Your search keyword '"forward security"' showing total 235 results

201. Set signatures and their applications.

Author

Wu, ChuanKun

Abstract

There are many constraints in the use of digital signatures. This paper proposes a new way of using digital signatures with some restrictions, i.e. set signatures. It works in such a way that when the signing algorithm is given, one can use it to create a valid signature on a message if and only if the message belongs to a pre-defined set, and given the information about the signing algorithm, it is computationally infeasible to create valid signatures on any other arbitrary messages outside of the set. This special property enables the signing algorithm to be made public, which seems to contradict with the traditional signature where a private key is needed, which must be kept secret. What makes the problem challenging is that the signing algorithm does not reveal the secret signing key, and hence forging normal signatures for arbitrary messages is computationally infeasible. In many cases, the signing algorithm does not reveal the elements in the authorized set. As an application of the new concept, set signatures for intelligent mobile agents committing “smaller than” condition is studied, which shows the applicability of set signatures on small sets. [ABSTRACT FROM AUTHOR]

Published

2009

202. A Generic Construction for Intrusion-Resilient Signatures from Linear Feedback Shift Register.

Author

ZHENG GONG, XIANGXUE LI, DONG ZHENG, and KEFEI CHEN

Subjects

DIGITAL signatures, SHIFT registers, DATA encryption, COMPUTER network security, REGISTERS (Computers)

Abstract

With the development of various cryptographic primitives deployed on insecure devices, key exposure seems inevitable. Generalized from forward-secure signatures and key-insulated signatures, intrusion-resilient signatures (IRSs) was first introduced by Itkis and Reyzin, which help us to minimize the damage of key exposure. IRSs provide the unforgeability for the past and future time periods unless both the signer and the home base modules were compromised simultaneously (even in this worst case, IRSs preserve the unforgeability for the past periods). In this paper, we propose a practical generic construction for IRSs. By applying our proposal, one can simply transform any signature scheme to a practical intrusion-resilient signature scheme. In particular, we present a concrete paradigm from linear feedback shift register (LFSR). Our LFSR-based paradigm's base and signer secret keys can be reduced to just a half length of the regular ones, which is useful to save the communication and storage costs. Moreover, if the underlying signature is unforgeable in the standard model, then our construction is also intrusion-resilient in the standard model without any extra assumptions. [ABSTRACT FROM AUTHOR]

Published

2008

203. From Identification to Signatures Via the Fiat-Shamir Transform: Necessary and Sufficient Conditions for Security and Forward-Security.

Author

Abdalla, Michel, An, Jee Hea, Bellare, Mihir, and Namprempre, Chanathip

Subjects

*COMPUTATIONAL mathematics, *COMPUTER security, *ACCESS control, *COMPUTER network security, *COMPUTER access control, *DATA encryption

Abstract

The Fiat-Shamir paradigm for transforming identification schemes into signature schemes has been popular since its introduction because it yields efficient signature schemes, and has been receiving renewed interest of late as the main tool in deriving forward-secure signature schemes. In this paper, minimal (meaning necessary and sufficient) conditions on the identification scheme to ensure security of the signature scheme in the random oracle model are determined, both in the usual and in the forward-secure cases. Specifically, it is shown that the signature scheme is secure (respectively, forward-secure) against chosen-message attacks in the random oracle model if and only if the underlying identification scheme is secure (respectively, forward-secure) against impersonation under passive (i.e., eaves-dropping only) attacks, and has its commitments drawn at random from a large space. An extension is proven incorporating a random seed into the Fiat-Shamir transform so that the commitment space assumption may be removed. [ABSTRACT FROM AUTHOR]

Published

2008

204. Server-assisted forward-secure threshold signature.

Author

Yu, Jia, Kong, Fanyu, Hao, Rong, and Li, Xuliang

Abstract

Forward secure signature can protect the security of signatures previous to the key exposure. Server-assisted signature is a special digital signature in which the signer allies one server to produce the signatures. In this paper, server-assisted forward-secure threshold signature is proposed. The system is composed of n 1 servers and n 2 users. Each user and each server holds a partial secret, respectively. To produce a valid signature, users and servers need to cooperate to complete the work. The partial secrets of the users and servers are updated by a one-way function at regular intervals, while the public key is always fixed. Even if all the current partial secrets are exposed, the signatures pertaining to previous periods are still valid. [ABSTRACT FROM AUTHOR]

Published

2008

205. A new forward-secure authenticated encryption scheme with message linkages.

Author

Yanping, Li, Guangdong, Si, and Yumin, Wang

Abstract

Yoon and Yoo recently proposed a robust authenticated encryption scheme and claimed their scheme has the properties of forward secrecy and confidentiality. The current paper, however, points out that Yoon-Yoo's scheme also can not provide forward secrecy and confidentiality such that any adversary can easily recover the transferred message. Based on intractability of reversing the one-way hash function and discrete logarithm problem, an improved authenticated encryption scheme with messages linkage is proposed. The above security faults get solved perfectly. The new scheme is proven to satisfy all the basic security requirements of the authenticated encryption scheme. And by the concrete comparison, it has the similar efficiency of the original scheme. [ABSTRACT FROM AUTHOR]

