Li-Hong Guo,Hai-Tao Wu,Qing Yang

DOI: https://doi.org/10.2991/icwcsn-16.2017.32

2016-01-01

Abstract:Proxy signature schemes have been suggested for use in a number of applications, so the security of proxy signature scheme is more and more important. However, at present, almost all the proxy signature schemas were proven secure in the random oracle model, which has received a lot of criticism. Recently, Yu et al. proposed a designated verifier proxy signature scheme without random oracles by using Waters hashing technique. The formal models and a strictly logical process were provided in this schema. But Kang et al. show some attacks on Yu et al.s scheme and offer its insecurity proof. In this paper, in order to overcome the weaknesses in Yu et al.s scheme we make supplements on it and make it secure resist Kang et al.s attacks.

Jian Zhang,Yang,Yanjiao Chen,Jing Chen,Qian Zhang

DOI: https://doi.org/10.1016/j.comnet.2017.08.019

IF: 5.493

2017-01-01

Computer Networks

Abstract:With the growing popularity of cloud storage, to guarantee the security of outsourced data becomes more and more important. In this paper, we make the first attempt to explore the intrinsic relationship between secure cloud storage and homomorphic encryption scheme, based on which we present a Generic way to design a Secure Cloud Storage protocol, denoted as G-SCS, using any homomorphic encryption scheme (HES). The proposed G-SCS is secure under a definition that satisfy the security requirement of cloud storage. To address various issues in real application scenarios, we further extend the protocol to support deterministic and randomized auditing, data dynamics (i.e., data insertion, deletion and modification), as well as third-party public auditing, while preserving the efficiency and security of the protocol. By instantiating all abstract semantics in G-SCS, we construct three concrete secure cloud storage protocols using RSA-based, Paillier-based and DGHV-based HESs, which are multiplicatively, additively and fully HESs, respectively. We conduct extensive theoretical analysis and experimental evaluations to validate the practicability of the proposed protocol.

Qi Xie,Guilin Wang,Fubiao Xia,Deren Chen

DOI: https://doi.org/10.1002/cpe.3058

2013-01-01

Concurrency and Computation Practice and Experience

Abstract:By integrating self-certified public-key systems and the designated verifier proxy signature with message recovery, Wu and Lin proposed the first self-certified proxy convertible authenticated encryption (SP-CAE) scheme and its variants based on discrete logarithm problem (DLP) in 2009. Though their schemes are claimed provably secure, we demonstrate that their schemes are existentially forgeable under adaptive chosen warrants, unconfidentiable and verifiable under adaptive chosen messages and designated verifiers. Then we propose a provably secure SP-CAE scheme in the random oracle model.

Shuai Han,Shengli Liu,Fangguo Zhang,Kefei Chen

DOI: https://doi.org/10.1145/2897845.2897859

2016-01-01

Abstract:Proofs of Data Possession/Retrievability (PoDP/PoR) schemes are essential to cloud storage services, since they can increase clients' confidence on the integrity and availability of their data. The majority of PoDP/PoR schemes are constructed from homomorphic linear authentication (HLA) schemes, which decrease the price of communication between the client and the server. In this paper, a new subclass of authentication codes, named epsilon-authentication codes, is proposed, and a modular construction of HLA schemes from epsilon-authentication codes is presented. We prove that the security notions of HLA schemes are closely related to the size of the authenticator/tag space and the successful probability of impersonation attacks (with non-zero source states) of the underlying epsilon-authentication codes. We show that most of HLA schemes used for the PoDP/PoR schemes are instantiations of our modular construction from some epsilon-authentication codes. Following this line, an algebraic curves-based epsilon-authentication code yields a new HLA scheme.

