New Collective Signatures Based on the Elliptic Curve Discrete Logarithm Problem

There have been many digital signature schemes were developed based on the discrete logarithm problem on a finite field. In this study, we use the elliptic curve discrete logarithm problem to build new collective signature schemes. The cryptosystem on elliptic curve allows to generate digital signatures with the same level of security as other cryptosystems but with smaller keys. To extend practical applicability and enhance the security level of the group signature protocols, we propose two new types of collective digital signature schemes based on the discrete logarithm problem on the elliptic curve: i) the collective digital signature scheme shared by several signing groups and ii) the collective digital signature scheme shared by several signing groups and several individual signers. These two new types of collective signatures have combined the advantages of group digital signatures and collective digital signatures. These signatures have a fixed size and do not depend on the number of members participating in the creation of the final collective signature. One of the advantages of the proposed collective signature protocols is that they can be deployed on top of the available public key infrastructures.     

New Representative Collective Signatures Based on the Discrete Logarithm Problem

The representative collective digital signature scheme allows the creation of a unique collective signature on document M that represents an entire signing community consisting of many individual signers and many different signing groups, each signing group is represented by a group leader. On document M, a collective signature can be created using the representative digital signature scheme that represents an entire community consisting of individual signers and signing groups, each of which is represented by a group leader. The characteristic of this type of letter is that it consists of three elements (U, E, S), one of which (U) is used to store the information of all the signers who participated in the formation of the collective signature on document M. While storing this information is necessary to identify the signer and resolve disputes later, it greatly increases the size of signatures. This is considered a limitation of the collective signature representing 3 elements. In this paper, we propose and build a new type of collective signature, a collective signature representing 2 elements (E, S). In this case, the signature has been reduced in size, but it contains all the information needed to identify the signer and resolve disputes if necessary. To construct the approved group signature scheme, which is the basic scheme for the proposed representative collective signature schemes, we use the discrete logarithm problem on the prime finite field. At the end of this paper, we present the security analysis of the AGDS scheme and a performance evaluation of the proposed collective signature schemes.     

一种基于自验证公钥的门限代理签名方案的安全性分析

Xue和Cao提出了一种基于自验证公钥的门限代理签名方案,然而,该方案是不安全的。给出了对该方案一种攻击：攻击者获得一个合法的原始签名人发送给代理签名人的签名了的授权证书以及代理签名人生成的一个有效的代理签名后,能够伪造出一个新的对相同消息的代理签名,而原始签名人变为攻击者自己,由于验证者并不能验证代理签名人到底是代表谁生成了代理签名,这样,攻击者就获得了与合法原始签名人相同的权益。特别地,代理签名人代表原始签名人生成的门限代理签名可以被转化为普通的门限签名。分析了该方案存在安全漏洞的原因并提出了改进措施,改进措施能有效地弥补原方案存在的安全缺陷。     

Extending RSA cryptosystems to proxy multi‐signature scheme allowing parallel individual signing operation

Abstract

Even though there have been many research studies on proxy signature schemes, only Shao's proxy multi‐signature scheme is based on the factoring problem (FAC). Unfortunately, Shao's scheme requires sequential signing operations and strict order of the modulus. It is not practical and not efficient. We, therefore, based on RSA cryptosystems, propose new proxy‐protected mono‐signature and proxy‐protected multi‐signature schemes. In contrast to their counterparts, our scheme allows parallel signing operations and also improves the signers’ computational performance.     

An Efficient Certificateless Aggregate Signature Scheme Designed for VANET

The Vehicular Ad-hoc Network (VANET) is the fundamental of smart transportation system in the future, but the security of the communication between vehicles and vehicles, between vehicles and roadside infrastructures have become increasingly prominent. Certificateless aggregate signature protocol is used to address this security issue, but the existing schemes still have many drawbacks in terms of security and efficiency: First, many schemes are not secure, and signatures can be forged by the attacker; Second, even if some scheme are secure, many schemes use a large number of bilinear pairing operation, and the computation overhead is large. At the same time, the length of the aggregated signature also increases linearly with the increase of user numbers, resulting in a large communication overhead. In order to overcome the above challenges, we propose a new certificateless aggregate signature scheme for VANET, and prove the security of the scheme under the random oracle model. The new scheme uses pseudonym to realize the conditional privacy protection of the vehicle’s information. The new scheme does not use bilinear pairing operation, and the calculation efficiency is high. At the same time, the length of the aggregate signature of the new scheme is constant, thereby greatly reducing the communication and storage overhead. The analysis results demonstrate that the new scheme is not only safer, but also superior in performance to the recent related schemes in computation overhead and communication cost.     

