Sheng Zhong

DOI: https://doi.org/10.5555/1227517.1227524

2006-01-01

Fundamenta Informaticae

Abstract:Traditionally, due to efficiency considerations, when encrypting long messages using an asymmtric cryptosystem, one needs to use a symmetric cryptosystem in addition. To eliminate this requirement, Hwang, Chang, and Hwang introduced an asymmetric cryptosystem for encrypting long messages. However, they did not give any formal proof of the security of this cryptosystem. In this paper, we propose an improved asymmetric cryptosystem for encrypting long messages, which is both efficient and secure. In the aspect of efficiency, our cryptosystem is about twice as fast as the Hwang-Chang-Hwang cryptosystem. In the aspect of security, besides providing an informal analysis, we rigorously show that computing any part of the plaintext message encrypted using our cryptosystem is as hard as breaking the ElGamal cryptosystem, even if all other parts of the message are already known to the adversary.

Sheng-li Liu,Bao-an Guo,Qing-sheng Zhang

DOI: https://doi.org/10.1007/s12204-009-0086-3

2009-01-01

Journal of Shanghai Jiaotong University (Science)

Abstract:This paper proposes an identity-based encryption scheme with the help of bilinear pairings, where the identity information of a user functions as the user’s public key. The advantage of an identity-based public key system is that it can avoid public key certificates and certificate management. Our identity-based encryption scheme enjoys short ciphertexts and provable security against chosen-ciphertext attack (CCA).

Hu Xiong,Yingzhe Hou,Xin Huang,Yanan Zhao

DOI: https://doi.org/10.1016/j.vehcom.2020.100264

IF: 6.7

2020-12-01

Vehicular Communications

Abstract:<p>To provide a classification function that has the ability to promote the management of signcrypted messages transmitted by the numerous vehicles in the IoV system, in this paper, we construct an identity-based signcryption with equality test scheme (IBSC-ET) for the first time. Our scheme not only ensures the integrity, confidentiality as well as authentication of messages, but also enables the cloud server to execute the equality test between two ciphertexts signcrypted by the same or different public keys to decide whether the same plaintext is contained, which is counted as the essential factor contributing to the classification. Besides, the identity-based mechanism greatly improves the efficiency since the certificate management problem is avoided. Furthermore, the security of the introduced scheme can be proved in the random oracle model under the Computational Diffie-Hellman Assumption (CDHA) as well as the Bilinear Diffie-Hellman Assumption (BDHA). In the end, the feasibility and efficiency of our proposed are demonstrated through the performance analysis.</p>

telecommunications,transportation science & technology

Yong Yu,Fagen Li,Chunxiang Xu,Ying Sun

DOI: https://doi.org/10.1007/s11859-008-0607-1

2008-01-01

Abstract:Signcryption is a cryptographic primitive that performs encryption and signature in a single logical step more efficiently than sign-then-encrypt approach. Till now, various kinds of signcryption schemes have been proposed. Among them, the requirement of signcrypter’s privacy protection is needful in some practical applications. In this paper, a new identity-based anonymous signcryption scheme from bilinear pairings, which is the organic combination of identity-based ring signature and encryption scheme, is proposed. The proposed scheme is indistinguishable against the chosen ciphertext attack under the Decisional Bilinear Diffie-Hellman assumption in the random oracle model. Its unforgeability relies on the computational Diffie-Hellman problem. Compared with the previous schemes, the new scheme is more efficient in computation.

Jianhong Chen,Kefei Chen,Yongtao Wang,Xiangxue Li,Yu Long,Zhongmei Wan

DOI: https://doi.org/10.15388/informatica.2012.347

2012-01-01

Informatica

Abstract:Key-insulated cryptography is an important technique to protect private keys in identity-based (IB) cryptosytems. Despite the flurry of recent results on IB key-insulated encryption (IBKIE) and signature (IBKIS), a problem regarding the security and efficiency of practicing IBKIE and IBKIS as a joint IB key-insulated signature/encryption scheme with a common set of parameters and keys remains open. To deal with the above question, we propose an identity-based key-insulated signcryption (IBKISC) scheme. Compared with the Sign-then-Encrypt (StE) and Encrypt-then-Sign (EtS) using IBKIE and IBKIS in the standard model, our proposed IBKISC scheme is the fastest with the shortest ciphertext size.

