Fagen Li,Zhaohui Zheng,Chunhua Jin

DOI: https://doi.org/10.1007/s11235-015-0099-1

2015-01-01

Telecommunication Systems

Abstract:An authenticated encryption (AE) scheme simultaneously achieves two security goals: confidentiality and authenticity. AE can be divided into symmetric AE and asymmetrical (public key) AE. In a symmetric AE scheme, deniability is gained automatically. However, a public key AE scheme can not gain deniability automatically; on the contrary, it provides non-repudiation. In this paper, we address a question on deniability of public key AE. Of course, we can achieve this goal by “deniable authentication followed by encryption” method. However, such method has the following two weaknesses: (1) the computational cost and communication overhead are the sum of two cryptographic primitives; (2) it is complex to design cryptographic protocols with deniable authentication and confidentiality using two cryptographic primitives. To overcome the two weaknesses, we propose a new concept called deniable authenticated encryption (DAE) that can achieve both the functions of deniable authentication and public key encryption simultaneously, at a cost significantly lower than that required by the “deniable authentication followed by encryption” method. This single cryptographic primitive can simplify the design of cryptographic protocols with deniable authentication and confidentiality. In particular, we construct an identity-based deniable authenticated encryption (IBDAE) scheme. Our construction uses tag-key encapsulation mechanism (KEM) and data encapsulation mechanism (DEM) hybrid techniques, which is more practical for true applications. We show how to construct an IBDAE scheme using an identity-based deniable authenticated tag-KEM (IBDATK) and a DEM. We also propose an IBDATK scheme and prove its security in the random oracle model. For typical security level, our scheme is at least 50.7 and 22.7 % faster than two straightforward “deniable authentication followed by encryption” schemes, respectively. The communication overhead is respectively reduced at least 21.3 and 31.1 %. An application of IBDAE to an e-mail system is described.

Fagen Li,Di Zhong,Tsuyoshi Takagi

DOI: https://doi.org/10.1109/tifs.2016.2585086

IF: 7.231

2016-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Confidentiality and authentication are two main security goals in secure electronic mail (e-mail). Pretty good privacy (PGP) and secure/multipurpose internet mail extensions (S/MIME) are two famous secure e-mail solutions. Both PGP and S/MIME use digital envelope to provide message confidentiality and digital signature to provide message authentication. However, these methods have the following two weaknesses: 1) digital signature provides non-repudiation evidence of sender that is not desired in some e-mail applications and 2) efficiency is low, since these methods use two kinds of public key cryptographic primitives: public key encryption and digital signature. To overcome the above two weaknesses, we introduce a new concept called deniably authenticated encryption that can achieve confidentiality, integrity, and deniable authentication in a logical single step. We first propose a deniably authenticated encryption scheme and prove its security in the random oracle model. Then, we design a secure e-mail protocol using the proposed deniably authenticated encryption scheme. The deniable authentication property protects senders' privacy.

Weifeng Wu,Fagen Li

DOI: https://doi.org/10.3837/tiis.2015.05.020

2015-01-01

KSII Transactions on Internet and Information Systems

Abstract:Deniable authentication protocol allows a sender to deny his/her involvement after the protocol run and a receiver can identify the true source of a given message. Meanwhile, the receiver has no ability to convince any third party of the fact that the message was sent by the specific sender. However, most of the proposed protocols didn't achieve confidentiality of the transmitted message. But, in some special application scenarios such as e-mail system, electronic voting and Internet negotiations, not only the property of deniable authentication but also message confidentiality are needed. To settle this problem, in this paper, we present a non-interactive identity-based deniable authenticated encryption (IBDAE) scheme using pairings. We give the security model and formal proof of the presented IBDAE scheme in the random oracle model under bilinear Diffie-Hellman (BDH) assumption.

