46 research outputs found
On the Forgeability of Wang-Tang-Li\u27s ID-Based Restrictive Partially Blind Signature
Restrictive partially blind signature (RPBS) plays an important role in designing secure electronic cash system. Very recently, Wang, Tang and Li proposed a new ID-based restrictive partially blind signature (ID-RPBS) and gave the security proof. In this paper, we present a cryptanalysis of the scheme and show that the signature scheme does not satisfy the property of {\bf unforgeability} as claimed. More precisely, a user can forge a valid message-signature pair instead of the original one , where {\bf info} is the original common agreed information and . Therefore, it will be much dangerous if Wang-Tang-Li\u27s ID-RPBS scheme is applied to the off-line electronic cash system. For example, a bank is supposed to issue an electronic coin (or bill) of \$100 to a user, while the user can change the denomination of the coin (bill) to any value, say \$100, 000, 000, at his will
Classification of Signature-only Signature Models
We introduce a set of criterions for classifying signature-only
signature models. By the criterions, we classify signature models into 5 basic types and 69 general classes. Theoretically, 21140 kinds of signature models can be deduced by appropriately combining different general classes. The result comprises almost existing signature models. We also contribute a lot of new signature models. Moreover, we find the three signature models, i.e., group-nominee signature, multi-nominee signature and threshold-nominee
signature, are of great importance in light of our classification
Anonymous Tokens with Public Metadata and Applications to Private Contact Tracing
Anonymous single-use tokens have seen recent applications in private Internet browsing and anonymous statistics collection. We develop new schemes in order to include public metadata such as expiration dates for tokens. This inclusion enables planned mass revocation of tokens without distributing new keys, which for natural instantiations can give 77 % and 90 % amortized traffic savings compared to Privacy Pass (Davidson et al., 2018) and DIT: De-Identified Authenticated Telemetry at Scale (Huang et al., 2021), respectively. By transforming the public key, we are able to append public metadata to several existing protocols essentially without increasing computation or communication.
Additional contributions include expanded definitions, a more complete framework for anonymous single-use tokens and a description of how anonymous tokens can improve the privacy in dp3t-like digital contact tracing applications. We also extend the protocol to create efficient and conceptually simple tokens with both public and private metadata, and tokens with public metadata and public verifiability from pairings
On the (in)security of ROS
We present an algorithm solving the ROS (Random inhomogeneities in a Overdetermined Solvable system of linear equations) problem in polynomial time for l > log p dimensions. Our algorithm can be combined with Wagner’s attack, and leads to a sub-exponential solution for any dimension l with best complexity known so far.
When concurrent executions are allowed, our algorithm leads to practical attacks against unforgeability of blind signature schemes such as Schnorr and Okamoto--Schnorr blind signatures, threshold signatures such as GJKR and the original version of FROST, multisignatures such as CoSI and the two-round version of MuSig, partially blind signatures such as Abe-Okamoto, and conditional blind signatures such as ZGP17. Schemes for e-cash (such as Brands\u27 signature) and anonymous credentials (such as Anonymous Credentials Light) inspired from the above are also affected
Identity based blind signaturescheme based upon DLP
Blind Signature scheme deals with the concept where requester sends the request that the signer should sign on a blind message. Anyone can verify the signature after publishing the information without any restriction. The proposed scheme having the property of both concept, Identity based as well as Blind Signature using DLP. With the help of Identity Based system we can easily archive the public key certification without key-management setting. In several ID based scheme ID map into an Elliptic curve, but we have a novel techniques to solve this problem. We have proposed a scheme that is based on Discrete logarithm problem.We have proved that our scheme meets all essential and secondary security prematurity. In addition we have given the mathematically and pragmatically correctness of our scheme. As our best of knowledge, we give the first discussion on these two notation. Also, we proved that our scheme fulfill all criteria that should be meet in a blind signature scheme.Our proposed scheme can be used in an E-commerce, E-voting and E-cashing anywhere without any restriction.We have given an application of E-cashing using our scheme
SoK: Privacy-Preserving Signatures
Modern security systems depend fundamentally on the ability of users to authenticate their communications to other parties in a network. Unfortunately, cryptographic authentication can substantially undermine the privacy of users. One possible solution to this problem is to use privacy-preserving cryptographic authentication. These protocols allow users to authenticate their communications without revealing their identity to the verifier. In the non-interactive setting, the most common protocols include blind, ring, and group signatures, each of which has been the subject of enormous research in the security and cryptography literature. These primitives are now being deployed at scale in major applications, including Intel\u27s SGX software attestation framework. The depth of the research literature and the prospect of large-scale deployment motivate us to systematize our understanding of the research in this area. This work provides an overview of these techniques, focusing on applications and efficiency
Anonymous Credentials Light
We define and propose an efficient and provably secure construction of blind signatures with attributes. Prior notions of blind signatures did not yield themselves to the construction of anonymous credential systems, not even if we drop the unlinkability requirement of
anonymous credentials. Our new notion in contrast is a convenient building block for anonymous
credential systems. The construction we propose is efficient: it requires just a few exponentiations in a prime-order group in which the decisional Diffie-Hellman problem is hard. Thus, for
the first time, we give a provably secure construction of anonymous credentials that can work in
the elliptic group setting without bilinear pairings. In contrast, prior provably secure constructions were based on the RSA group or on groups with pairings, which made them prohibitively
inefficient for mobile devices, RFIDs and smartcards. The only prior efficient construction that
could work in such elliptic curve groups, due to Brands, does not have a proof of security
Privacy Enhancing Protocols using Pairing Based Cryptography
This thesis presents privacy enhanced cryptographic constructions,
consisting of formal definitions, algorithms and motivating
applications. The contributions are a step towards the development of
cryptosystems which, from the design phase, incorporate privacy as a
primary goal. Privacy offers a form of protection over personal and
other sensitive data to individuals, and has been the subject of much
study in recent years.
Our constructions are based on a special type of algebraic group called
bilinear groups. We present existing cryptographic constructions which
use bilinear pairings, namely Identity-Based Encryption (IBE). We define
a desirable property of digital signatures, blindness, and present new
IBE constructions which incorporate this property.
Blindness is a desirable feature from a privacy perspective as it allows
an individual to obscure elements such as personal details in the data
it presents to a third party. In IBE, blinding focuses on obscuring
elements of the identity string which an individual presents to the key
generation centre. This protects an individual's privacy in a direct
manner by allowing her to blind sensitive elements of the identity
string and also prevents a key generation centre from subsequently
producing decryption keys using her full identity string. Using blinding
techniques, the key generation centre does not learn the full identity
string.
In this thesis, we study selected provably-secure cryptographic
constructions. Our contribution is to reconsider the design of such
constructions with a view to incorporating privacy. We present the new,
privacy-enhanced cryptographic protocols using these constructions as
primitives. We refine useful existing security notions and present
feasible security definitions and proofs for these constructions