Jinyong Chang,Yanyan Ji,Bilin Shao,Maozhi Xu,Rui Xue

DOI: https://doi.org/10.1109/TNET.2020.3013902

2020-12-15

IEEE/ACM Transactions on Networking

Abstract:Homomorphic signature is an extremely important public key authentication technique for network coding to defend against pollution attacks. As a public key cryptographic primitive, it also encounters the same problem of how to confirm the relationship between some public key $pk$ and the identity $ID$ of its owner. In the setting of distributed network coding, the intermediate and destination nodes need to use the public key of source node S to check the validity of vector-signature pairs. Therefore, the binding of S and its corresponding public key becomes crucial. The popular and traditional solution is based on certificates which are issued by a trusted certification authority (CA) center. However, the generation and management of certificates is extremely cumbersome. Hence, in recent work, Lin et al. proposed a new notion of identity-based homomorphic signature, which intends to avoid using certificates. But the key escrow problem is inevitable for identity-based primitives. In this article, we propose another new notion (for network coding): certificateless homomorphic signature (CLHS), which is a compromise for the above two techniques. In particular, we first describe the definition and security model of certificateless homomorphic signature. Then based on bilinear map and the computational Diffie-Hellman (CDH) assumption, give a concrete implementation and detailedly analyze its security. Finally, performance analysis illustrates that our construction is practical.

telecommunications,computer science, theory & methods,engineering, electrical & electronic, hardware & architecture

Jie XU,Hong-xiang SUN,Qiao-yan WEN,Hua ZHANG

DOI: https://doi.org/10.1016/s1005-8885(11)60288-4

2012-01-01

The Journal of China Universities of Posts and Telecommunications

Abstract:Multi-proxy signature is a scheme that an original signer delegates his or her signing capability to a proxy group. In the scheme, only the cooperation of all proxy signers in the proxy group can create a signature on behalf of the original signer. Jin and Wen firstly defined the formal security model of certificateless multi-proxy signature (CLMPS) and proposed a concrete CLMPS scheme. However, their construction has three problems: the definition of the strengthened security model is inaccurate, the concrete signature scheme has a security flaw, and the proof of the security is imperfect. With further consideration, a remedial strengthened security model is redefined, and an improved scheme is also proposed, which is existentially unforgeable against adaptively chosen-warrant, chosen-message and chosen-identity attacks in the random oracles. In this condition, the computational Diffie-Hellman (CDH) assumption is used to prove full security for our CLMPS scheme.

Jia-Zhu Dai,Xiao-Hu Yang,Jinxiang Dong

DOI: https://doi.org/10.1145/986537.986584

2004-01-01

Abstract:ABSTRACTProxy signatures are signature schemes that a signer (called original signer) delegates his signing capability to other people (called proxy signer), and the proxy signer creates signatures on behalf of the original signer. In application such as electronic voting and electronic commerce, the privacy may be concerned by the original signer. The original signer may hope that the proxy signers can sign on behalf of him without knowing the content of the signed message. Few efforts have been put on privacy protection of original signer in existed proxy signature schemes. In this paper, a privacy-protecting proxy signature scheme is proposed. In this scheme, the messages the original signer entrust to the proxy signer to sign on behalf of him are secret from the proxy signer during the generation of the proxy signature and from other people except the receiver designated by the original signer. Therefore, the privacy of the original signer is protected. The security of the proposed signature scheme is analyzed and its application to electronic voting is described.

S. Liu,K. Chem

2012-01-01

Abstract:Proof of Retrievability (POR) refers to interactive auditing protocols executed between a storage server and clients, so that clients can be convinced that their data is available at the stor- age server, ready to be retrieved when needed. In an interactive POR protocol, clients initiate challenges to the server, and the server feed- backs responses to clients with the help of the stored data. Retriev- ability means that it should be possible for a client to extract his/her data from the server's valid responses. An essential step leading to retrievability is the server's unforgeability of valid responses, i.e, any server coming up with valid responses to a client's challenges is ac- tually storing the client's data with overwhelming probability. Un- forgeability can be achieved with authentication schemes like MAC, Digital Signature, etc. With Homomorphic Linear Authentication (HLA) schemes, the server's several responses can be aggregated into one, hence reducing the communication complexity. In this paper, we explore some new constructions of ǫ-almost strong universal hash- ing functions (ǫ-ASU2), which are used to build homomorphic linear authenticator schemes in POR to provide unforgeability. We show the HLA scheme involved in Shacham and Waters' POR scheme (see Shacham and Waters, 2008) is just an employment of a class ǫ-ASU2 functions. Using another class of ǫ-ASU2 for authentication in POR results in a new HLA scheme, which enjoys unforgability, the same shortest responses as the SW scheme, but reduces the local storage from O(n+s) to O(n) for information soundness, and from O(s) to O(1) for knowledge-soundness.