Yanmei Cao,Jianghong Wei,Fangguo Zhang,Yang Xiang,Xiaofeng Chen

DOI: https://doi.org/10.1016/j.csi.2022.103620

2022-08-01

Abstract:The notion of deniable encryption (DE) was introduced to achieve secret communications in situations of coercion or bribery. Generally, it allows a user to open the same ciphertext into multiple different messages. After the initial constructions, numerous DE schemes have been proposed to improve efficiency. Whereas, all existing DE schemes under the fully deniable framework are still inefficient due to the huge communication and computation overhead. Furthermore, these DE schemes also do not provide the functionality of authentication of users (include senders and receivers), which is a necessary functionality for various application scenarios. For instance, in the setting of electronic voting, if the voting center cannot correctly verify the identities and eligibility of voters, double voting and voter impersonation cannot be prevented. This will affect the final result of the voting and destroy the fairness of the election. Moreover, due to the existence of trust problems, voters also need to confirm whether the voting center is a genuine and legal institution. In this paper, we first formalize the syntax and security notions of public-key authenticated deniable encryption, and then propose two concrete constructions under the fully deniable framework. We also prove that our DE constructions are provably secure in the random oracle model. When comparing with available DE schemes, the proposed DE ones not only provide the desired functionality of mutual authentication, but also enjoy high efficiency. Therefore, they are more suitable for practical applications.

computer science, software engineering, hardware & architecture

Aggelos Kiayias,Thomas Zacharias,Bingsheng Zhang

DOI: https://doi.org/10.1145/2810103.2813727

2015-01-01

Abstract:Recently, Kiayias, Zacharias and Zhang proposed a new E2E verifiable e-voting system called 'DEMOS' that for the first time provides E2E verifiability without relying on external sources of randomness or the random oracle model; the main advantage of such system is in the fact that election auditors need only the election transcript and the feedback from the voters to pronounce the election process unequivocally valid. Unfortunately, DEMOS comes with a huge performance and storage penalty for the election authority (EA) compared to other e-voting systems such as Helios. The main reason is that due to the way the EA forms the proof of the tally result, it is required to precompute a number of cipher texts for each voter and each possible choice of the voter. This approach clearly does not scale to elections that have a complex ballot and voters have an exponential number of ways to vote in the number of candidates. The performance penalty on the EA appears to be intrinsic to the approach: voters cannot compute an enciphered ballot themselves because there seems to be no way for them to prove that it is a valid ciphertext.In contrast to the above, in this work, we construct a new e-voting system that retains the strong E2E characteristics of DEMOS (but against computational adversaries) while completely eliminating the performance and storage penalty of the EA. We achieve this via a new cryptographic construction that has the EA produce and prove, using voters' coins, the security of a common reference string (CRS) that voters subsequently can use to affix non-interactive zero knowledge (NIZK) proofs to their ciphertexts. The EA itself uses the CRS to prove via a NIZK the tally correctness at the end. Our construction has similar performance to Helios and is practical. The privacy of our construction relies on the SXDH assumption over bilinear groups via complexity leveraging.

Chunhua Jin,Chunxiang Xu,Xiaojun Zhang,Fagen Li

DOI: https://doi.org/10.1504/ijesdf.2015.069611

2015-01-01

International Journal of Electronic Security and Digital Forensics

Abstract:A deniable authentication protocol enables an intended receiver to identify the source of a given message, but the receiver cannot prove the source of a given message to any third party. It is very useful in some particular applications such as electronic voting, online negotiation and online shopping. However, many related protocols are lack of formal security proof which is very important for cryptographic protocol design. In this paper, we present a certificateless deniable authentication protocol. Our protocol is based on certificateless cryptography, which can solve the public key certificate management problem of public key infrastructure PKI-based cryptography and the key escrow problem of identity-based cryptography. Our protocol does not need the pairing operation which is the most time-consuming. In addition, our protocol can admit formal security proof in the random oracle model and resist key compromise impersonation KCI attack. Compared with the existing deniable authentication protocols, our protocol can be well applied in electronic voting system.

Chunhua Jin,Chunxiang Xu,Xiaojun Zhang,Qianna Xie,Fagen Li

DOI: https://doi.org/10.1080/1206212x.2016.1188564

2015-01-01

Abstract:Deniable authenticate is a different and attractive authenticate mechanism compared with the traditional authentication. It allows the appointed receiver to identify the identity of the sender, but not to prove the source of a given message to a third party even if the appointed receiver is willing to reveal its private key. Certificateless public key cryptography can solve both the public key certificate management problem of public key infrastructure-based cryptography and the key escrow problem of identity-based cryptography. In this paper, we first define a security model for certificateless deniable authentication protocols. Then we propose a non-interactive certificateless deniable authentication protocol. In addition, we prove its security in the random oracle model. Our protocol can be applied in many actual application scenarios, such as electronic voting, electronic tendering, and online shopping.

