Li-Hong Guo,Hai-Tao Wu,Qing Yang

DOI: https://doi.org/10.2991/icwcsn-16.2017.32

2016-01-01

Abstract:Proxy signature schemes have been suggested for use in a number of applications, so the security of proxy signature scheme is more and more important. However, at present, almost all the proxy signature schemas were proven secure in the random oracle model, which has received a lot of criticism. Recently, Yu et al. proposed a designated verifier proxy signature scheme without random oracles by using Waters hashing technique. The formal models and a strictly logical process were provided in this schema. But Kang et al. show some attacks on Yu et al.s scheme and offer its insecurity proof. In this paper, in order to overcome the weaknesses in Yu et al.s scheme we make supplements on it and make it secure resist Kang et al.s attacks.

Qi XIE,XiuYuan YU,WenHao LIU,DeRen CHEN,GuiLin WANG,JiYi WU

DOI: https://doi.org/10.1360/112011-915

2012-01-01

Scientia Sinica Informationis

Abstract:Mutual authentication between the user and the public cloud is essential requirement for the user to access the public cloud in cloud computing. In 2011, Juang et al. proposed a first authentication scheme based on proxy signature. The advantage of the scheme is that the user only needs to register on his home service cloud (HSC), and can pass through the authentication of the public cloud with the help of his HSC. However, their scheme has three weaknesses: 1) the users HSC needs to update the users public key in each session to protect the users privacy; 2) HSC may suffer from network jam when many users in the same HSC need to register on different public clouds simultaneously; and 3) a secret key should be shared between HSC and visiting cloud. To overcome these weaknesses, a provably secure convertible proxy signcryption for privacy preserving is proposed. Based on this scheme, a novel one-round authentication protocol is proposed, which the user only needs to register on his HSC, and can pass through the authentication of the visiting cloud without the help of his HSC. On the other hand, the proposed protocol can provide some nice properties, such as user privacy protection, non-repudiation, without updating the users public key, and secret key does not have to be shared between HSC and visiting cloud. In addition, the proposed scheme is provably secure in the random oracle model, and is more efficient than Juang et al.s scheme.

Lin Yao,Lei Wang,Xiangwei Kong,Guowei Wu,Feng Xia

DOI: https://doi.org/10.1016/j.camwa.2010.01.010

IF: 3.218

2010-01-01

Computers & Mathematics with Applications

Abstract:In a pervasive computing environment, mobile users often roam into foreign domains. Consequently, mutual authentication between the user and the service provider in different domains becomes a critical issue. In this paper, a fast and secure inter-domain authentication and key establishment scheme, namely IDAS, is proposed. IDAS adopts Biometrics to guarantee the uniqueness and privacy of users and adopts signcryption to generate a secure session key. IDAS can not only reduce the burden of certificates management, but also protect the users and authentication servers against fraud. Compared with some other authentication methods, our approach is superior with faster key exchange and authentication, as well as more privacy. The correctness is verified with the Syverson and Van Oorschot (SVO) logic. Crown Copyright (C) 2010 Published by Elsevier Ltd. All rights reserved.

Jianhong Zhang,Yuehai Wang

2019-01-01

Abstract:.As a significant cryptographical primitive, proxy re-signature(PRS) technique is broadly applied to distributed computation, copyright transfer and hidden path transfer because it permits that a proxy translates an entity’s signature into the other entity’s signature on the identical data. Recently, to discard time-consuming pairing operator and intricate certificate-maintenance, Wang et al. proposed two efficient pairing-free ID-based PRS schemes, and declared that their schemes were provably secure in the ROM. Very unluckily, in this investigation, we point out that Wang et al.’s schemes suffer from attacks of universal forgery by analysing their security, i.e., anyone can fabricate a signature on arbitrary file. After the relevant attacks are shown, the reasons which result in such attacks is analyzed. Finally, we discuss the corresponding improved method. Key–Words: ID-based PRS, integer factorization problem, universal forgeability, security attack

