A New Anti-Quantum Proxy Blind Signature for Blockchain-Enabled Internet of Things

Blockchain technology has become a research hotspot in recent years with the prominent characteristics as public, distributed and decentration. And blockchain-enabled internet of things (BIoT) has a tendency to make a revolutionary change for the internet of things (IoT) which requires distributed trustless consensus. However, the scalability and security issues become particularly important with the dramatically increasing number of IoT devices. Especially, with the development of quantum computing, many extant cryptographic algorithms applied in blockchain or BIoT systems are vulnerable to the quantum attacks. In this paper, an anti-quantum proxy blind signature scheme based on the lattice cryptography has been proposed, which can provide user anonymity and untraceability in the distributed applications of BIoT. Then, the security proof of the proposed scheme can derive that it is secure in random oracle model, and the efficiency analysis can indicate it is efficient than other similar literatures.     

Code-based Sequential Aggregate Signature Scheme

This paper proposes the first code-based quantum immune sequential aggregate signature (SAS) scheme and proves the security of the proposed scheme in the random oracle model. Aggregate signature (AS) schemes and sequential aggregate signature schemes allow a group of potential signers to sign different messages respectively, and all the signatures of those users on those messages can be aggregated into a single signature such that the size of the aggregate signature is much smaller than the total size of all individual signatures. Because of the aggregation of many signatures into a single short signature, AS and SAS schemes can reduce bandwidth and save storage; moreover, when a SAS is verified, not only the valid but also the order in which each signer signed can be verified. AS and SAS schemes can be applied to traffic control, banking transaction and military applications. Most of the existing AS and SAS schemes are based either on pairing or Rivest–Shamir–Adleman (RSA), and hence, can be broken by Shor’s quantum algorithm for Integer Factoring Problem (IFP) and Discrete Logarithm Problem (DLP). There are no quantum algorithms to solve syndrome decoding problems. Hence, code-based cryptography is seen as one of the promising candidates for post-quantum cryptography. This paper shows how to construct quantum immune sequential aggregate signatures based on coding theory. Specifically, we construct our scheme with the first code based signature scheme proposed by Courtois, Finiasz and Sendrier (CFS). Compared to the CFS signature scheme without aggregation, the proposed sequential aggregate signature scheme can save about 90% storage when the number of signers is asymptotically large.     

A multivariate based threshold ring signature scheme

In Sakumoto et al. (CRYPTO 2011, LNCS, vol 6841. Springer, Berlin, pp 706–723, 2011), presented a new multivariate identification scheme, whose security is based solely on the MQ-Problem of solving systems of quadratic equations over finite fields. In this paper we extend this scheme to a threshold ring identification and signature scheme. Our scheme is the first multivariate scheme of this type and generally one of the first multivariate signature schemes with special properties. Despite of the fact that we need more rounds to achieve given levels of security, the signatures are at least twice shorter than those obtained by other post-quantum (e.g. code based) constructions. Furthermore, our scheme offers provable security, which is quite a rare fact in multivariate cryptography.     

Quantum Homomorphic Signature with Repeatable Verification

In January 2015, the first quantum homomorphic signature scheme was proposed creatively. However, only one verifier is allowed to verify a signature once in this scheme. In order to support repeatable verification for general scenario, we propose a new quantum homomorphic signature scheme with repeatable verification by introducing serial verification model and parallel verification model. Serial verification model solves the problem of signature verification by combining key distribution and Bell measurement. Parallel verification model solves the problem of signature duplication by logically treating one particle of an EPR pair as a quantum signature and physically preparing a new EPR pair. These models will be beneficial to the signature verification of general scenarios. Scheme analysis shows that both intermediate verifiers and terminal verifiers can successfully verify signatures in the same operation with fewer resource consumption, and especially the verified signature in entangled states can be used repeatedly.     

Quantum pseudosignatures

A pseudosignature is a piece of evidence with which the receiver of a message can prove to other players the identity of the originator of that message. In contrast to a signature a pseudosignature has a restricted transferability. This paper presents the first quantum pseudosignature scheme where the resulting pseudosignature and the verification procedures are classical. Therefore no long-term quantum storage is needed for this scheme. It is proved that quantum pseudosignature schemes can be more resilient than any classical pseudosignature scheme: only collusion involving the signer can abort the proposed pseudosignature scheme, but then it becomes obvious that the signer must be cheating.     