Qianwen Wei,Shujun Li,Wei Li,Hong Li,Mingsheng Wang

DOI: https://doi.org/10.1007/978-3-030-23597-0_29

2019-01-01

Abstract:In Bitcoin, the knowledge of private key equals to the ownership of bitcoin, which occurs two problems: the first problem is that the private key must be kept properly, and the second one is that once the private key is given, it can't be taken back, hence the bitcoin system can only implement the transfer function. In this paper, we first propose a new digital signature algorithm and use it to design an online wallet, which can help the user derive the signature without obtaining the user's private key. Secondly, using our proposed online wallet, we extend the application of private key so that the cryptocurrency system can implement the authorization function. In more detail, we define a new primitive that we call decentralized hierarchical authorized payment scheme (DHAP scheme). We next propose a concrete instantiation and prove its correctness. Finally, we analyze the security and usability of our scheme. For security, we prove our scheme to be secure under the random oracle model. For usability, we examine its performance and compare it with bitcoin's performance.

Yong Yu,Chunxiang Xu,Xiaosong Zhang,Yongjian Liao

DOI: https://doi.org/10.1016/j.camwa.2009.01.032

IF: 3.218

2009-01-01

Computers & Mathematics with Applications

Abstract:In a designated verifier proxy signature scheme, one can delegate his or her signing capability to another user in such a way that the latter can sign messages on behalf of the former, but the validity of the resulting signatures can only be verified by the designated verifier. Several designated verifier proxy signature schemes have been proposed so far. However, most of the schemes were proven secure in the random oracle model, which has received a lot of criticism since the security proofs in the random oracle model are not sound with respect to the standard model. In this paper, we propose a new construction of designated verifier proxy signature whose security can be proven without using the random oracle model. Our scheme is inspired by Waters’ Identity-based encryption. The unforgeability of our scheme is based on the hardness of Gap Bilinear Diffie–Hellman problem. As far as we know, this is the first designated verifier proxy signature secure in the standard model.

Chengyu Fan,Shijie Zhou,Fagen Li

DOI: https://doi.org/10.1109/ICYCS.2008.297

2008-01-01

Abstract:In this paper, we describe a proxy signature scheme where a signer can delegate his signing right to a party who can then sign on behave of the original signer to generate a proxy signature. Our proxy signature scheme possesses the features of deniability and anonymity. It allows the signer to send messages to another while the latter can not prove to a third party the fact of communication and insures no one can determine the identity of the proxy signer without the help of original signer. Through the analysis, it shows our scheme meets correctness, deniability and other security requirements such as, anonymity, unforgeability and traceability.

Diego F. Aranha,Elena Pagnin

DOI: https://doi.org/10.1007/978-3-030-30530-7_14

2019-01-01

Abstract:We consider the problem of outsourcing computation on data authenticated by different users. Our aim is to describe and implement the simplest possible solution to provide data integrity in cloud-based scenarios. Concretely, our multi-key linearly homomorphic signature scheme (mklhsdocumentclass[12pt]{minimal}usepackage{amsmath}usepackage{wasysym}usepackage{amsfonts}usepackage{amssymb}usepackage{amsbsy}usepackage{mathrsfs}usepackage{upgreek}setlength{oddsidemargin}{-69pt}egin{document}$${mathsf {mklhs}}$$end{document}) allows users to upload signed data on a server, and at any later point in time any third party can query the server to compute a linear combination of data authenticated by different users and check the correctness of the returned result. Our construction generalizes Boneh et al.’s linearly homomorphic signature scheme (PKC’09 [7]) to the multi-key setting and relies on basic tools of pairing-based cryptography. Compared to existing multi-key homomorphic signature schemes, our mklhsdocumentclass[12pt]{minimal}usepackage{amsmath}usepackage{wasysym}usepackage{amsfonts}usepackage{amssymb}usepackage{amsbsy}usepackage{mathrsfs}usepackage{upgreek}setlength{oddsidemargin}{-69pt}egin{document}$${mathsf {mklhs}}$$end{document} is a conceptually simple and elegant direct construction, which trades-off privacy for efficiency. The simplicity of our approach leads us to a very efficient construction that enjoys significantly shorter signatures and higher performance than previous proposals. Finally, we implement mklhsdocumentclass[12pt]{minimal}usepackage{amsmath}usepackage{wasysym}usepackage{amsfonts}usepackage{amssymb}usepackage{amsbsy}usepackage{mathrsfs}usepackage{upgreek}setlength{oddsidemargin}{-69pt}egin{document}$${mathsf {mklhs}}$$end{document} using two different pairing-friendly curves at the 128-bit security level, a Barreto-Lynn-Scott curve and a Barreto-Naehrig curve. Our benchmarks illustrate interesting performance trade-offs between these parameters, involving the cost of exponentiation and hashing in pairing groups. We provide a discussion on such trade-offs that can be useful to other implementers of pairing-based protocols.