Post-Quantum Blockchain over Lattice

Blockchain is an emerging decentralized architecture and distributed computing paradigm underlying Bitcoin and other cryptocurrencies, and has recently attracted intensive attention from governments, financial institutions, high-tech enterprises, and the capital markets. Its cryptographic security relies on asymmetric cryptography, such as ECC, RSA. However, with the surprising development of quantum technology, asymmetric cryptography schemes mentioned above would become vulnerable. Recently, lattice-based cryptography scheme was proposed to be secure against attacks in the quantum era. In 2018, with the aid of Bonsai Trees technology, Yin et al. [Yin, Wen, Li et al. (2018)] proposed a lattice-based authentication method which can extend a lattice space to multiple lattice spaces accompanied by the corresponding key. Although their scheme has theoretical significance, it is unpractical in actual situation due to extremely large key size and signature size. In this paper, aiming at tackling the critical issue of transaction size, we propose a post quantum blockchain over lattice. By using SampleMat and signature without trapdoor, we can reduce the key size and signature size of our transaction authentication approach by a significant amount. Instead of using a whole set of vectors as a basis, we can use only one vector and rotate it enough times to form a basis. Based on the hardness assumption of Short Integer Solution (SIS), we demonstrate that the proposed anti-quantum transaction authentication scheme over lattice provides existential unforgeability against adaptive chosen-message attacks in the random oracle. As compared to the Yin et al. [Yin, Wen, Li et al. (2018)] scheme, our scheme has better performance in terms of energy consumption, signature size and signing key size. As the underlying lattice problem is intractable even for quantum computers, our scheme would work well in the quantum age.     

Quantum Homomorphic Signature with Repeatable Verification

In January 2015, the first quantum homomorphic signature scheme was proposed creatively. However, only one verifier is allowed to verify a signature once in this scheme. In order to support repeatable verification for general scenario, we propose a new quantum homomorphic signature scheme with repeatable verification by introducing serial verification model and parallel verification model. Serial verification model solves the problem of signature verification by combining key distribution and Bell measurement. Parallel verification model solves the problem of signature duplication by logically treating one particle of an EPR pair as a quantum signature and physically preparing a new EPR pair. These models will be beneficial to the signature verification of general scenarios. Scheme analysis shows that both intermediate verifiers and terminal verifiers can successfully verify signatures in the same operation with fewer resource consumption, and especially the verified signature in entangled states can be used repeatedly.     

A New Anti-Quantum Proxy Blind Signature for Blockchain-Enabled Internet of Things

Blockchain technology has become a research hotspot in recent years with the prominent characteristics as public, distributed and decentration. And blockchain-enabled internet of things (BIoT) has a tendency to make a revolutionary change for the internet of things (IoT) which requires distributed trustless consensus. However, the scalability and security issues become particularly important with the dramatically increasing number of IoT devices. Especially, with the development of quantum computing, many extant cryptographic algorithms applied in blockchain or BIoT systems are vulnerable to the quantum attacks. In this paper, an anti-quantum proxy blind signature scheme based on the lattice cryptography has been proposed, which can provide user anonymity and untraceability in the distributed applications of BIoT. Then, the security proof of the proposed scheme can derive that it is secure in random oracle model, and the efficiency analysis can indicate it is efficient than other similar literatures.     

EIAS: An Efficient Identity-Based Aggregate Signature Scheme for WSNs Against Coalition Attack

Wireless sensor networks (WSNs) are the major contributors to big data acquisition. The authenticity and integrity of the data are two most important basic requirements for various services based on big data. Data aggregation is a promising method to decrease operation cost for resource-constrained WSNs. However, the process of data acquisitions in WSNs are in open environments, data aggregation is vulnerable to more special security attacks with hiding feature and subjective fraudulence, such as coalition attack. Aimed to provide data authenticity and integrity protection for WSNs, an efficient and secure identity-based aggregate signature scheme (EIAS) is proposed in this paper. Rigorous security proof shows that our proposed scheme can be secure against all kinds of attacks. The performance comparisons shows EIAS has clear advantages in term of computation cost and communication cost when compared with similar data aggregation scheme for WSNs.     

