method of securely embedding covert messages into a blockchain. We formulate a simplified ideal blockchain model based on existing implementations and devise a protocol that enables two parties to covertly communicate through the blockchain following that model. We also formulate a rigorous definition for the security and covertness of such a protocol based on computational indistinguishability. Finally, we show that our method satisfies this definition in the random oracle model for the underlying cryptographic hash function.

Published

2018