14 research outputs found
Certificate Based Scheme and Expedite Message Authentication Protocol for Vehicular Ad Hoc Networks
VANET security is major issue for researcher. Thus Ad-Hoc Networks embrace the Public Key Infrastructure (PKI) and Certificate Revocation Lists (CRLs) for their security purpose. EMAP was presented to overcome the problem of the long delay incurred in checking the revocation status of a certificate using a CRL. From the experimental analysis it was observed that it is resistant to common attacks while performing the authentication techniques. Therefore, EMAP can significantly decrease the message-loss ratio due to message verification delay as compared to the conventional authentication methods employing CRL checking. Thus to further address these issues along with EMAP protocol, new EMAP method is presented called as CEMAP (certificate based EMAP) which is intended to overcome the authentication delay in message processing by reducing the complexity in Authentication process. CEMAP authentication protocol is constructed based on the combination of the new signature scheme and EMAP. The proposed algorithm reduces the delay by 10% than EMAP.
DOI: 10.17762/ijritcc2321-8169.15023
An Efficient Certificate-Based Designated Verifier Signature Scheme
Certificate-based public key cryptography not only solves certificate revocation problem in traditional PKI but also overcomes key escrow problem inherent in identity-based cryptosystems. This new primitive has become an attractive cryptographic paradigm. In this paper, we propose the notion and the security model of certificate-based designated verifier signatures (CBDVS). We provide the first construction of CBDVS and prove that our scheme is existentially unforgeable against adaptive chosen message attacks in the random oracle model. Our scheme only needs two pairing operations, and the signature is only one element in the bilinear group G1. To the best of our knowledge, our scheme enjoys shortest signature length with less operation cost
Is it possible to have CBE from CL-PKE?
Recently, Al-Riyami and Paterson proposed a generic conversion from
CL-PKE (Certificateless Public Key Encryption) to CBE (Certificate
Based Encryption) and claimed that the derived CBE scheme is secure
and even more efficient than the original scheme of Gentry. In this
paper, we show that their conversion is wrong due to the flaw of the
security proof. It leads the new concrete CBE scheme by Al-Riyami
and Paterson to be invalidated. In addition, our result supports the
impossibility to relate both notions in any directions
A Certificate-Based Proxy Signature with Message Recovery without Bilinear Pairing
In this paper, we propose the first provable secure certificate-based proxy signature with message recovery without bilinear pairing. The notion of certificate-based cryptography was initially introduced by Gentry in 2003, in order to simplify certificate management in traditional public key cryptography(PKC)and to solve the key escrow problem in identity-based cryptosystems. To date, a number of certificate-based proxy signature(CBPS)schemes from bilinear pairing have been proposed. Nonetheless, the total computation cost of a pairing is higher than that of scalar multiplication(e.g., over elliptic curve group). Consequently, schemes without pairings would be
more appealing in terms of efficiency. According to the available research in this regard, our scheme is the first provable secure CBPS scheme with message recovery which is based on the elliptic curve discrete logarithm problem. We prove the security of the presented scheme against existential forgery under adaptive chosen message and ID attacks in the random oracle model. Moreover, the paper will also show how it would be possible to convert this scheme to the CBPS scheme without message recovery. This scheme has more applications in situations with limited bandwidth and power-constrained devices
A Provably Secure Certificate Based Ring Signature Without Pairing
Abstract In Eurocrypt 2003, Gentry introduced the notion of certificate-based encryption. The merit of certificatebased encryption lies in implicit certificate and no private key escrow. This feature is desirable especially for the efficiency and the real spontaneity of ring signature, which involve a large number of public keys in each execution. In this paper, we propose an efficient certificatebased ring signature scheme which does not require any pairing computation. Furthermore, this scheme is proven secure under the Discrete Logarithm assumption in the random oracle model. To the best of authors' knowledge, this is the first construction of certificate-based ring signature scheme in the literature that has such kind of feature
Provably Secure Generic Construction of Certificate Based Signature from Certificateless Signature in Standard Model
Both certificateless cryptography (CLC) and certificate-based cryptography (CBC) are two novel public key paradigms which combine the merits of traditional public key cryptography (PKC) and
identity-based cryptography (IBC). They succeed in avoiding the key escrow problem in IBC and reducing the public key management overhead in traditional PKC. This paper deals with the generic construction of certificate based signature (CBS) from certificateless signature (CLS). Wu et al. proposed the first generic conversion from CLS to CBS provably secure in the random oracle model.
