Zhong-mei Wan,Xue-jia Lai,Jian Weng,Sheng-li Liu,Yu Long,Xuan Hong

DOI: https://doi.org/10.1631/jzus.a0820714

2011-01-01

Abstract:Leakage of the private key has become a serious problem of menacing the cryptosystem security. To reduce the underlying danger induced by private key leakage, Dodis et al. (2003) proposed the first key-insulated signature scheme. To handle issues concerning the private key leakage in certificateless signature schemes, we devise the first certificateless key-insulated signature scheme. Our scheme applies the key-insulated mechanism to certificateless cryptography, one with neither certificate nor key escrow. We incorporate Waters (2005)’s signature scheme, Paterson and Schuldt (2006)’s identity-based signature scheme, and Liu et al. (2007)’s certificateless signature scheme to obtain a certificateless key-insulated signature scheme. Our scheme has two desirable properties. First, its security can be proved under the non-pairing-based generalized bilinear Diffie-Hellman (NGBDH) conjecture, without utilizing the random oracle model; second, it solves the key escrow problem in identity-based key-insulated signatures.

Jian Weng,Kefei Chen,Shengli Liu,Xiangxue Li

2008-01-01

Journal of Software

Abstract:It is a worthwhile challenge to deal with the key-exposure problem in identity-based signatures. To deal with this problem, this paper adopts Dodis, et al.'s key-insulation mechanism to identity-based signature scenarios, and proposes an identity-based key-insulated signature scheme. The proposed scheme enjoys two attractive features:

Jian Weng,Shengli Liu,Kefei Chen,Xiangxue Li

DOI: https://doi.org/10.1007/11937807_2

2006-01-01

Abstract:Standard identity-based (ID-based) signature schemes typically rely on the assumption that secret keys are kept perfectly secure. However, with more and more cryptographic primitives are deployed on insecure devices (e.g. mobile devices), key-exposure seems inevitable. This problem is perhaps the most devastating attack on a cryptosystem since it typically means that security is entirely lost. To minimize the damage caused by key-exposure in ID-based signatures scenarios, Zhou et al. [32] applied Dodis et al.'s key-insulation mechanism [12] and proposed an ID-based key-insulated signature (IBKIS) scheme. However, their scheme is not strong key-insulated, i.e, if an adversary compromises the helper key, he can derive all the temporary secret keys and sign messages on behalf the legitimate user. In this paper, we re-formalize the definition and security notions for IBKIS schemes, and then propose a new IBKIS scheme with secure key-updates. The proposed scheme is strong key-insulated and perfectly key-insulated. Our scheme also enjoys desirable properties such as unbounded number of time periods and random-access key-updates.

Zhong-mei Wan,Xue-jia Lai,Jian Weng,Sheng-li Liu,Yu Long,Xuan Hong

DOI: https://doi.org/10.1007/s12204-010-1064-5

2010-01-01

Journal of Shanghai Jiaotong University (Science)

Abstract:The only known construction of key-insulated signature (KIS) that can be proven secure in the standard model is based on the approach of using double signing. That is, the scheme requires two signatures: a signature with a master key and a signature with the signer’s secret key. This folklore construction method leads to an inefficient scheme. Therefore it is desirable to devise an efficient KIS scheme. We present the first scheme with such a construction. Our construction derives from some variations of the Waters’ signature scheme. It is computationally efficient and the signatures are short. The scheme is provably secure based on the difficulty of computational Diffie-Hellman (CDH) problem in the standard model.

Hu Xiong,Shikun Wu,Ji Geng,Emmanuel Ahene,Songyang Wu,Zhiguang Qin

DOI: https://doi.org/10.3837/tiis.2015.03.023

2015-01-01

KSII Transactions on Internet and Information Systems

Abstract:Certificate-based signature (CBS) combines the advantages of both public key-based signature and identity-based signature, while saving from the disadvantages of drawbacks in both PKS and IBS. The insecure deployment of CBS under the hostile circumstances usually causes the exposure of signing key to be inescapable. To resist the threat of key leakage, we present a pairing-free key insulated CBS scheme by incorporating the idea of key insulated mechanism and CBS. Our scheme eliminates the costly pairing operations and as a matter of fact outperforms the existing key insulated CBS schemes. It is more suitable for low-power devices. Furthermore, the unforgeability of our scheme has been formally proven to rest on the discrete logarithm assumption in the random oracle model.