Ying Sun,Chunxiang Xu,Yong Yu,Bo Yang

DOI: https://doi.org/10.1016/j.comcom.2010.02.002

IF: 5.047

2010-01-01

Computer Communications

Abstract:A proxy multi-signature scheme permits two or more original singers to delegate their signing powers to the same proxy signer. Recently, Liu et al. proposed the first proxy multi-signature that be proven secure in the standard model [Liu et al. (2008) [20]], which can be viewed as a two-level hierarchical signature due to Waters. However, because of the direct employment of Waters’ signature, their scheme needs a relatively large number of public parameters and is not tightly reduced to the security assumption. In this paper, inspired by Boneh, Boyen’s technique and Waters’ technique, we propose a new proxy multi-signature scheme without random oracles, whose unforgeability can be tightly reduced to the CDH assumption in bilinear groups. The new scheme can be regarded as an improvement to overcome the weaknesses of Liu et al.’s scheme. Compared with Liu et al.’s scheme, the improvement has three merits, tighter security reduction, shorter system parameters and higher efficiency.

JZ Dai,XH Yang,JX Dong

DOI: https://doi.org/10.1109/icsmc.2003.1243846

2003-01-01

Abstract:Proxy signature is the solution to delegation of signing capabilities in electronic world. Proxy signatures are signature schemes that an original signer delegates his signing capability to a proxy signer, and the proxy signer creates signatures on behalf of the original signer. To avoid the misuse of proxy signatures, the original signer hopes that he can restrict the signing capability delegated to the proxy signers. In this paper, a designated-receiver proxy signature scheme is proposed. In this scheme, an original signer nominates a person as signature receiver when he delegates his signing capability to a proxy signer, and the proxy signer can generate valid proxy signature on behalf of the original signer which none but the nominated receiver can verify and accept, thus the misuse of proxy signature is avoided. The security of the proposed signature scheme is analyzed. The scheme will be applied in e_commerce and other fields.

Debiao He,Yitao Chen,Jianhua Chen

DOI: https://doi.org/10.1016/j.mcm.2012.12.037

2013-01-01

Mathematical and Computer Modelling

Abstract:The proxy signature scheme allows a proxy signer to sign messages on behalf of an original signer, a company or an organization. Such schemes have lots of practical applications, particularly in distributed computing, where delegation of rights is quite common. Recently, the certificateless public key cryptography has attracted much attention since it could solve the certificate management problem in the traditional public cryptography and the key escrow problem in the identity-based cryptography. Many certificateless proxy signature schemes using pairing have been proposed. The pairing operation is a very complicated operation. So the performance of these schemes is not very good. In this paper, we propose the first certificateless proxy signature scheme without pairing. We argue that due to significant reduction in costs of computation and storage, our scheme is particularly suitable for practical applications with severely constrained resources. We also show our scheme is secure against both of the super Type I and the super Type II adversaries.

Hu Xiong,Fagen Li,Zhiguang Qin

DOI: https://doi.org/10.15388/informatica.2010.288

2010-01-01

Informatica

Abstract:A proxy signature scheme enables an original signer to delegate its signing capability to a proxy signer and then the proxy signer can sign a message on behalf of the original signer. Recently, in order to eliminate the use of certificates in certified public key cryptography and the key-escrow problem in identity-based cryptography, the notion of certificateless public key cryptography was introduced. In this paper, we first present a security model for certificateless proxy signature schemes, and then propose an efficient construction based on bilinear pairings. The security of the proposed scheme can be proved to be equivalent to the computational Diffie-Hellman problem in the random oracle with a tight reduction.