Published

2006

206. Hierarchical time-based information release.

Author

Nali, Deholo, Adams, Carlisle, and Miri, Ali

Subjects

*KEYSTROKE timing authentication, *COMPUTER software development, *DATA encryption, *COMPUTER security, *DATA protection, *SECURITY systems

Abstract

Rapid distribution of newly released confidential information is often impeded by network traffic jams, especially when the confidential information is either crucial or highly prized. This is the case for stock market values, blind auction bidding amounts, many large corporations'strategic business plans, certain news agencies'timed publications, and some licensed software updates. Hierarchical time-based information release (HTIR) schemes enable the gradual distribution of encrypted confidential information to large, distributed, (potentially) hierarchically structured user communities, and the subsequent publication of corresponding short decryption keys, at a predetermined time, so that users can rapidly access the confidential information. This paper presents and analyzes the efficiency of a novel HTIR scheme. [ABSTRACT FROM AUTHOR]

Published

2006

207. Fine-grained forward-secure signature schemes without random oracles

Author

Camenisch, Jan and Koprowski, Maciej

Subjects

*DIGITAL signatures, *DATA encryption, *DATA protection, *CRYPTOGRAPHY

Abstract

Abstract: We propose the concept of fine-grained forward-secure signature schemes. Such signature schemes not only provide non-repudiation w.r.t. past time periods the way ordinary forward-secure signature schemes do but, in addition, allow the signer to specify which signatures of the current time period remain valid when revoking the public key. This is an important advantage if the signer produces many signatures per time period as otherwise the signer would have to re-issue those signatures (and possibly re-negotiate the respective messages) with a new key. Apart from a formal model for fine-grained forward-secure signature schemes, we present practical schemes and prove them secure under the strong RSA assumption only, i.e., we do not resort to the random oracle model to prove security. As a side-result, we provide an ordinary forward-secure scheme whose key-update time is significantly smaller than that of known schemes which are secure without assuming random oracles. [Copyright &y& Elsevier]

Published

2006

208. A New Efficient Group Signature With Forward Security.

Author

Jianhong Zhang, Qianhong Wu, and Yumin Wang

Subjects

SIGNATURES (Writing), COMPUTER security, SECURITY systems, ACCESS control, COMPUTER systems

Abstract

A group signature scheme allows a group member to sign a message anonymously on behalf of the group. In case of a dispute, the group manager can reveal the actual identity of signer. In this paper, we propose a novel group signature satisfying the regular requirements. Furthermore, it also achieves the following advantages: (1) the size of signature is independent of the number of group members; (2) the group public key is constant; (3) Addition and Revocation of group members are convenient; (4) it enjoys forward security; (5) The total computation cost of signature and verification requires only 8 modular exponentiations. Hence, our scheme is very practical in many applications, especially for the dynamic large group applications. [ABSTRACT FROM AUTHOR]

Published

2005

209. Forward-secure multisignature and blind signature schemes

Author

Chow, Sherman S.M., Hui, Lucas C.K., Yiu, S.M., and Chow, K.P.

Subjects

*DATA encryption, *ELECTRONIC commerce, *INTERNET industry, *COMPUTER security

Abstract

Abstract: Forward-secure signature schemes address the key exposure problem, in which all previously generated signatures are still considered to be valid even after the secret key is compromised. Multisignature scheme allow any subgroup of a group of users to jointly sign a document such that a verifier is convinced that each member of the subgroup participated in signing. Such schemes are very important technologies in this highly group-oriented society. Blind signature scheme are protocols for obtaining a signature from a signer, but the signer can neither learn the messages he/she sign nor the signatures the recipients obtain afterward. Such schemes are very important technologies in privacy oriented e-commerce applications. In this paper, we propose a forward-secure multisignature scheme and a forward-secure blind signature scheme. Our constructions are based on the recently proposed forward-secure signature scheme by bilinear pairings. [Copyright &y& Elsevier]

Published

2005

210. Improvement of digital signature with message recovery using self-certified public keys and its variants

Author

Shao, Zuhua

Subjects

*DIGITAL signatures, *DATA encryption, *DATA protection, *COMPUTER network security

Abstract

By combining the concepts of self-certified public key and signature with message recovery, Tseng et al. proposed a self-certified public key signature scheme with message recovery. The proposed scheme has two properties that the signer''s public key can simultaneously be authenticated in verifying the signature and the receiver also obtains the message. Based on the proposed scheme, they further presented two variants: one is an authenticated encryption scheme that only allows a specified receiver to verify and recover the message. The other scheme is the authenticated encryption scheme with message linkages, which is used to transmit large message. In this paper, we first propose an insider forgery attack, which means that the security of the authenticated encryption scheme is not as good as the Girault schemes. Then we point out that these schemes do not have nonrepudiation. In a case of dispute, neither the sender nor the receiver can convince arbiters if the signature is valid, unless they reveal their Diffie–Hellman key, which would destroy forward security. Finally we propose an improvement to these schemes to overcome the weakness. [Copyright &y& Elsevier]

