Improvements and Generalisations of Signcryption Schemes

In this work, we study the cryptographic primitive: signcryption, which combines the functionalities of digital signatures and public-key encryption. We first propose two generic transforms from meta-ElGamal signature schemes to signcryption schemes. These constructions can be thought of as generalisations of the signcryption schemes by Zheng and Gamage et al. Our results show that a large class of signcryption schemes arc outsider IND-CCA2 secure and insider UF-CMA secure. As a by-product, we also show that the meta-EIGamal signature schemes, for which no previous formal security proofs have been shown, arc UF-CMA secure. \Ve then propose a modification of one of the transforms in order to achieve insider IXD-CCA2 security in addition to insider UF-CMA security. This modification COStS just one extra exponential operation. In particular, we can apply this modification to the Zheng signcryption scheme to make it fully insider secure. Finally, we propose a generic transform from a two-key signcryption scheme to a one-key signcryption scheme while preserving both confidentiality and unforgeability. Our result shows that if we have an insider I)JD•CCA2 and CFC1A secure two-key signcryption scheme, then it can be turned into an insider IND-CCA2 and CF•CMA secure one• key signcryption scheme. We also show that an insider IND•CCA2 and UF-CMA secure one• key signcryption scheme induces a secure combined public• key scheme; that is, a combination of a signature scheme and a public• key encryption scheme that can securely share the same key pair. Combining previous results suggests that we can obtain a large class of insider secure one-key signcryption schemes from meta-ElGamal signature schemes, and that each of them can induce a secure combined public-key scheme.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Public-Key Encryption with Delegated Search

In public-key setting, Alice encrypts email with public key of Bob, so that only Bob will be able to learn contents of email. Consider scenario when computer of Alice is infected and unbeknown to Alice it also embeds malware into message. Bob's company, Carol, cannot scan his email for malicious content as it is encrypted so burden is on Bob to do scan. This is not efficient. We construct mechanism that enables Bob to provide trapdoors to Carol such that Carol, given encrypted data and malware signature, is able to check whether encrypted data contains malware signature, without decrypting it. We refer to this mechanism as Public-Key Encryption with Delegated Search SPKE.\ud \ud We formalize SPKE and give construction based on ElGamal public-key encryption (PKE). proposed scheme has ciphertexts which are both searchable and decryptable. This property of scheme is crucial since entity can search entire content of message, in contrast to existing searchable public-key encryption schemes where search is done only in metadata part. We prove in standard model that scheme is ciphertext indistinguishable and trapdoor indistinguishable under Symmetric External Diffie-Hellman (sxdh) assumption. We prove also ciphertext one-wayness of scheme under modified Computational Diffie-Hellman (mcdh) assumption. We show that our PKEDS scheme can be used in different applications such as detecting encrypted malwares and forwarding encrypted emails

EFFICIENT AND SCALABLE NETWORK SECURITY PROTOCOLS BASED ON LFSR SEQUENCES

The gap between abstract, mathematics-oriented research in cryptography and the engineering approach of designing practical, network security protocols is widening. Network researchers experiment with well-known cryptographic protocols suitable for different network models. On the other hand, researchers inclined toward theory often design cryptographic schemes without considering the practical network constraints. The goal of this dissertation is to address problems in these two challenging areas: building bridges between practical network security protocols and theoretical cryptography. This dissertation presents techniques for building performance sensitive security protocols, using primitives from linear feedback register sequences (LFSR) sequences, for a variety of challenging networking applications. The significant contributions of this thesis are: 1. A common problem faced by large-scale multicast applications, like real-time news feeds, is collecting authenticated feedback from the intended recipients. We design an efficient, scalable, and fault-tolerant technique for combining multiple signed acknowledgments into a single compact one and observe that most signatures (based on the discrete logarithm problem) used in previous protocols do not result in a scalable solution to the problem. 2. We propose a technique to authenticate on-demand source routing protocols in resource-constrained wireless mobile ad-hoc networks. We develop a single-round multisignature that requires no prior cooperation among nodes to construct the multisignature and supports authentication of cached routes. 3. We propose an efficient and scalable aggregate signature, tailored for applications like building efficient certificate chains, authenticating distributed and adaptive content management systems and securing path-vector routing protocols. 4. We observe that blind signatures could form critical building blocks of privacypreserving accountability systems, where an authority needs to vouch for the legitimacy of a message but the ownership of the message should be kept secret from the authority. We propose an efficient blind signature that can serve as a protocol building block for performance sensitive, accountability systems. All special forms digital signatures—aggregate, multi-, and blind signatures—proposed in this dissertation are the first to be constructed using LFSR sequences. Our detailed cost analysis shows that for a desired level of security, the proposed signatures outperformed existing protocols in computation cost, number of communication rounds and storage overhead

