1,130 research outputs found
SIGNCRYPTION ANALYZE
The aim of this paper is to provide an overview for the research that has been done so far in signcryption area. The paper also presents the extensions for the signcryption scheme and discusses the security in signcryption. The main contribution to this paper represents the implementation of the signcryption algorithm with the examples provided.ElGamal, elliptic curves, encryption, identity-based, proxy-signcryption, public key, ring-signcryption, RSA, signcryption
ID-based Ring Signature and Proxy Ring Signature Schemes from Bilinear Pairings
In 2001, Rivest et al. firstly introduced the concept of ring signatures. A
ring signature is a simplified group signature without any manager. It protects
the anonymity of a signer. The first scheme proposed by Rivest et al. was based
on RSA cryptosystem and certificate based public key setting. The first ring
signature scheme based on DLP was proposed by Abe, Ohkubo, and Suzuki. Their
scheme is also based on the general certificate-based public key setting too.
In 2002, Zhang and Kim proposed a new ID-based ring signature scheme using
pairings. Later Lin and Wu proposed a more efficient ID-based ring signature
scheme. Both these schemes have some inconsistency in computational aspect.
In this paper we propose a new ID-based ring signature scheme and a proxy
ring signature scheme. Both the schemes are more efficient than existing one.
These schemes also take care of the inconsistencies in above two schemes.Comment: Published with ePrint Archiv
Building Secure and Anonymous Communication Channel: Formal Model and its Prototype Implementation
Various techniques need to be combined to realize anonymously authenticated
communication. Cryptographic tools enable anonymous user authentication while
anonymous communication protocols hide users' IP addresses from service
providers. One simple approach for realizing anonymously authenticated
communication is their simple combination, but this gives rise to another
issue; how to build a secure channel. The current public key infrastructure
cannot be used since the user's public key identifies the user. To cope with
this issue, we propose a protocol that uses identity-based encryption for
packet encryption without sacrificing anonymity, and group signature for
anonymous user authentication. Communications in the protocol take place
through proxy entities that conceal users' IP addresses from service providers.
The underlying group signature is customized to meet our objective and improve
its efficiency. We also introduce a proof-of-concept implementation to
demonstrate the protocol's feasibility. We compare its performance to SSL
communication and demonstrate its practicality, and conclude that the protocol
realizes secure, anonymous, and authenticated communication between users and
service providers with practical performance.Comment: This is a preprint version of our paper presented in SAC'14, March
24-28, 2014, Gyeongju, Korea. ACMSAC 201
Proxy Blind Signature using Hyperelliptic Curve Cryptography
Blind signature is the concept to ensure anonymity of e-coins. Untracebility and unlinkability are two main properties of real coins and should also be mimicked electronically. A user has to fulll above two properties of blind signature for permission to spend an e-coin. During the last few years, asymmetric cryptosystems based on curve based cryptographiy have become very popular, especially for embedded applications. Elliptic curves(EC) are a special case of hyperelliptic curves (HEC). HEC operand size is only a fraction of the EC operand size. HEC cryptography needs a group order of size at least 2160. In particular, for a curve of genus two eld Fq with p 280 is needeed. Therefore, the eld arithmetic has to be performed using 80-bit long operands. Which is much better than the RSA using 1024 bit key length. The hyperelliptic curve is best suited for the resource constraint environments. It uses lesser key and provides more secure transmisstion of data
Non-conventional digital signatures and their implementations – A review
The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-19713-5_36The current technological scenario determines a profileration
of trust domains, which are usually defined by validating the digital
identity linked to each user. This validation entails critical assumptions
about the way users’ privacy is handled, and this calls for new methods
to construct and treat digital identities. Considering cryptography,
identity management has been constructed and managed through conventional
digital signatures. Nowadays, new types of digital signatures
are required, and this transition should be guided by rigorous evaluation
of the theoretical basis, but also by the selection of properly verified software
means. This latter point is the core of this paper. We analyse the
main non-conventional digital signatures that could endorse an adequate
tradeoff betweeen security and privacy. This discussion is focused on
practical software solutions that are already implemented and available
online. The goal is to help security system designers to discern identity
management functionalities through standard cryptographic software libraries.This work was supported by Comunidad de Madrid (Spain) under the project S2013/ICE-3095-CM (CIBERDINE) and the Spanish Government project TIN2010-19607
Anonymity and trust in the electronic world
Privacy has never been an explicit goal of authorization mechanisms. The traditional
approach to authorisation relies on strong authentication of a stable identity
using long term credentials. Audit is then linked to authorization via the same
identity. Such an approach compels users to enter into a trust relationship with
large parts of the system infrastructure, including entities in remote domains. In
this dissertation we advance the view that this type of compulsive trust relationship
is unnecessary and can have undesirable consequences. We examine in some
detail the consequences which such undesirable trust relationships can have on
individual privacy, and investigate the extent to which taking a unified approach
to trust and anonymity can actually provide useful leverage to address threats to
privacy without compromising the principal goals of authentication and audit. We
conclude that many applications would benefit from mechanisms which enabled
them to make authorization decisions without using long-term credentials. We
next propose specific mechanisms to achieve this, introducing a novel notion of
a short-lived electronic identity, which we call a surrogate. This approach allows
a localisation of trust and entities are not compelled to transitively trust other entities
in remote domains. In particular, resolution of stable identities needs only
ever to be done locally to the entity named. Our surrogates allow delegation, enable
role-based access control policies to be enforced across multiple domains,
and permit the use of non-anonymous payment mechanisms, all without compromising
the privacy of a user. The localisation of trust resulting from the approach
proposed in this dissertation also has the potential to allow clients to control the
risks to which they are exposed by bearing the cost of relevant countermeasures
themselves, rather than forcing clients to trust the system infrastructure to protect
them and to bear an equal share of the cost of all countermeasures whether or not
effective for them. This consideration means that our surrogate-based approach
and mechanisms are of interest even in Kerberos-like scenarios where anonymity
is not a requirement, but the remote authentication mechanism is untrustworthy
- …