共查询到20条相似文献,搜索用时 15 毫秒
1.
Maryam Rajabzadeh Asaar Mahmoud Salmasizadeh Willy Susilo 《International Journal of Communication Systems》2016,29(5):859-873
The notion of identity‐based proxy signature with message recovery feature has been proposed to shorten identity‐based proxy signatures and improve their communication overhead because signed messages are not transmitted with these kinds of signatures. There are a few schemes for this notion: the schemes of Singh and Verma and Yoon et al. Unfortunately, Tian et al., by presenting two forgery attacks, show that Singh and Verma scheme is not secure, and also, the scheme of Yoon et al. does not support provable security. The contributions of this paper are twofold. First, we review the scheme by Yoon et al. and discuss why it does not have message recovery property, and consequently, it is not short. Second, we propose a short identity‐based proxy signature scheme with the help of message recovery property and show that it is secure under computational Diffie–Hellman assumption in the random oracle model. Furthermore, our scheme is more efficient than (as efficient as) previous identity‐based proxy signatures. Copyright © 2014 John Wiley & Sons, Ltd. 相似文献
2.
Multi‐proxy signature is one of the useful primitives of the proxy signature. Till now, only a few schemes of identity‐based multi‐proxy signature (IBMPS) have been proposed using bilinear pairings, but most of the schemes are insecure or lack a formal security proof. Because of the important application of IBMPS scheme in distributed systems, grid computing, and so on, construction of an efficient and provable‐secure IBMPS scheme is desired. In 2005, Li & Chen proposed an IBMPS scheme from bilinear pairings, but their paper lacks a formal model and proof of the security. Further, in 2009, Cao & Cao presented an IBMPS scheme with the first formal security model for it. Unfortunately, their scheme is not secure against the Xiong et al's attack. In this paper, first, we present an IBMPS scheme, then we formalize a security model for the IBMPS schemes and prove that the presented scheme is existential unforgeable against adaptive chosen message and identity attack in the random oracle model under the computational Diffie–Hellman assumption. Also, our scheme is not vulnerable for the Xiong et al's attack. The presented scheme is more efficient in the sense of computation and operation time than the existing IBMPS schemes. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献
3.
Joonsang Baek等人提出了一种新型的广义指定验证者签名(UDVS)称为广义指定验证者签名证明(UDVSP).本文提出一个高效的基于Zhang-Safavi—Susilo(ZSS)签名方案的广义指定验证者签名证明.利用双线性对的性质和预计算,所提方案中仅仅需要2个对运算,同时只使用通常密码学上的hash函数,而不需要特殊的hash函数(映射到点).在随机预言机模型中,证明该方案是安全的. 相似文献
4.
针对基于身份公钥密码体制中固有的密钥托管和传统公钥密码系统中证书管理问题,结合基于证书公钥密码系统的优点和消息恢复签名的特点,设计了一种基于证书的带消息恢复的代理签名方案,该方案基于离散对数问题和计算Deffie-Hellman问题假设,可限制代理人滥用代理权力,具有正确性、不可伪造性和不可否认性,最后给出了证明。 相似文献
5.
To solve the key escrow problem of the identity-based cryptosystem, Girault introduced the notion of a self-certified public key, which not only eliminates the need to authenticate a public key but also solves the key escrow problem. This paper proposes a Self-Certified Signature (SCS) scheme with message recovery and two variants without using bilinear pairings: one is the authenticated encryption scheme in which only the designated receiver can verify the signature, and the other is the authenticated encryption scheme with message linkage that deals with large messages. These three SCS schemes are provably secure in the random oracle model and are more efficient than previous schemes. 相似文献
6.
JuHee Ki Jung Yeon Hwang DaeHun Nyang Beom‐Hwan Chang Dong Hoon Lee Jong‐in Lim 《ETRI Journal》2012,34(2):235-244
An identity‐based strong designated verifier signature scheme provides restricted verifiability only for a verifier designated by a signer and proper privacy for the signer. In this paper, we show that strong designated verifier signature schemes do not satisfy the self‐unverifiability requirement in the sense that not only exposure of the verifier's secret key but also of the signer's secret key enables an attacker to verify signatures, which should have been the exclusive right of the verifier. We also present a generic method to construct a strong identity‐based designated verifier signature scheme with self‐unverifiability from identity‐based key encapsulation and identity‐based key sharing schemes. We prove that a scheme constructed from our method achieves unforgeability, non‐transferability, and self‐unverifiability if the two underlying components are secure. To show the advantage of our method, we present an example that outputs short signatures and we analyze its performance. 相似文献
7.
8.
Xiaolei Dong Haifeng Qian Zhenfu Cao 《Wireless Communications and Mobile Computing》2009,9(2):217-225
In electronic communication and wireless communication, message authentication should be necessary. However, traditional method message authentication code (MAC) employs a symmetric cryptographical technique and it needs to keep a shared private key between two parties. For convenience, people now begins to use public key techniques to provide message authentication. In wireless communication, we shall save more space for message itself because of the limited resources. Therefore, we believe that our proposed digital signature scheme will be more fitful for this kind of communication due to the following merits: (1) in addition to inheriting the merits of RSA signature such as high verification efficiency, the proposed scheme also shows its advantage over RSA by resisting low public key exponent attack; (2) comparing with 1024 bits RSA, our digital signature scheme can sign 2048‐bit long message once, and generate a signature with 1025 bits length which doubles the capacity of the 1024‐bit RSA signature; (3) the scheme is provably secure and its security is tightly related to the hardness of conic‐based (CB)‐RSA assumption. Copyright © 2008 John Wiley & Sons, Ltd. 相似文献
9.