On forging ElGamal signature and other attacks.

by Chan Hing Che.Thesis (M.Phil.)--Chinese University of Hong Kong, 2000.Includes bibliographical references (leaves 59-[61]).Abstracts in English and Chinese.Chapter 1 --- Introduction --- p.1Chapter 2 --- Background --- p.8Chapter 2.1 --- Abstract Algebra --- p.8Chapter 2.1.1 --- Group --- p.9Chapter 2.1.2 --- Ring --- p.10Chapter 2.1.3 --- Field --- p.11Chapter 2.1.4 --- Useful Theorems in Number Theory --- p.12Chapter 2.2 --- Discrete Logarithm --- p.13Chapter 2.3 --- Solving Discrete Logarithm --- p.14Chapter 2.3.1 --- Exhaustive Search --- p.14Chapter 2.3.2 --- Baby Step Giant Step --- p.15Chapter 2.3.3 --- Pollard's rho --- p.16Chapter 2.3.4 --- Pohlig-Hellman --- p.18Chapter 2.3.5 --- Index Calculus --- p.23Chapter 3 --- Forging ElGamal Signature --- p.26Chapter 3.1 --- ElGamal Signature Scheme --- p.26Chapter 3.2 --- ElGamal signature without hash function --- p.29Chapter 3.3 --- Security of ElGamal signature scheme --- p.32Chapter 3.4 --- Bleichenbacher's Attack --- p.34Chapter 3.4.1 --- Constructing trapdoor --- p.36Chapter 3.5 --- Extension to Bleichenbacher's attack --- p.37Chapter 3.5.1 --- Attack on variation 3 --- p.38Chapter 3.5.2 --- Attack on variation 5 --- p.39Chapter 3.5.3 --- Attack on variation 6 --- p.39Chapter 3.6 --- Digital Signature Standard(DSS) --- p.40Chapter 4 --- Quadratic Field Sieve --- p.47Chapter 4.1 --- Quadratic Field --- p.47Chapter 4.1.1 --- Integers of Quadratic Field --- p.48Chapter 4.1.2 --- Primes in Quadratic Field --- p.49Chapter 4.2 --- Number Field Sieve --- p.50Chapter 4.3 --- Solving Sparse Linear Equations Over Finite Fields --- p.53Chapter 4.3.1 --- Lanczos and conjugate gradient methods --- p.53Chapter 4.3.2 --- Structured Gaussian Elimination --- p.54Chapter 4.3.3 --- Wiedemann Algorithm --- p.55Chapter 5 --- Conclusion --- p.57Bibliography --- p.5

Society-oriented cryptographic techniques for information protection

Groups play an important role in our modern world. They are more reliable and more trustworthy than individuals. This is the reason why, in an organisation, crucial decisions are left to a group of people rather than to an individual. Cryptography supports group activity by offering a wide range of cryptographic operations which can only be successfully executed if a well-defined group of people agrees to co-operate. This thesis looks at two fundamental cryptographic tools that are useful for the management of secret information. The first part looks in detail at secret sharing schemes. The second part focuses on society-oriented cryptographic systems, which are the application of secret sharing schemes in cryptography. The outline of thesis is as follows

