Volume 15, Issue 2 (2004), pp. 251–270
A new digital signature scheme in non‐commutative Gaussian monoid is presented. Two algebraic structures are employed: Gaussian monoid and a certain module being compatible with a monoid. For both monoid and module, presentation and action level attributes are defined. Monoid action level is defined as monoid element (word) action on module element as an operator. A module is a set of functions (elements) with special properties and could be treated as some generalization of vector space.
Signature scheme is based on the one‐way functions (OWF) design using: three recognized hard problems in monoid presentation level, one postulated hard problem in monoid action level and one provable hard problem in module action level.
For signature creation and verification the word equivalence problem is solved in monoid action level thus avoiding solving it in monoid presentation level. Then the three recognized hard problems in monoid presentation level can be essentially as hard as possible to increase signature security. Thus they do not influence on the word problem complexity and, consequently, on the complexity of signature realization.
The investigation of signature scheme security against four kind of attacks is presented. It is shown that the signature has a provable security property with respect to the list of attacks presented here, which are postulated to be complete.
Volume 14, Issue 4 (2003), pp. 445–454
An authenticated encryption allows the designated recipient to verify the authenticity while recovering the message. To protect the recipient's benefit in case of a later dispute, a convertible authenticated encryption scheme allows the recipient to convert the authenticated encryption into an ordinary signature so that it becomes a publicly verifiable. This paper shows a universal forgery attack on Araki et al.'s convertible authenticated encryption scheme, and proposes a new convertible authenticated encryption scheme. Without using any conventional one‐way function, the proposed scheme simplifies its security assumption on only a public hard problem – the discrete logarithm problem.