Post-Quantum Blockchain over Lattice

Blockchain is an emerging decentralized architecture and distributed computing paradigm underlying Bitcoin and other cryptocurrencies, and has recently attracted intensive attention from governments, financial institutions, high-tech enterprises, and the capital markets. Its cryptographic security relies on asymmetric cryptography, such as ECC, RSA. However, with the surprising development of quantum technology, asymmetric cryptography schemes mentioned above would become vulnerable. Recently, lattice-based cryptography scheme was proposed to be secure against attacks in the quantum era. In 2018, with the aid of Bonsai Trees technology, Yin et al. [Yin, Wen, Li et al. (2018)] proposed a lattice-based authentication method which can extend a lattice space to multiple lattice spaces accompanied by the corresponding key. Although their scheme has theoretical significance, it is unpractical in actual situation due to extremely large key size and signature size. In this paper, aiming at tackling the critical issue of transaction size, we propose a post quantum blockchain over lattice. By using SampleMat and signature without trapdoor, we can reduce the key size and signature size of our transaction authentication approach by a significant amount. Instead of using a whole set of vectors as a basis, we can use only one vector and rotate it enough times to form a basis. Based on the hardness assumption of Short Integer Solution (SIS), we demonstrate that the proposed anti-quantum transaction authentication scheme over lattice provides existential unforgeability against adaptive chosen-message attacks in the random oracle. As compared to the Yin et al. [Yin, Wen, Li et al. (2018)] scheme, our scheme has better performance in terms of energy consumption, signature size and signing key size. As the underlying lattice problem is intractable even for quantum computers, our scheme would work well in the quantum age.     

Quantum Remote State Preparation Based on Quantum Network Coding

As an innovative theory and technology, quantum network coding has become the research hotspot in quantum network communications. In this paper, a quantum remote state preparation scheme based on quantum network coding is proposed. Comparing with the general quantum remote state preparation schemes, our proposed scheme brings an arbitrary unknown quantum state finally prepared remotely through the quantum network, by designing the appropriate encoding and decoding steps for quantum network coding. What is worth mentioning, from the network model, this scheme is built on the quantum k-pair network which is the expansion of the typical bottleneck network—butterfly network. Accordingly, it can be treated as an efficient quantum network preparation scheme due to the characteristics of network coding, and it also makes the proposed scheme more applicable to the large-scale quantum networks. In addition, the fact of an arbitrary unknown quantum state remotely prepared means that the senders do not need to know the desired quantum state. Thus, the security of the proposed scheme is higher. Moreover, this scheme can always achieve the success probability of 1 and 1-max flow of value k. Thus, the communication efficiency of the proposed scheme is higher. Therefore, the proposed scheme turns out to be practicable, secure and efficient, which helps to effectively enrich the theory of quantum remote state preparation.     

An Advanced Quantum-Resistant Signature Scheme for Cloud Based on Eisenstein Ring

Signature, widely used in cloud environment, describes the work as readily identifying its creator. The existing signature schemes in the literature mostly rely on the Hardness assumption which can be easily solved by quantum algorithm. In this paper, we proposed an advanced quantum-resistant signature scheme for Cloud based on Eisenstein Ring (ETRUS) which ensures our signature scheme proceed in a lattice with higher density. We proved that ETRUS highly improve the performance of traditional lattice signature schemes. Moreover, the Norm of polynomials decreases significantly in ETRUS which can effectively reduce the amount of polynomials convolution calculation. Furthermore, storage complexity of ETRUS is smaller than classical ones. Finally, according to all convolution of ETRUS enjoy lower degree polynomials, our scheme appropriately accelerate 56.37% speed without reducing its security level.     

Two-tier signatures from the Fiat?Shamir transform, with applications to strongly unforgeable and one-time signatures

The authors show how the Fiat-Shamir transform can be used to convert three-move identification protocols into two-tier signature schemes (a primitive that they define) with a proof of security that makes a standard assumption on the hash function rather than modelling it as a random oracle. The result requires security of the starting protocol against concurrent attacks. It is also shown that numerous protocols have the required properties, and thus numerous efficient two-tier schemes are obtained. The first application is an efficient transform of any unforgeable signature scheme into a strongly unforgeable one. (This extends the work of Boneh, Shen and Waters whose transform only applies to a limited class of schemes.) The second application is the new one-time signature schemes that, compared with the one-way function-based ones of the same computational cost, have smaller key and signature sizes.     

Trusted virtual machine monitor-based group signature architecture

Group communication is an important technique for many network computing applications. In group communication, a member in a group sends a message to others normally by multicast. Group signature guarantees the integrity of the exchanged data and provides source authentication. In a virtual machine (VMs) based computing system, a virtual machine monitor (VMM) allows applications to run in different VMs strongly isolated from each other. A trusted VMM (TVMM) based platform can provide stronger security protection for group signature systems than traditional computing platforms can. The authors first introduce a TVMM-based group signature architecture and a TVMM security protection mechanism for group signature components. Then, the authors propose a group signature scheme using the function of message checking based on the discrete logarithm problem. Finally, the authors prove the correctness of the group signature scheme and analyse its security in virtual computing environments.     

