Lingling Xu,Jin Li,Shaohua Tang,Joonsang Baek

DOI: https://doi.org/10.1155/2015/626415

2015-01-01

Mobile Information Systems

Abstract:With the development of wireless technology, much data communication and processing has been conducted in mobile devices with wireless connection. As we know that the mobile devices will always be resource-poor relative to static ones though they will improve in absolute ability, therefore, they cannot process some expensive computational tasks due to the constrained computational resources. According to this problem, server-aided computing has been studied in which the power-constrained mobile devices can outsource some expensive computation to a server with powerful resources in order to reduce their computational load. However, in existing server-aided verification signature schemes, the server can learn some information about the message-signature pair to be verified, which is undesirable especially when the message includes some secret information. In this paper, we mainly study the server-aided verification signatures with privacy in which the message-signature pair to be verified can be protected from the server. Two definitions of privacy for server-aided verification signatures are presented under collusion attacks between the server and the signer. Then based on existing signatures, two concrete server-aided verification signature schemes with privacy are proposed which are both proved secure.

Li-Hong Guo,Hai-Tao Wu,Qing Yang

DOI: https://doi.org/10.2991/icwcsn-16.2017.32

2016-01-01

Abstract:Proxy signature schemes have been suggested for use in a number of applications, so the security of proxy signature scheme is more and more important. However, at present, almost all the proxy signature schemas were proven secure in the random oracle model, which has received a lot of criticism. Recently, Yu et al. proposed a designated verifier proxy signature scheme without random oracles by using Waters hashing technique. The formal models and a strictly logical process were provided in this schema. But Kang et al. show some attacks on Yu et al.s scheme and offer its insecurity proof. In this paper, in order to overcome the weaknesses in Yu et al.s scheme we make supplements on it and make it secure resist Kang et al.s attacks.

Huai Wu,Chunxiang Xu,Jiang Deng,Jianbing Ni

2013-01-01

Journal of Computational Information Systems

Abstract:The technique of server-aided verification helps to speed up the verification of a digital signature. This is highly desirable for many low computation applications such as RFID, wireless network. Recently, Wu et al. proposed two server-aided verification signature schemes based on Waters signature. Unfortunately, we demonstrate that the two schemes are vulnerable to collusion attacks by giving concrete security analysis. Copyright © 2013 Binary Information Press.

Huai Wu,Chunxiang Xu,Jiang Deng

DOI: https://doi.org/10.1504/ijict.2015.068385

2015-01-01

International Journal of Information and Communication Technology

Abstract:Fast signature verification is extremely desirable in many applications, especially for numerous low computation scenarios such as wireless network, RFID. Up to now, more and more techniques have been suggested to decrease the computational overhead. For instance, aggregate signatures have been used for saving the bandwidth by compressing a list of signatures into a single one and sever-aided verification aims at reducing computational load. Therefore, it is interesting to study how to combine these two tricks together, namely server-aided aggregate verification signature, to achieve both short signature length and secure server-aided verification. The contribution of this paper is three-fold. Firstly, we formalise a new security model of server-aided aggregate verification signature scheme SAAV-Σ against collusion attacks. Secondly, we propose a concrete server-aided aggregate verification signature scheme-based BGLS signature scheme. Finally, we show that our construction is secure in our model.

Huai Wu,Chunxiang Xu,Jiang Deng

DOI: https://doi.org/10.1109/INCoS.2013.95

2013-01-01

Abstract:Fast signature verification is desirable in many applications, especially for numerous low computation scenarios such as RFID, wireless network. Up to now, many techniques have been suggested to reduce the computational load. For example, server-aided verification aims at saving computational overhead and aggregated signatures have been used for saving the bandwidth by compressing a list of signatures into a single signature. Therefore, it is interesting to study how to combine these two tricks together, namely server-aided aggregate verification signature, to achieve both short signature length and secure server-aided verification. The contribution of this paper is three folds. Firstly, we formalize a new security model of server-aided aggregate verification signature scheme (SAAV-?). Secondly, we propose a concrete server-aided aggregate verification signature scheme based BGLS signature scheme. Finally, we show that our construction is secure in our model.