Published

2004

211. Improvement of digital signature with message recovery and its variants based on elliptic curve discrete logarithm problem

Author

Shao, Zuhua

Subjects

*DIGITAL signatures, *DATA encryption, *PUBLIC key cryptography, *COMPUTER security

Abstract

Based on the concepts of elliptic curve cryptosystem and self-certified public key, Tzeng and Hwang recently published a digital signature scheme with message recovery and its variants based on elliptic curve discrete logarithm problems (ECDLP). The public key and the identity of users can be authenticated simultaneously in recovering messages. In this paper, we first show that the proposed schemes are only applicable for messages with enough redundancy. We also propose an insider forgery attack, which means that the security of the proposed authenticated encryption scheme is not as good as the Girault''s self-certified public key scheme. Second, we show that the proposed schemes do not satisfy forward security. Then we point out that these schemes do not have nonrepudiation. In a case of dispute, neither the sender nor the receiver can convince arbiters if the signature is valid, unless they reveal their Diffie–Hellman key, which would also destroy the forward security. Finally, we propose an improvement to these schemes to overcome these weaknesses and analyse the security of the improvement. [Copyright &y& Elsevier]

Published

2004

212. A Data Sharing Protocol to Minimize Security and Privacy Risks in Cloud Storage

Author

S. Nandhini Devi and Mr. S. Rajarajan

Subjects

secure data sharing, conveniently access data, Computer Security, forward security

Abstract

Data contribution in the cloud is a procedure so as to allow users to expediently right of entry information in excess of the cloud. The information holder outsources their data in the cloud due to cost lessening and the huge amenities provided by cloud services. Information holder is not able to manage over their information, since cloud examination contributor is a third party contributor. The main disaster with data partaking in the cloud is the seclusion and safety measures issues. Different techniques are obtainable to sustain user seclusion and protected data sharing. This paper focal point on different schemes to contract by means of protected data partaking such as information contribution with forward security, protected information partaking for energetic groups, quality based information partaking, encrypted data sharing and mutual influence Based Privacy Preserving verification set of rules for right to use manage of outsourced information. S. Nandhini Devi | Mr. S. Rajarajan "A Data Sharing Protocol to Minimize Security and Privacy Risks in Cloud Storage" Published in International Journal of Trend in Scientific Research and Development (ijtsrd), ISSN: 2456-6470, Volume-3 | Issue-6 , October 2019, URL: https://www.ijtsrd.com/papers/ijtsrd29345.pdf

Published

2019

213. On the Tightness of Forward-Secure Signature Reductions

Author

Michel Abdalla, Fabrice Benhamouda, David Pointcheval, Laboratoire d'informatique de l'école normale supérieure (LIENS), Département d'informatique - ENS Paris (DI-ENS), Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL), Université Paris sciences et lettres (PSL), École normale supérieure - Paris (ENS Paris), Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities (CASCADE), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS)-Inria de Paris, Institut National de Recherche en Informatique et en Automatique (Inria), IBM Thomas J. Watson Research Center, IBM, ANR-10-SEGI-0015,PRINCE(2010), European Project: 288349,EC:FP7:ICT,FP7-ICT-2011-EU-Brazil,SECFUNET(2011), European Project: 216676,EC:FP7:ICT,FP7-ICT-2007-1,ECRYPT II(2008), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS), Inria de Paris, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Département d'informatique de l'École normale supérieure (DI-ENS), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS Paris), École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), and Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Centre National de la Recherche Scientifique (CNRS)-Inria de Paris

Subjects

Scheme (programming language), Theoretical computer science, Computer science, 0102 computer and information sciences, Lossy compression, 01 natural sciences, Reduction (complexity), 03 medical and health sciences, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], 0302 clinical medicine, Digital signature, Forward secrecy, Digital signatures, Reduction tightness, Forward security, computer.programming_language, Applied Mathematics, Signature (logic), Computer Science Applications, Identification (information), Factoring, 010201 computation theory & mathematics, 030220 oncology & carcinogenesis, Lossy identification, computer, Software

Abstract

In this paper, we revisit the security of factoring-based signature schemes built via the Fiat–Shamir transform and show that they can admit tighter reductions to certain decisional complexity assumptions such as the quadratic-residuosity, the high-residuosity, and the $$\phi $$ -hiding assumptions. We do so by proving that the underlying identification schemes used in these schemes are a particular case of the lossy identification notion introduced by Abdalla et al. at Eurocrypt 2012. Next, we show how to extend these results to the forward-security setting based on ideas from the Itkis–Reyzin forward-secure signature scheme. Unlike the original Itkis–Reyzin scheme, our construction can be instantiated under different decisional complexity assumptions and has a much tighter security reduction. Moreover, we also show that the tighter security reductions provided by our proof methodology can result in concrete efficiency gains in practice, both in the standard and forward-security setting, as long as the use of stronger security assumptions is deemed acceptable. Finally, we investigate the design of forward-secure signature schemes whose security reductions are fully tight.

