Journal:Informatica
Volume 25, Issue 2 (2014), pp. 299–326
Abstract
Up to now, there was very little work on studying the revocation problem in existing hierarchical ID-based encryption (HIBE) systems. Certainly, all existing HIBE systems may inherit the revocation method suggested by Boneh and Franklin to revoke illegal or expired users, in which non-revoked users must periodically update their private keys using secure channels by contacting their ancestors in hierarchical structures. In this paper, we propose the first HIBE scheme with public revocation mechanism, called revocable HIBE (RHIBE), which is extended from Lewko and Waters's unbounded HIBE scheme presented in Eurocrypt 2011. We demonstrate that the proposed RHIBE scheme is fully secure while removing the requirement of secure channels for private key updating in Boneh and Franklin's revocation method. The public revocation mechanism is an exciting alternative to the existing revocation methods. Finally, we discuss the transformation technique from a HIBE scheme to a RHIBE scheme and employ it to another well-known HIBE scheme.
Journal:Informatica
Volume 23, Issue 3 (2012), pp. 487–505
Abstract
Revocation problem is a critical issue for key management of public key systems. Any certificate-based or identity (ID)-based public key systems must provide a revocation method to revoke misbehaving/compromised users from the public key systems. In the past, there was little work on studying the revocation problem of ID-based public key systems. Most recently, Tseng and Tsai presented a novel ID-based public key system with efficient revocation using a public channel, and proposed a practical revocable ID-based encryption (called RIBE). They proved that the proposed RIBE is semantically secure in the random oracle model. Although the ID-based encryption schemes based on the random oracle model can offer better performance, the resulting schemes could be insecure when random oracles are instantiated with concrete hash functions. In this paper, we employ Tseng and Tsai's revocable concept to propose a new RIBE without random oracles to provide full security. We demonstrate that the proposed RIBE is semantically secure against adaptive-ID attacks in the standard model.
Journal:Informatica
Volume 23, Issue 2 (2012), pp. 315–334
Abstract
An authenticated group key exchange (AGKE) protocol allows participants to construct a common key and provide secure group communications in cooperative and distributed applications. Recently, Choi et al. proposed an identity (ID)-based authenticated group key exchange (IDAGKE) protocol from bilinear pairings. However, their protocol suffered from an insider colluding attack because it didn't realize the security issue of withstanding insider attacks. Withstanding insider attacks mean that it can detect whether malicious participants exist in the group key exchange protocol. Nevertheless, an AGKE protocol resistant to insider attacks is still unable to find “who are malicious participants”. In this paper, we propose an ID-based AGKE protocol with identifying malicious participants. In our protocol, we use a confirmed computation property to achieve identifying malicious participants. Certainly, it is also secure against insider attacks. In the random oracle model and under related mathematical hard problems, we prove that the proposed protocol a secure AGKE protocol with identifying malicious participants.
Journal:Informatica
Volume 21, Issue 2 (2010), pp. 247–258
Abstract
In 2008, based on the two-party Diffie–Hellman technique, Biswas proposed a contributory group key exchange protocol called the Group-DH protocol. This contributory property is an important one of group key agreement. Unfortunately, in this paper we show that the proposed Group-DH protocol is not a contributory group key exchange protocol. Therefore, we propose an improved group key exchange protocol with verifiably contributory property based on the same Diffie–Hellman technique. When an identical group key is constructed, each participant can confirm that his/her contribution is actually included in the group key. We show that the improved protocol is provably secure against passive attacks under the decisional Diffie–Hellman assumption. As compared to the previously proposed group key exchange protocols, our protocol provides contributiveness and the required computational cost is suitable for low-power participants in a network environment.
Journal:Informatica
Volume 19, Issue 2 (2008), pp. 285–302
Abstract
With rapid growth of mobile wireless networks, handheld devices are popularly used by people and many mobile applications have been rapidly developed. Considering the limited computing capability of smart cards or mobile devices, the security scheme design suitable for these mobile devices is a nontrivial challenge. A user authentication scheme is a mechanism to authenticate a remote user over an open network. In 2006, Das et al. proposed an identity (ID)-based remote user authentication scheme with smart cards using bilinear pairings. Unfortunately, their scheme is insecure against forgery attack. Recently, Giri and Srivastava proposed an improved scheme to overcome the forgery attack. The computational cost required by the Giri–Srivastava scheme is expensive, especially for smart cards with limited computing capability. In addition, the Giri–Srivastava scheme is unable to be used for a multi-server environment. This paper presents an efficient and secure ID-based remote user authentication scheme using bilinear pairings. Based on the computational Diffie–Hellman assumption, we show that the proposed scheme is secure against existential forgery on adaptively chosen-message and ID attack in the random oracle model. As compared with the recently proposed pairing-based authentication schemes, our scheme has better performance in term of the computational cost and it is suitable for a multi-server environment in distributed networks. Performance analysis and experimental data of related pairing operations on smartcards are given to demonstrate that our scheme is well suited for mobile devices with limited computing capability.