Xiao Qing-hua,Ping Ling-di,Chen Xiao-ping,Pan Xue-zeng

DOI: https://doi.org/10.1631/bf02842478

2004-01-01

Journal of Zhejiang University SCIENCE A

Abstract:Secret sharing and digital signature is an important research area in information security and has wide applications in such fields as safeguarding and legal use of confidential information, secure, multiparty computation and electronic commerce. But up to now, study of signature based on general vector space secret sharing is very weak. Aiming at this drawback, the authors did some research on vector space secret sharing against cheaters, and proposed an efficient but secure vector space secret sharing based multi-signature scheme, which is implemented in two channels. In this scheme, the group signature can be easily produced if an authorized subset of participants pool their secret shadows and it is impossible for them to generate a group signature if an unauthorized subset of participants pool their secret shadows. The validity of the group signature can be verified by means of verification equations. A group signature of authorized subset of participants cannot be impersonated by any other set of participants. Moreover, the suspected forgery can be traced, and the malicious participants can be detected in the scheme. None of several possible attacks can successfully break this scheme.

Solomon Guadie Worku,Chunxiang Xu,Jining Zhao

DOI: https://doi.org/10.1007/s11704-013-3138-7

IF: 2.6688

2014-01-01

Frontiers of Computer Science

Abstract:An auditing scheme is a good way to prove owner’s data outsourced to the cloud are kept intact, and a scheme capable of giving public verifiability service is a good option that some researchers have managed to build for the last few years. However, in a public auditing scheme everybody does verification of data and a possibility of leaking some secrete information to the public verifiers is an issue that data owners are unhappywith this scenario. For example, the data owner does not want anybody else to know he has the data stored in the cloud server. Motivated by the issue of privacy associated with public auditing system, we proposed a designated verifier auditing (DVA) scheme based on Steinfeld et al.’s universal designated verifier (DV) signature scheme. Our DVA scheme authorizes a third party auditor with private verification capability. It provides private verification because the scheme involves private key of the verifier. Moreover, we present the batch auditing scheme to improve auditing efficiency. Through rigorous security analysis we showed that our scheme is provably secure in the random oraclemodel assuming that the computational Diffie-Hellman (CDH) problem is hard over the group of bilinear maps.

Jia-Zhu Dai,Xiao-Hu Yang,Jinxiang Dong

DOI: https://doi.org/10.1145/986537.986584

2004-01-01

Abstract:ABSTRACTProxy signatures are signature schemes that a signer (called original signer) delegates his signing capability to other people (called proxy signer), and the proxy signer creates signatures on behalf of the original signer. In application such as electronic voting and electronic commerce, the privacy may be concerned by the original signer. The original signer may hope that the proxy signers can sign on behalf of him without knowing the content of the signed message. Few efforts have been put on privacy protection of original signer in existed proxy signature schemes. In this paper, a privacy-protecting proxy signature scheme is proposed. In this scheme, the messages the original signer entrust to the proxy signer to sign on behalf of him are secret from the proxy signer during the generation of the proxy signature and from other people except the receiver designated by the original signer. Therefore, the privacy of the original signer is protected. The security of the proposed signature scheme is analyzed and its application to electronic voting is described.

LI Xiang-xue,CHEN Ke-fei,LIU Sheng-li,LI Shi-qun,李祥学,陈克非,刘胜利,李世群

2006-01-01

Journal of Shanghai Jiaotong University (Science)

Abstract:Verifiably encrypted signatures are employed when a signer wants to sign a message for a verifier but does not want the verifier to possess his signature on the message until some certain requirements of his are satisfied. This paper presented new verifiably encrypted signatures from bilinear pairings. The proposed signatures share the properties of simplicity and efficiency with existing verifiably encrypted signature schemes. To support the proposed scheme, it also exhibited security proofs that do not use random oracle assumption. For existential unforgeability, there exist tight security reductions from the proposed verifiably encrypted signature scheme to a strong but reasonable computational assumption.

XIA Qi,XU Chun-xiang

2009-01-01

Abstract:The security of Yang et al. verifiably encrypted signature schemes is analyzed.Although the scheme is proved security in the standard model,it is vulnerable to key substitution attack in a multi-user setting,where an adversary can generate new keys satisfying legitimate verifiably encrypted signatures created by the legitimate users.A concrete instance of fair exchange of digital signature protocol is given to show that this kind attack can breach the fairness when they are used in fair exchange in a multi-user setting.

Muhua Liu,Lin Wang,Qingtao Wu,Jianqiang Song

DOI: https://doi.org/10.1155/2021/6699974

IF: 1.968

2021-01-01

Security and Communication Networks

Abstract:We introduce a novel notion of distributed functional signature. In such a signature scheme, the signing key for function f will be split into n shares skfi and distributed to different parties. Given a message m and a share skfi, one can compute locally and obtain a pair signature fim,σi. When given all of the signature pairs, everyone can recover the actual value fm and corresponding signature σ. When the number signature pairs are not enough, nobody can recover the signature fm,σ. We formalize the notion of function privacy in this new model which is not possible for the standard functional signature and give a construction from standard functional signature and function secret sharing based on one-way function and learning with error assumption. We then consider the problem of hosting services in multiple untrusted clouds, in which the verifiability and program privacy are considered. The verifiability requires that the returned results from the cloud can be checked. The program privacy requires that the evaluation procedure does not reveal the program for the untrusted cloud. We give a verifiable distributed secure cloud service scheme from distributed functional signature and prove the securities which include untrusted cloud security (program privacy and verifiability) and untrusted client security.

