New Collective Signatures Based on the Elliptic Curve Discrete Logarithm Problem

There have been many digital signature schemes were developed based on the discrete logarithm problem on a finite field. In this study, we use the elliptic curve discrete logarithm problem to build new collective signature schemes. The cryptosystem on elliptic curve allows to generate digital signatures with the same level of security as other cryptosystems but with smaller keys. To extend practical applicability and enhance the security level of the group signature protocols, we propose two new types of collective digital signature schemes based on the discrete logarithm problem on the elliptic curve: i) the collective digital signature scheme shared by several signing groups and ii) the collective digital signature scheme shared by several signing groups and several individual signers. These two new types of collective signatures have combined the advantages of group digital signatures and collective digital signatures. These signatures have a fixed size and do not depend on the number of members participating in the creation of the final collective signature. One of the advantages of the proposed collective signature protocols is that they can be deployed on top of the available public key infrastructures.     

一种基于自验证公钥的门限代理签名方案的安全性分析

Xue和Cao提出了一种基于自验证公钥的门限代理签名方案,然而,该方案是不安全的。给出了对该方案一种攻击：攻击者获得一个合法的原始签名人发送给代理签名人的签名了的授权证书以及代理签名人生成的一个有效的代理签名后,能够伪造出一个新的对相同消息的代理签名,而原始签名人变为攻击者自己,由于验证者并不能验证代理签名人到底是代表谁生成了代理签名,这样,攻击者就获得了与合法原始签名人相同的权益。特别地,代理签名人代表原始签名人生成的门限代理签名可以被转化为普通的门限签名。分析了该方案存在安全漏洞的原因并提出了改进措施,改进措施能有效地弥补原方案存在的安全缺陷。     

Code-based Sequential Aggregate Signature Scheme

This paper proposes the first code-based quantum immune sequential aggregate signature (SAS) scheme and proves the security of the proposed scheme in the random oracle model. Aggregate signature (AS) schemes and sequential aggregate signature schemes allow a group of potential signers to sign different messages respectively, and all the signatures of those users on those messages can be aggregated into a single signature such that the size of the aggregate signature is much smaller than the total size of all individual signatures. Because of the aggregation of many signatures into a single short signature, AS and SAS schemes can reduce bandwidth and save storage; moreover, when a SAS is verified, not only the valid but also the order in which each signer signed can be verified. AS and SAS schemes can be applied to traffic control, banking transaction and military applications. Most of the existing AS and SAS schemes are based either on pairing or Rivest–Shamir–Adleman (RSA), and hence, can be broken by Shor’s quantum algorithm for Integer Factoring Problem (IFP) and Discrete Logarithm Problem (DLP). There are no quantum algorithms to solve syndrome decoding problems. Hence, code-based cryptography is seen as one of the promising candidates for post-quantum cryptography. This paper shows how to construct quantum immune sequential aggregate signatures based on coding theory. Specifically, we construct our scheme with the first code based signature scheme proposed by Courtois, Finiasz and Sendrier (CFS). Compared to the CFS signature scheme without aggregation, the proposed sequential aggregate signature scheme can save about 90% storage when the number of signers is asymptotically large.     

Extending RSA cryptosystems to proxy multi‐signature scheme allowing parallel individual signing operation

Abstract

Even though there have been many research studies on proxy signature schemes, only Shao's proxy multi‐signature scheme is based on the factoring problem (FAC). Unfortunately, Shao's scheme requires sequential signing operations and strict order of the modulus. It is not practical and not efficient. We, therefore, based on RSA cryptosystems, propose new proxy‐protected mono‐signature and proxy‐protected multi‐signature schemes. In contrast to their counterparts, our scheme allows parallel signing operations and also improves the signers’ computational performance.     

Fully adaptive attribute-based group signature in standard model

Attribute-based group signatures (ABGS) allow a signer to anonymously prove her membership in a group and her ownership of certain attributes, thus can find many applications where both privacy and authentication are required. In this paper, we present a new construction of ABGS based on Fuchsbauer’s automorphic signatures and the Groth and Sahai’s non-interactive witness-indistinguishable proof system. Compared with other ABGS in the literature, our construction is proved secure against fully adaptive adversaries in the standard model, instead of against selected adversaries in the random oracle model. In addition, it admits any signing policies if they can be described as monotone Boolean formulas, and the size of a signature is independent of the number of signers in the group.     

