Huai Wu,Chunxiang Xu,Jiang Deng

DOI: https://doi.org/10.1109/INCoS.2013.95

2013-01-01

Abstract:Fast signature verification is desirable in many applications, especially for numerous low computation scenarios such as RFID, wireless network. Up to now, many techniques have been suggested to reduce the computational load. For example, server-aided verification aims at saving computational overhead and aggregated signatures have been used for saving the bandwidth by compressing a list of signatures into a single signature. Therefore, it is interesting to study how to combine these two tricks together, namely server-aided aggregate verification signature, to achieve both short signature length and secure server-aided verification. The contribution of this paper is three folds. Firstly, we formalize a new security model of server-aided aggregate verification signature scheme (SAAV-?). Secondly, we propose a concrete server-aided aggregate verification signature scheme based BGLS signature scheme. Finally, we show that our construction is secure in our model.

Li-Hong Guo,Hai-Tao Wu,Qing Yang

DOI: https://doi.org/10.2991/icwcsn-16.2017.32

2016-01-01

Abstract:Proxy signature schemes have been suggested for use in a number of applications, so the security of proxy signature scheme is more and more important. However, at present, almost all the proxy signature schemas were proven secure in the random oracle model, which has received a lot of criticism. Recently, Yu et al. proposed a designated verifier proxy signature scheme without random oracles by using Waters hashing technique. The formal models and a strictly logical process were provided in this schema. But Kang et al. show some attacks on Yu et al.s scheme and offer its insecurity proof. In this paper, in order to overcome the weaknesses in Yu et al.s scheme we make supplements on it and make it secure resist Kang et al.s attacks.

Huai Wu,Chunxiang Xu,Jiang Deng,Jianbing Ni

2013-01-01

Journal of Computational Information Systems

Abstract:The technique of server-aided verification helps to speed up the verification of a digital signature. This is highly desirable for many low computation applications such as RFID, wireless network. Recently, Wu et al. proposed two server-aided verification signature schemes based on Waters signature. Unfortunately, we demonstrate that the two schemes are vulnerable to collusion attacks by giving concrete security analysis. Copyright © 2013 Binary Information Press.

Lingling Xu,Shaohua Tang

DOI: https://doi.org/10.1109/EIDWT.2013.77

2013-01-01

Abstract:A server-aided verification signature scheme consists of a digital signature scheme and a server-aided verification protocol. Signatures can be verified by executing the server-aided verification protocol with an untrusted server. In existing server-aided verification signature schemes, the server can learn some information about the message-signature pair to be verified, which is undesirable especially when the message includes some secret information. In this paper, we mainly study the server-aided verification signatures with privacy. Two definitions of privacy for server-aided verification signatures are presented under collusion attacks between the server and the signer. Then based on existing signatures, two concrete server-aided verification signature schemes with privacy are proposed which are both proved secure.

Lingling Xu,Jin Li,Shaohua Tang,Joonsang Baek

DOI: https://doi.org/10.1155/2015/626415

2015-01-01

Mobile Information Systems

Abstract:With the development of wireless technology, much data communication and processing has been conducted in mobile devices with wireless connection. As we know that the mobile devices will always be resource-poor relative to static ones though they will improve in absolute ability, therefore, they cannot process some expensive computational tasks due to the constrained computational resources. According to this problem, server-aided computing has been studied in which the power-constrained mobile devices can outsource some expensive computation to a server with powerful resources in order to reduce their computational load. However, in existing server-aided verification signature schemes, the server can learn some information about the message-signature pair to be verified, which is undesirable especially when the message includes some secret information. In this paper, we mainly study the server-aided verification signatures with privacy in which the message-signature pair to be verified can be protected from the server. Two definitions of privacy for server-aided verification signatures are presented under collusion attacks between the server and the signer. Then based on existing signatures, two concrete server-aided verification signature schemes with privacy are proposed which are both proved secure.

Hu Xiong,Qianhong Wu,Zhong Chen

DOI: https://doi.org/10.1109/INCoS.2011.151

2011-01-01

Abstract:An aggregate signature scheme allows a public algorithm to aggregate n signatures of n distinct messages from n signers into a single signature. By validating the single resulting signature, one can be convinced that the messages have been endorsed by all the signers. Certificateless aggregate signatures allow the signers to authenticate messages without suffering from the complex certificate management in the traditional public key cryptography or the key escrow problem in identity-based cryptography. In this paper, we present a new efficient certificate less aggregate signature scheme. Compared with up-to-date certificate less aggregate signatures, our scheme is equipped with a number of attracting features: (1) it is shown to be secure under the standard computational Diffie-Hellman assumption in the random oracle model, (2) the security is proven in the strongest security model so far, (3) the signers do not need to be synchronized, and (4) its performance is comparable to the most efficient up-to-date schemes. These features are desirable in a mobile networking and computing environment where the storage/computation capacity of the end devices are limited, and due to the wireless connection and distributed feature, the computing devices are easy to be attacked and hard to be synchronized.