Parhat Abla,Feng-Hao Liu,Han Wang,Zhedong Wang

DOI: https://doi.org/10.1007/978-3-030-90456-2_6

2021-01-01

Abstract:This work constructs an identity based encryption from the ring learning with errors assumption (RLWE), with shorter master public keys and tighter security analysis. To achieve this, we develop three new methods: (1) a new homomorphic equality test method using nice algebraic structures of the rings, (2) a new family of hash functions with natural homomorphic evaluation algorithms, and (3) a new insight for tighter reduction analyses. These methods can be used to improve other important cryptographic tasks, and thus are of general interests. Particularly, our homomorphic equality test method can derive a new method for packing/unpacking GSW-style encodings, showing a new non-trivial advantage of RLWE over the plain LWE. Moreover, our new insight for tighter analyses can improve the analyses of all the currently known partition-based IBE designs, achieving the best of the both from prior analytical frameworks of Waters (Eurocrypt '05) and Bellare and Ristenpart (Eurocrypt '09).

LI Fa-Gen,HU Yu-Pu,LI Gang

2006-01-01

Chinese Journal of Computers

Abstract:Signcryption is a cryptographic primitive that combines both the functions of digital signature and public key encryption in a logical single step,at lower computational costs and communication overheads than the traditional signaturethen-encryption approach.In this paper,the authors present a new identitybased signcryption scheme using the bilinear pairings and prove its security in the random oracle model.The proposed scheme is proved to be secure assuming the bilinear Diffle-Hellman problem is hard.As compared with the most efficient Chen & Malone-Lee scheme to date,the proposed scheme decreases one pairing operation and only requires two pairing operations.

Fagen Li,Fahad Bin Muhaya,Mingwu Zhang,Tsuyoshi Takagi

DOI: https://doi.org/10.1002/cpe.1823

2011-01-01

Abstract:Signcryption is a cryptographic primitive that fulfills both the functions of digital signature and public key encryption simultaneously, at a cost significantly lower than that required by the traditional signature-then-encryption approach. Signcryption has been shown to be useful in many applications, such as electronic commerce, mobile communications and smart cards. Recently, three identity-based signcryption schemes in the standard model were proposed. However, the three schemes are broken soon. How to construct a secure identity-based signcryption scheme in the standard model is still an open problem. In this paper, we solve this problem and propose an efficient identity-based signcryption scheme in the standard model. We prove that our scheme has the indistinguishability against adaptive chosen ciphertext attacks under the modified decisional bilinear Diffie-Hellman assumption and the existential unforgeability against adaptive chosen messages attacks under the computational Diffie-Hellman assumption.

Yanli Ren,Dawu Gu

DOI: https://doi.org/10.1109/isdpe.2007.76

2007-01-01

Abstract:Identity based crypto system is a public key cryptosystem where the public key can be represented as an arbitrary string. However, an identity based signature scheme that is fully secure in the standard model with a tight reduction has not been proposed until now. In this paper, we propose an identity based signature scheme that is fully secure in the standard model and has several advantages-computational efficiency, short public parameters, and a tight security reduction. In many situations we want to enjoy confidentiality and authenticity simultaneously. A traditional approach to achieve this objective is to "sign-then-encrypt" this message, or we can employ special cryptographic scheme like signcryption. To the best of our knowledge, reference [15] proposes the only identity based signcryption scheme in the standard model. But its security proof is based on a weaker model-"sample-ID" model and the reduction is not tight. Combining an identity based encryption scheme, we also propose the first identity based signcryption scheme that is fully secure in the standard model with a tight reduction. Moreover, our signcryption scheme has public verifiability.

Qihua Wang,Fagen Li,Huaqun Wang

DOI: https://doi.org/10.1155/2018/5702068

2018-01-01

Wireless Communications and Mobile Computing

Abstract:Anonymous multireceiver encryption scheme can not only protect the privacy of the receiver but also ensure the security of message. However, the computational cost of this scheme is very large. It is not suitable for the sender which has limited resources, such as mobile devices and sensor nodes. In this work, an anonymous multireceiver online/offline identity-based encryption is proposed based on offline/online and identity-based encryption (IBE). In identity-based encryption scheme, the sender can encrypt the message using the unique information of the user (such as identity number or e-mail address) as its public key. The receiver obtains the private key from a central authority. For mobile device with limited resource, the online/offline encryption scheme can reduce the computational cost. Compared to the previous anonymous multireceiver schemes, the proposed scheme can efficiently encrypt message with offline/online method and ensure the anonymity of receivers. The analysis results also show that our scheme is efficient in terms of computational cost by comparing to the previous works.

Yong Yu,Bo Yang,Xinyi Huang,Mingwu Zhang

DOI: https://doi.org/10.1007/978-3-540-73547-2_4

2007-01-01

Abstract:Signcryption is a cryptographic primitive that performs signature and encryption simultaneously. In this paper, we propose an efficient identity based signcryption scheme for multiple receivers which needs only one pairing computation to signcrypt a message for n different receivers and can provide confidentiality and authenticity simultaneously. This scheme turns out to be more efficient than all others proposed so far. We prove its security in the random oracle model. Specifically, we prove its semantic security under the hardness of Bilinear Diffie-Hellman (BDH) problem and its unforgeability under the Computational Diffie-Hellamn (CDH) assumption.

