Informatica

This paper studies the generic construction of certificate-based signature (CBS) from certificateless signature (CLS). This paper proposes a new generic conversion from CLS to CBS which is more intuitive, simpler, and provably secure without random oracles than the current one. To develop the security proof, we put forth one novel CLS security model which features a previously neglected but nontrivial attack and hence captures the CLS security notion more comprehensively. We show that many existing CLS schemes can be proved secure in the current model by slightly modifying its original security proof. Following this conversion, many provably secure CBS schemes can be constructed from the corresponding existing CLS schemes.

Certificateless short signature (CLSS) possesses the advantages of both certificateless signature and short signature. CLSS eliminates the certificate management in conventional signatures and solves the key escrow problem in ID-based signatures. In the meantime, due to its short signature length, CLSS reduces the bandwidth for communication so that it is suitable for some specific authentication applications requiring bandwidth-constrained communication environments. However, up to now, there is no work on studying the revocation problem in existing CLSS schemes. In this article, we address the revocation problem and propose the first revocable certificateless short signature (RCLSS) scheme. Based on the computational Diffie–Hellman (CDH) assumption, we demonstrate that our RCLSS scheme possesses strong unforgeability against adaptive chosen-message attacks under an accredited security model. It turns out that our scheme has the shortest signature length while retaining computational efficiency. Thus, the proposed RCLSS scheme is well suited for low-bandwidth communication environments. Finally, we combine the proposed RCLSS scheme with cloud revocation authority (CRA) to present a CRA-aided authentication scheme with period-limited privileges for mobile multi-server environment.

Certificateless public-key systems (CL-PKS) were introduced to simultaneously solve two critical problems in public-key systems. One is the key escrow problem in ID-based public-key systems and the other is to eliminate the presence of certificates in conventional public-key systems. In the last decade, several certificateless signature (CLS) schemes have been proposed in the random oracle model. These CLS schemes possess existential unforgeability against adaptive chosen-message attacks, and only few of them possess strong unforgeability. A CLS scheme with strong unforgeability plays an important role in the construction of certificateless cryptographic schemes. Unfortunately, all the existing CLS schemes in the standard model (without random oracles) have been shown insecure to provide existential unforgeability under a generally adopted security model. In the article, we propose a strongly secure CLS scheme in the standard model under the generally adopted security model. Our scheme possesses not only existential unforgeability but also strong unforgeability, and turns out to be the first strongly secure CLS scheme in the standard model. Under the collision resistant hash (CRH) and computational Diffie–Hellman (CDH) assumptions, we prove that our CLS scheme possesses strong unforgeability against both Type I (outsiders) and Type II (key generation center) adversaries.

Revocation problem is a critical issue for key management of public key systems. Any certificate-based or identity (ID)-based public key systems must provide a revocation method to revoke misbehaving/compromised users from the public key systems. In the past, there was little work on studying the revocation problem of ID-based public key systems. Most recently, Tseng and Tsai presented a novel ID-based public key system with efficient revocation using a public channel, and proposed a practical revocable ID-based encryption (called RIBE). They proved that the proposed RIBE is semantically secure in the random oracle model. Although the ID-based encryption schemes based on the random oracle model can offer better performance, the resulting schemes could be insecure when random oracles are instantiated with concrete hash functions. In this paper, we employ Tseng and Tsai's revocable concept to propose a new RIBE without random oracles to provide full security. We demonstrate that the proposed RIBE is semantically secure against adaptive-ID attacks in the standard model.

Key-insulated cryptography is an important technique to protect private keys in identity-based (IB) cryptosytems. Despite the flurry of recent results on IB key-insulated encryption (IBKIE) and signature (IBKIS), a problem regarding the security and efficiency of practicing IBKIE and IBKIS as a joint IB key-insulated signature/encryption scheme with a common set of parameters and keys remains open. To deal with the above question, we propose an identity-based key-insulated signcryption (IBKISC) scheme. Compared with the Sign-then-Encrypt (StE) and Encrypt-then-Sign (EtS) using IBKIE and IBKIS in the standard model, our proposed IBKISC scheme is the fastest with the shortest ciphertext size.