An Efficient and Practical Quantum Blind Signature Protocol with Relaxed Security Model

Blind signature has a wide range of applications in the fields of E-commerce and block-chain because it can effectively prevent the blind signer from getting the original message with its blindness. Owing to the potential unconditional security, quantum blind signature (QBS) is more advantageous than the classical ones. In this paper, an efficient and practical quantum blind signature scheme relaxed security model is presented, where quantum superposition, decoy qubits and hash function are used for the purpose of blindness. Compared with previous QBS scheme, the presented scheme is more efficient and practical with a relaxed security model, in which the signer’s dishonest behavior can be detected other than being prevented as in other QBS schemes.     

A Trust Value Sharing Scheme in Heterogeneous Identity Federation Topologies

Recent developments in heterogeneous identity federation systems have heightened the need for the related trust management system. The trust management system evaluates, manages, and shares users’ trust values. The service provider (SP) members of the federation system rely on users’ trust values to determine which type and quality of service will be provided to the users. While identity federation systems have the potential to help federated users save time and energy and improve service experience, the benefits also come with significant privacy risks. So far, there has been little discussion about the privacy protection of users in heterogeneous identity federation systems. In this paper, we propose a trust value sharing scheme based on a proxy ring signature for the trust management system in heterogeneous identity federation topologies. The ring signature schemes can ensure the validity of the data and hide the original signer, thereby protecting privacy. Moreover, no group manager participating in the ring signature, which naturally matches with our decentralized heterogeneous identity federation topologies. The proxy signature can reduce the workload of the private key owner. The proposed scheme shortens the calculation time for verifying the signature and then reduces the overall time consumption in the process of trust sharing. Our studies prove that the proposed scheme is privacy-preserving, efficient, and effective.     

Lattice-Based Searchable Encryption Scheme against Inside Keywords Guessing Attack

To save the local storage, users store the data on the cloud server who offers convenient internet services. To guarantee the data privacy, users encrypt the data before uploading them into the cloud server. Since encryption can reduce the data availability, public-key encryption with keyword search (PEKS) is developed to achieve the retrieval of the encrypted data without decrypting them. However, most PEKS schemes cannot resist quantum computing attack, because the corresponding hardness assumptions are some number theory problems that can be solved efficiently under quantum computers. Besides, the traditional PEKS schemes have an inherent security issue that they cannot resist inside keywords guessing attack (KGA). In this attack, a malicious server can guess the keywords encapsulated in the search token by computing the ciphertext of keywords exhaustively and performing the test between the token and the ciphertext of keywords. In the paper, we propose a lattice-based PEKS scheme that can resist quantum computing attacks. To resist inside KGA, this scheme adopts a lattice-based signature technique into the encryption of keywords to prevent the malicious server from forging a valid ciphertext. Finally, some simulation experiments are conducted to demonstrate the performance of the proposed scheme and some comparison results are further shown with respect to other searchable schemes.     

A multivariate based threshold ring signature scheme

In Sakumoto et al. (CRYPTO 2011, LNCS, vol 6841. Springer, Berlin, pp 706–723, 2011), presented a new multivariate identification scheme, whose security is based solely on the MQ-Problem of solving systems of quadratic equations over finite fields. In this paper we extend this scheme to a threshold ring identification and signature scheme. Our scheme is the first multivariate scheme of this type and generally one of the first multivariate signature schemes with special properties. Despite of the fact that we need more rounds to achieve given levels of security, the signatures are at least twice shorter than those obtained by other post-quantum (e.g. code based) constructions. Furthermore, our scheme offers provable security, which is quite a rare fact in multivariate cryptography.     

An encryption/signature scheme with low message expansion

Abstract

Secrecy, authenticity and integrity are three major services provided by the public key cryptography. To provide these three services via the ElGamal public key cryptosystem and Signature scheme, the message expanding ratio is four and the overhead of communication is heavy. In this paper, a concurrent encryption/signature scheme will be proposed to provide these three services with a lower message expanding ratio. In the new scheme, the signer can encrypt and sign the message concurrently so the signature that serves as the ciphertext is a pair of integers. Thus the message expanding ratio can be decreased to two.     

Generic constructions for universal designated-verifier signatures and identitybased signatures from standard signatures

The authors give a generic construction for universal (mutli) designated-verifier signature schemes from a large class of signature schemes, referred to as Class C. The resulting schemes are efficient and have two important properties. Firstly, they are provably DV-unforgeable, non-transferable and also non-delegatable. Secondly, the signer and the designated verifier can independently choose their cryptographic settings. The authors also propose a generic construction for (hierarchical) identity-based signature schemes from any signature scheme in C and prove that the construction is secure against adaptive chosen message and identity attacks. The authors discuss possible extensions of our constructions to identity-based ring signatures and identity-based designated-verifier signatures from any signature in C. Finally, the authors show that it is possible to combine the above constructions to obtain signatures with combined functionalities.     