Meng Wang,Zhijing Liu

DOI: https://doi.org/10.1109/CIT.2005.129

2006-01-01

Abstract:An identity based cryptosystem is a novel type of public cryptographic scheme in which the public keys of the users are their identities or strings derived from their identities. In a ( n t, ) proxy signature scheme, the original signer can delegate his/her signing capability to n proxy signers such that any t or more proxy signers can sign messages on behalf of the former, but 1 - t or less of them cannot do the same thing. However, in many situations we want to enjoy confidentiality, authenticity and non-repudiation of message simultaneously. In this paper we propose an identity based threshold proxy signcryption scheme using bilinear pairings. The security of the scheme is also analyzed.

Weifeng Wu,Fagen Li

DOI: https://doi.org/10.3837/tiis.2015.05.020

2015-01-01

KSII Transactions on Internet and Information Systems

Abstract:Deniable authentication protocol allows a sender to deny his/her involvement after the protocol run and a receiver can identify the true source of a given message. Meanwhile, the receiver has no ability to convince any third party of the fact that the message was sent by the specific sender. However, most of the proposed protocols didn't achieve confidentiality of the transmitted message. But, in some special application scenarios such as e-mail system, electronic voting and Internet negotiations, not only the property of deniable authentication but also message confidentiality are needed. To settle this problem, in this paper, we present a non-interactive identity-based deniable authenticated encryption (IBDAE) scheme using pairings. We give the security model and formal proof of the presented IBDAE scheme in the random oracle model under bilinear Diffie-Hellman (BDH) assumption.

Yunlei Zhao

DOI: https://doi.org/10.1016/j.tcs.2021.11.014

IF: 1.002

2021-01-01

Theoretical Computer Science

Abstract:After two decades of research on signcryption, recently a new cryptographic primitive, named higncryption, was proposed at ACM CCS'16. Higncryption can be viewed as privacy-enhanced signcryption, which integrates public key encryption, digital signature and identity concealment (which is not achieved in signcryption) into a monolithic primitive. Here, identity concealment means that the transcript of protocol runs should not leak participants' identity information. In this work, we propose the first identity-based higncryption (IBHigncryption, for short). We present the formal security model for IBHigncryption, under which security proof of the proposed scheme is conducted. The most impressive feature of IBHigncryption, besides other desirable properties it offers, is its simplicity and efficiency, which might be somewhat surprising in retrospect. Our IBHigncryption has a much simpler setup stage with smaller public parameters and particularly no need of computing master public key. It is essentially as efficient as (if not more than) the fundamental CCA-secure Boneh-Franklin identity-based encryption scheme [14] , and has significant efficiency advantage over the IEEE 1363.3 standard of identity-based signcryption [8] .

Yu Chen,Song Luo,Jianbin Hu,Zhong Chen

DOI: https://doi.org/10.1007/978-3-642-27901-0_7

2012-01-01

Abstract:In EUROCRYPT 2004, Boneh and Boyen presented two efficient Identity Based Encryption (IBE) schemes that are selective-identity secure in the standard model. Particularly, the first one known as BB1 -IBE, which is characterized by commutative blinding technique (BB1 -style), distinguishes itself as the most fertile ground for many applications. They also proved that BB1 -IBE is fully secure in the random oracle model but with a looser reduction. In this paper, we propose a novel IBE scheme of BB1 -style, which is fully secure in the random oracle model with a tighter reduction. Additionally, we give a chosen ciphertext secure construction of our scheme from twin technique.

Fagen Li,Muhammad Khurram Khan

DOI: https://doi.org/10.4103/0256-4602.81236

2011-01-01

IETE Technical Review

Abstract:Signcryption is a cryptographic primitive that fulfills both the functions of digital signature and public key encryption simultaneously, at a cost significantly lower than that required by the traditional signature-then-encryption approach. Signcryption has found many applications, such as electronic transaction protocol, mobile agent protocol, key management, and routing protocol. In this article, the state-of-the-art of identity-based signcryption (IBSC) is surveyed. We examine the security model of IBSC. We survey the existing IBSC schemes and compare their security properties and efficiency. IBSC with special properties and identity-based hybrid signcryption are investigated. Some possible future work is also pointed out.