An Efficient and Practical Quantum Blind Signature Protocol with Relaxed Security Model

Blind signature has a wide range of applications in the fields of E-commerce and block-chain because it can effectively prevent the blind signer from getting the original message with its blindness. Owing to the potential unconditional security, quantum blind signature (QBS) is more advantageous than the classical ones. In this paper, an efficient and practical quantum blind signature scheme relaxed security model is presented, where quantum superposition, decoy qubits and hash function are used for the purpose of blindness. Compared with previous QBS scheme, the presented scheme is more efficient and practical with a relaxed security model, in which the signer’s dishonest behavior can be detected other than being prevented as in other QBS schemes.     

A Trust Value Sharing Scheme in Heterogeneous Identity Federation Topologies

Recent developments in heterogeneous identity federation systems have heightened the need for the related trust management system. The trust management system evaluates, manages, and shares users’ trust values. The service provider (SP) members of the federation system rely on users’ trust values to determine which type and quality of service will be provided to the users. While identity federation systems have the potential to help federated users save time and energy and improve service experience, the benefits also come with significant privacy risks. So far, there has been little discussion about the privacy protection of users in heterogeneous identity federation systems. In this paper, we propose a trust value sharing scheme based on a proxy ring signature for the trust management system in heterogeneous identity federation topologies. The ring signature schemes can ensure the validity of the data and hide the original signer, thereby protecting privacy. Moreover, no group manager participating in the ring signature, which naturally matches with our decentralized heterogeneous identity federation topologies. The proxy signature can reduce the workload of the private key owner. The proposed scheme shortens the calculation time for verifying the signature and then reduces the overall time consumption in the process of trust sharing. Our studies prove that the proposed scheme is privacy-preserving, efficient, and effective.     

A group signature based buyer coalition scheme with trustable third party

Despite the large number of existing buyer coalition schemes and increasing need for trusting relationship in buyer coalitions, no current buyer coalition scheme explicitly addresses trust issues within these schemes in a formalised manner. Without establishing a trusting relationships among various roles, many buyers may not be willing to join the coalitions. This study proposes a solution, in the form of an algorithmic design, as a response to the above need. Specific features of the proposed solution are: (i) the use of ‘group signature’ in order to guarantees anonymity within a group that results in trustfulness of the relationships and (ii) introducing a new role called ‘authority’ to maintain and implement anonymity. In addition, the proposed scheme is capable of maintaining ‘correctness’ and ‘accountability’ by both identifying misbehaved buyers as well as implementing various punishment methods.Knowledge domain of the study is the common space between three overlapping fields including Electronic Commerce, Communication Technologies and Information Systems.     

Quantum pseudosignatures

A pseudosignature is a piece of evidence with which the receiver of a message can prove to other players the identity of the originator of that message. In contrast to a signature a pseudosignature has a restricted transferability. This paper presents the first quantum pseudosignature scheme where the resulting pseudosignature and the verification procedures are classical. Therefore no long-term quantum storage is needed for this scheme. It is proved that quantum pseudosignature schemes can be more resilient than any classical pseudosignature scheme: only collusion involving the signer can abort the proposed pseudosignature scheme, but then it becomes obvious that the signer must be cheating.     

An encryption/signature scheme with low message expansion

Abstract

Secrecy, authenticity and integrity are three major services provided by the public key cryptography. To provide these three services via the ElGamal public key cryptosystem and Signature scheme, the message expanding ratio is four and the overhead of communication is heavy. In this paper, a concurrent encryption/signature scheme will be proposed to provide these three services with a lower message expanding ratio. In the new scheme, the signer can encrypt and sign the message concurrently so the signature that serves as the ciphertext is a pair of integers. Thus the message expanding ratio can be decreased to two.     

