Jiqiang Lv,Kui Ren,Xiaofeng Chen,Kwangjo Kim

2004-01-01

Abstract:By combining the two notations of ring signature and authenticated encryption to- gether, we introduce a new type of authenticated encryption signature, called ring authenticated encryp- tion, which has the following properties: signer-ambiguity, signer-verifiability, recipient-designation, semantic-security, verification-convertibility, verification-dependence and recipient-ambiguity. We also give a variant that does not hold the property of recipient-ambiguity but can make a verifier know to whom a signature is sent when he checks its validity. Horster et al. (7) first proposed an authenticated en- cryption scheme modified from Nyberg-Ruepple's mes- sage signature (12), which aimed to achieve the purpose that the signature can only be verified by some specified recipients while keeping the message secret from the public. Compared with the straightforward approach employing the encryption and the signature schemes for a message, respectively, authenticated schemes require smaller bandwidth of communications to achieve pri- vacy, integrity and anthentication of information. How- ever, Horster et al.'s authenticated encryption scheme has a weakness that no one except the specified recip- ient can be convinced of the signer's signature, so it cannot make the recipient prove the dishonesty of the signer to any verifier without releasing his secret if the signer wants to repudiate his signature. To protect the recipient in case that the signer would repudiate his signature, Araki et al. (2) proposed a convertible lim- ited verifier scheme to enable the recipient to convert the signature to an ordinary one so that any verifier can verify its validity. But it needs the cooperation of the signer when the recipient converts the signature, which is obviously a weakness under the situation that the signer is unwilling to cooperate. To overcome this weakness, Wu et al. (15) proposed another convert- ible authenticated encryption scheme. During which, the recipient can easily produce the ordinary signature without the cooperation of the signer, and he can re- veal the converted signature and then any verifier can prove the dishonesty of the signer, if the signer wants to repudiate his signature. Recently, Huang et al. (8) showed that the scheme of Wu et al. does not consider that once an intruder knows the message then he can also easily convert a signature into an ordinary one,

Fagen Li,Hu Xiong,Yong Yu

DOI: https://doi.org/10.1109/icccas.2008.4657819

2008-01-01

Abstract:Signcryption is a cryptographic primitive that performs digital signature and public key encryption simultaneously, at lower computational costs and communication overheads than the signature-then-encryption approach. In 2005, Huang et al. proposed an identity-based ring signcryption scheme by combining the concepts of identity-based ring signature and signcryption together. However, their scheme is computationally inefficient, since the number of pairing computations grows linearly with the group size. In this paper, we propose an efficient identity-based ring signcryption scheme. Our scheme only needs four pairing computations for any group size. We then prove that the proposed scheme is secure against adaptive ciphertext attacks in the random oracle model assuming the Decisional Bilinear Diffie-Hellman problem is computationally hard.

Jiqiang Lv,Kui Ren,Xiaofeng Chen,Kwangjo Ki

DOI: https://doi.org/10.1016/j.ins.2008.09.014

IF: 8.1

2009-01-01

Information Sciences

Abstract:Though cryptography is being used more and more widely in reality, it seems that there exists no scheme or a concatenation of some existing schemes that could deal soundly with such practical situations as providing a clue, where the provider of the clue may want to reserve his beneficial rights while keeping his identity secret. To address this problem, inspired by the two notions of the ring signature and the authenticated encryption signature, we propose a new type of authenticated encryption scheme, which we call the ring authenticated encryption scheme, which can enable any member of a group of persons to provide a clue to some designated recipient wisely.

Weizhe ZHANG,Dezhi GAO,Yan LI

DOI: https://doi.org/10.3778/j.issn.1002-8331.1704-0302

2017-01-01

Abstract:There are many types of ring signature schemes, but most of them are based on bilinear pairing, and have some problems in security and computing speed. Compared with Elliptic Curve Cryptography(ECC), the advantage of bilinear pairing is not obvious, and it can not provide higher level of security, takes less storage space. In order to improve the se-curity of the scheme and protect the anonymity of the signer's ID, adding the signer's ID which is processed in ring signa-ture scheme, a new hidden identity ring signature scheme using elliptic curve cryptography is proposed. Finally, the cor-rectness and security will also be provided by the security analysis.

