3,360 research outputs found
A new revocable and re-delegable proxy signature and its application
With the popularity of cloud computing and mobile Apps, on-demand services such as on-line music or audio streaming and vehicle booking are widely available nowadays. In order to allow efficient delivery and management of the services, for large-scale on-demand systems, there is usually a hierarchy where the service provider can delegate its service to a top-tier (e.g., countrywide) proxy who can then further delegate the service to lower level (e.g., region-wide) proxies. Secure (re-)delegation and revocation are among the most crucial factors for such systems. In this paper, we investigate the practical solutions for achieving re-delegation and revocation utilizing proxy signature. Although proxy signature has been extensively studied in the literature, no previous solution can achieve both properties. To fill the gap, we introduce the notion of revocable and re-delegable proxy signature that supports efficient revocation and allows a proxy signer to re-delegate its signing right to other proxy signers without the interaction with the original signer. We define the formal security models for this new primitive and present an efficient scheme that can achieve all the security properties. We also present a secure on-line revocable and re-delegate vehicle ordering system (RRVOS) as one of the applications of our proposed scheme
Building Secure and Anonymous Communication Channel: Formal Model and its Prototype Implementation
Various techniques need to be combined to realize anonymously authenticated
communication. Cryptographic tools enable anonymous user authentication while
anonymous communication protocols hide users' IP addresses from service
providers. One simple approach for realizing anonymously authenticated
communication is their simple combination, but this gives rise to another
issue; how to build a secure channel. The current public key infrastructure
cannot be used since the user's public key identifies the user. To cope with
this issue, we propose a protocol that uses identity-based encryption for
packet encryption without sacrificing anonymity, and group signature for
anonymous user authentication. Communications in the protocol take place
through proxy entities that conceal users' IP addresses from service providers.
The underlying group signature is customized to meet our objective and improve
its efficiency. We also introduce a proof-of-concept implementation to
demonstrate the protocol's feasibility. We compare its performance to SSL
communication and demonstrate its practicality, and conclude that the protocol
realizes secure, anonymous, and authenticated communication between users and
service providers with practical performance.Comment: This is a preprint version of our paper presented in SAC'14, March
24-28, 2014, Gyeongju, Korea. ACMSAC 201
Time Stamped Proxy Blind Signature Scheme With Proxy Revocation Based on Discrete Logarithm Problem
Proxy blind signature combines both the properties of blind signature and proxy signature. In a proxy blind signature scheme, the proxy signer is allowed to generate a blind signature on behalf of the original signer. It is a protocol played by three parties in which a user obtains a proxy signer’s signature for a desired message and the proxy signer learns nothing about the message. During the verification of a proxy blind signature scheme, the verifier cannot get whether signing is within the delegation period or after delegation period. In this thesis a time stamped proxy blind signature scheme with proxy revocation is proposed which records the time stamp during the proxy signing phase and satisfies all the security properties of proxy blind signature i.e distinguishability, nonrepudiation, unforgeability, verifiability, identifiability, unlinkability, prevention of misuse. In a proxy revocation scheme, the original signer can terminate the delegation power of a proxy signer before the completion of delegation period. Proxy blind signature has wide applications in real life scenarios, such as, e-cash, e-voting and e-commerece applications
- …