Jianhua Yan,Licheng Wang,Mianxiong Dong,Yixian Yang,Wenbin Yao

DOI: https://doi.org/10.1002/sec.1297

IF: 1.968

2015-01-01

Security and Communication Networks

Abstract:Signcryption as a cryptographic primitive can carry out signature and encryption simultaneously at a remarkably reduced cost. Identity-based cryptography is more convenient than public key infrastructure-based cryptography in certificate management. As a result, identity-based signcryption has been studied extensively, and many efficient and provably secure constructions have been proposed. However, most of these schemes are based on intractability assumptions from number theory, and these assumptions have been threatened by the booming quantum computation. Therefore, a recent trend in cryptography is to construct cryptosystems that are based on lattice-based intractability assumptions because of their plausible features of quantum attack resistance. In this paper, several identity-based signcryption schemes from lattice hardness assumptions are proposed. In the standard model, these schemes are indistinguishable against inner adaptively chosen ciphertext attacks (IND-CCA2) and strongly unforgeable against inner chosen message attacks. In our construction, it does not matter whether the original encryption scheme used to construct signcryption is deterministic or probabilistic; the resulted signcryption schemes can reach IND-CCA2 security. To achieve this, we carefully combine three techniques-the identity-based encryption from lattice due to Agrawal-Boneh-Boyen (EUROCRYPT 2010), the framework of lattice-based short signature due to Boyen (Public Key Cryptography 2010), and the Canetti-Halevi-Katz (abbr. CHK) technique, with necessary and tailored optimization-for transforming an (l + 1)-level indistinguishable under chosen plaintext attack secure hierarchical identity-based encryption (HIBE) into an l level IND-CCA2 secure HIBE scheme. In addition, our security proof also contains a more efficient simulation tool that might have separate interest in cryptographic applications. Copyright (C) 2015 John Wiley & Sons, Ltd.

Yanqing Yao,Zhoujun Li

DOI: https://doi.org/10.1016/j.compeleceng.2013.09.005

IF: 4.152

2014-01-01

Computers & Electrical Engineering

Abstract:Lattice-based cryptosystems have recently acquired much importance. In this work, we construct a fuzzy identity based signature (FIBS) scheme based on the Small Integer Solution (SIS) Problem. FIBS schemes allow a user with identity id to issue a signature which could be verified under identity id' if and only if id and id' are close to each other. To our best knowledge, no lattice based FIBS schemes were known before, and the existing security model of FIBS schemes is not correct indeed. We propose a modified security model and prove that our scheme is existentially unforgetable against adaptively chosen message and identity attacks in the random oracle model. To break the bottleneck of designing lattice-based FIBS scheme, the secret key of each identity bit is generated by employing the Bonsai Tree techniques in the fuzzy extract algorithm. We also use some techniques to prove its security. Then we show the performance comparisons of all existing FIBS schemes. Finally, we give its application in biometric authentication.

Xiaojun Zhang,Chunxiang Xu,Yuan Zhang

DOI: https://doi.org/10.3837/tiis.2017.05.025

2017-01-01

KSII Transactions on Internet and Information Systems

Abstract:A fuzzy identity based signature (FIBS) scheme allows a signer with identity omega to generate a signature which could be verified under identity omega' if and only if omega and omega' are within a certain distance of each other as judged by some metric. In this paper, we propose an efficient FIBS scheme from lattice assumption, which can resist quantum-computer attacks. Without using the Bonsai Tree technique, we utilize the lattice basis delegation technique to generate the private key, which has the advantage of keeping the lattice dimension invariant. We also prove that our proposed scheme is existentially unforgeable under an adaptive chosen message and identity attack in the random oracle model. Compared with existing scheme, our proposed scheme is much more efficient, especially in terms of communication overhead. Since our FIBS scheme possesses similar error-tolerance property, it can be well applied in post-quantum communication biometric authentication environments, where biometric identifiers such as fingerprints, voice, iris and gait are used in human identification.

Wen XIANG,Xiaoyuan YANG,Xu'an WANG,Liqiang WU

DOI: https://doi.org/10.11772/j.issn.1001-9081.2016.11.3077

2016-01-01

Journal of Computer Applications

Abstract:To solve the problem that current signcryption schemes based on lattice cannot achieve forward security,a new identity based signcryption scheme with forward security was proposed.Firstly,lattice basis delegation algorithm was used to update the users' public keys and private keys.Then,the preimage sampleable functions based on Learning With Errors (LWE) over lattice was used to sign the message,and the signature was also used to encrypt the message.The scheme was proved to be adaptive INDistinguishiability selective IDentity and Chosen Ciphertext Attack (IND-sID-CCA2) secure,strong UnForgeable Chosen Message Attack (sUF-CMA) secure and forward secure.Compared with the signcryption schemes based on pairings,the proposed scheme has more advantages in computational efficiency and ciphertext extension rate.

