3,576 research outputs found
Cryptographic Pairings: Efficiency and DLP security
This thesis studies two important aspects of the use of pairings in cryptography, efficient
algorithms and security.
Pairings are very useful tools in cryptography, originally used for the cryptanalysis of
elliptic curve cryptography, they are now used in key exchange protocols, signature schemes
and Identity-based cryptography.
This thesis comprises of two parts: Security and Efficient Algorithms.
In Part I: Security, the security of pairing-based protocols is considered, with a thorough
examination of the Discrete Logarithm Problem (DLP) as it occurs in PBC. Results on the
relationship between the two instances of the DLP will be presented along with a discussion
about the appropriate selection of parameters to ensure particular security level.
In Part II: Efficient Algorithms, some of the computational issues which arise when using
pairings in cryptography are addressed. Pairings can be computationally expensive, so
the Pairing-Based Cryptography (PBC) research community is constantly striving to find
computational improvements for all aspects of protocols using pairings. The improvements
given in this section contribute towards more efficient methods for the computation of pairings,
and increase the efficiency of operations necessary in some pairing-based protocol
An Efficient and Provably Secure ID-Based Threshold Signcryption Scheme
Signcryption is a cryptographic primitive that performs digital
signature and public key encryption simultaneously, at a lower
computational costs and communication overheads than the
signature-then-encryption approach. Recently, two identity-based
threshold signcryption schemes[12],[26] have been
proposed by combining the concepts of identity-based threshold
signature and signcryption together. However, the formal models and
security proofs for both schemes are not considered. In this paper,
we formalize the concept of identity-based threshold signcryption
and give a new scheme based on the bilinear pairings. We prove its
confidentiality under the Decisional Bilinear Diffie-Hellman
assumption and its unforgeability under the Computational
Diffie-Hellman assumption in the random oracle model. Our scheme
turns out to be more efficient than the two previously proposed
schemes
A Pairing Based Strong Designated Verifier Signature Scheme without Random Oracles
In this study, a novel strong designated verifier signature scheme based on bilinear pairings with provable security in the standard model is proposed, while the existing ones are secure in the random oracle model. In 2007 and 2011, two strong designated verifier signature schemes in the standard model are proposed by Huang et al.
and Zhang et al., respectively; in the former, the property of privacy of the signer’s
identity is not proved and the security of the latter is based on the security of a pseudorandom
function. Our proposal can deal with the aforementioned drawbacks of the
previous schemes. Furthermore, it satisfies non-delegatability for signature verificatio
Proxy Signature Scheme with Effective Revocation Using Bilinear Pairings
We present a proxy signature scheme using bilinear pairings that provides
effective proxy revocation. The scheme uses a binding-blinding technique to
avoid secure channel requirements in the key issuance stage. With this
technique, the signer receives a partial private key from a trusted authority
and unblinds it to get his private key, in turn, overcomes the key escrow
problem which is a constraint in most of the pairing-based proxy signature
schemes. The scheme fulfills the necessary security requirements of proxy
signature and resists other possible threats
Pairing-based identification schemes
We propose four different identification schemes that make use of bilinear
pairings, and prove their security under certain computational assumptions.
Each of the schemes is more efficient and/or more secure than any known
pairing-based identification scheme
ID-based Ring Signature and Proxy Ring Signature Schemes from Bilinear Pairings
In 2001, Rivest et al. firstly introduced the concept of ring signatures. A
ring signature is a simplified group signature without any manager. It protects
the anonymity of a signer. The first scheme proposed by Rivest et al. was based
on RSA cryptosystem and certificate based public key setting. The first ring
signature scheme based on DLP was proposed by Abe, Ohkubo, and Suzuki. Their
scheme is also based on the general certificate-based public key setting too.
In 2002, Zhang and Kim proposed a new ID-based ring signature scheme using
pairings. Later Lin and Wu proposed a more efficient ID-based ring signature
scheme. Both these schemes have some inconsistency in computational aspect.
In this paper we propose a new ID-based ring signature scheme and a proxy
ring signature scheme. Both the schemes are more efficient than existing one.
These schemes also take care of the inconsistencies in above two schemes.Comment: Published with ePrint Archiv
Still Wrong Use of Pairings in Cryptography
Several pairing-based cryptographic protocols are recently proposed with a
wide variety of new novel applications including the ones in emerging
technologies like cloud computing, internet of things (IoT), e-health systems
and wearable technologies. There have been however a wide range of incorrect
use of these primitives. The paper of Galbraith, Paterson, and Smart (2006)
pointed out most of the issues related to the incorrect use of pairing-based
cryptography. However, we noticed that some recently proposed applications
still do not use these primitives correctly. This leads to unrealizable,
insecure or too inefficient designs of pairing-based protocols. We observed
that one reason is not being aware of the recent advancements on solving the
discrete logarithm problems in some groups. The main purpose of this article is
to give an understandable, informative, and the most up-to-date criteria for
the correct use of pairing-based cryptography. We thereby deliberately avoid
most of the technical details and rather give special emphasis on the
importance of the correct use of bilinear maps by realizing secure
cryptographic protocols. We list a collection of some recent papers having
wrong security assumptions or realizability/efficiency issues. Finally, we give
a compact and an up-to-date recipe of the correct use of pairings.Comment: 25 page
- …