Yanan Chen,Weixiang Xu,Hu Xiong

DOI: https://doi.org/10.1007/s12243-015-0461-z

2015-01-01

Abstract:To protect signing rights against the compromise of secret key, the key-insulated signature (KIS) has attracted a lot of attention from the industry and academia. It would be interesting to investigate the notion of KIS in the certificateless public key cryptography (CL-PKC) environment to solve the problem of certificate management and key escrow simultaneously. To capture the seeming neglected attack mounted by the malicious key generation center (KGC), a stronger security model for the CL-PKC should be considered. In this paper, we first show that the only known CL-KIS scheme is vulnerable against malicious KGC attack, and then propose the first CL-KIS scheme secure against malicious KGC attack, with security proof in the standard model.

Jian Weng,Ke-fei Chen,Xiang-xue Li,Sheng-li Liu,Wei-dong Qiu

DOI: https://doi.org/10.1007/s12204-008-0006-y

2008-01-01

Abstract:To minimize the damage caused by key-exposure in ID-based signatures, in ISPEC'06 Zhou et al (2006) proposed an ID-based key-insulated signature (IBKIS) scheme. However, their scheme is not strong key-insulated, i.e, if a user's helper is compromised, the adversary can derive all of this user's secret keys for any time period. Moreover, in practice, to alleviate the damage in case of key-exposure, secret keys in IBKIS schemes have to be updated at very short intervals, which will increase the risk of helper key-exposure. It is important to note that even for an IBKIS scheme with strong key-insulated security, once a user's helper and one of his secret keys are both compromised, the adversary can also derive all of this user's secret keys for any time period. Is it possible to allow frequent key-updates without increasing the risk of helper key-exposure in IBKIS systems? In this paper, we extend Hanaoka et al (2006) parallel key-insulated mechanism to ID-based signature scenarios, and present an ID-based parallel key-insulated signature (IBPKIS) scheme. Compared with Zhou et al (2006) IBKIS scheme, our scheme enjoys three attractive features: (i) it is strong key-insulated; (ii) it can allow frequent key-updates without increasing the risk of helper key-exposure, and over all, enhances the security of the system; (iii) even if one of a user's helpers and some of his secret keys are both exposed, it is impossible for an adversary to derive all of this user's secret keys.

Debiao He,Baojun Huang,Jianhua Chen

DOI: https://doi.org/10.1049/iet-ifs.2012.0176

2013-01-01

IET Information Security

Abstract:The certificateless public key cryptography has attracted wide attention since it could solve the certificate management problem in the traditional public key cryptography and the key escrow problem in the identity-based public key cryptography. Recently, several certificateless short signature schemes, which could satisfy the requirement of low-bandwidth communication environments, have been proposed. However, most of them are not secure against either the Type I adversary or the Type II adversary. In this study, the authors propose a new efficient certificateless short signature scheme. The analysis shows the authors' scheme has better performance than the related schemes and is secure against both of the super Type I and the super Type II adversaries.

Hu Xiong,Songyang Wu,Fagen Li,Zhiguang Qin

DOI: https://doi.org/10.1007/s11277-014-2106-3

IF: 2.017

2015-01-01

Wireless Personal Communications

Abstract:As an important approach to resist the threat of key leakage, key insulated security allows secret keys to be periodically updated by using a physically-secure but computation-limited device. Recently, key insulated mechanism has been introduced into identity based (ID-based) signature to solve the key-leakage problem in ID-based signature scenarios. In this paper, we present two compact ID-based key-insulated signature schemes that try to minimize the total amount of message and signature. Compared with the up-to-date ID-based key-insulated signatures, our schemes enjoy the minimum net bandwidth and computation overhead. We also provide formal security proofs of our schemes under the Computational Diffie–Hellman assumption in the random oracle model. We focus on potential applications of our schemes to secret handshakes, but we believe they will find many other applications as well.

Qi Xia,Chunxiang Xu,Yong Yu

DOI: https://doi.org/10.4028/www.scientific.net/kem.439-440.1606

2010-01-01

Key Engineering Materials

Abstract:Liu et al. proposed the first certificateless signature scheme without random oracles in 2007. However, Xiong et al. showed that Liu et al.'s scheme is insecure against a malicious-but-passive KGC attack and proposed an improved scheme. In ISA 2009, Yuan et al. also proposed a new certificateless signature scheme without random oracles. Although they claimed that the two schemes are secure in the standard model, this paper shows that both Xiong et al.'s improved scheme and Yuan et al.'s new scheme are vulnerable to key replacement attack, where an adversary, obtaining a signature on a message and replacing the public key of a signer, can forge valid signatures on the same message under the replaced public key. We also give the corresponding modifications of the two schemes to resist key replacement attack.