XIE Qi,WU JiYi,WANG GuiLin,CHEN DeRen,YU XiuYuan

2012-01-01

Abstract:Mutual authentication between the user and the public cloud is essential requirement for the user to access the public cloud in cloud computing.In 2011,Juang et al.proposed a first authentication scheme based on proxy signature.The advantage of the scheme is that the user only needs to register on his home service cloud(HSC),and can pass through the authentication of the public cloud with the help of his HSC.However, their scheme has three weaknesses:1)the user’s HSC needs to update the user’s public key in each session to protect the user’s privacy;2)HSC may suffer from network jam when many users in the same HSC need to register on different public clouds simultaneously;and 3)a secret key should be shared between HSC and visiting cloud.To overcome these weaknesses,a provably secure convertible proxy signcryption for privacy preserving is proposed.Based on this scheme,a novel one-round authentication protocol is proposed,which the user only needs to register on his HSC,and can pass through the authentication of the visiting cloud without the help of his HSC.On the other hand,the proposed protocol can provide some nice properties,such as user privacy protection, non-repudiation,without updating the user’s public key,and secret key does not have to be shared between HSC and visiting cloud.In addition,the proposed scheme is provably secure in the random oracle model,and is more efficient than Juang et al.’s scheme.

Jie XU,Hong-xiang SUN,Qiao-yan WEN,Hua ZHANG

DOI: https://doi.org/10.1016/s1005-8885(11)60288-4

2012-01-01

The Journal of China Universities of Posts and Telecommunications

Abstract:Multi-proxy signature is a scheme that an original signer delegates his or her signing capability to a proxy group. In the scheme, only the cooperation of all proxy signers in the proxy group can create a signature on behalf of the original signer. Jin and Wen firstly defined the formal security model of certificateless multi-proxy signature (CLMPS) and proposed a concrete CLMPS scheme. However, their construction has three problems: the definition of the strengthened security model is inaccurate, the concrete signature scheme has a security flaw, and the proof of the security is imperfect. With further consideration, a remedial strengthened security model is redefined, and an improved scheme is also proposed, which is existentially unforgeable against adaptively chosen-warrant, chosen-message and chosen-identity attacks in the random oracles. In this condition, the computational Diffie-Hellman (CDH) assumption is used to prove full security for our CLMPS scheme.

Xuan Hong,Jianhua Gao,Jianguo Pan,Bo Zhang

DOI: https://doi.org/10.1007/s10586-017-1074-2

2017-01-01

Cluster Computing

Abstract:In proxy re-signature scheme, the semi-trust proxy is given special information to convert user A’s signature into another user B’s signature on the same message m. This has numerous application, such as simplifying the certificate management by constructing a secure channel between two authentication centers, simplifying group signature management by making each signature transformed to the group’s signature, helping relieve some common key management headaches by resigning without the authentication center, and constructing digital right management (DRM) interoperable system by sharing the certification. In this paper, we proposed a novel proxy re-signature scheme with universally composable security. The proposed scheme is unidirectional, single-use, key optimal, non-transitive and non-temporary. Its security is based on Computational Diffie–Hellman assumption in the random oracle model. Furthermore, we present the universal composable based security definition of proxy re-signature, as well as the equivalent game based definition. If a scheme is proved to be safe in our game, it will have the universally composable property, which will simplify the future security analysis. Finally, we support the proposed scheme with detailed security and performance analysis.

Wu Jian

DOI: https://doi.org/10.2495/isme20131592

2014-01-01

Abstract:Identity-based encryption and signature schemes that allow any pair of users to communicate securely and to verify each other's signatures without verifying certificate. A signcryption is a primitive that provides the properties of both digital signatures and encryption schemes in a way that is more efficient than signing and encrypting separately. Proxy signature schemes are a variation of ordinary digital signature scheme that allow a proxy signer to sign messages on behalf of the original singer which proxy signcryption simultaneously fulfill both the functions of signature and encryption in a single step with a lower computational cost than that required by the traditional signature-then-encryption. In this paper, we present identity-based proxy signcryption schemes with lower efficient..

Jia-Zhu Dai,Xiao-Hu Yang,Jinxiang Dong

DOI: https://doi.org/10.1145/986537.986584

2004-01-01

Abstract:ABSTRACTProxy signatures are signature schemes that a signer (called original signer) delegates his signing capability to other people (called proxy signer), and the proxy signer creates signatures on behalf of the original signer. In application such as electronic voting and electronic commerce, the privacy may be concerned by the original signer. The original signer may hope that the proxy signers can sign on behalf of him without knowing the content of the signed message. Few efforts have been put on privacy protection of original signer in existed proxy signature schemes. In this paper, a privacy-protecting proxy signature scheme is proposed. In this scheme, the messages the original signer entrust to the proxy signer to sign on behalf of him are secret from the proxy signer during the generation of the proxy signature and from other people except the receiver designated by the original signer. Therefore, the privacy of the original signer is protected. The security of the proposed signature scheme is analyzed and its application to electronic voting is described.