Qun Lin,Hongyang Yan,Zhengan Huang,Wenbin Chen,Jian Shen,Yi Tang

DOI: https://doi.org/10.1109/access.2018.2809426

IF: 3.9

2018-01-01

IEEE Access

Abstract:Identity-based cryptosystems mean that public keys can be directly derived from user identifiers, such as telephone numbers, email addresses, and social insurance number, and so on. So they can simplify key management procedures of certificate-based public key infrastructures and can be used to realize authentication in blockchain. Linearly homomorphic signature schemes allow to perform linear computations on authenticated data. And the correctness of the computation can be publicly verified. Although a series of homomorphic signature schemes have been designed recently, there are few homomorphic signature schemes designed in identity-based cryptography. In this paper, we construct a new ID-based linear homomorphic signature scheme, which avoids the shortcomings of the use of public-key certificates. The scheme is proved secure against existential forgery on adaptively chosen message and ID attack under the random oracle model. The ID-based linearly homomorphic signature schemes can be applied in e-business and cloud computing. Finally, we show how to apply it to realize authentication in blockchain.

computer science, information systems,telecommunications,engineering, electrical & electronic

Shaohua Tang,Lingling Xu

DOI: https://doi.org/10.1007/978-3-642-34601-9_9

2012-01-01

Abstract:The proxy signatures are important cryptosystems that are widely adopted in different applications. Most of the proxy signature schemes so far are based on the hardness of integer factoring, discrete logarithm, and/or elliptic curve. However, Shor proved that the emerging quantum computers can solve the problem of prime factorization and discrete logarithm in polynomial-time, which threatens the security of current RSA, ElGamal, ECC, and the proxy signature schemes based on these problems. We propose a novel proxy signature scheme based on the problem of Isomorphism of Polynomials (IP) which belongs to a major category of Multivariate Public Key Cryptography (MPKC). Through security discussion, our scheme can reach the same security level as the signature scheme based on IP problem. The most attractive advantage of our scheme should be its feature to potentially resist the future quantum computing attacks. Our scheme also owns some important properties of proxy signature schemes, such as strong unforgeability, strong identifiability, strong undeniability, secret-key's dependence, distinguishability, etc. The scheme is implemented in C/C++ programming language, and the performance shows that the scheme is efficient. The parameters we choose can let security level of the scheme up to 286.59.

Fengying Li,Qingshui Xue,Jiping Zhang,Zhenfu Cao

DOI: https://doi.org/10.1007/978-3-642-03354-4_31

2009-01-01

Abstract:In a multi-proxy multi-signature scheme, one original group delegates a group of proxy signers to sign messages on behalf of the original signers. When the proxy signature is created, all of proxy signers cooperate to generate valid proxy signatures. Based on Cha and Cheon's ID-based signature scheme, a multi-proxy multi-signature scheme based on bilinear-pairs is proposed. The proposed scheme can provide the security properties of proxy protection, verifiability, strong identifiability, strong unforgeability, strong repudiability, distinguishability and prevention of misuse of proxy signing power. That is, internal attacks, external attacks, collusion attacks, equation attacks and public key substitution attacks can be resisted.

Qingshui Xue,Zhenfu Cao

DOI: https://doi.org/10.1016/j.cam.2005.03.085

IF: 2.872

2005-01-01

Journal of Computational and Applied Mathematics

Abstract:In proxy signature schemes, original signers delegate proxy signers to sign messages on behalf of original signers. Currently, most proxy signature schemes are based on the difficulty of discrete logarithms over finite field or ellipse curve addition group. Based on the difficulty of factorings of large integers, one normal proxy signature scheme and one multi-proxy signature scheme are proposed. The security properties of strong unforgeability, verifiability, strong nonrepudiation, strong identifiability, distinguishability and prevention of misuse of proxy signing power can be fulfilled by the proposed schemes. In addition, the performance of the proposed schemes is analysed as well.