Miaomiao Tian,Liusheng Huang,Wei Yang

DOI: https://doi.org/10.1504/IJESDF.2014.064409

2014-01-01

International Journal of Electronic Security and Digital Forensics

Abstract:Certificateless cryptography is an attractive paradigm for public key cryptography since it does not require certificates in traditional public key cryptography and also solves the inherent key escrow problem in identity-based cryptography. Currently, certificateless short signature is receiving significant attention from the public key cryptography research community as it is particularly useful in low-bandwidth communication environments. However, most of the certificateless short signature schemes only support low-level security. Recently, Choi et al. presented a certificateless short signature scheme and claimed that it is provably secure against super adversaries in the random oracle model. Unfortunately, in this paper, we show that their scheme is insecure even against a strong adversary. We then propose a new certificateless short signature scheme and prove that it is secure against strong adversaries. Compared with other certificateless short signature schemes, our scheme is more computationally efficient.

Zhen Qin,Chen Yuan,Yilei Wang,Hu Xiong

DOI: https://doi.org/10.1016/j.ipl.2016.02.003

IF: 0.851

2016-01-01

Information Processing Letters

Abstract:ID-based signature enables users to verify signatures using only public identifier. Very recently, Rossi and Schmid (2015) [9] proposed two identity-based signature schemes along with the application to group communications. Unfortunately, by proposing concrete attack, we demonstrate that the former scheme is insecure against forgery attack, while the latter scheme has been totally broken in the sense that the signing key can be recovered from the valid signature easily.

Jiaxin Pan,Benedikt Wagner

DOI: https://doi.org/10.1007/978-3-030-81293-5_19

2021-01-01

Abstract:We construct a short and adaptively secure identity-based signature scheme tightly based on the well-known Short Integer Solution (SIS) assumption. Although identity-based signature schemes can be tightly constructed from either standard signature schemes against adaptive corruptions in the multi-user setting or a two-level hierarchical identity-based encryption scheme, neither of them is known with short signature size and tight security based on the SIS assumption. Here “short” means the signature size is independent of the message length, which is in contrast to the tree-based (tight) signatures.Our approach consists of two steps: Firstly, we give two generic transformations (one with random oracles and the other without) from non-adaptively secure identity-based signature schemes to adaptively secure ones tightly. Our idea extends the similar transformation for digital signature schemes. Secondly, we construct a non-adaptively secure identity-based signature scheme based on the SIS assumption in the random oracle model.

Debiao He,Baojun Huang,Jianhua Chen

DOI: https://doi.org/10.1049/iet-ifs.2012.0176

2013-01-01

IET Information Security

Abstract:The certificateless public key cryptography has attracted wide attention since it could solve the certificate management problem in the traditional public key cryptography and the key escrow problem in the identity-based public key cryptography. Recently, several certificateless short signature schemes, which could satisfy the requirement of low-bandwidth communication environments, have been proposed. However, most of them are not secure against either the Type I adversary or the Type II adversary. In this study, the authors propose a new efficient certificateless short signature scheme. The analysis shows the authors' scheme has better performance than the related schemes and is secure against both of the super Type I and the super Type II adversaries.

Debiao He,Mingwu Zhang,Baowen Xu

DOI: https://doi.org/10.1093/comjnl/bxu097

2014-01-01

The Computer Journal

Abstract:Recently, Gu et al. proposed an efficient identity-based proxy signature scheme and demonstrated their scheme was provably secure in the standard model. In this paper, we show their scheme is not secure against the malicious user through proposing three concrete attacks.

Tianjie Cao,Dongdai Lin

DOI: https://doi.org/10.1007/11599548_20

2005-01-01

Abstract:Digital signature scheme allows a user to sign a message in such a way that anyone can verify the signature, but no one can forge the signature on any other message. In this paper, we show that Xie and Yu’s threshold signature scheme, Huang and Chang’s threshold proxy signature scheme, Qian, Cao and Xue’s pairing-based threshold proxy signature scheme, Xue and Cao’s multi-proxy signature scheme and Zhou et al.’s proxy multi-signature scheme are all insecure against the forgery attacks.

Ying Sun,Yong Yu,Xiaosong Zhang,Jiwen Chai

DOI: https://doi.org/10.1587/transfun.e96.a.721

2013-01-01

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

Abstract:Observing the security of existing identity-based proxy signature schemes was proven in the random oracle model, Cao et al. proposed the first direct construction of identity-based proxy signature secure in the standard model by making use of the identity-based signature due to Paterson and Schuldt. They also provided a security proof to show their construction is secure against forgery attacks Without resorting to the random oracles. Unfortunately, in this letter, we demonstrate that their scheme is vulnerable to insider attacks. Specifically, after a private-key extraction query, an adversary, behaving as a malicious original signer or a malicious proxy signer, is able to violate the unforgeability of the scheme.