吴晨煌,陈智雄,王海明,沈毅军

DOI: https://doi.org/10.3724/sp.j.1087.2009.00944

2009-01-01

Journal of Computer Applications

Abstract:The certificateless proxy signature scheme proposed by Fan Rui etc.was analyzed and their scheme turned out to be insecure.Furthermore,a serious security flaw was discovered in the proxy key generation algorithm,because the private key of the original signer could be recovered by the proxy signer.Unfortunately,the same security flaw was also found out in other proxy signature schemes.Finally,a comprehensive and improved scheme was proposed,whose security was based on the Computational Diffie-Hellman Problem(CDHP).

Hu Xiong,Jianbin Hu,Zhong Chen,Fagen Li

DOI: https://doi.org/10.1016/j.compeleceng.2011.01.006

IF: 4.152

2011-01-01

Computers & Electrical Engineering

Abstract:In a multi-proxy signature scheme, an original signer could authorize a proxy group as his proxy agent. Then only the cooperation of all the signers in the proxy group can generate the proxy signatures on behalf of the original signer. Recently, Cao and Cao gave the first formal definition and security model of an identity-based multi-proxy signature scheme, then proposed an identity-based multi-proxy signature scheme from bilinear pairings and proved its security in their security model. Although they proved that their scheme is secure under this model, we disprove their claim and show that their scheme is not secure. We also present a simple fix to prevent this attack.

WANG Shu-Hong,WANG Gui-lin,BAO Feng,WANG Jie

DOI: https://doi.org/10.1360/jos160911

2005-01-01

Journal of Software

Abstract:Proxy signature allows an original signer to delegate his/her signing capability to a proxy signer such that the proxy signer can sign messages on behalf of the original signer. Blind signature allows a user to have a given message signed by the signer without revealing any information about the message. By using Schnorr blind signature, Tan et al. recently proposed a digital proxy blind signature scheme. They claimed that it satisfies the security properties of both blind signatures and proxy signatures. However, it is not the fact. This paper shows that the proposed scheme is vulnerable to universal forgery as well as linkability attacks. It also explains why their proofs of the security are incorrect.

Lunzhi Deng Lunzhi Deng,Zhenyu Hu Lunzhi Deng,Yu Ruan Zhenyu Hu,Tao Wang Yu Ruan

DOI: https://doi.org/10.53106/160792642022032302008

2022-03-01

網際網路技術學刊

Abstract:Proxy signature frees the original signer from the heavy signature work. Many certificateless proxy signature (CLPS) schemes have been proposed in the last ten years. The security proofs of most known schemes are given in the random oracle model (ROM). There are only two CLPS schemes with provably security in the standard model (SM). However, in which the size of the system parameter increase linearly with the size of the user’s identity information. That increase the storage burden of the key generation center. In this paper, a new CLPS scheme is constructed and the security proofs are showed in SM. The size of system parameters and the master key are constant in the scheme. Requiring only three pairing operations, the new scheme is more efficient and suitable for mobile computing.  

JZ Dai,XH Yang,JX Dong

DOI: https://doi.org/10.1109/icsmc.2003.1243846

2003-01-01

Abstract:Proxy signature is the solution to delegation of signing capabilities in electronic world. Proxy signatures are signature schemes that an original signer delegates his signing capability to a proxy signer, and the proxy signer creates signatures on behalf of the original signer. To avoid the misuse of proxy signatures, the original signer hopes that he can restrict the signing capability delegated to the proxy signers. In this paper, a designated-receiver proxy signature scheme is proposed. In this scheme, an original signer nominates a person as signature receiver when he delegates his signing capability to a proxy signer, and the proxy signer can generate valid proxy signature on behalf of the original signer which none but the nominated receiver can verify and accept, thus the misuse of proxy signature is avoided. The security of the proposed signature scheme is analyzed. The scheme will be applied in e_commerce and other fields.