Aixin Zhang,Shalin Huang,Xinghua Wu,Shilin Wang,Jianhua Li

DOI: https://doi.org/10.1109/CSCloud/EdgeCom.2018.00011

2018-01-01

Abstract:The security of outsourced data has been a key issue in cloud applications. Previous researches have focused on the remote data auditing and verification schemes. Although some of them have the properties of dynamic update and public audit, most of these schemes implicitly assume an honest client. Actually, the client has the motivations to corrupt the verification results against server, and the server may suspect the verification results under the situation where the client is dishonest. Up to now, few solutions have been proposed when both the client and server are not fully trusted and either side could be malicious. In this paper, a strict verifiable database (sVDB) protocol is proposed to tackle this problem. The concrete construction based on the bilinear pair technique can support client's real-time query and batch update operations. We prove the security of the scheme by contradiction under the square computational Diffie-Hellman assumption. We also implement the protocol and carry out several experiments to compare its performance with the state-of-the-art VDB scheme using vector commitment. All the results show that the proposed sVDB scheme achieves good security performance and high computation efficiency.

University of Science and Technology of China,Xue Kaiping,Li Shangbin,Yu Nenghai

DOI: https://doi.org/10.1007/s11128-021-03162-5

IF: 1.965

2021-01-01

Quantum Information Processing

Abstract:Although most of the quantum signatures can be verified by a designated receiver, they do not match the classical designated verifier signature since an indistinguishable signature cannot be efficiently simulated. To adapt quantum signatures in specific environments like E-voting and E-bidding, several quantum designated verifier signature (QDVS) schemes have been proposed. However, it is still too complicated and infeasible to implement existing QDVS schemes in practice. In this paper, we propose a practical QDVS scheme without entanglement for E-voting applications. It only involves the quantum processing part of the underlying quantum key distribution (QKD) to generate correlated key strings, which protects the communication against potential eavesdroppers. The proposed scheme can be easily and efficiently deployed over the existing QKD network without complicated quantum operations. We further show that our QDVS scheme satisfies the required main security requirements and has the capability against several common attacks.

Zhenpeng Liu,Lele Ren,Ruilin Li,Qiannan Liu,Yonggang Zhao

DOI: https://doi.org/10.1016/j.cose.2022.102858

2022-10-01

Abstract:More and more companies, institutions and organizations are choosing to put vast amounts of data on the cloud. However, applications such as multimedia office, e-government and e-health systems need to withhold some data in order to hide highly confidential information when uploading to the cloud. A new data integrity auditing scheme is proposed to protect the privacy information and share the data. The idea of sanitizable signature is used to sanitize the private data to protect the privacy and generate effective signatures to verify the integrity of the data. At the same time, the identity-based encryption auditing mechanism simplifies the complex certificate management and improves the audit efficiency. The stability of the scheme is verified by calculating the Computational Diffie-Hellman Problem (CDHP) and Discrete Logarithm Problem (DLP) in the stochastic prediction model. The performance of the proposed scheme is evaluated by simulation experiments, which proves that the proposed scheme is safe and effective.

computer science, information systems

Jiang Xu,Jin Han,Yongjun Ren,Jin Wang

DOI: https://doi.org/10.14257/astl.2014.79.22

2014-01-01

Abstract:Cloud storage is now an important development trend in information technology. To ensure the integrity of data storage in cloud storing, researchers have present some proof of storage schemes. In some cases, the ability to check data possession is delegated by data owners. Hence, the delegable provable data possession and proxy provable data possession are proposed. However the schemes are not secure since the proxy or designated verifier stores some delegation information in cloud storage servers. In this paper, we propose PC-DV POS scheme, which can preserve clients' privacy and designate a verifier by the client signed the data blocks. In particular, we utilize group signatures and key exchange to construct homomorphic authenticators, so that only the designated verifier is able to check the integrity of shared data for users without retrieving the entire data, and cannot reveal the identities of signers on all blocks in shared data.