New Collective Signatures Based on the Elliptic Curve Discrete Logarithm Problem

There have been many digital signature schemes were developed based on the discrete logarithm problem on a finite field. In this study, we use the elliptic curve discrete logarithm problem to build new collective signature schemes. The cryptosystem on elliptic curve allows to generate digital signatures with the same level of security as other cryptosystems but with smaller keys. To extend practical applicability and enhance the security level of the group signature protocols, we propose two new types of collective digital signature schemes based on the discrete logarithm problem on the elliptic curve: i) the collective digital signature scheme shared by several signing groups and ii) the collective digital signature scheme shared by several signing groups and several individual signers. These two new types of collective signatures have combined the advantages of group digital signatures and collective digital signatures. These signatures have a fixed size and do not depend on the number of members participating in the creation of the final collective signature. One of the advantages of the proposed collective signature protocols is that they can be deployed on top of the available public key infrastructures.     

Signature scheme based on the root extraction problem over braid groups

Several public key cryptosystems and authentication schemes based on the conjugator search and root extraction problems over braid groups have been proposed. However, security analysis showed that it is not necessary to solve the underlying conjugator search problem or the root extraction problem in order to break these public key cryptographic algorithms. Hence, these cryptographic primitives suffer from some security drawbacks. A digital signature scheme based on the root extraction problem over braid groups is proposed. It is proven that the only way for the attacker to forge a signature is to extract the eth root for a given braid in the braid group. It is also shown that given sufficiently many message-signature pairs, the attacker needs to solve an intractable problem, the group factorisation problem, in order to forge a signature. Furthermore, it is pointed out that the attacker cannot learn much useful information by reconstructing braid equations with respect to the public and secret keys. Performance analysis shows that the proposed signature scheme is efficient and practical, and the key sizes are acceptable. The computational overheads to sign a message and to verify a signature are only equivalent to several 1024-RSA modular multiplications.     

A Fair Blind Signature Scheme to Revoke Malicious Vehicles in VANETs

With the rapid development of IoT (Internet of Things), VANETs (Vehicular Ad-Hoc Networks) have become an attractive ad-hoc network that brings convenience into people’s lives. Vehicles can be informed of the position, direction, speed and other real-time information of nearby vehicles to avoid traffic jams and accidents. However, VANET environments could be dangerous in the absence of security protection. Because of the openness and self-organization of VANETs, there are plenty of malicious pathways. To guarantee vehicle security, the research aims to provide an effective VANET security mechanism that can track malicious vehicles as necessary. Therefore, this work focuses on malicious vehicles and proposes an anonymous authentication scheme in VANETs based on the fair blind signature to protect vehicle security.     

A robust and secure watermarking scheme based on singular values replacement

Digital watermarking is an application associated with copyright protection. Any digital object can be used as a carrier to carry information. If the information is related to object then it is known as a watermark which can be visible or invisible. In the era of digital information, there are multiple danger zones like copyright and integrity violations, of digital object. In case of any dispute during rights violation, content creator can prove ownership by recovering the watermark. Two most important prerequisites for an efficient watermarking scheme are robustness and security. Watermark must be robust and recoverable even if a part of content is altered by one or more attacks like compression, filtering, geometric distortions, resizing, etc. In this work, we propose a blind watermarking scheme based on the discrete wavelet transform (DWT) and singular value decomposition (SVD). Singular values (SV??s) of high frequency (HH) band are used to optimize perceptual transparency and robustness constraints. Although most of the SVD-based schemes prove to be robust, little attention has been paid to their security aspect. Therefore, we introduce a signature-based authentication mechanism at the decoder to improve security. Resulting blind watermarking scheme is secure and robust.     

Lattice-Based Searchable Encryption Scheme against Inside Keywords Guessing Attack

To save the local storage, users store the data on the cloud server who offers convenient internet services. To guarantee the data privacy, users encrypt the data before uploading them into the cloud server. Since encryption can reduce the data availability, public-key encryption with keyword search (PEKS) is developed to achieve the retrieval of the encrypted data without decrypting them. However, most PEKS schemes cannot resist quantum computing attack, because the corresponding hardness assumptions are some number theory problems that can be solved efficiently under quantum computers. Besides, the traditional PEKS schemes have an inherent security issue that they cannot resist inside keywords guessing attack (KGA). In this attack, a malicious server can guess the keywords encapsulated in the search token by computing the ciphertext of keywords exhaustively and performing the test between the token and the ciphertext of keywords. In the paper, we propose a lattice-based PEKS scheme that can resist quantum computing attacks. To resist inside KGA, this scheme adopts a lattice-based signature technique into the encryption of keywords to prevent the malicious server from forging a valid ciphertext. Finally, some simulation experiments are conducted to demonstrate the performance of the proposed scheme and some comparison results are further shown with respect to other searchable schemes.     