This paper presents a self‐certified digital signature scheme with message recovery that is proven to be secure. So far, many schemes of this kind have been proposed to keep message secret in the transmission. But Zhang et al. has proposed the man‐in‐middle attack to Shao's self‐certified signature scheme, which is based on discrete logarithm. The attacker can make a new signature by using an old one, but the reason of such man‐in‐middle attack was not referred. We present the scheme of Yoon et al., which is also based on discrete logarithm, that cannot resist man‐in‐middle attack either, give the analysis of the attack, and propose a new scheme. The proposed scheme can resist forgery attack in the random oracle model and avoid message leakage, the man‐in‐middle attack, and meanwhile has several security characters. Compared with some self‐certified schemes, our scheme is the best because of the time cost. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献
10.
密码学中的随机预言模型与标准模型 总被引:1,自引:0,他引:1
随机预言模型与标准模型是密码学可证明安全理论中非常重要的两类模型。在此对这两种模型进行了描述,并研究了运用它们证明密码方案或协议安全性时所采取的不同技术,包括随机预言模型在加密和数字签名方案中的应用研究,以及标准模型下可证明安全性理论在加密方案中的应用研究。此外对进一步研究方向进行了展望。 相似文献
11.
12.
13.
To satisfy the requirements of identity authentication and data possession proven in the cloud application scenarios,a provable data possession scheme with authentication was proposed.Based on data tag signature and randomness reusing,the proposed scheme could accomplish several issues with three interactions,including the possession proof of cloud data,the mutual authentication between user and cloud computing server,the session key agreement and confirmation.Compared to the simple combination of authentication key agreement and provable data possession schemes,the proposed scheme has less computation and interactions,and better provable securities.In the random oracle model,the security proof of the proposed scheme is given under the computational Diffie-Hellman assumption. 相似文献
14.
15.
Wireless Sensor Network (WSN) nodes are severely limited by their power, communication band-width, and storage space, and the traditional signature algorithm is not suitable for WSN environments. In this paper, we present a ring signature scheme de-signed for WSNs. In this scheme, all of the wireless sensor nodes are divided into several sub-groups and the sub-group nodes are used to generate the signature instead of the WSN cluster nodes. This scheme can effectively avoid the single node failure problem, and it also has a high availability. All nodes are free to sign their own message, and the nodes that generate signatures can simultaneously calculate their own part of the signature, meeting the distributed parallel com-puting requirements. Compared with the traditional ring signature, this scheme reduces the energy con-sumption, and therefore is very suitable for WSNs. 相似文献
16.
A Verifiably Encrypted Signature (VES) plays an essential role in the construction of a fair data exchange. The paper proposes an Identity-based Proxy Verifiably Encrypted Signature (IPVES) to combine the advantages of a proxy sig-nature and a VES in order to delegate the signing capability of the VES of an entity called the original signer to another entity, called the proxy signer. In this IPVES scheme, the original signer delegates his/her signing capability to the proxy signer. The proxy signer issues a signature by using a proxy signing key, encrypts the signature under a desig-nated public key, and subsequently convinces a ver-ifier that the resulting ciphertext contains such a signature. We prove that the proposed IPVES scheme is secure in a random oracle model under the computational Diffie-Hellman assumption. 相似文献
17.
18.
Anonymous proxy signature scheme can provide the privacy protection for the proxy signer. Recently, Yu et al. proposed an anonymous proxy signature, which can be viewed as the organic combination of proxy signature and ring signature. However, the efficiency is low. In this paper, we propose an efficient and secure proxy signature with the properties of anonymity and traceability, and it is provably secure in the random oracle model. Compared with Yu et al.'s scheme, the scheme has higher efficiency. 相似文献
19.
MA Chun-guang CAI Man-chun YANG Yi-xian Information Security Center Beijing University of Posts Telecommunications Beijing P.R.China 《中国邮电高校学报(英文版)》2004,11(4)
A new practical method is introduced to transform the stateful transitive signature scheme to stateless one with-out the loss of security.According to the approach,two concrete stateless transitive signature schemes based on Factoringand RSA are presented respectively.Under the assumption of the hardness of factoring and one-more-RSA-inversion prob-lem,both two schemes are secure under the adaptive chosen-message attacks in random oracle model. 相似文献
20.
Shubham Gupta Balu L. Parne Narendra S. Chaudhari 《International Journal of Communication Systems》2019,32(8)
Machine‐type communication (MTC) is defined as an automatic aggregation, processing, and exchange of information among intelligent devices without humans intervention. With the development of immense embedded devices, MTC is emerging as the leading communication technology for a wide range of applications and services in the Internet of Things (IoT). For achieving the reliability and to fulfill the security requirements of IoT‐based applications, researchers have proposed some group‐based handover authentication and key agreement (AKA) protocols for mass MTCDs in LTE‐A networks. However, the realization of secure handover authentication for the group of MTCDs in IoT enabled LTE‐A network is an imminent issue. Whenever mass MTCDs enter into the coverage area of target base‐station simultaneously, the protocols incur high signaling congestion. In addition, the existing group‐based handover protocols suffer from the huge network overhead and numerous identified problems such as lack of key forward/backward secrecy, privacy‐preservation. Moreover, the protocols fail to avoid the key escrow problem and vulnerable to malicious attacks. To overcome these issues, we propose a secure and robust group‐based handover (SRGH) AKA protocol for mass MTCDs in LTE‐A network. The protocol establishes the group key update mechanism with forward/backward secrecy. The formal security proof demonstrates that the protocol achieves all the security properties including session key secrecy and data integrity. Furthermore, the formal verification using the AVISPA tool shows the correctness and informal analysis discusses the resistance from various security problems. The performance evaluation illustrates that the proposed protocol obtains substantial efficiency compared with the existing group‐based handover AKA protocols. 相似文献