Y Lei,DR Chen,ZD Jiang

DOI: https://doi.org/10.1109/aina.2004.1283860

2004-01-01

Abstract:With the explosion of the mobile communication market, more and more handheld devices act as clients in the Internet. People use these devices to purchase books, play games, receive emails, etc. For protecting privacies, such applications should integrate digital signature schemes. Since handheld devices have poor computational capabilities and limited battery life, traditional computation intensive digital signature protocols that are based on asymmetric cryptographic algorithms are not suitable for mobile devices. In this paper we propose a Server Based Signature (SBS) scheme for mobile devices. Besides achieving the same security level of the traditional digital signature protocols, the SBS scheme also: 1) reduces the computation complexity on the mobile devices; 2) reduces the communication consumption between signer and verifier Application results show that our scheme is very useful for mobile communication systems.

Hu Xiong,Qianhong Wu,Zhong Chen

2012-01-01

Abstract:An aggregate signature scheme allows a public algorithm to aggregate n signatures on n distinct messages from n signers into a single signature. By validating the single resulting signature, one can be convinced that the messages have been endorsed by all the signers. Certificateless aggregate signatures allow the signers to authenticate messages without suffering from the complex certificate management in the traditional public key cryptography or the key escrow problem in identity-based cryptography. In this paper, we present a new efficient certificateless aggregate signature scheme. Compared with up-to-date certificateless aggregate signatures, our scheme is equipped with a number of attracting features: (1) it is shown to be secure under the standard computational Diffie-Hellman assumption in the random oracle model; (2) the security is proven in the strongest security model so far; (3) the signers do not need to be synchronized; and (4) its performance is comparable to the most efficient up-to-date schemes. These features are desirable in a mobile networking and computing environment where the storage/computation capacity of the end devices are limited, and due to the wireless connection and distributed feature, the computing devices are easy to be attacked and hard to be synchronized.

Yang Tao,Kong Lingbo,Hu Jianbin,Chen Zhong

2012-01-01

Journal of Computer Research and Development

Abstract:This paper surveys the aggregate signature and its applications. Aggregate signature simplifies the verification of any number of signatures to a verification, greatly reducing the signature verification work, so aggregate signature greatly improves the efficiency of signature verification and transmission. In real life, the aggregate signature technology can be used in the hierarchical PKI certificate chain, the security of wireless sensor network routing protocols, secure mail, electronic cash, database outsourcing, dynamic content distribution, VANETs data aggregation, IoT(Internet of Things) data aggregation and other fields.

Jiang Deng,Chunxiang Xu,Huai Wu,Liju Dong

DOI: https://doi.org/10.1002/cpe.3551

2016-01-01

Abstract:SummaryTo satisfy the applications in certificateless environment, many researchers have been investigating certificateless aggregate signature schemes. Several schemes that are independent with the aggregated numbers are proposed to reduce the computation overhead. In these schemes, the pairing computations that in verification procedure needs are a constant value. Recently, Hou et al. proposed an improved certificateless aggregate signature scheme. They demonstrated the scheme is provably secure in the random oracle model. However, we find that their scheme is insecure in their security model by giving a concrete attack. Then, we propose an improved certificateless signature scheme and use it to construct a new certificateless signature scheme with enhanced security and aggregation. Furthermore, we provide formal security proof of our new scheme. Compared with other four schemes, our enhanced protocol is more suitable for realistic applications. Copyright © 2015 John Wiley & Sons, Ltd.

Kwangsu Lee,Dong Hoon Lee

DOI: https://doi.org/10.1371/journal.pone.0128081

2014-11-18

Abstract:Aggregate signatures allow anyone to combine different signatures signed by different signers on different messages into a single short signature. An ideal aggregate signature scheme is an identity-based aggregate signature (IBAS) scheme that supports full aggregation since it can reduce the total transmitted data by using an identity string as a public key and anyone can freely aggregate different signatures. Constructing a secure IBAS scheme that supports full aggregation in bilinear maps is an important open problem. Recently, Yuan {\it et al.} proposed an IBAS scheme with full aggregation in bilinear maps and claimed its security in the random oracle model under the computational Diffie-Hellman assumption. In this paper, we show that there exists an efficient forgery attacker on their IBAS scheme and their security proof has a serious flaw.