Nikos Chondros,Bingsheng Zhang,Thomas Zacharias,Panos Diamantopoulos,Stathis Maneas,Christos Patsonakis,Alex Delis,Aggelos Kiayias,Mema Roussopoulos

DOI: https://doi.org/10.1109/icdcs.2016.56

2015-01-01

Abstract:E-voting systems have emerged as a powerful technology for improving democracy by reducing election cost, increasing voter participation, and even allowing voters to directly verify the entire election procedure. Prior internet voting systems have single points of failure, which may result in the compromise of availability, voter secrecy, or integrity of the election results. In this paper, we present the design, implementation, security analysis, and evaluation of D-DEMOS, a complete e-voting system that is distributed, privacy-preserving and end-to-end verifiable. Our system includes a fully asynchronous vote collection subsystem that provides immediate assurance to the voter her vote was recorded as cast, without requiring cryptographic operations on behalf of the voter. We also include a distributed, replicated and fault-tolerant Bulletin Board component, that stores all necessary election-related information, and allows any party to read and verify the complete election process. Finally, we also incorporate trustees, i.e., individuals who control election result production while guaranteeing privacy and end-to-end-verifiability as long as their strong majority is honest. Our system is the first e-voting system whose voting operation is human verifiable, i.e., a voter can vote over the web, even when her web client stack is potentially unsafe, without sacrificing her privacy, and still be assured her vote was recorded as cast. Additionally, a voter can outsource election auditing to third parties, still without sacrificing privacy. Finally, as the number of auditors increases, the probability of election fraud going undetected is diminished exponentially. We provide a model and security analysis of the system. We implement a prototype of the complete system, we measure its performance experimentally, and we demonstrate its ability to handle large-scale elections.

Kamred Udham Singh

DOI: https://doi.org/10.17762/msea.v70i2.2319

2021-02-26

Mathematical Statistician and Engineering Applications

Abstract:Abstract The potential of electronic voting to improve the efficiency and effectiveness of the voting process is immense. However, its security and privacy are still a major concern. Traditional methods of securing such systems, such as digital signatures and public key cryptography, are not always ideal when it comes to safeguarding the confidentiality of ballots. In this paper, we introduce a novel method for securing electronic voting ballots that utilizes homomorphic encryption. This method allows for the computation of ballots without needing decryption. The proposed e-voting system is composed of three servers. The first one is an e-voting server that stores the voter's information before it is sent to the tallying or decryption server. The latter two are used to calculate the total vote count and decrypt it. To evaluate the performance of this proposed system, we performed a series of tests on its various components. These included its execution time, memory usage, CPU usage, and communication overhead. The results of the tests revealed that the proposed system is secure and can maintain acceptable performance levels. The proposed system's accuracy and robustness are comparable to that of conventional e-voting systems. Its ability to withstand attacks is greatly enhanced by implementing homomorphic encryption. The proposed e-voting system we presented exhibited the security and privacy benefits of homomorphic encryption. By enabling computations on encrypted data without needing decryption, it helps protect the ballot's confidentiality and provides reliable and accurate results.

Chengyu Fan,Shijie Zhou,Fagen Li

DOI: https://doi.org/10.1109/ispa.2009.113

2009-01-01

Abstract:A deniable authentication allows the receiver to identify the source of the received messages but cannot prove it to any third party. However, the deniability of the content, which is called restricted deniability in this paper, is concerned in electronic voting and some other similar application. At present, most non-interactive deniable authentication protocols cannot resist weaken key-compromise impersonation (W-KCI) attack. To settle this problem, a non-interactive identity-based restricted deniable authentication protocol is proposed. It not only can resist W-KCI attack but also has the properties of communication flexibility. It meets the security requirements such as correctness, restricted deniability as well. Therefore, this protocol can be applied in electronic voting.

Debiao He,Jianhua Chen

2013-01-01

The International Arab Journal of Information Technology

Abstract:To solve the key escrow problem in identity-based cryptosystem, Al-Riyami et al. introduced the CertificateLess Public Key Cryptography (CL-PKC). As an important cryptographic primitive, CertificateLess Designated Verifier Signature (CLDVS) scheme was studied widely. Following Al-Riyami et al. work, many certificateless Designated Verifier Signature (DVS) schemes using bilinear pairings have been proposed. But the relative computation cost of the pairing is approximately twenty times higher than that of the scalar multiplication over elliptic curve group. In order to improve the performance we propose a certificateless DVS scheme without bilinear pairings. With the running time of the signature being saved greatly, our scheme is more practical than the previous related schemes for practical application.