An Efficient Certificateless Aggregate Signature Scheme Designed for VANET

The Vehicular Ad-hoc Network (VANET) is the fundamental of smart transportation system in the future, but the security of the communication between vehicles and vehicles, between vehicles and roadside infrastructures have become increasingly prominent. Certificateless aggregate signature protocol is used to address this security issue, but the existing schemes still have many drawbacks in terms of security and efficiency: First, many schemes are not secure, and signatures can be forged by the attacker; Second, even if some scheme are secure, many schemes use a large number of bilinear pairing operation, and the computation overhead is large. At the same time, the length of the aggregated signature also increases linearly with the increase of user numbers, resulting in a large communication overhead. In order to overcome the above challenges, we propose a new certificateless aggregate signature scheme for VANET, and prove the security of the scheme under the random oracle model. The new scheme uses pseudonym to realize the conditional privacy protection of the vehicle’s information. The new scheme does not use bilinear pairing operation, and the calculation efficiency is high. At the same time, the length of the aggregate signature of the new scheme is constant, thereby greatly reducing the communication and storage overhead. The analysis results demonstrate that the new scheme is not only safer, but also superior in performance to the recent related schemes in computation overhead and communication cost.     

Generic constructions for universal designated-verifier signatures and identitybased signatures from standard signatures

The authors give a generic construction for universal (mutli) designated-verifier signature schemes from a large class of signature schemes, referred to as Class C. The resulting schemes are efficient and have two important properties. Firstly, they are provably DV-unforgeable, non-transferable and also non-delegatable. Secondly, the signer and the designated verifier can independently choose their cryptographic settings. The authors also propose a generic construction for (hierarchical) identity-based signature schemes from any signature scheme in C and prove that the construction is secure against adaptive chosen message and identity attacks. The authors discuss possible extensions of our constructions to identity-based ring signatures and identity-based designated-verifier signatures from any signature in C. Finally, the authors show that it is possible to combine the above constructions to obtain signatures with combined functionalities.     

Undeniable signature scheme based over group ring

D. Chaum and H. van Antwerpen first introduced the concept of an undeniable signature scheme where the verification step is verified with the signer’s co-operation. In this paper, first we discuss a combination of Discrete Logarithm Problem (DLP) and Conjugacy Search Problem (CSP) analysing its security. Then we propose an undeniable signature scheme in a non-abelian group over group ring whose security relies on difficulty of the combination of the DLP and the CSP. The complexity and security of our proposed scheme has also been discussed.     

SBOOSP for Massive Devices in 5G WSNs Using Conformable Chaotic Maps

The commercialization of the fifth-generation (5G) wireless network has begun. Massive devices are being integrated into 5G-enabled wireless sensor networks (5G WSNs) to deliver a variety of valuable services to network users. However, there are rising fears that 5G WSNs will expose sensitive user data to new security vulnerabilities. For secure end-to-end communication, key agreement and user authentication have been proposed. However, when billions of massive devices are networked to collect and analyze complex user data, more stringent security approaches are required. Data integrity, non-repudiation, and authentication necessitate special-purpose subtree-based signature mechanisms that are pretty difficult to create in practice. To address this issue, this work provides an efficient, provably secure, lightweight subtree-based online/offline signature procedure (SBOOSP) and its aggregation (Agg-SBOOSP) for massive devices in 5G WSNs using conformable chaotic maps. The SBOOSP enables multi-time offline storage access while reducing processing time. As a result, the signer can utilize the pre-stored offline information in polynomial time. This feature distinguishes our presented SBOOSP from previous online/offline-signing procedures that only allow for one signature. Furthermore, the new procedure supports a secret key during the pre-registration process, but no secret key is necessary during the offline stage. The suggested SBOOSP is secure in the logic of unforgeability on the chosen message attack in the random oracle. Additionally, SBOOSP and Agg-SBOOSP had the lowest computing costs compared to other contending schemes. Overall, the suggested SBOOSP outperforms several preliminary security schemes in terms of performance and computational overhead.     

改进的超椭圆曲线结构化多重盲签名

安全高效的多重盲签名方案在电子商务和电子现金系统有很多重要的应用.本文对已有的结构化多重签名方案进行了分析和改进,提出快速和高效的基于超椭圆曲线的结构化多重盲签名方案.我们将签名结构从二层扩展为三层,使有序和广播更好的结合,并给出各种情形下的具体算法.最后,比较和分析了改进方案的复杂度和安全性,与已有文献比较,改进方案的运算量减少了(3n+2)TH+(273.8n+32.2)TML.结果表明,改进方案具有运算量低,所需时间少,安全性高且易于实现等优点.     