This paper proposes an intuitive, simple and provably secure generic conversion from CLS to CBS. The security for this conversion is proved in the standard model. To develope the security proof of this conversion, we put forth one novel security model which introduces a previously neglected notrivial attack and better captures the CLS security notion. Following this generic conversion, a provably secure CLS scheme is constructed as an example
Recommended from our members
PFCBAS: pairing free and provable certificate-based aggregate signature scheme for the e-healthcare monitoring system
Recently, one of the most popular technologies of the modern era, the Internet of Things, allows the deployment and usage of various real-time test beds in various smart applications. One such application is the e-healthcare, in which patients' healthcare related data are transmitted to the nearest base station and then to a local or remote server as per the requirements. The data related to patients' health are sensitive and need special protection, therefore, the integrity and authentication of the sources of data generation are paramount concerns. However, several authentication or signature schemes that have been introduced in the past for this purpose are ID-based or having certificate-less settings. In these settings, a central authority, known as a trusted authority (TA), creates and distributes the secret key of every user. Thus, knowing the secrete key by the TA is called key escrow problem. But, these proposed schemes suffer from key distribution problems, which limit their applications in various applications. To mitigate these issues, this paper presents a certificate-based pairing free aggregate signature scheme (CBPFAS). The proposed scheme uses the merits of public key cryptography (PKC) and identity-based PKC (IDBPKC). The scheme is proven to be unforgeable, assuming the hardness of elliptic curve discrete log problem (ECDLP). The performance analysis shows that the proposed CBPFAS scheme executes in 0.78(n+1) ms in comparison to 9.63+1.17n ms in [1], 9.63+0.78n ms in [2], 9.63+3.39n ms in [3], and 9.63+1.17n ms in [4]. From these results, it is concluded that the proposed pairing free certificate-based aggregate signature scheme performs better than its counterparts
Certificate-Based Parallel Key-Insulated Aggregate Signature Against Fully Chosen-Key Attacks for Industrial Internet of Things
With the emergence of the Industrial Internet of Things (IIoT), numerous operations based on smart devices contribute to producing convenience and comfortable applications for individuals and organizations. Considering the untrusted feature of the communication channels in IIoT, it is essential to ensure the authentication and incontestableness of the messages transmitted in the IIoT. In this paper, we firstly proposed a certificate-based parallel key-insulated aggregate signature (CB-PKIAS), which can resist the fully chosen-key attacks. Concretely, the adversary who can obtain the private keys of all signers in the system is able to forge a valid aggregate signature by using the invalid single signature. Furthermore, our scheme inherits the merits of certificate-based and key-insulated to avoid the certificate management problem, key escrow problems as well as the key exposures simultaneously. In addition, the rigorous analysis and the concrete simulation experiment demonstrated that our proposed scheme is secure under the random oracle and more suitable for the IIoT environment
Cryptanalysis of Three Certificate-Based Authenticated Key Agreement Protocols and a Secure Construction
Certificate-based cryptography is a new public-key cryptographic paradigm that has very appealing features, namely it simplifies the certificate management problem in traditional public key cryptography while eliminating the key escrow problem in identity-based cryptography. So far, three authenticated key agreement (AKA) protocols in the setting of certificate-based cryptography have been proposed in the literature. Unfortunately, none of them are secure under the public key replacement (PKR) attack. In this paper, we first present a security model for certificate-based AKA protocols that covers the PKR attacks. We then explore the existing three certificate-based AKA protocols and show the concrete attacks against them respectively. To overcome the weaknesses in these protocols, we propose a new certificate-based AKA protocol and prove its security strictly in the random oracle model. Performance comparison shows that the proposed protocol outperforms all the previous certificate-based AKA protocols
Certificate-Based Signcryption: Security Model and Efficient Construction
Signcryption is an important cryptographic primitive that simultaneously achieves confidentiality and authentication in an efficient manner. In 2008, Luo et al. introduced the notion of certificate-based signcryption and proposed the first construction of certificate-based signcryption. However, their scheme is insecure under the key replacement attack and also does not provide insider security. To overcome these disadvantages, we introduce a strengthened security model of certificate-based signcryption in this paper. The new security model accurately models insider security and the key replacement attacks that might be attempted by an adversary in a real certificate-based signcryption system. We also propose a new certificate-based signcryption scheme that reaches insider security and resists key replacement attacks. We show that this scheme is both chosen-ciphertext secure and existentially unforgeable in the random oracle model. Furthermore, performance analysis shows that the proposed scheme is efficient and practical