Chunhua Jin,Chunxiang Xu,Linzhi Jiang,Fagen Li

DOI: https://doi.org/10.1109/hpcc-css-icess.2015.149

2015-01-01

Abstract:Deniable threshold ring authentication allows at least t members of a group participants to authenticate a message m without revealing which t members have generated the authenticator, and the verifier cannot convince any third party the message m is authenticated. It can be applied in anonymous and privacy communication scenarios. In this paper, we present a non-interactive identity-based deniable threshold ring authentication scheme. Our scheme is provably secure in the random oracle model under the bilinear Diffie-Hellman assumption. To the best of our knowledge, our scheme is the first identity based deniable threshold ring authentication scheme. Our scheme is very efficient since it only requires one pairing operation in authentication phase and one pairing operation in verification phase regardless of the number of the ring.

Fa-gen Li,Shirase Masaaki,Takagi Tsuyoshi

DOI: https://doi.org/10.1007/s12204-008-0679-2

2008-01-01

Abstract:We show that the Zhang-Yang-Zhu-Zhang identity-based authenticatable ring signcryption scheme is not secure against chosen plaintext attacks. Furthermore, we propose an improved scheme that remedies the weakness of the Zhang-Yang-Zhu-Zhang scheme. The improved scheme has shorter ciphertext size than the Zhang-Yang-Zhu-Zhang scheme. We then prove that the improved scheme satisfies confidentiality, unforgeability, anonymity and authenticatability.

Mingwu Zhang,Bo Yang,Shenglin Zhu,Wenzheng Zhang

DOI: https://doi.org/10.1007/978-3-540-69304-8_14

2008-01-01

Abstract:Three of the most important services offered by cryptography are confidential, private and authenticatability in distributed systems, such as P2P, trust negotiation and decentralized trust management. Information provider secretly encrypts a message with a hidden approach to protect message security and his privacy. Ring signcryption is an important way to realize full anonymity where the signcrypter cannot verify that this ciphertext was produced by himself. In this paper, we propose a novel construction of efficient secret authenticatable anonymous signcryption scheme in which only the actual signcrypter can authenticate that the ciphertext was produced by himself. The receiver cannot distinguish who the actual signcrypter is in the group even though he obtains all group members' private keys. Proposed scheme has the following properties: semantic security, signcrypter anonymity, signcrypter secret authenticatability, and unforgeability. We prove its security in the random oracle model under the DBDH assumption.

sun hua,guo li,wang aimin

2011-01-01

Abstract:Signcryption is a cryptographic primitive which provides authentication and confidentiality simultaneously with a computational cost lower than signing and encryption respectively. The ring signcryption has anonymity in addition to authentication and confidentiality, which allows any user to choose any set of users that includes himself and signcrypt messages without revealing who in the set has actually produced it. This paper presents an efficient identity-based ring signcryption scheme in the standard model, which proves its indistinguishability against adaptive chosen ciphertext attacks and existential unforgeability against adaptive chosen message and identity attacks in terms of the hardness of CDH problem and DBDH problem.

Yang ZHAO,Feng YUE,Hu XIONG,Zhi-guang QIN

DOI: https://doi.org/10.3969/j.issn.1671-1122.2015.10.002

2015-01-01

Abstract:The designated verifier signature specifies a verifier to check the validity of the signature; any third party can not check it because the designated verifier is able to generate an indistinguishable signature from the signer’s signature. In ring signature scheme, the signer can sign the message on behalf of the ring anonymously, the veriifer can check the validity of the signature, but it cannot recognize which member of the ring has signed it. In order to ensure the signer’s identity privacy and that only the designated veriifer can check the authenticity of the signature, Wu propose a strong designated veriifer ID-based ring signature scheme through combining the designated veriifer signature and the ring signature. The scheme allows the signer to designate a veriifer and generate a designated veriifer ring signature. Through the analysis on Wu’s scheme, we ifgure out the scheme does not satisfy the attribute of non-delegatability in designated verifier signature scheme and describe the attack method in this paper. For the sake of avoiding the lfaw, this paper improves Wu’s scheme and makes it provably secure. In addition, according to the improved scheme, we propose a strong designated veriifer ring signcryption scheme providing authentication and conifdentiality simultaneously.