Published

2019

214. One forward-secure signature scheme using bilinear maps and its applications.

Author

Yu, Jia, Kong, Fanyu, Cheng, Xiangguo, Hao, Rong, and Li, Guowen

Subjects

*MATHEMATICAL mappings, *DIGITAL signatures, *INFORMATION technology security, *ALGORITHMS, *INTRUSION detection systems (Computer security), *INFORMATION science

Abstract

Abstract: Forward-secure signatures are proposed to deal with the key exposure problem. Compared to regular signatures, forward-secure signatures have a special update algorithm that can evolve the new private key in each time period. Therefore, it can protect the security of signatures previous to the time period of key exposure. The efficiency is an important issue of forward-secure signatures. In this paper, we construct a new forward-secure signature scheme using bilinear maps. In this scheme, all performance parameters have complexities of log magnitude in terms of the total time periods. In addition, our scheme needs very few (only triple) pairing operations in the verifying algorithm, which is very important because the pairing operation is very time-consuming. This scheme is proved to be forward secure in the random oracle model assuming the CDH problem is hard. Finally, we give some applications of this scheme including constructing an intrusion-resilient signature scheme and constructing a forward-secure threshold signature scheme. [Copyright &y& Elsevier]

Published

2014

215. Forward-secure linkable ring signatures from bilinear maps

Author

Boyen, Xavier, Haines, Thomas, Boyen, Xavier, and Haines, Thomas

Abstract

We present the first linkable ring signature scheme with both unconditional anonymity and forward-secure key update: a powerful tool which has direct applications in elegantly addressing a number of simultaneous constraints in remote electronic voting. We propose a comprehensive security model, and construct a scheme based on the hardness of finding discrete logarithms, and (for forward security) inverting bilinear or multilinear maps of moderate degree to match the time granularity of forward security. We prove efficient security reductions—which, of independent interest, apply to, and are much tighter than, linkable ring signatures without forward security, thereby vastly improving the provable security of these legacy schemes. If efficient multilinear maps should ever admit a secure realisation, our contribution would elegantly address a number of problems heretofore unsolved in the important application of (multi-election) practical Internet voting. Even if multilinear maps are never obtained, our minimal two-epoch construction instantiated from bilinear maps can be combinatorially boosted to synthesise a polynomial time granularity, which would be sufficient for Internet voting and more.

Published

2018

216. Forward-secure identity-based signature: Security notions and construction

Author

Yu, Jia, Hao, Rong, Kong, Fanyu, Cheng, Xiangguo, Fan, Jianxi, and Chen, Yangkui

Subjects

*DIGITAL signatures, *DATA security, *BILINEAR transformation method, *IDENTIFICATION, *SCHEME programming language, *COMPUTATIONAL complexity, *ORACLE software

Abstract

Abstract: The security of traditional identity-based signatures wholly depends on the security of secret keys. Exposure of secret keys requires reissuing all previously assigned signatures. This limitation becomes more obvious today as key exposure is more common with increasing use of mobile and unprotected devices. Under this background, mitigating the damage of key exposure in identity-based signatures is an important problem. To deal with this problem, we propose to integrate forward security into identity-based signatures. In this paper, we firstly formalize the definition and security notions for forward-secure identity-based signature scheme, and then construct an efficient scheme. All parameters in our scheme have, at most, log-squared complexity in terms of the total number of time periods. The scheme is provably secure without random oracles. [ABSTRACT FROM AUTHOR]

Published

2011

217. Authenticated Group Key Agreement Protocol without Pairing

Author

Sharma, Gaurav, Sahu, Rajeev Anand, Kuchta, Veronika, Markowitch, Olivier, Bala, Suman, Sharma, Gaurav, Sahu, Rajeev Anand, Kuchta, Veronika, Markowitch, Olivier, and Bala, Suman

Abstract

Since the inception of pairing-based constructions in cryptography, the authentication in group key agreement (GKA) protocol has been usually achieved by pairings. But due to high computation cost of pairing such constructions are inefficient for practical implementation, specially for low power devices. Also, in almost all such constructions leakage of both the keys- the long-term secret key and the ephemeral key has not been considered for security guarantee. In this view, construction of an efficient and secure GKA protocol is desired. In this paper, we propose an authenticated GKA protocol without pairing. We have achieved security of the proposed scheme following the most standard and recent security notion namely the EGBG model. In particular, we have proved the authenticated key exchange (AKE) security and the mutual authentication (MA) security with full forward secrecy, considering leakage of both the keys long-term and ephemeral, adopting a comparatively efficient technique, the game hopping technique. Our proposed scheme is more efficient in the view of computation and operation time with compare to the existing similar schemes, hence it is more acceptable for the tiny processors. To the best of our knowledge ours is the first pairing free balanced AGKA protocol secure in the EGBG model., SCOPUS: cp.k, info:eu-repo/semantics/published

