291 research outputs found
Practical Certificateless Aggregate Signatures From Bilinear Maps
Aggregate signature is a digital signature with a striking property that anyone can aggregate n individual signatures on n different messages which are signed by n distinct signers, into a single compact signature to reduce computational and storage costs. In this work, two practical certificateless aggregate signature schemes are proposed from bilinear maps. The first scheme CAS-1 reduces the costs of communication and signer-side computation but trades off the storage, while CAS-2 minimizes the storage but sacrifices the communication costs. One can choose either of the schemes by consideration of the application requirement. Compare with ID-based schemes, our schemes do not entail public key certificates as well and achieve the trust level 3, which imply the frauds of the authority are detectable. Both of the schemes are proven secure in the random oracle model by assuming the intractability of the computational Diffie-Hellman problem over the groups with bilinear maps, where the forking lemma technique is avoided
On Security Notions for Verifiable Encrypted Signature
First we revisit three - BGLS, MBGLS and GZZ verifiably encrypted
signature schemes[2,3,6].We find that they are all
not strong unforgeable.We remark that the notion of existential
unforgeable is not sufficient for fair exchange protocols in most
circumstances.So we propose three new - NBGLS, MBGLS and NGZZ
verifiably encrypted signature schemes which are strong unforgeable.
Also we reconsider other two - ZSS and CA verifiably encrypted
signature schemes[4,8], we find that they both cannot
resist replacing public key attack. So we strongly suggest that
strong unforgeable for verifiably encrypted signature maybe a better
notion than existential unforgeable and checking adjudicator knowing
its private key is a necessary step for secure verifiably encrypted
signature scheme
Verifiably encrypted cascade-instantiable blank signatures to secure progressive decision management
National Research Foundation (NRF) Singapore under NC
Pairing-Based Cryptographic Protocols : A Survey
The bilinear pairing such as Weil pairing or Tate pairing on elliptic and hyperelliptic curves have recently been found applications in design of cryptographic protocols. In this survey, we have tried to cover different cryptographic protocols based on bilinear pairings which possess, to the best of our knowledge, proper security proofs in the existing security models
Verifiably Encrypted Signatures with Short Keys based on the Decisional Linear Problem and Obfuscation for Encrypted VES
Verifiably encrypted signatures (VES) are signatures encrypted by a public key of a trusted third party and we can verify their validity without decryption. This paper proposes a new VES scheme which is secure under the decisional linear (DLIN) assumption in the standard model. We also propose new obfuscators for encrypted signatures (ES) and encrypted VES (EVES) which are secure under the DLIN assumption.
All previous efficient VES schemes in the standard model are either secure under standard assumptions (such as the computational Diffie-Hellman assumption) with large verification (or secret) keys or secure under \emph{(non-standard) dynamic -type assumptions} (such as the -strong Diffie-Hellman extraction assumption) with short verification keys. Our construction is the first efficient VES scheme with short verification (and secret) keys secure under \emph{a standard assumption (DLIN)}.
As by-products of our VES scheme, we construct new obfuscators for ES/EVES based on our new VES scheme. They are more efficient than previous obfuscators with respect to the public key size. Previous obfuscators for EVES are secure under non-standard assumption and use zero-knowledge (ZK) proof systems and Fiat-Shamir heuristics to obtain non-interactive ZK, i.e., its security is considered in the random oracle model. Thus, our construction also has an advantage with respect to assumptions and security models. Our new obfuscator for ES is obtained from our new obfuscator for EVES
Security Analysis of the Unrestricted Identity-Based Aggregate Signature Scheme
Aggregate signatures allow anyone to combine different signatures signed by
different signers on different messages into a single short signature. An ideal
aggregate signature scheme is an identity-based aggregate signature (IBAS)
scheme that supports full aggregation since it can reduce the total transmitted
data by using an identity string as a public key and anyone can freely
aggregate different signatures. Constructing a secure IBAS scheme that supports
full aggregation in bilinear maps is an important open problem. Recently, Yuan
{\it et al.} proposed an IBAS scheme with full aggregation in bilinear maps and
claimed its security in the random oracle model under the computational
Diffie-Hellman assumption. In this paper, we show that there exists an
efficient forgery attacker on their IBAS scheme and their security proof has a
serious flaw.Comment: 9 page
vetKeys: How a Blockchain Can Keep Many Secrets
We propose a new cryptographic primitive called verifiably encrypted threshold key derivation (vetKD) that extends identity-based encryption with a decentralized way of deriving decryption keys. We show how vetKD can be leveraged on modern blockchains to build scalable decentralized applications (or dapps ) for a variety of purposes, including preventing front-running attacks on decentralized finance (DeFi) platforms, end-to-end encryption for decentralized messaging and social networks (SocialFi), cross-chain bridges, as well as advanced cryptographic primitives such as witness encryption and one-time programs that previously could only be built from secure hardware or using a trusted third party. And all of that by secret-sharing just a single secret key..
Private Outsourcing of Polynomial Evaluation and Matrix Multiplication using Multilinear Maps
{\em Verifiable computation} (VC) allows a computationally weak client to
outsource the evaluation of a function on many inputs to a powerful but
untrusted server. The client invests a large amount of off-line computation and
gives an encoding of its function to the server. The server returns both an
evaluation of the function on the client's input and a proof such that the
client can verify the evaluation using substantially less effort than doing the
evaluation on its own. We consider how to privately outsource computations
using {\em privacy preserving} VC schemes whose executions reveal no
information on the client's input or function to the server. We construct VC
schemes with {\em input privacy} for univariate polynomial evaluation and
matrix multiplication and then extend them such that the {\em function privacy}
is also achieved. Our tool is the recently developed {mutilinear maps}. The
proposed VC schemes can be used in outsourcing {private information retrieval
(PIR)}.Comment: 23 pages, A preliminary version appears in the 12th International
Conference on Cryptology and Network Security (CANS 2013
- …