Yuyang Zhou,Yuanfeng Guan,Zhiwei Zhang,Fagen Li

DOI: https://doi.org/10.1007/978-981-15-0818-9_3

2019-01-01

Abstract:The Snowden revelations show that powerful attackers can compromise user's machines to steal users' private information. At the same time, many of the encryption schemes that are proven to be secure in Random Oracle Model (ROM) may present undetectable vulnerabilities when implemented, and these vulnerabilities may reveal a users' secrets, e.g., the machine hides some backdoors without the user's awareness, and an attacker can steal the user's private information through these backdoors. Recently, Mironov and Stephens-Davidowitz proposed cryptographic reverse firewall (CRF) to solve this problem. However, there is no CRF for identity-based encryption (IBE) has been proposed. In this paper, we propose two CRF protocols for IBE. One is a one-round encryption protocol with CRF used on the receiver, and the other is a two-round encryption protocol with CRFs deployed on both sender and receiver. We prove that these two protocols can resist the exfiltration of secret information and one is only secure against a chosen plaintext attack (CPA), the other is semantically secure against an adaptive chosen ciphertext attack (IND-ID-CCA). Moreover, we use JPBC to implement our protocols. The experimental results indicate that our protocols have some advantages in communication cost. Under certain computation cost conditions, our protocols are efficient and practical.

Beini Zhou,Hui Li,Li Xu

DOI: https://doi.org/10.1109/iscc.2018.8538446

2018-01-01

Abstract:Identity-based encryption is a key distribution system in which the public key of a user is derived directly from his identity information. Compared with PKI, Identity-based encryption simplifies key management issue, but it still suffers from drawbacks inkey escrow and private key delivering. Motivated by this, we propose an improved key distribution solution called BIBE by integrating the technique of blockchain into the identity-based encryption. Specifically, we split the nodes in the chain to complete user authentication and private key protection, respectively. Furthermore, the two sides complete the mutual identity authentication with the identity information key pairs obtained from BIBE. Additionally, to prevent network attack, we employ timestamps, random numbers and hash algorithm in the process of identification. Through the rigorous and mathematical analysis, the proposed scheme demonstratesa far better performance on correctness, safety and efficiency.

Mei Qi-xiang,He Da-ke,Yu Zheng

2006-01-01

Abstract:In Eurocrypt 2004, Canetti, Halevi and Katz proposed a method for constructing Chosen Ciphertext secure ( ie., CCA secure) public key encryption from any Selective-ID secure ID-Based Encryption (IBE). However, this method needs one time signature and thus adds noticeable overhead to the underling scheme. In this paper, a new CCA secure public key cryptosystem is constructed from the Adaptive-ID secure IBE scheme proposed by Waters. Here, the "identity" is the hash of the first two parts of the ciphertext, and the bilinear map is used to test the ciphertext validity. The proposal is much more efficient than those obtained from the general CHK. method. The security of the new scheme is proved under the standard Decisional Bilinear Diffie-Hellman (DBDH) assumption.

Jianhua Yan,Licheng Wang,Mianxiong Dong,Yixian Yang,Wenbin Yao

DOI: https://doi.org/10.1002/sec.1297

IF: 1.968

2015-01-01

Security and Communication Networks

Abstract:Signcryption as a cryptographic primitive can carry out signature and encryption simultaneously at a remarkably reduced cost. Identity-based cryptography is more convenient than public key infrastructure-based cryptography in certificate management. As a result, identity-based signcryption has been studied extensively, and many efficient and provably secure constructions have been proposed. However, most of these schemes are based on intractability assumptions from number theory, and these assumptions have been threatened by the booming quantum computation. Therefore, a recent trend in cryptography is to construct cryptosystems that are based on lattice-based intractability assumptions because of their plausible features of quantum attack resistance. In this paper, several identity-based signcryption schemes from lattice hardness assumptions are proposed. In the standard model, these schemes are indistinguishable against inner adaptively chosen ciphertext attacks (IND-CCA2) and strongly unforgeable against inner chosen message attacks. In our construction, it does not matter whether the original encryption scheme used to construct signcryption is deterministic or probabilistic; the resulted signcryption schemes can reach IND-CCA2 security. To achieve this, we carefully combine three techniques-the identity-based encryption from lattice due to Agrawal-Boneh-Boyen (EUROCRYPT 2010), the framework of lattice-based short signature due to Boyen (Public Key Cryptography 2010), and the Canetti-Halevi-Katz (abbr. CHK) technique, with necessary and tailored optimization-for transforming an (l + 1)-level indistinguishable under chosen plaintext attack secure hierarchical identity-based encryption (HIBE) into an l level IND-CCA2 secure HIBE scheme. In addition, our security proof also contains a more efficient simulation tool that might have separate interest in cryptographic applications. Copyright (C) 2015 John Wiley & Sons, Ltd.