Published

2017

218. A Novel and Efficient Unlinkable Secret Handshakes Scheme.

Author

Hai Huang and Zhenfu Cao

Published

2009

219. Efficient identity based signcryption scheme with public verifiability and forward security.

Author

Fei-yu, Lei, Wen, Chen, Ke-fei, Chen, and Chang-she, Ma

Abstract

In this paper, we point out that Libert and Quisquater's signcryption scheme cannot provide public verifiability. Then we present a new identity based signcryption scheme using quadratic residue and pairings over elliptic curves. It combines the functionalities of both public verifiability and forward security at the same time. Under the Bilinear Diffie-Hellman and quadratic residue assumption, we describe the new scheme that is more secure and can be some-what more efficient than Libert and Quisquater's one. [ABSTRACT FROM AUTHOR]

Published

2005

220. Identity‐and‐data privacy forward security public auditing protocol in the standard model.

Author

Zhang, Jianhong and Jiang, Zhengtao

Subjects

*AUDITING standards, *DATA privacy, *PRIVACY, *DATA security, *STATISTICAL decision making, *FOREST landowners

Abstract

Summary: To ensure the intactness of the stored data in cloud, numerous data public auditing mechanisms have been presented. However, most of these existing solutions suffer from several flaws: (a) identity privacy and data privacy of data owner are inevitably revealed to the auditor in the auditing process; (b) the existing public auditing mechanisms with resisting key exposure are only proved in the random oracle model. To address the problems above, in this paper, we propose an achieving identity‐and‐data privacy public auditing protocol with forward security in the standard model by incorporating knowledge proof signature, ring signature, and forward security technique. And then, we formalize the security model of forward security and anonymity of identity, in which the adversary is allowed to query private keys of some ring members. It can provide stronger security. Thus, our proposed scheme can not only achieve data owner's identity privacy and data privacy but also provide forward security for data owner's secret key. To the best of our knowledge, it is the first preserving privacy of identity‐and‐data public auditing scheme with forward security that is provably secure in the standard model. The security of the scheme is related to the computational Diffie–Hellman (CDH) problem and the subgroup decision problem. Finally, our scheme is simulatively tested; experimental results demonstrate that our mechanism is very efficient in terms of overall performance. [ABSTRACT FROM AUTHOR]

Published

2019

221. 擬似乱数の安全性に関する研究

Subjects

Pseudo-Random Number, ComputingMilieux_THECOMPUTINGPROFESSION, J3Gen, ComputerApplications_COMPUTERSINOTHERSYSTEMS, PRNG (Pseudo-Random Number Generator), 擬似乱数生成器, 擬似乱数, Forward Security, Whirlwind

Abstract

Supervisor: 宮地充子, 情報科学研究科, 修士

Published

2015

222. Fine-grained forward-secure signature schemes without random oracles

Author

Jan Camenisch and Maciej Koprowski

Subjects

business.industry, Applied Mathematics, Random oracle, Public-key cryptography, Ring signature, Digital signature, Digital signatures, Key (cryptography), Blind signature, Discrete Mathematics and Combinatorics, Strong RSA assumption, Forward security, business, Algorithm, Schnorr signature, Non-repudiation, Computer Science::Cryptography and Security, Mathematics

Abstract

We propose the concept of fine-grained forward-secure signature schemes. Such signature schemes not only provide non-repudiation w.r.t. past time periods the way ordinary forward-secure signature schemes do but, in addition, allow the signer to specify which signatures of the current time period remain valid when revoking the public key. This is an important advantage if the signer produces many signatures per time period as otherwise the signer would have to re-issue those signatures (and possibly re-negotiate the respective messages) with a new key.Apart from a formal model for fine-grained forward-secure signature schemes, we present practical schemes and prove them secure under the strong RSA assumption only, i.e., we do not resort to the random oracle model to prove security. As a side-result, we provide an ordinary forward-secure scheme whose key-update time is significantly smaller than that of known schemes which are secure without assuming random oracles.

Published

2006

223. A Secure Elliptic Curve-Based RFID Protocol

Author

Martínez, Santi, Valls, Magda, Roig, Concepció, Miret, Josep M., and Giné, Francesc

Published

2009

224. Förbättring av integritetsförsäkring av loggar sett från tillfälligt bortkopplade enheter

Author

Andersson, Marcus and Nilsson, Alexander

Subjects

Datavetenskap (datalogi), Programvaruteknik, digital signature, Computer Sciences, Software Engineering, Secure logging, TPM, forward security