Xiaojun Zhang,Chunxiang Xu,Jingting Xue

DOI: https://doi.org/10.1504/ijesdf.2018.10009828

2018-01-01

International Journal of Electronic Security and Digital Forensics

Abstract:Signcryption is a public-key cryptographic primitive which combines the functions of public-key encryption and digital signature into a single logical step at low computational and communication costs. While multi-receiver signcryption is suited for a situation where a sender wants to send a signcrypted message to multiple receivers in a confidential and authenticated way. Due to this attractive property, recently, multi-receiver signcryption plays an important role in some practical applications such as virtual conference as well as authenticated mail transferring. In this paper, we present an efficient multi-receiver identity-based signcryption (MIBSC) scheme from lattice assumption which is believed to resist quantum computer attacks. The proposed scheme is provably secure in the random oracle model, which has the indistinguishability against chosen ciphertext attacks under the hardness of learning with errors (LWE), and existentially unforgeability against chosen message attacks under the small integer solution assumption (SIS). Moreover, we also compare our MIBSC scheme with existing schemes from performance efficiency and security, the result shows that our proposed scheme is more efficient and more secure. In particular, our scheme can be properly applied in the post-quantum communication environments.

Liangliang Wang,Junzuo Lai,Hu Xiong,Kefei Chen,Yu Long

DOI: https://doi.org/10.1002/sec.1572

IF: 1.968

2016-01-01

Security and Communication Networks

Abstract:According to the inspirations from history, we introduce a new cryptography primitive called fuzzy certificateless signature, which not only eliminates the key escrow problem inherently existed in fuzzy identity-based signature but also possesses the error tolerance property of fuzzy identity-based signature that allows for a set of attributes ω to verify a signature produced with a private key for an identity ω' if and only if the distance between the two identities ω and ω' is within a certain threshold. In this paper, the concept of fuzzy certificateless signature is first proposed, and then, the syntax and security model of fuzzy certificateless signature are formally defined. In the next step, so far, the first concrete fuzzy certificateless signature scheme is proposed, which may be practicably implemented in biometric identification. In addition, a formal security proof is provided, so as to demonstrate that in the random oracle model, our newly proposed scheme is existentially unforgeable against Types I and II chosen message attacks formalized in the security model under the computational Diffie-Hellman assumption. Copyright © 2016 John Wiley & Sons, Ltd.

Yong Yu,Fagen Li,Chunxiang Xu,Ying Sun

DOI: https://doi.org/10.1007/s11859-008-0607-1

2008-01-01

Abstract:Signcryption is a cryptographic primitive that performs encryption and signature in a single logical step more efficiently than sign-then-encrypt approach. Till now, various kinds of signcryption schemes have been proposed. Among them, the requirement of signcrypter’s privacy protection is needful in some practical applications. In this paper, a new identity-based anonymous signcryption scheme from bilinear pairings, which is the organic combination of identity-based ring signature and encryption scheme, is proposed. The proposed scheme is indistinguishable against the chosen ciphertext attack under the Decisional Bilinear Diffie-Hellman assumption in the random oracle model. Its unforgeability relies on the computational Diffie-Hellman problem. Compared with the previous schemes, the new scheme is more efficient in computation.

Fagen Li,Fahad Bin Muhaya,Mingwu Zhang,Tsuyoshi Takagi

DOI: https://doi.org/10.1002/cpe.1823

2011-01-01

Abstract:Signcryption is a cryptographic primitive that fulfills both the functions of digital signature and public key encryption simultaneously, at a cost significantly lower than that required by the traditional signature-then-encryption approach. Signcryption has been shown to be useful in many applications, such as electronic commerce, mobile communications and smart cards. Recently, three identity-based signcryption schemes in the standard model were proposed. However, the three schemes are broken soon. How to construct a secure identity-based signcryption scheme in the standard model is still an open problem. In this paper, we solve this problem and propose an efficient identity-based signcryption scheme in the standard model. We prove that our scheme has the indistinguishability against adaptive chosen ciphertext attacks under the modified decisional bilinear Diffie-Hellman assumption and the existential unforgeability against adaptive chosen messages attacks under the computational Diffie-Hellman assumption.

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.3233/FI-2016-1353

2016-01-01

Fundamenta Informaticae

Abstract:Identity-based signature is an important technique for light-weight authentication. Recently, many efforts have been made to construct identity-based signatures over lattice assumptions since they would remain secure in future quantum age. In this paper we present a new identity-based signature scheme from lattice problems. This scheme is more efficient than other lattice-based identity-based signature schemes in terms of both computation and communication complexities. We prove its security in the random oracle model under short integer solution assumption that is as hard as approximating several worst-case lattice problems. We also extend the scheme to an identity-based message recovery signature scheme that has better performance.

