Informatica

This paper studies the generic construction of certificate-based signature (CBS) from certificateless signature (CLS). This paper proposes a new generic conversion from CLS to CBS which is more intuitive, simpler, and provably secure without random oracles than the current one. To develop the security proof, we put forth one novel CLS security model which features a previously neglected but nontrivial attack and hence captures the CLS security notion more comprehensively. We show that many existing CLS schemes can be proved secure in the current model by slightly modifying its original security proof. Following this conversion, many provably secure CBS schemes can be constructed from the corresponding existing CLS schemes.

Multisignature scheme allows a group of signers to generate a compact signature on a common document that certifies they endorsed the message. However, the existing state of the art multisignatures often suffers from the following problems: impractical key setup assumptions, loose security reductions and inefficient signature verification. In this paper, we propose a non-interactive multisignature scheme with tight security reduction in the random oracle model. Our proposed multisignatures address the above three problems by achieving: provable security in the plain public key model; tight security reduction under the standard Computational Diffie–Hellman (CDH) assumption and 𝒪(1) computational time for signature verification through pre-computation. Hence, our non-interactive multisignatures are of great use in routing authentication of networks.

A Group-Oriented Cryptosystem (GOC) allows a sender to encrypt a message sent to a group of users so only the specified sets of users in that group can cooperatively decrypt the message. Recently, Li et al. pointed out unauthorized sets in the receiving group can recover the encrypted messages in Yang et al.'s GOC; and they further repaired this security flaw. However, the improved GOC contains inexact security analysis. Further, conversion of the scheme into a threshold cryptosystem results in inefficiency. This study enhances Li et al.'s GOC, both in that it achieves the requirements of GOC but also that it can be efficiently converted into a threshold cryptosystem. Under the decisional Diffie–Hellman problem assumption, the proposed scheme is demonstrated to be provably secure against chosen plaintext attacks.

A proxy signature scheme enables an original signer to delegate its signing capability to a proxy signer and then the proxy signer can sign a message on behalf of the original signer. Recently, in order to eliminate the use of certificates in certified public key cryptography and the key-escrow problem in identity-based cryptography, the notion of certificateless public key cryptography was introduced. In this paper, we first present a security model for certificateless proxy signature schemes, and then propose an efficient construction based on bilinear pairings. The security of the proposed scheme can be proved to be equivalent to the computational Diffie–Hellman problem in the random oracle with a tight reduction.

In 2008, based on the two-party Diffie–Hellman technique, Biswas proposed a contributory group key exchange protocol called the Group-DH protocol. This contributory property is an important one of group key agreement. Unfortunately, in this paper we show that the proposed Group-DH protocol is not a contributory group key exchange protocol. Therefore, we propose an improved group key exchange protocol with verifiably contributory property based on the same Diffie–Hellman technique. When an identical group key is constructed, each participant can confirm that his/her contribution is actually included in the group key. We show that the improved protocol is provably secure against passive attacks under the decisional Diffie–Hellman assumption. As compared to the previously proposed group key exchange protocols, our protocol provides contributiveness and the required computational cost is suitable for low-power participants in a network environment.

We propose a distributed key generation protocol for pairing-based cryptosystems which is adaptively secure in the erasure-free and secure channel model, and at the same time completely avoids the use of interactive zero-knowledge proofs. Utilizing it as the threshold key generation protocol, we present a secure (t,n) threshold signature scheme based on the Waters' signature scheme. We prove that our scheme is unforgeable and robust against any adaptive adversary who can choose players for corruption at any time during the run of the protocols and make adaptive chosen-message attacks. And the security proof of ours is in the standard model (without random oracles). In addition our scheme achieves optimal resilience, that is, the adversary can corrupt any t<n/2 players.

A modified version of the Bellare and Rogaway (1993) adversarial model is encoded using Asynchronous Product Automata (APA). A model checker tool, Simple Homomorphism Verification Tool (SHVT), is then used to perform state-space analysis on the Automata in the setting of planning problem. The three-party identity-based secret public key protocol (3P-ID-SPK) protocol of Lim and Paterson (2006), which claims to provide explicit key authentication, is used as a case study. We then refute its heuristic security argument by revealing a previously unpublished flaw in the protocol using SHVT. We then show how our approach can automatically repair the protocol. This is, to the best of our knowledge, the first work that integrates an adversarial model from the computational complexity paradigm with an automated tool from the computer security paradigm to analyse protocols in an artificial intelligence problem setting – planning problem – and, more importantly, to repair protocols.

Deniable authenticated protocol is a new cryptographic authentication protocol that enables a designated receiver to identify the source of a given message without being able to prove the identity of the sender to a third party. Therefore, it can be applied to some particular situations in electronic commerce. In this paper, we formally define the security model for the non-interactive ID-based deniable authentication protocol and present a new efficient ID-based deniable authentication protocol based on RSA assumption. What's more, we also use the techniques from provable security to analyze the security of our proposed protocol.

We revisit the password-based group key exchange protocol due to Lee et al. (2004), which carries a claimed proof of security in the Bresson et al. model under the intractability of the Decisional Diffie–Hellman problem (DDH) and Computational Diffie–Hellman (CDH) problem. We reveal a previously unpublished flaw in the protocol and its proof, whereby we demonstrate that the protocol violates the definition of security in the model. To provide a better insight into the protocol and proof failures, we present a fixed protocol. We hope our analysis will enable similar mistakes to be avoided in the future. We also revisit protocol 4 of Song and Kim (2000), and reveal a previously unpublished flaw in the protocol (i.e., a reflection attack).