Liangliang Wang,Kefei Chen,Yu Long,Xianping Mao,Huige Wang

DOI: https://doi.org/10.1109/INCoS.2015.10

2015-01-01

Abstract:Certificateless public key cryptography was proposed to solve the key escrow problem in identity-based public key cryptography. Namely, a user's full private key must be comprised of a partial private key which is provided by the key generation center and a secret value which is chosen by the user. Thus the key generation center can no longer acquire each user's full private key by itself. In 2014, Yeh et al. proposed an efficient certificateless public key signature scheme without bilinear pairings. They also showed their scheme is secure against super adversary under the hardness of breaking discrete logarithm problem in the random model. In this paper, we modify Yeh et al.'s scheme to obtain a new scheme which is more practical than theirs. And our modified scheme can achieve the same security level as Yeh et al.'s scheme under the hardness of breaking discrete logarithm problem in the random model.

WU Huai,SUN Ying,XU Chun-xiang,WU Wei

DOI: https://doi.org/10.3969/j.issn.1001-0548.2013.06.022

2013-01-01

Abstract:The security of the identity-based ring signature scheme of [18] is analyzed in this paper. It is found that this scheme did not possess the unforgeability property. It is also shown that the proposed scheme is insecure against a new kind of forgery attack, i.e. the identity assembly forgery attack. With such an attack, an adversary is able to forge valid ring signatures on any message based on the features of its identity, and the identity of the adversary can be even not included in the ring of the forged signature.

Xun Sun,Jianhua Li,Gongliang Chen,Shutang Yang

2008-01-01

Abstract:In a directed signature scheme, a verifier can exclusively verify the signatures designated to himself, and shares with the signer the ability to prove correctness of the signature to a third party when necessary. Directed signature schemes are suitable for applications such as bill of tax and bill of health. This paper studies directed signatures in the identity-based setting. We first present the syntax and security notion that includes unforgeability and invisibility, then propose a concrete identity-based directed signature scheme from bilinear pairings. We then prove our scheme existentially unforgeable under the computational Diffie-Hellman assumption, and invisible under the decisional Bilinear Diffie-Hellman assumption, both in the random oracle model.

XIA Qi,XU Chun-xiang

2009-01-01

Abstract:The security of Yang et al. verifiably encrypted signature schemes is analyzed.Although the scheme is proved security in the standard model,it is vulnerable to key substitution attack in a multi-user setting,where an adversary can generate new keys satisfying legitimate verifiably encrypted signatures created by the legitimate users.A concrete instance of fair exchange of digital signature protocol is given to show that this kind attack can breach the fairness when they are used in fair exchange in a multi-user setting.

LI Xiang-xue,CHEN Ke-fei,LIU Sheng-li,LI Shi-qun,李祥学,陈克非,刘胜利,李世群

2006-01-01

Journal of Shanghai Jiaotong University (Science)

Abstract:Verifiably encrypted signatures are employed when a signer wants to sign a message for a verifier but does not want the verifier to possess his signature on the message until some certain requirements of his are satisfied. This paper presented new verifiably encrypted signatures from bilinear pairings. The proposed signatures share the properties of simplicity and efficiency with existing verifiably encrypted signature schemes. To support the proposed scheme, it also exhibited security proofs that do not use random oracle assumption. For existential unforgeability, there exist tight security reductions from the proposed verifiably encrypted signature scheme to a strong but reasonable computational assumption.

HE Ming-xing,LI Peng-cheng,LI Xiao

DOI: https://doi.org/10.3969/j.issn.1001-0548.2015.06.016

2015-01-01

Abstract:Certificateless cryptography aims at combining the advantages of identity based and traditional certificate-based public key cryptography, so as to avoid the key escrow problem inherent in the identity based system and certificate management in public key infrastructure. In this paper, we propose a new efficient certificateless signature scheme and prove its security in the random oracle model. Furthermore, via pre-computing a bilinear pairing in the setup phase, our scheme only needs to compute one pairing in the verify stage. It is more efficient in computation complexity and communication complexity than that of many previous schemes.

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.3233/FI-2016-1353

2016-01-01

Fundamenta Informaticae

Abstract:Identity-based signature is an important technique for light-weight authentication. Recently, many efforts have been made to construct identity-based signatures over lattice assumptions since they would remain secure in future quantum age. In this paper we present a new identity-based signature scheme from lattice problems. This scheme is more efficient than other lattice-based identity-based signature schemes in terms of both computation and communication complexities. We prove its security in the random oracle model under short integer solution assumption that is as hard as approximating several worst-case lattice problems. We also extend the scheme to an identity-based message recovery signature scheme that has better performance.