Abstract

It is common today in large corporate environments for system administrators to employ centralized systems for log collection and analysis. The log data can come from any device between smart-phones and large scale server clusters. During an investigation of a system failure or suspected intrusion these logs may contain vital information. However, the trustworthiness of this log data must be confirmed. The objective of this thesis is to evaluate the state of the art and provide practical solutions and suggestions in the field of secure logging. In this thesis we focus on solutions that do not require a persistent connection to a central log management system. To this end a prototype logging framework was developed including client, server and verification applications. The client employs different techniques of signing log entries. The focus of this thesis is to evaluate each signing technique from both a security and performance perspective. This thesis evaluates "Traditional RSA-signing", "Traditional Hash-chains"', "Itkis-Reyzin's asymmetric FSS scheme" and "RSA signing and tick-stamping with TPM", the latter being a novel technique developed by us. In our evaluations we recognized the inability of the evaluated techniques to detect so called `truncation-attacks', therefore a truncation detection module was also developed which can be used independent of and side-by-side with any signing technique. In this thesis we conclude that our novel Trusted Platform Module technique has the most to offer in terms of log security, however it does introduce a hardware dependency on the TPM. We have also shown that the truncation detection technique can be used to assure an external verifier of the number of log entries that has at least passed through the log client software.

Published

2014

225. Forward Secure Non-Interactive Key Exchange

Author

Olivier Sanders, David Pointcheval, École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL), Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities (CASCADE), Département d'informatique - ENS Paris (DI-ENS), Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Inria Paris-Rocquencourt, Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), Laboratoire d'informatique de l'école normale supérieure (LIENS), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL), Orange Labs [Caen], Orange Labs, Michel Abdalla, Roberto De Prisco, ANR-12-INSE-0014,SIMPATIC,SIM et théorie des couplages pour la sécurité de l'information et des communications(2012), European Project: 339563,EC:FP7:ERC,ERC-2013-ADG,CRYPTOCLOUD(2014), École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Inria Paris-Rocquencourt, Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), Département d'informatique de l'École normale supérieure (DI-ENS), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS Paris), and Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS)

Subjects

business.industry, Computer science, Key distribution, 020206 networking & telecommunications, 0102 computer and information sciences, 02 engineering and technology, Cryptographic protocol, Encryption, Computer security, computer.software_genre, 01 natural sciences, Public-key cryptography, Diffie–Hellman key exchange, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Security association, 010201 computation theory & mathematics, Forward secrecy, non-interactive key exchange, 0202 electrical engineering, electronic engineering, information engineering, multilinear map, business, computer, Key exchange, forward security

Abstract

International audience; Exposure of secret keys is a major concern when cryptographic protocols are implemented on weakly secure devices. Forward security is thus a way to mitigate damages when such an event occurs. In a forward-secure scheme, the public key is indeed fixed while the secret key is updated with a one-way process at regular time periods so that security of the scheme is ensured for any period prior to the exposure, since previous secret keys cannot be recovered from the corrupted one. Efficient constructions have been proposed for digital signatures or public-key encryption schemes, but none for non-interactive key exchange protocols, while the non-interactivity makes them quite vulnerable since the public information cannot evolve from an execution to another one.In this paper we present a forward-secure non-interactive key exchange scheme with sub-linear complexity in the number of time periods. Our protocol is described using generic leveled multilinear maps, but we show that it is compatible with the recently introduced candidates for such maps. We also discuss various security models for this primitive and prove that our scheme fulfills them, under standard assumptions.

Published

2014

226. Improving Integrity Assurances of Log Entries From the Perspective of Intermittently Disconnected Devices

Author

Andersson, Marcus, Nilsson, Alexander, Andersson, Marcus, and Nilsson, Alexander

Abstract

It is common today in large corporate environments for system administrators to employ centralized systems for log collection and analysis. The log data can come from any device between smart-phones and large scale server clusters. During an investigation of a system failure or suspected intrusion these logs may contain vital information. However, the trustworthiness of this log data must be confirmed. The objective of this thesis is to evaluate the state of the art and provide practical solutions and suggestions in the field of secure logging. In this thesis we focus on solutions that do not require a persistent connection to a central log management system. To this end a prototype logging framework was developed including client, server and verification applications. The client employs different techniques of signing log entries. The focus of this thesis is to evaluate each signing technique from both a security and performance perspective. This thesis evaluates "Traditional RSA-signing", "Traditional Hash-chains"', "Itkis-Reyzin's asymmetric FSS scheme" and "RSA signing and tick-stamping with TPM", the latter being a novel technique developed by us. In our evaluations we recognized the inability of the evaluated techniques to detect so called `truncation-attacks', therefore a truncation detection module was also developed which can be used independent of and side-by-side with any signing technique. In this thesis we conclude that our novel Trusted Platform Module technique has the most to offer in terms of log security, however it does introduce a hardware dependency on the TPM. We have also shown that the truncation detection technique can be used to assure an external verifier of the number of log entries that has at least passed through the log client software.