Xinyu Zhang,Bingsheng Zhang,Aggelos Kiayias,Thomas Zacharias,Kui Ren

DOI: https://doi.org/10.1109/tdsc.2021.3103336

2021-01-01

IEEE Transactions on Dependable and Secure Computing

Abstract:Electronic voting (e-voting), compared with article voting, has advantages in several aspects. Among those benefits, the ability to audit the electoral process at every stage is one of the most desired features of an e-voting system. In Eurocrypt 2015, Kiayias, Zacharias, and Zhang proposed a new E2E verifiable e-voting system that for the first time provides E2E verifiability without relying on external sources of randomness or the random oracle model; the main advantage of such system is in the fact that election auditors need only the election transcript and the feedback from the voters to pronounce the election process unequivocally valid. Unfortunately, their system comes with a huge performance and storage penalty for the election authority (EA) compared to other e-voting systems such as Helios. The main reason is that due to the way the EA forms the proof of the tally result, it is required to precompute a number of ciphertexts for each voter and each possible choice of the voter. The performance penalty on the EA appears to be intrinsic to the approach: voters cannot compute an enciphered ballot themselves because there seems to be no way for them to prove that it is a valid ciphertext. In this work, we construct a new e-voting system that retains similar strong E2E characteristics (but against computational adversaries) while completely eliminating the performance and storage penalty of the EA. Our construction has similar performance to Helios and is practical. The privacy of our construction relies on the SXDH assumption over bilinear groups via complexity leveraging.

Emmanuel Ahene,Yuanfeng Guan,Zhiwei Zhang,Fagen Li

DOI: https://doi.org/10.1007/978-981-15-0818-9_5

2019-01-01

Abstract:Pervasive computing environments permits users to get the services they require at anywhere and anytime. Security turns to be a major challenge in pervasive computing environments due to its heterogeneity, dynamicity, mobility and openness. In this paper, we propose a new heterogeneous deniable authentication scheme called CLIBDA for pervasive computing environments utilizing bilinear pairings. The proposed CLIBDA scheme permits a sender in certificateless cryptography (CLC) setting to transmit a message securely to a receiver in an identity based cryptography (IBC) setting. Detailed security analysis shows that the CLIBDA scheme is secure in the random oracle model (ROM) under the bilinear Diffie–Hellman assumption. Additionally, CLIBDA supports batch verification which is necessary for the speed up of the verification of authenticators. This characteristic makes the CLIBDA scheme suitable in pervasive computing environments.

XIA Jingbo,ZHANG Silan,CHEN Jianhua

DOI: https://doi.org/10.3321/j.issn:1671-8836.2006.03.020

2006-01-01

Abstract:According to the basic demands and extended demands of electronic voting,one newly electronic voting scheme was proposed in this paper.This scheme was based on the knowledge of elliptic curve cryptography(ECC),elliptic curve digital signature algorithm(ECDSA),blind signature technique,and tamper-resist smart card.Analysis showed that this scheme achieved not only basic demands such as completeness,soundness,privacy,unreusability,but also extended demands such as receipt-freeness,universal verifiability and higher efficiency.This scheme assured the simultaneity of receipt-freeness and universal verifiability.

Nikos Chondros,Bingsheng Zhang,Thomas Zacharias,Panos Diamantopoulos,Stathis Maneas,Christos Patsonakis,Alex Delis,Aggelos Kiayias,Mema Roussopoulos

DOI: https://doi.org/10.1016/j.cose.2019.03.001

IF: 5.105

2019-01-01

Computers & Security

Abstract:We present the D-DEMOS suite of distributed, privacy-preserving, and end-to-end verifiable e-voting systems; one completely asynchronous and one with minimal timing assumptions but better performance. Their distributed voting operation is human verifiable; a voter can vote over the web, using an unsafe web client stack, without sacrificing her privacy, and get recorded-as-cast assurance. Additionally, a voter can outsource election auditing to third parties, still without sacrificing privacy. We provide a model and security analysis of the systems, implement prototypes of the complete systems, measure their performance experimentally, demonstrate their ability to handle large-scale elections, and demonstrate the performance trade-offs between the two versions.

