5 research outputs found
Analysis and Improvement of Authenticatable Ring Signcryption Scheme
Ring signcryption is an anonymous signcryption which allows a user
to anonymously signcrypt a message on behalf of a set of users
including himself. In an ordinary ring signcryption scheme, even if
a user of the ring generates a signcryption, he also cannot prove
that the signcryption was produced by himself. In 2008, Zhang, Yang,
Zhu, and Zhang solve the problem by introducing an identity-based
authenticatable ring signcryption scheme (denoted as the ZYZZ
scheme). In the ZYZZ scheme, the actual signcrypter can prove that
the ciphertext is generated by himself, and the others cannot
authenticate it. However, in this paper, we show that the ZYZZ
scheme is not secure against chosen plaintext attacks. Furthermore,
we propose an improved scheme that remedies the weakness of the ZYZZ
scheme. The improved scheme has shorter ciphertext size than the
ZYZZ scheme. We then prove that the improved scheme satisfies
confidentiality,
unforgeability, anonymity and authenticatability
Further Refinement of Pairing Computation Based on Miller\u27s Algorithm
In 2006, Blake, Murty and Xu proposed three refinements to
Miller\u27s algorithm for computing Weil/Tate Pairings. In this paper
we extend their work and propose a generalized algorithm, which
integrates their first two algorithms. Our approach is to
pre-organize the binary representation of the involved integer to
the best cases of Blake\u27s algorithms. Further, our refinement is
more suitable for Solinas numbers than theirs. We analyze our
algorithm and show that our refinement can perform better than the
original algorithms
An Approach to Guide Users Towards Less Revealing Internet Browsers
When browsing the Internet, HTTP headers enable both clients and servers send extra data in their requests or responses such as the User-Agent string. This string contains information related to the sender’s device, browser, and operating system. Previous research has shown that there are numerous privacy and security risks result from exposing sensitive information in the User-Agent string. For example, it enables device and browser fingerprinting and user tracking and identification. Our large analysis of thousands of User-Agent strings shows that browsers differ tremendously in the amount of information they include in their User-Agent strings. As such, our work aims at guiding users towards using less exposing browsers. In doing so, we propose to assign an exposure score to browsers based on the information they expose and vulnerability records. Thus, our contribution in this work is as follows: first, provide a full implementation that is ready to be deployed and used by users. Second, conduct a user study to identify the effectiveness and limitations of our proposed approach. Our implementation is based on using more than 52 thousand unique browsers. Our performance and validation analysis show that our solution is accurate and efficient. The source code and data set are publicly available and the solution has been deployed