Published

2014

227. An improved proxy blind signature scheme based on ECDLP

Author

Manoj Kumar Chande and Manoj Kumar Chande

Abstract

In a proxy blind signature scheme, there is an integration of the properties as well as advantages of both signature schemes namely proxy signature and blind signature. The concept of this signature scheme with a salient feature that, it allows a designated person say proxy signer to sign on behalf of original signer, in such a way that he/she neither has any idea about the content of the message, nor he/she can make a linkage between the signature and the identity of the requester. Therefore, it is very suitable and easily adoptable for electronic commerce, e-cash applications. Recently, Pradhan and Mohapatra et al.’s claims that their proposed signature scheme satisfies all the properties mandatory for a proxy blind signature scheme. Unfortunately, their scheme fails to fulfil the unlinkability property. To overcome with this weakness, an improved proxy blind signature scheme is presented with the same intractable problem ECDLP. The analysis shows that the new scheme resolves the problem in the former scheme and meets all the aspects of security features needed by proxy blind signature scheme. The analytic results prove that the new scheme is more secure and practicable.

Published

2014

228. APRAP: Another privacy preserving RFID authentication protocol

Author

Mohammad Shahriar Rahman and Atsuko Miyaji

Subjects

FOS: Computer and information sciences, Authentication, Computer Science - Cryptography and Security, Computer science, business.industry, Generic Security Service Algorithm for Secret Key Transaction, Key distribution, Computer security model, Cryptographic protocol, Restricted Backward Security, Computer security, computer.software_genre, Public-key cryptography, Indistinguishability, Security association, Forward secrecy, RFID Mutual Authentication, business, Forward Security, Key-Insulation, Cryptography and Security (cs.CR), computer, Computer network

Abstract

Privacy preserving RFID (Radio Frequency Identification) authentication has been an active research area in recent years. Both forward security and backward security are required to maintain the privacy of a tag, i.e., exposure of a tag's secret key should not reveal the past or future secret keys of the tag. We envisage the need for a formal model for backward security for RFID protocol designs in shared key settings, since the RFID tags are too resource-constrained to support public key settings. However, there has not been much research on backward security for shared key environment since Serge Vaudenay in his Asiacrypt 2007 paper showed that perfect backward security is impossible to achieve without public key settings. We propose a Privacy Preserving RFID Authentication Protocol for shared key environment, APRAP, which minimizes the damage caused by secret key exposure using insulated keys. Even if a tag's secret key is exposed during an authentication session, forward security and 'restricted' backward security of the tag are preserved under our assumptions. The notion of 'restricted' backward security is that the adversary misses the protocol transcripts which are needed to update the compromised secret key. Although our definition does not capture perfect backward security, it is still suitable for effective implementation as the tags are highly mobile in practice. We also provide a formal security model of APRAP. Our scheme is more efficient than previous proposals from the viewpoint of computational requirements., Comment: 6 pages, 1 figure, The 6th workshop on Secure Network Protocols (NPSec 2010), IEEE

Published

2010

229. From Identification to Signatures Via the Fiat-Shamir Transform: Necessary and Sufficient Conditions for Security and Forward-Security

Author

Jee Hea An, Mihir Bellare, Chanathip Namprempre, Michel Abdalla, Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities (CASCADE), Département d'informatique - ENS Paris (DI-ENS), École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS-PSL), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Inria Paris-Rocquencourt, Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), Université Paris sciences et lettres (PSL), Laboratoire d'informatique de l'école normale supérieure (LIENS), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS), Department of Computer Science and Engineering [Univ California San Diego] (CSE - UC San Diego), University of California [San Diego] (UC San Diego), University of California (UC)-University of California (UC), Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS)-Institut National de Recherche en Informatique et en Automatique (Inria)-École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Inria Paris-Rocquencourt, École normale supérieure - Paris (ENS Paris), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL), Department of Computer Science and Engineering [San Diego] (CSE-UCSD), University of California-University of California, Département d'informatique de l'École normale supérieure (DI-ENS), Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-École normale supérieure - Paris (ENS Paris), and Université Paris sciences et lettres (PSL)-Université Paris sciences et lettres (PSL)-Centre National de la Recherche Scientifique (CNRS)

Subjects

Theoretical computer science, Identification scheme, security proofs, Random seed, Fiat-Shamir transform, identification schemes, Cryptography, 0102 computer and information sciences, 02 engineering and technology, Library and Information Sciences, 01 natural sciences, Oracle, Random oracle, Public-key cryptography, [INFO.INFO-CR]Computer Science [cs]/Cryptography and Security [cs.CR], Digital signature, 0202 electrical engineering, electronic engineering, information engineering, Mathematics, Computer Science::Cryptography and Security, business.industry, random oracle model, Computer Science Applications, signature schemes, 010201 computation theory & mathematics, 020201 artificial intelligence & image processing, business, Schnorr signature, Information Systems, forward security

Abstract

International audience; The Fiat-Shamir paradigm for transforming identification schemes into signature schemes has been popular since its introduction because it yields efficient signature schemes, and has been receiving renewed interest of late as the main tool in deriving forward-secure signature schemes. In this paper, minimal (meaning necessary and sufficient) conditions on the identification scheme to ensure security of the signature scheme in the random oracle model are determined, both in the usual and in the forward-secure cases. Specifically, it is shown that the signature scheme is secure (respectively, forward-secure) against chosen-message attacks in the random oracle model if and only if the underlying identification scheme is secure (respectively, forward-secure) against impersonation under passive (i.e., eavesdropping only) attacks, and has its commitments drawn at random from a large space. An extension is proven incorporating a random seed into the Fiat-Shamir transform so that the commitment space assumption may be removed.

