Informatica

Many electronic cash systems have been proposed with the proliferation of the Internet and the activation of electronic commerce. E-cash enables the exchange of digital coins with value assured by the bank's signature and with concealed user identity. In an electronic cash system, a user can withdraw coins from the bank and then spends each coin anonymously and unlinkably. In this paper, we design an efficient anonymous mobile payment system based on bilinear pairings, in which the anonymity of coins is revocable by a trustee in case of dispute. The message transfer from the customer to the merchant occurs only once during the payment protocol. Also, the amount of communication between customer and merchant is about 800 bits. Therefore, our mobile payment system can be used in the wireless networks with the limited bandwidth. The security of the new system is under the computational Diffie–Hellman problem in the random oracle model.

With rapid growth of mobile wireless networks, handheld devices are popularly used by people and many mobile applications have been rapidly developed. Considering the limited computing capability of smart cards or mobile devices, the security scheme design suitable for these mobile devices is a nontrivial challenge. A user authentication scheme is a mechanism to authenticate a remote user over an open network. In 2006, Das et al. proposed an identity (ID)-based remote user authentication scheme with smart cards using bilinear pairings. Unfortunately, their scheme is insecure against forgery attack. Recently, Giri and Srivastava proposed an improved scheme to overcome the forgery attack. The computational cost required by the Giri–Srivastava scheme is expensive, especially for smart cards with limited computing capability. In addition, the Giri–Srivastava scheme is unable to be used for a multi-server environment. This paper presents an efficient and secure ID-based remote user authentication scheme using bilinear pairings. Based on the computational Diffie–Hellman assumption, we show that the proposed scheme is secure against existential forgery on adaptively chosen-message and ID attack in the random oracle model. As compared with the recently proposed pairing-based authentication schemes, our scheme has better performance in term of the computational cost and it is suitable for a multi-server environment in distributed networks. Performance analysis and experimental data of related pairing operations on smartcards are given to demonstrate that our scheme is well suited for mobile devices with limited computing capability.

We propose an Identity Based Strong Designated Verifier Signature (IBSDVS) scheme using bilinear pairings. Designated Verifier Signature finds application in e-voting, auctions and call for tenders. We prove that the scheme is secure against existential forgery under adaptively chosen message and identity attack in random oracle model. We also show that the problem of delegatability does not exist in our scheme.

A key exchange (or agreement) protocol is designed to allow two entities establishing a session key to encrypt the communication data over an open network. In 1990, Gunther proposed an identity-based key exchange protocol based on the difficulty of computing a discrete logarithm problem. Afterwards, several improved protocols were proposed to reduce the number of communication steps and the communicational cost required by Gunther's protocol. This paper presents an efficient identity-based key exchange protocol based on the difficulty of computing a discrete logarithm problem. As compared with the previously proposed protocols, it has better performance in terms of the computational cost and the communication steps. The proposed key exchange protocol provides implicit key authentication as well as the desired security attributes of an authenticated key exchange protocol.

This paper presents identity based serial and parallel multisignature schemes using bilinear pairings. Our serial multisignature scheme requires a forced verification at every level to avoid the overlooking of the predecessors' signatures. However, in parallel multisignature scheme the verification of individual signatures is performed by a designated clerk. We show that our schemes are secure against existential forgery under adaptive chosen message attack in the random oracle model.