Chao Liu,Zhongxiang Zheng,Keting Jia,Limin Tao

DOI: https://doi.org/10.1007/978-3-030-31919-9_1

2019-01-01

Abstract:Authenticated encryption (AE) is very suitable for a resources constrained environment for it needs less computational costs and AE has become one of the important technologies of modern communication security. Identity concealment is one of research focuses in design and analysis of current secure transport protocols (such as TLS1.3 and Google's QUIC). In this paper, we present a provably secure identity-concealed authenticated encryption in the public-key setting over ideal lattices, referred to as RLWE-ICAE. Our scheme can be regarded as a parallel extension of higncryption scheme proposed by Zhao (CCS 2016), but in the lattice-based setting. RLWE-ICAE can be viewed as a monolithic integration of public-key encryption, key agreement over ideal lattices, identity concealment and digital signature. The security of RLWE-ICAE is directly relied on the Ring Learning with Errors (RLWE) assumption. Two concrete choices of parameters are provided in the end.

熊虎

2009-01-01

Abstract:Identity-based（ID-based）ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now.Unfortunately,all of these ID-based ring sig-natures are constructed from bilinear pairings,a powerful but computationally expensive primitive.Hence,ID-based ring signature without pairing is of great interest in the field of cryptography.In this pa-per,the authors firstly propose an ID-based ring signature scheme based on quadratic residues.The pro-posed scheme is proved to be existentially unforgeable againsi adaptive chosen message-and-identity attackunder the random oracle model,assuming the hardness of factoring.The proposed scheme is more effi-cient than those which are constructed from bilinear pairings.

Hui Cui,Tianjie Cao

2009-01-01

Abstract:Due to the growing importance in the fields of computer networks, how to keep user's privacy has drawn more and more concerns in recent years. In this paper, based on a ring signature scheme, we propose a new secure anonymous authenticated key exchange protocol, which inherits all the good virtues of the previous protocols. Furthermore, we discuss the security attributes of our new scheme. Finally, we give an extension of our new scheme's application and make a conclusion of this paper.

Lei Zhang,Futai Zhang,Wei Wu

DOI: https://doi.org/10.48550/arXiv.1712.09145

2017-12-26

Abstract:Ring signature is a kind of group-oriented signature. It allows a member of a group to sign messages on behalf of the group without revealing his/her identity. Certificateless public key cryptography was first introduced by Al-Riyami and Paterson in Asiacrypt 2003. In certificateless cryptography, it does not require the use of certificates to guarantee the authenticity of users' public keys. Meanwhile, certificateless cryptography does not have the key escrow problem, which seems to be inherent in the Identity-based cryptography. In this paper, we propose a concrete certificateless ring signature scheme. The security models of certificateless ring signature are also formalized. Our new scheme is provably secure in the random oracle model, with the assumption that the Computational Diffie-Hellman problem is hard. In addition, we also show that a generic construction of certificateless ring signature is insecure against the key replacement attack defined in our security models.

Cryptography and Security

Hu Xiong,Ji Geng,Zhiguang Qin,Guobin Zhu

2015-01-01

Abstract:Signcryption can offer authentication and confidential-ity simultaneously with better efficiency than traditional signature-then-encryption approach. Ring signature enables a user to conscribe arbitrarily a group of ring members and sign a message on behalf of the ring (which includes himself) without revealing his real identity. By integrating the notion of signcryption and ring signature, ring signcryption has been initialized to leak secrets in an authenticated and confidential way anonymously. Recently, Guo et al . (Guo Z, Li M, Fan X. Attribute-based ring signcryption scheme. Security and Communication Networks , vol. 6, no. 6, pp. 790-796, 2013) proposed a ring signcryption scheme in attribute-based cryptography. Furthermore, they claimed that their scheme can satisfy confidentiality and unforgeability in the random oracle model. Unfortunately, by giving concrete attacks, we indicate that Guo et al .’s attribute-based ring signcryption scheme doesn’t provide confidentiality and unforgeability.

Hu Xiong,Zhiguang Qin,Fagen Li,Jing Jin

DOI: https://doi.org/10.1109/ICCCAS.2008.4657818

2008-01-01

Abstract:Identity-based(ID-based) threshold ring signature has rapidly emerged in recent years and many schemes have been proposed until now. However, most of these ID-based threshold ring signatures are constructed from bilinear pairings, a powerful but computationally expensive primitive. Hence, ID-based threshold ring signature without pairing is of great interest in the field of cryptography. In this paper, we propose an ID-based threshold ring signature scheme without pairings. The proposed scheme is proven to be existential unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the hardness of factoring. ©2008 IEEE.