An Advanced Quantum-Resistant Signature Scheme for Cloud Based on Eisenstein Ring

Signature, widely used in cloud environment, describes the work as readily identifying its creator. The existing signature schemes in the literature mostly rely on the Hardness assumption which can be easily solved by quantum algorithm. In this paper, we proposed an advanced quantum-resistant signature scheme for Cloud based on Eisenstein Ring (ETRUS) which ensures our signature scheme proceed in a lattice with higher density. We proved that ETRUS highly improve the performance of traditional lattice signature schemes. Moreover, the Norm of polynomials decreases significantly in ETRUS which can effectively reduce the amount of polynomials convolution calculation. Furthermore, storage complexity of ETRUS is smaller than classical ones. Finally, according to all convolution of ETRUS enjoy lower degree polynomials, our scheme appropriately accelerate 56.37% speed without reducing its security level.     

Quantum Electronic Contract Scheme Based on Single Photon

An electronic contract is a contract signed by electronic means, which is widely used in electronic commerce activities. In recent years, with the rapid development of quantum cryptography technology, the quantum electronic contract has been widely studied by researchers. Supported by the basic principles of quantum mechanics, a quantum electronic contract scheme based on the single photon is proposed in this paper. In this scheme, two copies of the same contract are signed by both parties involved, and then a copy of each contract is sent to a trusted third party. The trusted third party verifies the signatures of both parties and compares the signed copies to determine whether the contract is valid. Compared with the previous scheme, this scheme is based on the quantum electronic contract signed by the single photon. Because the single photon is easy to prepare and operate, this scheme is simple and easy to implement. At the same time, the scheme does not need to exchange signatures between the two parties, which reduces the complexity of communication. Nevertheless, it requires both parties and the third party to be honest and trustworthy.     

Quantum pseudosignatures

A pseudosignature is a piece of evidence with which the receiver of a message can prove to other players the identity of the originator of that message. In contrast to a signature a pseudosignature has a restricted transferability. This paper presents the first quantum pseudosignature scheme where the resulting pseudosignature and the verification procedures are classical. Therefore no long-term quantum storage is needed for this scheme. It is proved that quantum pseudosignature schemes can be more resilient than any classical pseudosignature scheme: only collusion involving the signer can abort the proposed pseudosignature scheme, but then it becomes obvious that the signer must be cheating.     

Greyscale image encoding and watermarking based on optical asymmetric cryptography and variational image decomposition

In this paper, a novel greyscale image encoding and a watermarking scheme based on optical asymmetric cryptography and variational image decomposition (VID) are proposed. In this proposed scheme, the greyscale watermark is encoded into a noise-like pattern by the phase-truncated Fresnel transform (PT-FrT)-based optical asymmetric cryptography. The greyscale host image is decomposed into its cartoon part and texture part by the VID technique. After that, the encoded watermark is embedded into the host image’s texture part by a discrete wavelet transform (DWT) based fusion approach. The proposed scheme can achieve a better watermark invisibility and a higher robustness by embedding the watermark into the host image’s texture part. Additionally, the proposed scheme can achieve a high security, because the PT-FrT-based optical asymmetric cryptography can resist some common cryptographic attacks. The feasibility, robustness and security of the proposed scheme have been demonstrated by extensive experiments and comparison with other relevant image encoding and watermarking schemes.     

SRM 2460/2461 Standard Bullets and Casings Project

The National Institute of Standards and Technology Standard Reference Material (SRM) 2460/2461 standard bullets and casings project will provide support to firearms examiners and to the National Integrated Ballistics Information Network (NIBIN) in the United States. The SRM bullet is designed as both a virtual and a physical bullet profile signature standard. The virtual standard is a set of six digitized bullet profile signatures originally traced from six master bullets fired at the Bureau of Alcohol, Tobacco and Firearms (ATF) and the Federal Bureau of Investigation (FBI). By using the virtual signature standard to control the tool path on a numerically controlled diamond turning machine, 40 SRM bullets were produced. A profile signature measurement system was established for the SRM bullets. The profile signature differences are quantified by the maximum of the cross correlation function and by the signature difference between pairs of compared profile signatures measured on different SRM bullets. Initial measurement results showed high reproducibility for both the measurement system and production process of the SRM bullets. A traceability scheme has been proposed to establish the measurement traceability for nationwide bullet signature measurements to NIST, ATF and FBI. Prototype SRM casings have also been developed.