EIAS: An Efficient Identity-Based Aggregate Signature Scheme for WSNs Against Coalition Attack

Wireless sensor networks (WSNs) are the major contributors to big data acquisition. The authenticity and integrity of the data are two most important basic requirements for various services based on big data. Data aggregation is a promising method to decrease operation cost for resource-constrained WSNs. However, the process of data acquisitions in WSNs are in open environments, data aggregation is vulnerable to more special security attacks with hiding feature and subjective fraudulence, such as coalition attack. Aimed to provide data authenticity and integrity protection for WSNs, an efficient and secure identity-based aggregate signature scheme (EIAS) is proposed in this paper. Rigorous security proof shows that our proposed scheme can be secure against all kinds of attacks. The performance comparisons shows EIAS has clear advantages in term of computation cost and communication cost when compared with similar data aggregation scheme for WSNs.     

An Efficient Certificateless Aggregate Signature Scheme Designed for VANET

The Vehicular Ad-hoc Network (VANET) is the fundamental of smart transportation system in the future, but the security of the communication between vehicles and vehicles, between vehicles and roadside infrastructures have become increasingly prominent. Certificateless aggregate signature protocol is used to address this security issue, but the existing schemes still have many drawbacks in terms of security and efficiency: First, many schemes are not secure, and signatures can be forged by the attacker; Second, even if some scheme are secure, many schemes use a large number of bilinear pairing operation, and the computation overhead is large. At the same time, the length of the aggregated signature also increases linearly with the increase of user numbers, resulting in a large communication overhead. In order to overcome the above challenges, we propose a new certificateless aggregate signature scheme for VANET, and prove the security of the scheme under the random oracle model. The new scheme uses pseudonym to realize the conditional privacy protection of the vehicle’s information. The new scheme does not use bilinear pairing operation, and the calculation efficiency is high. At the same time, the length of the aggregate signature of the new scheme is constant, thereby greatly reducing the communication and storage overhead. The analysis results demonstrate that the new scheme is not only safer, but also superior in performance to the recent related schemes in computation overhead and communication cost.     

Continuous-Variable Quantum Network Coding Based on Quantum Discord

Establishing entanglement is an essential task of quantum communication technology. Beyond entanglement, quantum discord, as a measure of quantum correlation, is a necessary prerequisite to the success of entanglement distribution. To realize efficient quantum communication based on quantum discord, in this paper, we consider the practical advantages of continuous variables and propose a feasible continuous-variable quantum network coding scheme based on quantum discord. By means of entanglement distribution by separable states, it can achieve quantum entanglement distribution from sources to targets in a butterfly network. Compared with the representative discrete-variable quantum network coding schemes, the proposed continuous-variable quantum network coding scheme has a higher probability of entanglement distribution and defends against eavesdropping and forgery attacks. Particularly, the deduced relationship indicates that the increase in entanglement is less than or equal to quantum discord.     

改进的超椭圆曲线结构化多重盲签名

安全高效的多重盲签名方案在电子商务和电子现金系统有很多重要的应用.本文对已有的结构化多重签名方案进行了分析和改进,提出快速和高效的基于超椭圆曲线的结构化多重盲签名方案.我们将签名结构从二层扩展为三层,使有序和广播更好的结合,并给出各种情形下的具体算法.最后,比较和分析了改进方案的复杂度和安全性,与已有文献比较,改进方案的运算量减少了(3n+2)TH+(273.8n+32.2)TML.结果表明,改进方案具有运算量低,所需时间少,安全性高且易于实现等优点.     

Message Authentication with a New Quantum Hash Function

To ensure the security during the communication, we often adopt different ways to encrypt the messages to resist various attacks. However, with the computing power improving, the existing encryption and authentication schemes are being faced with big challenges. We take the message authentication as an example into a careful consideration. Then, we proposed a new message authentication scheme with the Advanced Encryption Standard as the encryption function and the new quantum Hash function as the authentication function. Firstly, the Advanced Encryption Standard algorithm is used to encrypt the result of the initial message cascading the corresponding Hash values, which ensures that the initial message can resist eavesdropping attack. Secondly, utilizing the new quantum Hash function with quantum walks can be much more secure than traditional classical Hash functions with keeping the common properties, such as one-wayness, resisting different collisions and easy implementation. Based on these two points, the message authentication scheme can be much more secure than previous ones. Finally, it is a new way to design the message authentication scheme, which provides a new thought for other researchers in the future. Our works will contribute to the study on the new encryption and authentication functions and the combination of quantum computing with traditional cryptology in the future.