FY Miao,Y Xiong,SB Yang,XF Wang

IF: 1.019

2006-01-01

Chinese Journal of Electronics

Abstract:Ring signature is a new kind of signer-ambiguous signature, in which the real signer randomly designates a set of possible signers including itself, and generates totally by itself the ring signature only with its private key and public keys of other possible signers. The signature includes no definite information that identifies the real signer. The paper extends the general notion of ring signature and proposes a provable encrypted ring signature scheme. In the scheme, the real signer produces a signer-ambiguous signature with self-provable evidence and can uniquely prove through the evidence that it is the authentic signer if necessary. Furthermore, by an identity-based encryption algorithm from bilinear pairings the ring signature is encrypted to guarantee that only the right verifier can verify the signature. A variant of the scheme is also given in the paper. Analysis shows that the provable encrypted ring signature is confidential, self-provable, signer-ambiguous and secure. The proposed scheme can be applied in many applications such as e-voting, e-commerce etc.

Parhat Abla,Feng-Hao Liu,Han Wang,Zhedong Wang

DOI: https://doi.org/10.1007/978-3-030-90456-2_6

2021-01-01

Abstract:This work constructs an identity based encryption from the ring learning with errors assumption (RLWE), with shorter master public keys and tighter security analysis. To achieve this, we develop three new methods: (1) a new homomorphic equality test method using nice algebraic structures of the rings, (2) a new family of hash functions with natural homomorphic evaluation algorithms, and (3) a new insight for tighter reduction analyses. These methods can be used to improve other important cryptographic tasks, and thus are of general interests. Particularly, our homomorphic equality test method can derive a new method for packing/unpacking GSW-style encodings, showing a new non-trivial advantage of RLWE over the plain LWE. Moreover, our new insight for tighter analyses can improve the analyses of all the currently known partition-based IBE designs, achieving the best of the both from prior analytical frameworks of Waters (Eurocrypt '05) and Bellare and Ristenpart (Eurocrypt '09).

Hu Xiong,Zhiguang Qin,Fagen Li

DOI: https://doi.org/10.4103/0377-2063.118032

IF: 1.8768

2013-01-01

IETE Journal of Research

Abstract:Ring signature is a primitive that allows an entity to sign a message on behalf of a group of potential signers (called a ring) while preserving unconditional anonymity in the ring. Ring signature has found many applications in fair exchange, electronic transaction protocols, and ad hoc networks. In this paper, a survey of ring signature from a number of perspectives is presented to provide researchers with a better understanding of this primitive. We survey the state of the art of ring signature schemes along with the security model, and compare their security properties and efficiency. Furthermore, the extensions of ring signature schemes with special properties are also investigated.

Jun-fang Xiao,Gui-hua Zeng

DOI: https://doi.org/10.1007/s12204-009-0189-x

2009-01-01

Journal of Shanghai Jiaotong University (Science)

Abstract:Security of wireless sensor network (WSN) is a considerable challenge, because of limitation in energy, communication bandwidth and storage. ID-based cryptosystem without checking and storing certificate is a suitable way used in WSN. But key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest key generation center (KGC) can forge the signature of any node and on the other hand the node can deny the signature actually signed by him/herself. To solving this problem, we propose an ID-based ring signature scheme without trusted KGC. We also present the accurate secure proof to prove that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other ring signature schemes, we think proposed scheme is more efficient.

王行甫,苗付友

DOI: https://doi.org/10.3969/j.issn.1006-9348.2009.02.040

2009-01-01

Abstract:Some digital signature applications in Network Environment,e.g. an anonymous e-impeachment,has the requirement of guaranteeing both the signer-ambiguity and non-transferability,but most of the current signature schemes can not fully meet such requirements. The paper proposes a new scheme called Identity-based Non-transferability Ring Signature Scheme,in which a special hash function from bilinear pairing is constructed. Thus the scheme satisfies the above applications requirements. Formal analysis shows that the scheme is signer-ambiguous,non-transferable and non-forgeable in Random Oracle Model.