785 research outputs found
Boneh-Boyen Signatures and the Strong Diffie-Hellman Problem
The Boneh-Boyen signature scheme is a short signature scheme which is provably secure in the standard model under the q-Strong Diffie-Hellman (SDH) assumption.
The primary objective of this thesis is to examine the relationship between the Boneh-Boyen signature scheme and SDH. The secondary objective is to survey surrounding topics such as the generic group model, related signature schemes, intractability assumptions, and the relationship to identity-based encryption (IBE) schemes. Along these lines, we analyze the plausibility of the SDH assumption using the generic bilinear group model. We present the security proofs for the Boneh-Boyen signature scheme, with the addition of a small improvement in one of the probability bounds.
Our main contribution is to give the reduction in the reverse direction; that is, to show that if the SDH problem can be solved then the Boneh-Boyen signature scheme can be forged. This contribution represents the first known proof of equivalence between the SDH problem and Boneh-Boyen signatures. We also discuss the algorithm of Cheon for solving the SDH problem. We analyze the implications of Cheon's algorithm for the security of the Boneh-Boyen signature scheme, accompanied by a brief discussion on how to counter the attack
Pairing-based identification schemes
We propose four different identification schemes that make use of bilinear
pairings, and prove their security under certain computational assumptions.
Each of the schemes is more efficient and/or more secure than any known
pairing-based identification scheme
An Observation about Variations of the Diffie-Hellman Assumption
We generalize the Strong Boneh-Boyen (SBB) signature scheme
to sign vectors; we call this scheme GSBB. We show that if a particular (but
most natural) average case reduction from SBB to GSBB exists, then the
Strong Diffie-Hellman (SDH) and the Computational Diffie-Hellman (CDH)
have the same worst-case complexity
A Practical Set-Membership Proof for Privacy-Preserving NFC Mobile Ticketing
To ensure the privacy of users in transport systems, researchers are working
on new protocols providing the best security guarantees while respecting
functional requirements of transport operators. In this paper, we design a
secure NFC m-ticketing protocol for public transport that preserves users'
anonymity and prevents transport operators from tracing their customers' trips.
To this end, we introduce a new practical set-membership proof that does not
require provers nor verifiers (but in a specific scenario for verifiers) to
perform pairing computations. It is therefore particularly suitable for our
(ticketing) setting where provers hold SIM/UICC cards that do not support such
costly computations. We also propose several optimizations of Boneh-Boyen type
signature schemes, which are of independent interest, increasing their
performance and efficiency during NFC transactions. Our m-ticketing protocol
offers greater flexibility compared to previous solutions as it enables the
post-payment and the off-line validation of m-tickets. By implementing a
prototype using a standard NFC SIM card, we show that it fulfils the stringent
functional requirement imposed by transport operators whilst using strong
security parameters. In particular, a validation can be completed in 184.25 ms
when the mobile is switched on, and in 266.52 ms when the mobile is switched
off or its battery is flat
Still Wrong Use of Pairings in Cryptography
Several pairing-based cryptographic protocols are recently proposed with a
wide variety of new novel applications including the ones in emerging
technologies like cloud computing, internet of things (IoT), e-health systems
and wearable technologies. There have been however a wide range of incorrect
use of these primitives. The paper of Galbraith, Paterson, and Smart (2006)
pointed out most of the issues related to the incorrect use of pairing-based
cryptography. However, we noticed that some recently proposed applications
still do not use these primitives correctly. This leads to unrealizable,
insecure or too inefficient designs of pairing-based protocols. We observed
that one reason is not being aware of the recent advancements on solving the
discrete logarithm problems in some groups. The main purpose of this article is
to give an understandable, informative, and the most up-to-date criteria for
the correct use of pairing-based cryptography. We thereby deliberately avoid
most of the technical details and rather give special emphasis on the
importance of the correct use of bilinear maps by realizing secure
cryptographic protocols. We list a collection of some recent papers having
wrong security assumptions or realizability/efficiency issues. Finally, we give
a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page
A Light-Weight Group Signature Scheme for Wireless Networks Based-on BBS Short Group Signature
In the natural context of wireless network environment,
the communications between wireless nodes are more easily observed for the goal of the network traffic analysis. Thus, to enable a secure and anonymous communication system from thwarting of such analysis attacks would be strongly desirable. In this paper, we propose a secure and anonymous communication system using pairing-based group signatures. The achievement of secure and anonymous communication is performed by allowing all valid member wireless nodes of a
particular privilege group to authenticate each other without revealing their own identitie
A Pairing-Free Signature Scheme from Correlation Intractable Hash Function and Strong Diffie-Hellman Assumption
Goh and Jarecki (Eurocrypt 2003) showed how to get a signature scheme from the computational Diffie-Hellman assumption, and they introduced the name EDL for signatures of this type. The corresponding EDL family of signature schemes is remarkable for several reasons: elegance, simplicity and tight security. However, EDL security proofs stand in the random oracle model, and, to the best of our knowledge, extending this family without using an idealization of hash functions has never been successful.
In this paper, we propose a new signature scheme belonging to the EDL family, which is simple, natural and efficient, without using the random oracle model. Our scheme is based on the very same assumption than the Boneh-Boyen scheme, namely the strong Diffie-Hellman assumption, with the precision that our groups are not bound to being bilinear. We also make use of a correlation-intractable hash function, for a particular relation related to discrete-logarithm.
In addition to the theoretical interest of extending the EDL family with- out the random oracle model, our scheme is also one of the very few schemes which achieve discrete-log security properties without relying on pairings
Efficient Identity-Based Encryption Without Random Oracles
We present the first efficient Identity-Based Encryption
(IBE) scheme that is fully secure without random
oracles. We first present our IBE construction and reduce the
security of our scheme to the decisional Bilinear Diffie-Hellman
(BDH) problem. Additionally, we show that our techniques can be used
to build a new signature scheme that is secure under the
computational Diffie-Hellman assumption without random oracles
- âŠ