Time stamped Digital Signature Scheme with Message Recovery & Its Application in E-Cash System

We propose a Timestamped signature scheme which can be verified universally using signer’s public parameters. A trusted third party, the Timestamping System provides timestamp to a signature without even knowing the content of the document. The proposed scheme can withstand active attacks, such as forgery attack and chosen cipher text attack. It also provides the message recovery feature, i.e., from the timestamped signature, the message can be recovered by the receiver. Hence, the message need not be sent with the signature. The suggested scheme do not require any hash function and there by reduces the verification cost as compared to existing schemes at the expense of marginal increase in signature generation cost. Further, the scheme is more secured as its security lies in solving three computationally hard assumptions Performance analysis of both the schemes has been carried out in details. We applied the Time-stamped signature scheme with Message recovery in Ecash syste

Cryptanalysis of Chang et al.\u27s Signature Scheme with Message Recovery

Recently, Chang \textit{et al}. \cite{Chang} proposed a new digital signature scheme with message recovery and claimed that neither one-way hash functions nor message redundancy schemes were employed in their scheme. However, in this letter, two forgery attacks are proposed to show that Chang \textit{et al.}\u27s signature scheme is not secure. To resist these attacks, the message redundancy schemes may be still used

Forgery Attacks on Chang et al.\u27s signature scheme with message recovery

It is found that Chang et al.\u27s signature scheme with message recovery is not as secure as they claimed, in fact. In this letter, two forgery attacks is proposed to show that the signature can be forged on any uncontrolled messages. To overcome these attacks, the one-way hash functions and the message redundancy schemes may be still used

Certificateless and provably-secure digital signature scheme based on elliptic curve

With the internet today available at the user’s beck, and call data or Information Security plays a vital role. Confidentiality, Integrity, Availability, and Non-repudiation are the pillars of security on which every application on the web is based on. With these basic requirements the users also need the security in low resource constrained environments making it more challenging for the security experts to design secured cryptographic algorithms. Digital Signatures play a pivotal role in Authentication. They help in verifying the integrity of the data being exchanged. Elliptical curves are the strongest contenders in Digital Signatures, and much research is being done to enhance the method in many ways. The paper briefs a secured and improved ECDSA Elliptical Curve Digital Signature Algorithm which is an improved and secured version of the Digital Signature Algorithm

The Insecurity of Two Proxy Signcryption Schemes: Proxy Credential Forgery Attack and How to Prevent It

Securing different online e-business activities usually requires applying different cryptographic algorithms. The proxy signcryption algorithms are designed for applications such as online proxy auction or online proxy signatures on business contracts, which require a proxy agent to sign on confidential messages. This paper proposes a proxy credential forgery attack to two recent proxy signcryption schemes in the literature. Using the attack, a malicious proxy signer can create a fake proxy credential from his original credential to extend his signing power. Simple modifications to these two schemes are also provided in this paper to prevent the attack without adding too much computational complexity. In addition to the contribution of introducing a new type of attacks to signcryption schemes, the paper also points out that, while designing a secure proxy signcryption scheme, not only the unforgeability of proxy signatures is important, but also that of proxy credentials as well

An efficient password authentication scheme for smart card,”

Abstract Yang-Wang-Chang proposed an improved timestamp associated password authentication scheme based on YangShieh, who had earlier proposed timestamp-based remote authentication scheme using smart cards. In this paper, we propose an efficient password authentication scheme with smart card applying RSA. The proposed scheme withstands most of the attacks with minimum computational cost

Survey on Lightweight Primitives and Protocols for RFID in Wireless Sensor Networks

The use of radio frequency identification (RFID) technologies is becoming widespread in all kind of wireless network-based applications. As expected, applications based on sensor networks, ad-hoc or mobile ad hoc networks (MANETs) can be highly benefited from the adoption of RFID solutions. There is a strong need to employ lightweight cryptographic primitives for many security applications because of the tight cost and constrained resource requirement of sensor based networks. This paper mainly focuses on the security analysis of lightweight protocols and algorithms proposed for the security of RFID systems. A large number of research solutions have been proposed to implement lightweight cryptographic primitives and protocols in sensor and RFID integration based resource constraint networks. In this work, an overview of the currently discussed lightweight primitives and their attributes has been done. These primitives and protocols have been compared based on gate equivalents (GEs), power, technology, strengths, weaknesses and attacks. Further, an integration of primitives and protocols is compared with the possibilities of their applications in practical scenarios