Cryptography and Security

Qinyi Li,Hu Xiong,Zhiguang Qin,Qing Lu

2012-01-01

Abstract:Ordinary digital signatures have an inherent weakness:if the secret key is leaked, then all signatures, even the ones generated before the leak, are no longer trustworthy. Forward secure scheme has been suggested for solving this problem. An aggregate signature is a signature that aggregate n distinct signatures into a single short signature. A forward secure aggregate signature scheme combines with the two mentioned advantages. This paper points out that the scheme in [7] is not forward secure, and proposes a new forward secure aggregate signature scheme from bilinear maps . Finally,this paper analyzes the correctness and security of the scheme.

Hu Xiong,Zhi Guan,Zhong Chen,Fagen Li

DOI: https://doi.org/10.1016/j.ins.2012.07.004

IF: 8.1

2013-01-01

Information Sciences

Abstract:An aggregate signature scheme enables an algorithm to aggregate n signatures of n distinct messages from n users into a single short signature. This primitive is useful in resource-constrained environment since they allow bandwidth and computational savings. Recently, in order to eliminate the use of certificates in certified public key cryptography and the key-escrow problem in identity-based cryptography, the notion of certificateless public key cryptography was introduced. In this paper, we present an efficient certificateless aggregate signature scheme with constant pairing computations. The security of the proposed scheme can be proved to be equivalent to the standard computational Diffie–Hellman problem in the random oracle with a tight reduction. Furthermore, our scheme does not require synchronization for aggregating randomness, which makes it more suitable for ad hoc networks.

Jingwei Liu,Jinping Han,Longfei Wu,Rong Sun,Xiaojiang Du

DOI: https://doi.org/10.48550/arXiv.1811.03727

2018-11-09

Abstract:Along with the miniaturization of various types of sensors, a mass of intelligent terminals are gaining stronger sensing capability, which raises a deeper perception and better prospect of Internet of Things (IoT). With big sensing data, IoT provides lots of convenient services for the monitoring and management of smart cities and people's daily lives. However, there are still many security challenges influencing the further development of IoT, one of which is how to quickly verify the big data obtained from IoT terminals. Aggregate signature is an efficient approach to perform big data authentication. It can effectively reduce the computation and communication overheads. In this paper, utilizing these features, we construct a verifiable data aggregation scheme for Internet of Things, named VDAS, based on an improved certificateless aggregate signature algorithm. In VDAS, the length of the aggregated authentication message is independent of the number of IoT terminals. Then, we prove that VDAS is existentially unforgeable under adaptive chosen message attacks assuming that the computational Diffie-Hellman problem is hard. Additionally, the proposed VDAS achieves a better trade-off on the computation overheads between the resource-constrained IoT terminals and the data center.

Cryptography and Security

Yan XU,Liu-sheng HUANG,Miao-miao TIAN,Hong ZHONG,Jie CUI

DOI: https://doi.org/10.3969/j.issn.0372-2112.2016.08.011

2016-01-01

Abstract:Aggregate signature schemes are particularly useful for authentication in resource-constrained wireless net-works for realizing batch verification.Certificateless cryptosystems can resolve the certificate management problem or key es-crow problem in aggregate signature schemes.This paper firstly analyzed a certificatelss aggregate signature(CLAS)scheme. Then,a more efficient CLAS scheme that requires less bilinear paring operations was provided.The security analysis showed that this scheme can resist the forgery attack under the random oracle model,the security was equal to resolve CDH problem.

Zheng Gong,Yu Long,Xuan Hong,Kefei Chen

2008-01-01

Abstract:Aggregate signature is a digital signature with a striking property that anyone can aggregate n individual signatures on n different messages which are signed by n distinct signers, into a single compact signature to reduce computational and storage costs. In this work, two practical certificateless aggregate signature schemes are proposed from bilinear maps. The first scheme CAS-1 reduces the costs of communication and signer-side computation but trades off the storage, while CAS-2 minimizes the storage but sacrifices the communication costs. One can choose either of the schemes by consideration of the application requirement. Compare with ID-based schemes, our schemes do not entail public key certificates as well and achieve the trust Level 3, which imply the frauds of the authority are detectable. Both of the schemes are proven secure in the random oracle model by assuming the intractability of the computational Diffie-Hellman problem over the groups with bilinear maps, where the forking lemma technique is avoided.