Li-Bo He,Dong-Jie Yan,Hu Xiong,Zhi-Guang Qin

DOI: https://doi.org/10.11989/jest.1674-862x.6052718

2018-01-01

Abstract:Certificateless encryption attracts a lot of attention so far by eliminating the key escrow problem in identity-based encryption and public key certificates in the traditional public key cryptography. By considering the threat from the key exposure, it is desirable to incorporate the idea of key-insulated cryptosystem into the certificateless encryption. In this paper, we have designed an efficient certificateless keyinsulated encryption（CL-KIE） scheme to achieve this goal. By our approach, the computational performance of our scheme has been improved significantly in terms of reduction on running time and storage. We also gave the security proof of the new CL-KIE scheme against the chosen plaintext attacks（CPAs） in the random oracle, considering the assumption of the computational Diffie-Hellman（CDH） problem.

Bessie C. Hu,Duncan S. Wong,Zhenfeng Zhang,Xiaotie Deng

DOI: https://doi.org/10.1007/s10623-006-9022-9

IF: 1.4

2006-01-01

Designs Codes and Cryptography

Abstract:Certificateless cryptography involves a Key Generation Center (KGC) which issues a partial key to a user and the user also independently generates an additional public/secret key pair in such a way that the KGC who knows only the partial key but not the additional secret key is not able to do any cryptographic operation on behalf of the user; and a third party who replaces the public/secret key pair but does not know the partial key cannot do any cryptographic operation as the user either. We call this attack launched by the third party as the key replacement attack. In ACISP 2004, Yum and Lee proposed a generic construction of digital signature schemes under the framework of certificateless cryptography. In this paper, we show that their generic construction is insecure against key replacement attack. In particular, we give some concrete examples to show that the security requirements of some building blocks they specified are insufficient to support some of their security claims. We then propose a modification of their scheme and show its security in a new and simplified security model. We show that our simplified definition and adversarial model not only capture all the distinct features of certificateless signature but are also more versatile when compared with all the comparable ones. We believe that the model itself is of independent interest.A conventional certificateless signature scheme only achieves Girault's Level 2 security. For achieving Level 3 security, that a conventional signature scheme in Public Key Infrastructure does, we propose an extension to our definition of certificateless signature scheme and introduce an additional security model for this extension. We show that our generic construction satisfies Level 3 security after some appropriate and simple modification.

Jianhong Chen,Kefei Chen,Yongtao Wang,Xiangxue Li,Yu Long,Zhongmei Wan

DOI: https://doi.org/10.15388/informatica.2012.347

2012-01-01

Informatica

Abstract:Key-insulated cryptography is an important technique to protect private keys in identity-based (IB) cryptosytems. Despite the flurry of recent results on IB key-insulated encryption (IBKIE) and signature (IBKIS), a problem regarding the security and efficiency of practicing IBKIE and IBKIS as a joint IB key-insulated signature/encryption scheme with a common set of parameters and keys remains open. To deal with the above question, we propose an identity-based key-insulated signcryption (IBKISC) scheme. Compared with the Sign-then-Encrypt (StE) and Encrypt-then-Sign (EtS) using IBKIE and IBKIS in the standard model, our proposed IBKISC scheme is the fastest with the shortest ciphertext size.

guobin zhu,hu xiong,ruijin wang,zhiguang qin

DOI: https://doi.org/10.1007/978-81-322-1759-6_12

2014-01-01

Abstract:As one of the fundamental cryptographic primitives, signcryption can achieve unforgeability and confidentiality simultaneously at the cost significantly lower than the signature-then-encryption approach in terms of computational costs and communication overheads. In view of the damage caused by the secret key leakage, Chen et al. proposed an efficient identity-based key-insulated signcryption (ID-KI-SC) scheme secure in the standard model recently. However, in this paper, we show that their scheme does not achieve the indistinguishability against adaptively chosen ciphertext attacks (IND-CCA2) and existential unforgeability against adaptively chosen message attacks (EUF-CMA). Furthermore, we propose an improved scheme that remedies the weakness of Chen et al.' s scheme.

Miaomiao Tian,Liusheng Huang,Wei Yang

DOI: https://doi.org/10.1504/IJESDF.2014.064409

2014-01-01

International Journal of Electronic Security and Digital Forensics

Abstract:Certificateless cryptography is an attractive paradigm for public key cryptography since it does not require certificates in traditional public key cryptography and also solves the inherent key escrow problem in identity-based cryptography. Currently, certificateless short signature is receiving significant attention from the public key cryptography research community as it is particularly useful in low-bandwidth communication environments. However, most of the certificateless short signature schemes only support low-level security. Recently, Choi et al. presented a certificateless short signature scheme and claimed that it is provably secure against super adversaries in the random oracle model. Unfortunately, in this paper, we show that their scheme is insecure even against a strong adversary. We then propose a new certificateless short signature scheme and prove that it is secure against strong adversaries. Compared with other certificateless short signature schemes, our scheme is more computationally efficient.