Hou Guibin,Liu Jiaomin,Liu Wenyuan,Si Yali

DOI: https://doi.org/10.1109/csnt.2012.114

2012-01-01

Abstract:Based on the Hess signature scheme, a new efficient ID-based verifiably encrypted signature scheme was proposed. The scheme had the less pairing operations, and adjudicator signed a guarantee to avoid refusing to extract the common signature when resolving conflicts, thereby exchange signature protocol's fairness was enhanced. Compared with the other schemes, the proposed scheme was more efficient. At last its security was proved in the random oracle model. The proposed scheme was proved to be security assuming the computing Diffie-Hellman problem was hard.

Kwangsu Lee,Dong Hoon Lee

DOI: https://doi.org/10.1371/journal.pone.0128081

2014-11-18

Abstract:Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a single short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme that supports full aggregation since it can reduce the total transmitted data by using an identity string as a public key and anyone can freely aggregate different signatures. Constructing a secure IBAS scheme that supports full aggregation in bilinear maps is an important open problem. Recently, Yuan {\it et al.} proposed an IBAS scheme with full aggregation in bilinear maps and claimed its security in the random oracle model under the computational Diffie-Hellman assumption. In this paper, we show that there exists an efficient forgery attacker on their IBAS scheme and their security proof has a serious flaw.

Cryptography and Security

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.1002/dac.2310

2013-01-01

International Journal of Communication Systems

Abstract:Certificateless cryptography is an attractive paradigm for public key cryptography as it does not require certificates in traditional public key cryptography and, at the same time, solves the inherent key escrow problem in identity-based cryptography. Recently, an efficient certificateless signature scheme without using pairings was proposed by He, Chen and Zhang. They claimed that it is provably secure under the discrete logarithm assumption in the random oracle model. However, in this paper, we show that their scheme is insecure against a type II adversary who can access to the master secret key of the system. Copyright (c) 2012 John Wiley & Sons, Ltd.

Hu Xiong,Songyang Wu,Fagen Li,Zhiguang Qin

DOI: https://doi.org/10.1007/s11277-014-2106-3

IF: 2.017

2015-01-01

Wireless Personal Communications

Abstract:As an important approach to resist the threat of key leakage, key insulated security allows secret keys to be periodically updated by using a physically-secure but computation-limited device. Recently, key insulated mechanism has been introduced into identity based (ID-based) signature to solve the key-leakage problem in ID-based signature scenarios. In this paper, we present two compact ID-based key-insulated signature schemes that try to minimize the total amount of message and signature. Compared with the up-to-date ID-based key-insulated signatures, our schemes enjoy the minimum net bandwidth and computation overhead. We also provide formal security proofs of our schemes under the Computational Diffie–Hellman assumption in the random oracle model. We focus on potential applications of our schemes to secret handshakes, but we believe they will find many other applications as well.

Yanli Ren,Dawu Gu

DOI: https://doi.org/10.1109/isdpe.2007.76

2007-01-01

Abstract:Identity based crypto system is a public key cryptosystem where the public key can be represented as an arbitrary string. However, an identity based signature scheme that is fully secure in the standard model with a tight reduction has not been proposed until now. In this paper, we propose an identity based signature scheme that is fully secure in the standard model and has several advantages-computational efficiency, short public parameters, and a tight security reduction. In many situations we want to enjoy confidentiality and authenticity simultaneously. A traditional approach to achieve this objective is to "sign-then-encrypt" this message, or we can employ special cryptographic scheme like signcryption. To the best of our knowledge, reference [15] proposes the only identity based signcryption scheme in the standard model. But its security proof is based on a weaker model-"sample-ID" model and the reduction is not tight. Combining an identity based encryption scheme, we also propose the first identity based signcryption scheme that is fully secure in the standard model with a tight reduction. Moreover, our signcryption scheme has public verifiability.

Fēi Li,Wei Gao,Guilin Wang,Kefei Chen,Xueli Wang

DOI: https://doi.org/10.1504/ijipt.2014.066373

2014-01-01

International Journal of Internet Protocol Technology

Abstract:We propose a new identity-based threshold signature (IBTHS) scheme from bilinear pairings enjoying the following advantages in efficiency, security and functionality. The round-complexity of the threshold signing protocol is optimal since each party pays no other communication cost except broadcasting one single message. The computational complexity of the threshold signing procedure is considerably low since there appears no other time-consuming pairing except two pairings for verifying each signature shares. The communication channel requirement of the threshold signing procedure is the lowest since the broadcast channel among signers is enough. It is provably secure with optimal resilience in the standard model. It is the private key associated with an identity rather than a private key of the private key generator (PKG) that is shared among signature generation servers.