67 research outputs found
Anonymous Single-Sign-On for n designated services with traceability
Anonymous Single-Sign-On authentication schemes have been proposed to allow
users to access a service protected by a verifier without revealing their
identity which has become more important due to the introduction of strong
privacy regulations. In this paper we describe a new approach whereby anonymous
authentication to different verifiers is achieved via authorisation tags and
pseudonyms. The particular innovation of our scheme is authentication can only
occur between a user and its designated verifier for a service, and the
verification cannot be performed by any other verifier. The benefit of this
authentication approach is that it prevents information leakage of a user's
service access information, even if the verifiers for these services collude
which each other. Our scheme also supports a trusted third party who is
authorised to de-anonymise the user and reveal her whole services access
information if required. Furthermore, our scheme is lightweight because it does
not rely on attribute or policy-based signature schemes to enable access to
multiple services. The scheme's security model is given together with a
security proof, an implementation and a performance evaluation.Comment: 3
On the Security of a Novel Probabilistic Signature Based on Bilinear Square Diffie-Hellman Problem and Its Extension
Probabilistic signature scheme has been widely used in modern electronic commerce since it could provide integrity, authenticity, and nonrepudiation. Recently, Wu and Lin proposed a novel probabilistic signature (PS) scheme using the bilinear square Diffie-Hellman (BSDH) problem. They also extended it to a universal designated verifier signature (UDVS) scheme. In this paper, we analyze the security of Wu et al.’s PS scheme and UDVS scheme. Through concrete attacks, we demonstrate both of their schemes are not unforgeable. The security analysis shows that their schemes are not suitable for practical applications
Practical fair anonymous undeniable signatures
We present a new model for undeniable signatures: fair-anonymous undeniable signatures. This protocol can not only preserve the privacy of the signer (i.e. anonymity) but also track the illegal utilization of the valid signatures. In addition, our model prevents the trusted centre from forging a valid signature for any signer
Dinero electrónico como medio de pago e inclusión financiera
La implementación del Sistema de Dinero Electrónico en el Ecuador por parte del Banco Central busca la inclusión financiera de aquellos ecuatorianos con limitado acceso a medios de pago, a través del dinero electrónico como medio de pago alternativo, permitiéndoles realizar transacciones a bajos costos y en menor tiempo que lo que ofrecen los bancos, cooperativas y demás instituciones que conforman el sistema financiero tradicional; en una garantía social. La presente publicación tuvo como objetivo exponer la aceptación por parte de la población y sus sectores al uso del dinero electrónico y las potencialidades de esta opción. Para desarrollar este trabajo se realiza una investigación mediante la aplicación de una encueta de 29 preguntas a más 3040 personas de la ciudad de Quito, provincia Pichincha, en el Ecuador. Esta investigación expone los principales y más relevantes resultados de esta encuesta. Los resultados muestran que el 81.36% de los encuestados ha oído hablar del dinero electrónico, también se observa que el 15.47% no ha oído hablar del dinero electrónico, lo que podría indicar que estas personas no han tenido acceso a medios de información en donde se hable del dinero electrónico
NTRU based group oriented signature
In order to prevent illegal tracking and stealing
personal or cargo information, the authentication services should
be provided for the tags to identify a Reader. A NTRU based
signature scheme is proposed in this paper, which meets the
demand for a group of tags to quickly and securely identify a
Reader in RFID system. In our scheme, only the tag in specified
group can verify the reader’s message. Because of fast operation,
easy key generation and limited source occupied, our signature is
very suit for the RFID systems
Attacks on One Designated Verifier Proxy Signature Scheme
In a designated verifier proxy signature scheme, there are three participants, namely, the original signer, the proxy signer, and the designated verifier. The original signer delegates his or her signing right to the proxy signer, then the proxy signer can generate valid signature on behalf of the original signer. But only the designated verifier can verify the proxy signature. Several designated verifier proxy signature schemes have been proposed. However, most of them were proven secure in the random oracle model, which has received a lot of criticism since the security proofs in the random oracle model are not sound with respect to the standard model. Recently, by employing Water's hashing technique, Yu et al. proposed a new construction of designated verifier proxy signature. They claimed that the new construction is the first designated verifier proxy signature, whose security does not rely on the random oracles. But, in this paper, we will show some attacks on Yu et al.'s scheme. So, their scheme is not secure
On the Security of a Certificateless Strong Designated Verifier Signature Scheme
Recently, Chen et al. proposed the first non-delegatable certificateless strong designated verifier signature scheme and claimed that their scheme achieves all security requirements. However, in this paper, we disprove their claim and present a concrete attack which shows that their proposed scheme is forgeable. More precisely, we show that there exist adversaries who are able to forge any signer\u27s signature for any designated verifier on any message of his choice
Attacks on One Designated Verifier Proxy Signature Scheme
In a designated verifier proxy signature scheme, there are three participants, namely, the original signer, the proxy signer, and the designated verifier. The original signer delegates his or her signing right to the proxy signer, then the proxy signer can generate valid signature on behalf of the original signer. But only the designated verifier can verify the proxy signature. Several designated verifier proxy signature schemes have been proposed. However, most of them were proven secure in the random oracle model, which has received a lot of criticism since the security proofs in the random oracle model are not sound with respect to the standard model. Recently, by employing Water's hashing technique, Yu et al. proposed a new construction of designated verifier proxy signature. They claimed that the new construction is the first designated verifier proxy signature, whose security does not rely on the random oracles. But, in this paper, we will show some attacks on Yu et al.'s scheme. So, their scheme is not secure
- …