Jian-hong Chen,Yu Long,Ke-fei Chen,Yong-tao Wang,Xiang-xue Li

DOI: https://doi.org/10.1007/s12204-011-1207-3

2011-01-01

Abstract:To tackle the key-exposure problem in signature settings, this paper introduces a new cryptographic primitive named threshold key-insulated signature (TKIS) and proposes a concrete TKIS scheme. For a TKIS system, at least k out of n helpers are needed to update a user’s temporary private key. On the one hand, even if up to k −1 helpers are compromised in addition to the exposure of any of temporary private keys, security of the non-exposed periods is still assured. On the other hand, even if all the n helpers are compromised, we can still ensure the security of all periods as long as none of temporary private keys is exposed. Compared with traditional key-insulated signature (KIS) schemes, the proposed TKIS scheme not only greatly enhances the security of the system, but also provides flexibility and efficiency.

Zhongmei Wan,Xuejia Lai,Jian Weng,Shengli Liu,Xuan Hong

DOI: https://doi.org/10.1007/s11767-008-0128-2

2009-01-01

Abstract:In proxy signature schemes, the proxy signer B is permitted to produce a signature on behalf of the original signer A. However, exposure of proxy signing keys can be the most devastating attack on a proxy signature scheme since any adversary can sign messages on behalf of the proxy signer. In this paper, we applied Dodis, et al. ’s key-insulation mechanism and proposed an Identity-Based (ID-based) Key-Insulated Proxy Signature (IBKIPS) scheme with secure key-updates. The proposed scheme is strong key-insulated and perfectly key-insulated. Our scheme also supports unbounded period numbers and random-access key-updates.

Liangliang Wang,Kefei Chen,Yu Long,Xianping Mao,Huige Wang

DOI: https://doi.org/10.1109/INCoS.2015.10

2015-01-01

Abstract:Certificateless public key cryptography was proposed to solve the key escrow problem in identity-based public key cryptography. Namely, a user's full private key must be comprised of a partial private key which is provided by the key generation center and a secret value which is chosen by the user. Thus the key generation center can no longer acquire each user's full private key by itself. In 2014, Yeh et al. proposed an efficient certificateless public key signature scheme without bilinear pairings. They also showed their scheme is secure against super adversary under the hardness of breaking discrete logarithm problem in the random model. In this paper, we modify Yeh et al.'s scheme to obtain a new scheme which is more practical than theirs. And our modified scheme can achieve the same security level as Yeh et al.'s scheme under the hardness of breaking discrete logarithm problem in the random model.

Bo Yang,Zhao Yang,Nengfei Liu,Shougui Li

DOI: https://doi.org/10.1109/cis.2015.89

2013-01-01

Abstract:Certificate less public key cryptography is an attractive paradigm since it eliminates the use of certificates in traditional public key cryptography and alleviates the inherent key escrow problem in identity-based cryptography. Recently, Xiong et al. Proposed a certificate less signature scheme and proved that their scheme is existentially unforgeable against adaptive chosen message attack under the random oracle model. He et al. Pointed out that Xiong et al.'s scheme is insecure against the Type II adversary. But, their forged signatures are not random, and their improved scheme has the same security defects as Xiong et al.'s scheme. In this paper, we present two malicious-but-passive KGC attack methods on Xiong et al.'s scheme and our results show that their scheme is insecure against malicious-but-passive KGC attack. We also propose an improved scheme which is secure against the super Type I adversary and super Type II adversary.

Chandrasekaran Pandurangan,Akash Gautam,Sangeetha Jose

DOI: https://doi.org/10.22667/JOWUA.2014.03.31.122

Abstract:Blind signatures have key role in real world applications like e-cash, e-voting etc. The first blind signature was proposed by Chaum under public key infrastructure(PKI) model. The inherent problem in PKI is the certificate management which is overcome by identity(ID) based system. The ID based system is susceptible to key escrow problem. By removing the inherent problems of both PKI and ID based cryptosystems, Al Riyami et al. proposed a new cryptosystem called certificateless cryptosystem. Certificateless blind signature overcomes inherent key escrow problem in identity based blind signatures and does not require expensive certificates as in the public key infrastructure. Even though different certificateless blind signatures are proposed in the literature, rigorous formal proof is absent for all the proposals. Therefore in this paper we propose a new efficient provably secure certificateless blind signature scheme whose security can be proven to be equivalent to solving computational Diffie-Hellman (CDH) and chosen-target CDH problem in the random oracle model. As per our knowledge, our scheme is the only certificateless blind signature scheme which is proven to be strongly unforgeable and satisfies blindness property.

Computer Science