Zhuo Hao,Sheng Zhong,Nenghai Yu

DOI: https://doi.org/10.1109/tkde.2011.62

IF: 9.235

2011-09-01

IEEE Transactions on Knowledge and Data Engineering

Abstract:Remote data integrity checking is a crucial technology in cloud computing. Recently, many works focus on providing data dynamics and/or public verifiability to this type of protocols. Existing protocols can support both features with the help of a third-party auditor. In a previous work, Sebé et al. propose a remote data integrity checking protocol that supports data dynamics. In this paper, we adapt Sebé et al.'s protocol to support public verifiability. The proposed protocol supports public verifiability without help of a third-party auditor. In addition, the proposed protocol does not leak any private information to third-party verifiers. Through a formal analysis, we show the correctness and security of the protocol. After that, through theoretical analysis and experimental results, we demonstrate that the proposed protocol has a good performance.

computer science, information systems, artificial intelligence,engineering, electrical & electronic

Xiangjun Xin,Zhuo Wang,Qinglan Yang,Fagen Li

DOI: https://doi.org/10.1007/s10773-019-04377-0

2020-01-01

International Journal of Theoretical Physics

Abstract:Designated verifier signatures are very useful in the applications such as e-voting and auction. In this paper, an identity-based quantum designated verifier signature (IDQDVS) scheme is proposed. It has the security properties such as designated verification, non-transferability and hiding source. And it is secure against forgery attack, inter-resending attack and impersonation attack. What is more, our scheme has the advantages of the classical designated verifier signature schemes. In our scheme, the signer signs a message with his/her private key, while the designated verifier verifies the corresponding IDQDVS with the signer’s classical identity information (such as his/her name or email address), which is used as the signer’s public key. Hence, our scheme can simplify the key management of the quantum signature system. On the other hand, our scheme does not need any entangled state. The verifier need not perform any quantum state comparison during the signature verification phase. Therefore, our scheme is more practicable and efficient than the similar schemes.

Mingwu Zhang,Tsuyoshi Takagi,Bo Yang,Fagen Li

DOI: https://doi.org/10.1587/transfun.e95.a.259

2012-01-01

Abstract:Strong designated verifier signature scheme (SDVS) allows a verifier to privately check the validity of a signature. Recently, Huang et al. first constructed an identity-based SDVS scheme (HYWS) in a stronger security model with non-interactive proof of knowledge, which holds the security properties of unforgeability, non-transferability, non-delegatability, and privacy of signer's identity. In this paper, we show that their scheme does not provide the claimed properties. Our analysis indicates that HYWS scheme neither resist on the designated verifier signature forgery nor provide simulation indistinguishability, which violates the security properties of unforgeability, non-delegatability and non-transferability.

Genqing Bian,Rui Zhang,Bilin Shao

DOI: https://doi.org/10.1109/access.2022.3166920

IF: 3.9

2022-01-01

IEEE Access

Abstract:The remote data possession checking mechanism can effectively verify the integrity of outsourced data, which can usually be divided into public verification and private verification. The verifier of public verification can be any cloud user, while private verification can only be the data owner. However, in most practical situations, the data owner expects that only a specific verifier can perform integrity checking tasks and that verifier cannot gain any knowledge about the data. Yan et al. proposed a remote data possession checking scheme with the designated verifier, which can guarantee that only the designated verifier can check data integrity, whereas others cannot do it. However, this scheme relies on public key infrastructure technology and does not consider data privacy protection issues. To overcome these shortcomings, we propose an identity-based remote data possession checking scheme that satisfies the data owner's requirement to specify a unique verifier. Moreover, in this scheme, we use a random integer to blind data integrity proof to protect data privacy and use Merkle hash tree structure to achieve dynamic update of data. At the same time, our scheme can avoid the complex certificate management in public key infrastructure. We proved the safety of our scheme based on the discrete logarithm assumption and the computational Diffie-Hellman assumption. Theoretical analysis and experimental results show that our scheme is feasible and effective in practical applications.

computer science, information systems,telecommunications,engineering, electrical & electronic

Yiteng Feng,Yi Mu,Guomin Yang,Joseph K. Liu

DOI: https://doi.org/10.1007/978-3-319-19962-7_22

2015-01-01

Abstract:With a cloud storage, users can store their data files on a remote cloud server with a high quality on-demand cloud service and are able to share their data with other users. Since cloud servers are not usually regarded as fully trusted and the cloud data can be shared amongst users, the integrity checking of the remote files has become an important issue. A number of remote data integrity checking protocols have been proposed in the literature to allow public auditing of cloud data by a third party auditor (TPA). However, user privacy is not taken into account in most of the existing protocols. We believe that preserving the anonymity (i.e., identity privacy) of the data owner is also very importa nt in many applications. In this paper, we propose a new remote integrity checking scheme which allows the cloud server to protect the identity information of the data owner against the TPA. We also define a formal security model to capture the requirement of user anonymity, and prove the anonymity as well as the soundness of the proposed scheme.