Xiaojun Zhang,Chunxiang Xu,Chunhua Jin,Run Xie

DOI: https://doi.org/10.1016/j.compeleceng.2013.12.003

IF: 4.152

2014-01-01

Computers & Electrical Engineering

Abstract:All regular cryptographic schemes rely on the security of the secret key. However, with the explosive use of some relatively insecure mobile devices, the key exposure problem has become more aggravated. In this paper, we propose an efficient forward secure identity-based signature (FSIBS) scheme from lattice assumption, with its security based on the small integer solution problem (SIS) in the random oracle model. Our scheme can guarantee the unforgeability of the past signatures even if the current signing secret key is revealed. Moreover, the signature size and the secret key size of our scheme are unchanged and much shorter. To the best of our knowledge, our construction is the first FSIBS scheme based on lattice which can resist quantum attack. Furthermore, we extend our FSIBS scheme to a forward secure identity-based signature scheme in the standard model.

Huy Quoc Le,Dung Hoang Duong,Partha Sarathi Roy,Willy Susilo,Kazuhide Fukushima,Shinsaku Kiyomoto

DOI: https://doi.org/10.48550/arXiv.2012.15423

2020-12-31

Abstract:A signcryption, which is an integration of a public key encryption and a digital signature, can provide confidentiality and authenticity simultaneously. Additionally, a signcryption associated with equality test allows a third party (e.g., a cloud server) to check whether or not two ciphertexts are encrypted from the same message without knowing the message. This application plays an important role especially in computing on encrypted data. In this paper, we propose the first lattice-based signcryption scheme equipped with a solution to testing the message equality in the standard model. The proposed signcryption scheme is proven to be secure against insider attacks under the learning with errors assumption and the intractability of the short integer solution problem. As a by-product, we also show that some existing lattice-based signcryptions either is insecure or does not work correctly.

Cryptography and Security

LI Fa-Gen,HU Yu-Pu,LI Gang

2006-01-01

Chinese Journal of Computers

Abstract:Signcryption is a cryptographic primitive that combines both the functions of digital signature and public key encryption in a logical single step,at lower computational costs and communication overheads than the traditional signaturethen-encryption approach.In this paper,the authors present a new identitybased signcryption scheme using the bilinear pairings and prove its security in the random oracle model.The proposed scheme is proved to be secure assuming the bilinear Diffle-Hellman problem is hard.As compared with the most efficient Chen & Malone-Lee scheme to date,the proposed scheme decreases one pairing operation and only requires two pairing operations.

Fagen Li,Yong Yu

DOI: https://doi.org/10.1109/icccas.2008.4657820

2008-01-01

Abstract:Signcryption is a cryptographic primitive that performs digital signature and public key encryption simultaneously, at a lower computational costs and communication overheads than the signature-then-encryption approach. Recently, two identity-based threshold signcryption schemes [12], [27] have been proposed by combining the concepts of identity-based threshold signature and signcryption together. However, the formal models and security proofs for both schemes are not considered. In this paper, we formalize the concept of identity-based threshold signcryption and give a new scheme based on the bilinear pairings. We prove its confidentiality under the Decisional Bilinear Diffie-Hellman assumption and its unforgeability under the Computational Diffie-Hellman assumption in the random oracle model. Our scheme turns out to be more efficient than the two previously proposed schemes.

Fagen Li,Yongjian Liao,Zhiguang Qin

DOI: https://doi.org/10.1587/transfun.e94.a.268

2011-01-01

IEICE Transactions on Fundamentals of Electronics Communications and Computer Sciences

Abstract:Recently, Jin, Wen, and Du proposed an identity-based signcryption scheme in the standard model. In this letter, we show that their scheme does not have the indistinguishability against adaptive chosen ciphertext attacks and existential unforgeability against adaptive chosen messages attacks.

Jianhua Yan,Licheng Wang,Lihua Wang,Yixian Yang,Wenbin Yao

DOI: https://doi.org/10.1155/2013/702539

IF: 1.43

2013-01-01

Mathematical Problems in Engineering

Abstract:Signcryption is a cryptographic primitive that can perform digital signature and public encryption simultaneously at a significantly reduced cost. This advantage makes it highly useful in many applications. However, most existing signcryption schemes are seriously challenged by the booming of quantum computations. As an interesting stepping stone in the post-quantum cryptographic community, two lattice-based signcryption schemes were proposed recently. But both of them were merely proved to be secure in the random oracle models. Therefore, the main contribution of this paper is to propose a new lattice-based signcryption scheme that can be proved to be secure in the standard model.