Abdelrhman Hassan,Yong Wang,Rashad Elhabob,Nabeil Eltayieb,Fagen Li

DOI: https://doi.org/10.1016/j.sysarc.2020.101776

IF: 5.836

2020-01-01

Journal of Systems Architecture

Abstract:The challenges confronting the privacy of outsourcing medical data have become a significant concern for patients and healthcare providers. The encryption of this sensitive data before outsourcing to the healthcare server present an effective solution for protection. However, searching on different ciphertexts while protecting the privacy of data remains a research challenge. Indeed, most of the existing schemes are inefficient, particularly for deployment on mobile devices due to limited resources (e.g. computing power, battery lifetime, and storage capacity). In this paper, we propose a CertificateLess Public-Key Encryption with Authorized Equality Test (CLPKE-AET) scheme. With the CLPKE-AET scheme, an authorized cloud server is permitted to check the equivalence of two different ciphertexts consisting of the same messages. Moreover, We provide four types of authorizations, base on which an authorized user can directly search on different user's ciphertext using different methods while enhancing the privacy of the user's data. We present our construction from bilinear pairing and demonstrate its security under modified Bilinear Diffie-Hellman (mBDHI) assumption in the Random Oracle Model (ROM). Finally, compared with other's similar schemes, the performance analysis shows that our CLPKE-AET scheme is practical and more suitable for healthcare environments.

Wenchao Li,Hu Xiong

DOI: https://doi.org/10.3837/tiis.2021.05.015

2021-01-01

KSII Transactions on Internet and Information Systems

Abstract:With the development of information and communication technologies, especially wireless networks and cell phones, the e-voting system becomes popular as its cost-effectiveness, swiftness, scalability, and ecological sustainability. However, the current e-voting schemes are faced with the problem of privacy leakage and further cause worse vote-buying and voter-coercion problems. Moreover, in large-scale voting, some previous e-voting system encryption scheme with pairing operation also brings huge overhead pressure to the voting system. Thus, it is a vital problem to design a protocol that can protect voter privacy and simultaneously has high efficiency to guarantee the effective implementation of e-voting. To address these problems, our paper proposes an efficient unidirectional proxy re-encryption scheme that provides the re-encryption of vote content and the verification of users’ identity. This function can be exactly applied in the e-voting system to protect the content of vote and preserve the privacy of the voter. Our proposal is proven to be CCA secure and collusion resistant. The detailed analysis also shows that our scheme achieves higher efficiency in computation cost and ciphertext size than the schemes in related fields.

Riaz Ullah,Nizamuddin,Arif Iqbal Umar,Noor ul Amin

DOI: https://doi.org/10.22581/muet1982.2102.06

2021-01-01

Mehran University Research Journal of Engineering and Technology

Abstract:To make the electoral process more secure, comfortable, and universal, it is essential to use modern cryptographic techniques for ensuring the anonymity of information in the electronic voting system. In many emerging applications like electronic voting data anonymity as well as un-traceability are the most essential security properties. To ensure these properties we present here in this paper a more secure and comparatively efficient blind signcryption scheme using the Elliptic Curve Cryptosystem (ECC). The existing e-voting schemes are based on El-Gamal and the Rivest-Shamir-Adleman (RSA) cryptosystems which are not only expensive approaches but also lack the security features like unlinkability and forward secrecy. In our proposed scheme we use a low-cost elliptic curve cryptosystem with 160 bits key as compared to El-Gamal 2048 bits key and RSA 1024 bits key. In this scheme signer signs the message blindly without knowing the original contents then the voter forward signcrypted vote to polling server. The polling server is the actual voter data verifier or validator. The polling server checks the validity/authenticity of the voter and has the right to accept or reject the vote. Moreover, this scheme offers forward secrecy, unlinkability, and non-repudiation in addition to the basic security features like confidentiality, authenticity, integrity, and unforgeability. Overall performance evaluation proves that our scheme is comparatively more efficient in terms of computational and communicational costs. Furthermore, this scheme is suitable for the e-voting system due to its lower cost and extra security features.

YAO Qian,CHEN Shun,XIE Li

DOI: https://doi.org/10.3969/j.issn.1002-137X.2006.02.031

2006-01-01

Computer Science

Abstract:Based on analysis of Digital signature,Blind signature and Bit commitment,the paper poses an electronic voting protocol concerning modern cryptography technology.The protocol can basically meet the practical requirement for shareholders' voting in the securities category.

Cheng Jicheng,Yang Shoubao

DOI: https://doi.org/10.3969/j.issn.1000-386X.2006.04.042

2006-01-01

Abstract:Deniable authentication is a kind of authentication by which a receiver cannot prove the source of a message to a third party.A deniable authentication scheme for secret communication suits the sender to parallel implementation is provided.