Post-Quantum Blockchain over Lattice

Blockchain is an emerging decentralized architecture and distributed computing paradigm underlying Bitcoin and other cryptocurrencies, and has recently attracted intensive attention from governments, financial institutions, high-tech enterprises, and the capital markets. Its cryptographic security relies on asymmetric cryptography, such as ECC, RSA. However, with the surprising development of quantum technology, asymmetric cryptography schemes mentioned above would become vulnerable. Recently, lattice-based cryptography scheme was proposed to be secure against attacks in the quantum era. In 2018, with the aid of Bonsai Trees technology, Yin et al. [Yin, Wen, Li et al. (2018)] proposed a lattice-based authentication method which can extend a lattice space to multiple lattice spaces accompanied by the corresponding key. Although their scheme has theoretical significance, it is unpractical in actual situation due to extremely large key size and signature size. In this paper, aiming at tackling the critical issue of transaction size, we propose a post quantum blockchain over lattice. By using SampleMat and signature without trapdoor, we can reduce the key size and signature size of our transaction authentication approach by a significant amount. Instead of using a whole set of vectors as a basis, we can use only one vector and rotate it enough times to form a basis. Based on the hardness assumption of Short Integer Solution (SIS), we demonstrate that the proposed anti-quantum transaction authentication scheme over lattice provides existential unforgeability against adaptive chosen-message attacks in the random oracle. As compared to the Yin et al. [Yin, Wen, Li et al. (2018)] scheme, our scheme has better performance in terms of energy consumption, signature size and signing key size. As the underlying lattice problem is intractable even for quantum computers, our scheme would work well in the quantum age.     

Provably Secure APK Redevelopment Authorization Scheme in the Standard Model

The secure issues of APK are very important in Android applications. In order to solve potential secure problems and copyrights issues in redevelopment of APK files, in this paper we propose a new APK redevelopment mechanism (APK-SAN). By exploring sanitizable signature technology, APK-SAN allows the original developer to authorize specified modifier who can redevelop the designated source code of APK files. Our scheme does not require interactions between the developer and modifiers. It can reduce the communication overhead and computational overhead for developers. Especially, the signature of redeveloped APK files is valid and maintains the copyrights. The proposed APK-SAN signature can effectively protect the security of the redeveloped APK files and copyrights of the developer and modifier.     

Signature scheme based on the root extraction problem over braid groups

Several public key cryptosystems and authentication schemes based on the conjugator search and root extraction problems over braid groups have been proposed. However, security analysis showed that it is not necessary to solve the underlying conjugator search problem or the root extraction problem in order to break these public key cryptographic algorithms. Hence, these cryptographic primitives suffer from some security drawbacks. A digital signature scheme based on the root extraction problem over braid groups is proposed. It is proven that the only way for the attacker to forge a signature is to extract the eth root for a given braid in the braid group. It is also shown that given sufficiently many message-signature pairs, the attacker needs to solve an intractable problem, the group factorisation problem, in order to forge a signature. Furthermore, it is pointed out that the attacker cannot learn much useful information by reconstructing braid equations with respect to the public and secret keys. Performance analysis shows that the proposed signature scheme is efficient and practical, and the key sizes are acceptable. The computational overheads to sign a message and to verify a signature are only equivalent to several 1024-RSA modular multiplications.     

Performance of time‐stepping schemes for discrete models in fracture dynamic analysis

In this work we present a critical evaluation of different time integration schemes within the setting of non‐linear dynamic analysis of brittle fracture problem represented by a discrete model. The discrete model of this kind consists of Voronoi cells representing the grains of a heterogeneous structure, which are interconnected by cohesive forces modelled by beam‐like links capable of taking properly into account both brittle dynamic fracture and large displacement of a still connected pack of grains that might split from the structure. The brittle behaviour of cohesive links requires that the dynamic analysis of such a model be treated with care, and the best possible integration scheme be selected. Four different schemes are explored and compared in application to a dynamic traction test, including Newmark explicit and implicit schemes, HHT‐α scheme and energy‐decaying scheme. Copyright © 2005 John Wiley & Sons, Ltd.     

代理多重签名方案的密码分析与修改

对伊丽江等提出的的代理多重签名方案进行了详细的分析，指出该方案是不安全的，不能抵抗公钥替换攻击和合谋攻击，并给出了两个改进的代理多重签名方案。改进后的方案具有不可否认性，不使用安全信道，以及抵抗公钥替换攻击和合谋攻击等优点。