Published

2008

230. APRAP: Another Privacy Preserving RFID Authentication Protocol

Author

Miyaji, Atsuko, Rahman, Mohammad Shahriar, Miyaji, Atsuko, and Rahman, Mohammad Shahriar

Abstract

Privacy preserving RFID (Radio Frequency Identification) authentication has been an active research area in recent years. Both forward security and backward security are required to maintain the privacy of a tag, i.e., exposure of a tag's secret key should not reveal the past or future secret keys of the tag. We envisage the need for a formal model for backward security for RFID protocol designs in shared key settings, since the RFID tags are too resource-constrained to support public key settings. However, there has not been much research on backward security for shared key environment since Serge Vaudenay in his Asiacrypt 2007 paper showed that perfect backward security is impossible to achieve without public key settings. We propose a Privacy Preserving RFID Authentication Protocol for shared key environment, APRAP, which minimizes the damage caused by secret key exposure using insulated keys. Even if a tag's secret key is exposed during an authentication session, forward security and 'restricted' backward security of the tag are preserved under our assumptions. The notion of 'restricted' backward security is that the adversary misses the protocol transcripts which are needed to update the compromised secret key. Although our definition does not capture perfect backward security, it is still suitable for effective implementation as the tags are highly mobile in practice. We also provide a formal security model of APRAP. Our scheme is more efficient than previous proposals from the viewpoint of computational requirements.

Published

2010

231. Signcryption scheme with public verifiability and forward security.

Author

QI Ming-ping, CHEN Jian-hua, and HE De-biao

Abstract

Most of existing schemes can't simultaneously provide with public verifiability and forward security. To solve this problem, based on the difficulties of discrete logarithm problem on the cyclic group Zp and the intractability of reversing a one-way hash function, this paper presented a public verifiable signcryption scheme with forward security. In this scheme, the verification process didn't need the sender' s private key, in the transmission, a parameter (r) was hided in the index of g, so attacked who obtained the sender's private key couldn't get any secret information between these participates before this communication. By these methods the scheme achieved public verifiability and forward security and made up the short coming of most existing schemes that can't simultaneously provide with public verifiability and forward security. And furthermore, authentication and message recovery was not separated, but in the process of public verify, the message confidentiality won't be damaged, this made the scheme have higher security and more widely applications. [ABSTRACT FROM AUTHOR]

Published

2014

232. Preface.

Author

Jianying Zhou and Lopez, Javier

Subjects

*CONFERENCES & conventions, *SECURITY systems, *COMPUTER security

Abstract

The article comments on the papers selected from the proceedings of the Eighth International Information Security Conference from September 20 to September 23,2005 in Singapore. The paper "Execution Transactions for Defending Against Software Failures” by Stelios Sidiroglou and Angelos Keromytis examines the problem of containing buffer overflow attacks in a safe and efficient manner.

Published

2006

233. A Note on an Improved Self-Healing Group Key Distribution Scheme.

Author

Guo H, Zheng Y, Wang B, and Li Z

Abstract

In 2014, Chen et al. proposed a one-way hash self-healing group key distribution scheme for resource-constrained wireless networks in the journal of Sensors (14(14):24358-24380, doi: 10.3390/ s141224358). They asserted that their Scheme 2 achieves mt-revocation capability, mt-wise forward secrecy, any-wise backward secrecy and has mt-wise collusion attack resistance capability. Unfortunately, this paper pointed out that their scheme does not satisfy the forward security, mt-revocation capability and mt-wise collusion attack resistance capability.

Published

2015

234. Cryptanalysis of an Efficient Threshold Self-Healing Key Distribution Scheme.

Author

Wang, Huaqun and Zhang, Yuqing

Abstract

In 2009, Han et al. proposed an efficient threshold self-healing key distribution scheme with sponsorization for infrastructureless wireless networks. They claimed that the key distribution scheme satisfies the forward security, i.e., any internal user who has been revoked can not generate a new session key. In this paper,an attack method against this key distribution scheme's forward security was presented. Furthermore, this attack method can also be applied to this scheme's backward security.Thus,the original threshold self-healing key distribution scheme is insecure. [ABSTRACT FROM PUBLISHER]

Published

2011

235. A Secure Elliptic Curve-Based RFID Protocol

Author

Martínez Rodríguez, Santi, Valls Marsal, Magda, Roig Mateu, Concepció, Miret, Josep M. (Josep Maria), and Giné, Francesc

Subjects

RFID, Elliptic curve cryptography, Forward security, Zero knowledge