Zirui Qiao,Yanwei Zhou,Bo Yang,Mingwu Zhang,Tao Wang,Zhe Xia

DOI: https://doi.org/10.1109/jsyst.2021.3131589

IF: 4.802

2021-01-01

IEEE Systems Journal

Abstract:To improve the security of industrial Internet of things (IIoT), several concrete constructions of certificate-based proxy signature (CBPS) scheme without bilinear pairing were proposed in the last few years. However, many previous constructions were found impractical, either fail to meet the claimed security properties or contain design flaws. In particular, in some instances, a malicious proxy signer can claim to be the original signer by forwarding the messages from original signer to any proxy signer, and the receiver cannot determine whether the delegation of signing power has been reused. In this article, we first demonstrate some security issues and design flaws in the previous proposals of CBPS scheme. As follows, to further address the above deficiencies, three new constructions of CBPS scheme with improved security are introduced. In the first two proposals, the delegation validity can be verified by the designated verifier (proxy signer), and the delegation of signing power for the last construct is publicly verifiable (any signer). Furthermore, formal security proofs are given using forking lemma in the random oracle, assuming that the discrete logarithm problem is hard. Compared with the previous CBPS schemes, our constructions are efficient with respect to computation and communication. Finally, we discuss the two necessary conditions for constructing secure CBPS schemes, to avoid security flaws in future research.

computer science, information systems,telecommunications,engineering, electrical & electronic,operations research & management science

Chenao Hu,Wei Shimin,Zhu Chang-jie,Yang Yi

Abstract:Proxy ring signature,which enables a proxy signer to anonymously sign a message on behalf the original signer,has many advantages.This paper firstly proposed the strongest security model of certificateless proxy ring signature schemes and gave an efficient construction of certificateless proxy ring signature scheme using bilinear maps,with rigorous security proofs in the proposed strongest security model.The security of the scheme was based on the infeasibility of the computational Diffie-Hellman problem.The analysis shows that the new scheme satisfies the security requirements such as unconditional anonymity,strong unforgeability for a proxy ring signature scheme.Due to its security,efficiency and free of certificate management,it may have practical applications in electronic government affairs and mobile agent systems,etc.

Computer Science

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.48550/arXiv.1110.4196

2011-10-19

Cryptography and Security

Abstract:A proxy signature scheme allows a proxy signer to sign messages on behalf of an original signer. Proxy signature schemes have found numerous practical applications such as grid computing, mobile agent systems and cloud applications. Recently, Jiang et al. proposed the first lattice-based proxy signature scheme and claimed that their scheme provides all the security properties of a secure proxy signature scheme. However, in this paper, we disprove their claim and show that an original signer is able to forge a proxy signature on any message.

Song Han,Elizabeth Chang,Jie Wang,Wanquan Liu

2005-01-01

Abstract:Proxy signature helps the proxy signer to sign messages on behalf of the original signer. It is very useful when the original signer (e.g. the president of a company) is not available to sign a specific document. If the original signer can not forge valid proxy signatures through impersonating the proxy signer, it will be robust in a virtual environment; thus the original signer can not shift any illegal action initiated by herself to the proxy signer. In this paper, we propose a new proxy signature scheme. The new scheme can prevent the original signer from impersonating the proxy signer to sign messages. The proposed scheme is based on the regular ElGamal signature. In addition, the fair privacy of the proxy signer is maintained. That means, the privacy of the proxy signer is preserved; and the privacy can be revealed when it is necessary.

Yingjie Xia,Xuejiao Liu,Fubiao Xia,Guilin Wang

DOI: https://doi.org/10.1016/j.tcs.2015.12.025

IF: 1.002

2016-01-01

Theoretical Computer Science

Abstract:Since the invention of designated confirmer signatures (DCS), a number of schemes with various properties and different underlying mathematical problems have been developed. Although a considerable amount of work has been dedicated to the design of DCS schemes, the confusions of the security notions in the existing DCS models have not been formally discussed and clarified to achieve a proper level of confirmer's security. In order to achieve provable security, we propose a reduced security model and prove that a DCS cryptosystem only requires transcript-simulatability or alternatively invisibility plus non-transferability from a modelling perspective. Accompanied by the reduced DCS model, a generic DCS scheme is also constructed that still retains the feature of full verification, i.e., either the signer or the confirmer can interactively verify arbitrary signatures by providing a convincing proof. Our proposed scheme employs a computationally binding commitment scheme, together with an IND-CCA2 secure public encryption scheme, to achieve a provable security in the standard model. Meanwhile, we present an efficient concrete instantiation by using BLS signatures, CS-Paillier encryption scheme with labels, and Perdesen commitment scheme.

Debiao He,Mingwu Zhang,Baowen Xu

DOI: https://doi.org/10.1093/comjnl/bxu097

2014-01-01

The Computer Journal

Abstract:Recently, Gu et al. proposed an efficient identity-based proxy signature scheme and demonstrated their scheme was provably secure in the standard model. In this paper, we show their scheme is not secure against the malicious user through proposing three concrete attacks.