Certificateless Proxy Signature from RSA

Although some good results were achieved in speeding up the computation of pairing function in recent years, it is still interesting to design efficient cryptosystems with less bilinear pairing operation. A proxy signature scheme allows a proxy signer to sign messages on behalf of an original signer within a given context. We propose a certificateless proxy signature (CLPS) scheme from RSA and prove its security under the strongest security model where the Type I/II adversary is a super Type I/II adversary

On the security of pairing-free certificateless digital signature schemes using ECC

AbstractI cryptanalyze the pairing-free digital signature scheme of Islam et al. which is proven secure against “adaptive chosen message attacks”. I introduce this type of forgery to analyze their scheme. Furthermore, I comment on general security issues that should be considered when making improvements on their scheme. My security analysis is also applicable to other digital signatures designed in a similar manner

Certificateless Signature Scheme Based on Rabin Algorithm and Discrete Logarithm

Certificateless signature can effectively immue the key escrow problem in the identity-based signature scheme. But the security of the most certificateless signatures usually depends on only one mathematical hard problem, which makes the signature vulnerable when the underlying hard problem has been broken. In order to strengthen the security, in this paper, a certificateless signature whose security depends on two mathematical hard problems, discrete logarithm and factoring problems, is proposed. Then, the proposed certificateless signature can be proved secure in the random oracle, and only both of the two mathematical hard problems are solved, can the proposed signature be broken. As a consequence, the proposed certificateless signature is more secure than the previous signatures. On the other hand, with the pre-computation of the exponential modular computation, it will save more time in the signature signing phase. And compared with the other schemes of this kind, the proposed scheme is more efficient

Certificateless Blind Signature Based on DLP

The most widely used digital signature in the real word application such as e cash e-voting etc. is blind signature. Previously the proposed blind signature follow the foot steps of public key cryptography(PKC) but conventional public key cryptography uses an affirmation of a relationship between public key and identity for the holder of the corresponding private key to the user, so certificate management is very difficult. To overcome this problem Identity based cryptography is introduced. But Identity based cryptography is inherited with key escrow problem. Blind signature with certificateless PKC(CLBS) used widely because it eliminate the problem related to certificate management of cryptography and the key escrow problem of ID based PKC. Because of large requirement of CLBS scheme in different applications many CLBS scheme is proposed, but they were based on bilinear pairing. However, the CLBS scheme based on bilinear pairing is not very satisfiable because bilinear pairing operations are very complicated. In our proposed scheme, we designed a certificateless blind signature scheme based on the discrete logarithmic problem. The proposed scheme fulfills all the security requirements of blind signature as well as certificateless signature. We analyzed security properties such as blindness, unforgeability and unlinkability. The proposed scheme has less computational cost. The hardness of discrete logarithmic problem (DLP) is used to prove the security of the proposed scheme

Toward an RSU-unavailable lightweight certificateless key agreement scheme for VANETs

Vehicle ad-hoc networks have developed rapidly these years, whose security and privacy issues are always concerned widely. In spite of a remarkable research on their security solutions, but in which there still lacks considerations on how to secure vehicle-to-vehicle communications, particularly when infrastructure is unavailable. In this paper, we propose a lightweight certificateless and one-round key agreement scheme without pairing, and further prove the security of the proposed scheme in the random oracle model. The proposed scheme is expected to not only resist known attacks with less computation cost, but also as an efficient way to relieve the workload of vehicle-to-vehicle authentication, especially in no available infrastructure circumstance. A comprehensive evaluation, including security analysis, efficiency analysis and simulation evaluation, is presented to confirm the security and feasibility of the proposed scheme

An Efficient Certificateless Encryption for Secure Data Sharing in Public Clouds

We propose a mediated certificateless encryption scheme without pairing operations for securely sharing sensitive information in public clouds. Mediated certificateless public key encryption (mCL-PKE) solves the key escrow problem in identity based encryption and certificate revocation problem in public key cryptography. However, existing mCL-PKE schemes are either inefficient because of the use of expensive pairing operations or vulnerable against partial decryption attacks. In order to address the performance and security issues, in this paper, we first propose a mCL-PKE scheme without using pairing operations. We apply our mCL-PKE scheme to construct a practical solution to the problem of sharing sensitive information in public clouds. The cloud is employed as a secure storage as well as a key generation center. In our system, the data owner encrypts the sensitive data using the cloud generated users’ public keys based on its access control policies and uploads the encrypted data to the cloud. Upon successful authorization, the cloud partially decrypts the encrypted data for the users. The users subsequently fully decrypt the partially decrypted data using their private keys. The confidentiality of the content and the keys is preserved with respect to the cloud, because the cloud cannot fully decrypt the information. We also propose an extension to the above approach to improve the efficiency of encryption at the data owner. We implement our mCL-PKE scheme and the overall cloud based system, and evaluate its security and performance. Our results show that our schemes are efficient and practical

A Certificateless One-Way Group Key Agreement Protocol for End-to-End Email Encryption

Over the years, email has evolved into one of the most widely used communication channels for both individuals and organizations. However, despite near ubiquitous use in much of the world, current information technology standards do not place emphasis on email security. Not until recently, webmail services such as Yahoo\u27s mail and Google\u27s gmail started to encrypt emails for privacy protection. However, the encrypted emails will be decrypted and stored in the service provider\u27s servers. If the servers are malicious or compromised, all the stored emails can be read, copied and altered. Thus, there is a strong need for end-to-end (E2E) email encryption to protect email user\u27s privacy. In this paper, we present a certificateless one-way group key agreement protocol with the following features, which are suitable to implement E2E email encryption: (1) certificateless and thus there is no key escrow problem and no public key certificate infrastructure is required; (2) one-way group key agreement and thus no back-and-forth message exchange is required; and (3) n-party group key agreement (not just 2- or 3-party). This paper also provides a security proof for the proposed protocol using proof by simulation . Finally, efficiency analysis of the protocol is presented at the end of the paper

RSA authentication mechanisms in control grid computing environment using Gridsim toolkit

There are security concerns when our sensitive data is placed in the third party infrastructure such as in the Grid Computing environment. As such, it is difficult to be assured that our data is in the safe hands.Thus, authentication has become the most critical factor pertaining to this.There are several approaches has been discussed in the grid computing environment on the safeguard, scalable and efficient authentication that are either Virtual Organization centric or Resource centric.Most of the grid computing uses public key infrastructure (PKI) to secure the identification, but the vulnerability are still cannot be avoid. In order to satisfy the security need of grid computing environment, we design an alternative authentication mechanism using RSA algorithm to ensure the user identification, and carry out the experiment in the Gridsim toolkit simulator

Aggregatable Certificateless Designated Verifier Signature

In recent years, the Internet of Things (IoT) devices have become increasingly deployed in many industries and generated a large amount of data that needs to be processed in a timely and efficient manner. Using aggregate signatures, it provides a secure and efficient way to handle large numbers of digital signatures with the same message. Recently, the privacy issue has been concerned about the topic of data sharing on the cloud. To provide the integrity, authenticity, authority, and privacy on the data sharing in the cloud storage, the notion of an aggregatable certificateless designated verifier signature scheme (ACLDVS) was proposed. ACLDVS also is a perfect tool to enable efficient privacy-preserving authentication systems for IoT and or the vehicular ad hoc networks (VANET). Our concrete scheme was proved to be secured underling of the Computational Diffie-Hellman assumption. Compared to other related schemes, our scheme is efficient, and the signature size is considerably short