Miaomiao Tian,Liusheng Huang

DOI: https://doi.org/10.3233/FI-2016-1353

2016-01-01

Fundamenta Informaticae

Abstract:Identity-based signature is an important technique for light-weight authentication. Recently, many efforts have been made to construct identity-based signatures over lattice assumptions since they would remain secure in future quantum age. In this paper we present a new identity-based signature scheme from lattice problems. This scheme is more efficient than other lattice-based identity-based signature schemes in terms of both computation and communication complexities. We prove its security in the random oracle model under short integer solution assumption that is as hard as approximating several worst-case lattice problems. We also extend the scheme to an identity-based message recovery signature scheme that has better performance.

Fagen Li,Tsuyoshi Takagi

DOI: https://doi.org/10.1016/j.mcm.2011.06.043

2013-01-01

Mathematical and Computer Modelling

Abstract:Signcryption is a cryptographic primitive that fulfills both the functions of digital signature and public key encryption simultaneously, at a cost significantly lower than that required by the traditional signature-then-encryption approach. Signcryption has been shown to be useful in many applications, such as electronic commerce, mobile communications and smart cards. In 2009, Yu et al. [12] proposed an identity-based signcryption (IBSC) scheme in the standard model. In 2010, Zhang [17] pointed out that Yu et al.'s scheme does not have the indistinguishability against adaptive chosen ciphertext attacks (IND-CCA2) and proposed an improved IBSC scheme. He proved that the improved scheme has the IND-CCA2 property and existential unforgeability against adaptive chosen messages attacks (EUF-CMA). However, in this paper, an attack is proposed to show that Zhang's scheme does not have the IND-CCA2 property (not even chosen plaintext attacks (IND-CPA)). We present a fully secure IBSC scheme in the standard model. We prove that our scheme has the IND-CCA2 property under the decisional bilinear Diffie-Hellman assumption and has the EUF-CMA property under the computational Diffie-Hellman assumption. (C) 2011 Elsevier Ltd. All rights reserved.

Fagen Li,Masaaki Shirase,Tsuyoshi Takagi

DOI: https://doi.org/10.1109/ares.2009.44

2009-01-01

Abstract:Signcryption is a cryptographic primitive that fulfills both the functions of digital signature and public key encryption simultaneously, at a cost significantly lower than that required by the traditional signature-then-encryption approach. In this paper, we address a question whether it is possible to construct a hybrid signcryption scheme in identity-based setting. This question seems to have never been addressed in the literature. We answer the question positively in this paper. In particular, we extend the concept of signcryption key encapsulation mechanism to the identity-based setting. We show that an identity-based signcryption scheme can be constructed by combining an identity-based signcryption key encapsulation mechanism with a data encapsulation mechanism. We also give an example of identity-based signcryption key encapsulation mechanism.

Bo Qin,Huaqun Wang,Qianhong Wu,Jianwei Liu,Josep Domingo-Ferrer

DOI: https://doi.org/10.1109/incos.2012.43

2012-01-01

Abstract:Signcryption is a useful cryptographic primitive which simultaneously performs encryption and signature with cost less than the signature-then-encryption approach. Identity-based signcryption (IBSC) eliminates the complicated management of certificates in signcryption schemes in the traditional public-key infrastructure (PKI) setting. Most IBSC schemes are constructed in the random oracle model, while it is unknown how to instantiate a really "random" oracle in the real world. By exploiting Boneh et al.'s strongly unforgeable signature and Paterson et al.'s identity-based signature, this paper proposes a new IBSC scheme in the standard model. It is proven that our IBSC scheme satisfies semantic security and strong unforgeability under the bilinear decision Diffie-Hellman (BDDH) assumption. The proofs do not rely on random oracles. Performance analysis shows that our scheme is also efficient and practical.

Xiaojun Zhang,Chunxiang Xu,Chunhua Jin,Junwei Wen

DOI: https://doi.org/10.1504/ijesdf.2015.069607

2015-01-01

International Journal of Electronic Security and Digital Forensics

Abstract:Proxy-signcryption is a variation of an ordinary signcryption scheme and has been used in many applications where the delegation of rights is quite common. In a proxy-signcryption scheme, an original signcrypter needs to delegate his signcryption capability to a proxy signcrypter to signcrypt messages on behalf of the original signcrypter. By combining the functionalities of proxy signature with identity-based signcryption, in this paper, we propose a novel identity-based proxy-signcryption scheme (IBPSC) from lattice assumptions in the random oracle model. Meanwhile, the security requirements of our IBPSC scheme have been analysed, and our scheme can even resist quantum computer attacks. Compared with existing IBPSC schemes, our scheme is more secure and more efficient. To the best of our knowledge, there is still no relevant IBPSC scheme based on lattice, which is an interesting stepping stone in the post-quantum cryptographic communication.