Masayuki Tezuka,Keisuke Tanaka

DOI: https://doi.org/10.1007/978-3-031-29371-9_16

2023-04-01

Abstract:Synchronized aggregate signature is a special type of signature that all signers have a synchronized time period and allows aggregating signatures which are generated in the same period. This signature has a wide range of applications for systems that have a natural reporting period such as log and sensor data, or blockchain protocol. In CT-RSA 2016, Pointcheval and Sanders proposed the new randomizable signature scheme. Since this signature scheme is based on type-3 pairing, this signature achieves a short signature size and efficient signature verification. In this paper, we design the Pointchcval-Sanders signature-based synchronized aggregate signature scheme and prove its security under the generalized Pointcheval-Sanders assumption in the random oracle model. Our scheme offers the most efficient aggregate signature verification among synchronized aggregate signature schemes based on bilinear groups.

Cryptography and Security

Yu Chen,Jiguo Li,Chengdong Liu,Jinguang Han,Yichen Zhang,Peng Yi

DOI: https://doi.org/10.1109/tsc.2021.3096420

IF: 11.019

2022-01-01

IEEE Transactions on Services Computing

Abstract:Attribute based signature (ABS) is a novel cryptographic primitive, which permits users to sign a message over attributes without revealing other information. A signature only reveals that it is signed by a signer whose some attributes meet an access policy. However, some ABS schemes only support the threshold access policy, where the signing algorithms are limited by the threshold. The threshold access policy can not express precise access control well. In addition, the computation cost of the verification algorithm is heavy since pairing operations are required. Pairing is costly operation comparing to exponentiation. Therefore, existing ABS schemes are not suitable to resource-limited devices, such as RFID tags and smart cards. In order to solve the issues above, we present a novel ABS scheme by using the attribute tree as access policy that expresses flexible access control. We utilize server-aid technique to help the verifier to verify signatures and reduce the computation burden. Our scheme is proved secure against unforgeable and anonymous under chosen-policy selective-message attack in the standard model. Compared with existing schemes, our scheme is more efficient in terms of private key generation and verification. The proposed scheme reduces users’ calculation burden and expresses more flexible access policy.

Kwangsu Lee,Dong Hoon Lee,Moti Yung

DOI: https://doi.org/10.1016/j.tcs.2015.02.019

2015-02-24

Abstract:The notion of aggregate signature has been motivated by applications and it enables any user to compress different signatures signed by different signers on different messages into a short signature. Sequential aggregate signature, in turn, is a special kind of aggregate signature that only allows a signer to add his signature into an aggregate signature in sequential order. This latter scheme has applications in diversified settings such as in reducing bandwidth of certificate chains and in secure routing protocols. Lu, Ostrovsky, Sahai, Shacham, and Waters (EUROCRYPT 2006) presented the first sequential aggregate signature scheme in the standard model. The size of their public key, however, is quite large (i.e., the number of group elements is proportional to the security parameter), and therefore, they suggested as an open problem the construction of such a scheme with short keys. In this paper, we propose the first sequential aggregate signature schemes with short public keys (i.e., a constant number of group elements) in prime order (asymmetric) bilinear groups that are secure under static assumptions in the standard model. Furthermore, our schemes employ a constant number of pairing operations per message signing and message verification operation. Technically, we start with a public-key signature scheme based on the recent dual system encryption technique of Lewko and Waters (TCC 2010). This technique cannot directly provide an aggregate signature scheme since, as we observed, additional elements should be published in a public key to support aggregation. Thus, our constructions are careful augmentation techniques for the dual system technique to allow it to support sequential aggregate signature schemes. We also propose a multi-signature scheme with short public parameters in the standard model.

Cryptography and Security

Mohammed Ramadan,Yongjian Liao,Fagen Li,Shijie Zhou

DOI: https://doi.org/10.1109/access.2020.2980213

IF: 3.9

2020-01-01

IEEE Access

Abstract:Recently, security and privacy issues in mobile communication systems became an enormous challenge due to the limited resources of mobile networks regarding communication overhead, computational cost, and battery power. 5G systems provide high performance and flexibility that can connect billion of objects through Heterogeneous Wireless Networks (HWN) concerning the Internet of Things (IoT). However, some of these security challenges can be addressed by using outsourced assistants such as Server-Aided Verification (SAV) to contribute partially with the authentication process among 5G network entities. In this paper, we propose an efficient and secure identity-based signature scheme with Server-Aided Verification for 5G mobile systems (IBS-SAV). We provide a performance evaluation based on security proof of the proposed IBS-SAV scheme under existential unforgeable in the random oracle model as well as the security against collusion and adaptive chosen message attack (EUF-CMA). The performance evaluation and security analysis demonstrate that our IBS-SAV scheme is not only secure but also can reduce the communication and computation complexity for mobile systems efficiently.