16,402 research outputs found
Security Pitfalls of a Provably Secure Identity-based Multi-Proxy Signature Scheme
An identity-based multi-proxy signature is a type of proxy signatures in
which the delegation of signing right is distributed among a number of proxy signers.
In this type of cryptographic primitive, cooperation of all proxy signers in the proxy
group generates the proxy signatures of roughly the same size as that of standard proxy
signatures on behalf of the original signer, which is more efficient than transmitting
individual proxy signatures. Since identity-based multi-proxy signatures are useful in
distributed systems, grid computing, presenting a provably secure identity-based multi-proxy scheme is desired.
In 2013, Sahu and Padhye proposed the first provably secure identity-based multi-proxy signature scheme in the random oracle model, and proved that their scheme is existential unforgeable against adaptive chosen message and identity attack. Unfortunately, in this
paper, we show that their scheme is insecure. We present two forgery attacks on their scheme. Furthermore, their scheme is not resistant against proxy key exposure attack. As a consequence, there is no provably secure identity-based multi-proxy signature scheme
secure against proxy key exposure attack to date
Cryptanalysis and Improvement of Identity-based Proxy Multi-signature scheme
Cao-Cao’s recently proposed an identity-based proxy signature scheme
and claim that the scheme is provably secure in random oracle model. In this paper we have reviewed the scheme and proven that the scheme is vulnerable to chosen message attack under the defined security model. To prevent this attack, we propose an improved version of the scheme. A Proxy multi-signature scheme allows an authorized proxy signer to sign on a message on behalf of a group of original signers
Proxy Signature Scheme with Effective Revocation Using Bilinear Pairings
We present a proxy signature scheme using bilinear pairings that provides
effective proxy revocation. The scheme uses a binding-blinding technique to
avoid secure channel requirements in the key issuance stage. With this
technique, the signer receives a partial private key from a trusted authority
and unblinds it to get his private key, in turn, overcomes the key escrow
problem which is a constraint in most of the pairing-based proxy signature
schemes. The scheme fulfills the necessary security requirements of proxy
signature and resists other possible threats
Building Secure and Anonymous Communication Channel: Formal Model and its Prototype Implementation
Various techniques need to be combined to realize anonymously authenticated
communication. Cryptographic tools enable anonymous user authentication while
anonymous communication protocols hide users' IP addresses from service
providers. One simple approach for realizing anonymously authenticated
communication is their simple combination, but this gives rise to another
issue; how to build a secure channel. The current public key infrastructure
cannot be used since the user's public key identifies the user. To cope with
this issue, we propose a protocol that uses identity-based encryption for
packet encryption without sacrificing anonymity, and group signature for
anonymous user authentication. Communications in the protocol take place
through proxy entities that conceal users' IP addresses from service providers.
The underlying group signature is customized to meet our objective and improve
its efficiency. We also introduce a proof-of-concept implementation to
demonstrate the protocol's feasibility. We compare its performance to SSL
communication and demonstrate its practicality, and conclude that the protocol
realizes secure, anonymous, and authenticated communication between users and
service providers with practical performance.Comment: This is a preprint version of our paper presented in SAC'14, March
24-28, 2014, Gyeongju, Korea. ACMSAC 201
SIGNCRYPTION ANALYZE
The aim of this paper is to provide an overview for the research that has been done so far in signcryption area. The paper also presents the extensions for the signcryption scheme and discusses the security in signcryption. The main contribution to this paper represents the implementation of the signcryption algorithm with the examples provided.ElGamal, elliptic curves, encryption, identity-based, proxy-signcryption, public key, ring-signcryption, RSA, signcryption
- …