Pub. online:1 Jan 2017Type:Research ArticleOpen Access
Journal:Informatica
Volume 28, Issue 2 (2017), pp. 215–235
Abstract
This paper studies the generic construction of certificate-based signature (CBS) from certificateless signature (CLS). This paper proposes a new generic conversion from CLS to CBS which is more intuitive, simpler, and provably secure without random oracles than the current one. To develop the security proof, we put forth one novel CLS security model which features a previously neglected but nontrivial attack and hence captures the CLS security notion more comprehensively. We show that many existing CLS schemes can be proved secure in the current model by slightly modifying its original security proof. Following this conversion, many provably secure CBS schemes can be constructed from the corresponding existing CLS schemes.
Journal:Informatica
Volume 21, Issue 3 (2010), pp. 307–319
Abstract
A Group-Oriented Cryptosystem (GOC) allows a sender to encrypt a message sent to a group of users so only the specified sets of users in that group can cooperatively decrypt the message. Recently, Li et al. pointed out unauthorized sets in the receiving group can recover the encrypted messages in Yang et al.'s GOC; and they further repaired this security flaw. However, the improved GOC contains inexact security analysis. Further, conversion of the scheme into a threshold cryptosystem results in inefficiency. This study enhances Li et al.'s GOC, both in that it achieves the requirements of GOC but also that it can be efficiently converted into a threshold cryptosystem. Under the decisional Diffie–Hellman problem assumption, the proposed scheme is demonstrated to be provably secure against chosen plaintext attacks.
Journal:Informatica
Volume 21, Issue 2 (2010), pp. 277–294
Abstract
A proxy signature scheme enables an original signer to delegate its signing capability to a proxy signer and then the proxy signer can sign a message on behalf of the original signer. Recently, in order to eliminate the use of certificates in certified public key cryptography and the key-escrow problem in identity-based cryptography, the notion of certificateless public key cryptography was introduced. In this paper, we first present a security model for certificateless proxy signature schemes, and then propose an efficient construction based on bilinear pairings. The security of the proposed scheme can be proved to be equivalent to the computational Diffie–Hellman problem in the random oracle with a tight reduction.
Journal:Informatica
Volume 18, Issue 1 (2007), pp. 67–78
Abstract
Deniable authenticated protocol is a new cryptographic authentication protocol that enables a designated receiver to identify the source of a given message without being able to prove the identity of the sender to a third party. Therefore, it can be applied to some particular situations in electronic commerce. In this paper, we formally define the security model for the non-interactive ID-based deniable authentication protocol and present a new efficient ID-based deniable authentication protocol based on RSA assumption. What's more, we also use the techniques from provable security to analyze the security of our proposed protocol.
Journal:Informatica
Volume 17, Issue 4 (2006), pp. 467–480
Abstract
We revisit the password-based group key exchange protocol due to Lee et al. (2004), which carries a claimed proof of security in the Bresson et al. model under the intractability of the Decisional Diffie–Hellman problem (DDH) and Computational Diffie–Hellman (CDH) problem. We reveal a previously unpublished flaw in the protocol and its proof, whereby we demonstrate that the protocol violates the definition of security in the model. To provide a better insight into the protocol and proof failures, we present a fixed protocol. We hope our analysis will enable similar mistakes to be avoided in the future. We also revisit protocol 4 of Song and Kim (2000), and reveal a previously unpublished flaw in the protocol (i.e., a reflection attack).