Generalized ID-based elgamal signatures and extensions

Ankara : The Department of Computer Engineering and the Institute of Engineering and Science of Bilkent University, 2008.Thesis (Master's) -- Bilkent University, 2008.Includes bibliographical references leaves 58-62.ID-based cryptography helps us to simplify key management process in traditional public key infrastructures. Any public information such as the e-mail address, name, etc., can be used as a public key and this solves the problem of obtaining the public key of a party and checking that its certificate is valid. ID-based cryptography has been a very active area of research in cryptography since bilinear pairings were introduced as a cryptographic tool. There have been many proposals for ID-based signatures recently. In this thesis, we introduce the concept of generalized ID-based ElGamal signatures and show that most of the proposed ID-based signature schemes in the literature are special instances of this generalized scheme. We also investigate ID-based signatures providing additional properties. Signature schemes with message recovery provide the feature that the message is recoverable from the signature and hence does not need to be transmitted separately. Blind signatures provide the feature that a user is able to get a signature without giving the actual message to the signer. Finally, signcryption schemes fulfill the job of a digital signature and encryption in a single step with a lower computational cost. We generalize the ID-based signatures providing these properties and obtain numerous new signatures which have not been explored before. The generalized ID-based signatures we described provide a unified framework for ID-based ElGamal signatures and extensions. Additionally, some of our blind signatures turn out to be more efficient than the previously proposed schemes.Kalkan, SaidM.S

Generalized ID-based ElGamal signatures

ID-based cryptography has been a very active area of research in cryptography since bilinear pairings were introduced as a cryptographic tool, and there have been many proposals for ID-based signatures recently. In this paper, we introduce the concept of generalized ID-based ElGamal signatures and show that most of the proposed ID-based signature schemes in the literature are special instances of this generalized scheme. We also obtain numerous new signatures from this generalized scheme which have not been proposed before. ©2007 IEEE

[[alternative]]The Desing of Anonymous Proxy Automatic Signature Schemes for Distributed Compilers

計畫編號：NSC94-2213-E032-022研究期間：200508~200607研究經費：422,000[[abstract]]本計畫預定提出適用於分散式誠實製造編議器的匿名自動代理簽章 法，藉以抵抗(未知)電腦病毒的威脅。由於網際網路的普及，電腦病毒的 危害也變得比以往嚴重。雖然防毒軟體可以提供抵抗電腦病毒的保護，但 是防毒軟體無法偵測未知的電腦病毒。在另外一方面，數位簽章法可以偵 測未知的電腦病毒，因為數位簽章法驗證檔案是否被病毒更動過。利用誠 實製造編議器，日本學者Usuda 等人提出自動簽章法以抵抗電腦病毒，隨 後學者Lin 和Jan 提出他們的適用於分散式誠實製造編議器之自動簽章 法。不幸地Lin 和Jan 的方法不足以抵抗偽造簽章攻擊，另外存在原始程 式碼長度受限的限制。於是學者Hwang 和Li 提出他們的適用於分散式誠 實製造編議器之自動代理簽章法。 在Lin 和Jan 的方法與Hwang 和Li 的 方法中，代理編議器編議工作的伺服器之隱私並未受到保護。為了抵抗編 議器製造者偽造自動簽章攻擊，伺服器之公開金鑰與秘密金鑰並須分別用 於自動代理簽章的驗證與產生，然而維護伺服器之公開金鑰的變更過程是 十分不方便的事。若匿名自動代理簽章只需使用編議器製造者公開金鑰就 可以驗證，不僅可以保護伺服器之隱私，也可以方便匿名自動代理簽章法 的實用性。所以本計畫預定提出適用於分散式誠實製造編議器的匿名自動 代理簽章法。[[sponsorship]]行政院國家科學委員

Generalized ID-based blind signatures from bilinear pairings

Blind signature schemes provide the feature that a user is able to get a signature without giving the actual message to the signer. Recently a number of ID-based blind signatures have been proposed. In this paper, we introduce the concept of generalized ID-based blind signatures based on ElGamal signature variants. We obtain several new ID-based blind signatures from this generalized scheme which have not been explored before and some of them turn out to be more efficient than previously proposed schemes. © 2008 IEEE