A new revocable and re-delegable proxy signature and its application

With the popularity of cloud computing and mobile Apps, on-demand services such as on-line music or audio streaming and vehicle booking are widely available nowadays. In order to allow efficient delivery and management of the services, for large-scale on-demand systems, there is usually a hierarchy where the service provider can delegate its service to a top-tier (e.g., countrywide) proxy who can then further delegate the service to lower level (e.g., region-wide) proxies. Secure (re-)delegation and revocation are among the most crucial factors for such systems. In this paper, we investigate the practical solutions for achieving re-delegation and revocation utilizing proxy signature. Although proxy signature has been extensively studied in the literature, no previous solution can achieve both properties. To fill the gap, we introduce the notion of revocable and re-delegable proxy signature that supports efficient revocation and allows a proxy signer to re-delegate its signing right to other proxy signers without the interaction with the original signer. We define the formal security models for this new primitive and present an efficient scheme that can achieve all the security properties. We also present a secure on-line revocable and re-delegate vehicle ordering system (RRVOS) as one of the applications of our proposed scheme

A secure IoT cloud storage system with fine-grained access control and decryption key exposure resistance

Internet of Things (IoT) cloud provides a practical and scalable solution to accommodate the data management in large-scale IoT systems by migrating the data storage and management tasks to cloud service providers (CSPs). However, there also exist many data security and privacy issues that must be well addressed in order to allow the wide adoption of the approach. To protect data confidentiality, attribute-based cryptosystems have been proposed to provide fine-grained access control over encrypted data in IoT cloud. Unfortunately, the existing attributed-based solutions are still insufficient in addressing some challenging security problems, especially when dealing with compromised or leaked user secret keys due to different reasons. In this paper, we present a practical attribute-based access control system for IoT cloud by introducing an efficient revocable attribute-based encryption scheme that permits the data owner to efficiently manage the credentials of data users. Our proposed system can efficiently deal with both secret key revocation for corrupted users and accidental decryption key exposure for honest users. We analyze the security of our scheme with formal proofs, and demonstrate the high performance of the proposed system via experiments

Mergeable and revocable identity-based encryption

Identity-based encryption (IBE) has been extensively studied and widely used in various applications since Boneh and Franklin proposed the first practical scheme based on pairing. In that seminal work, it has also been pointed out that providing an efficient revocation mechanism for IBE is essential. Hence, revocable identity-based encryption (RIBE) has been proposed in the literature to offer an efficient revocation mechanism. In contrast to revocation, another issue that will also occur in practice is to combine two or multiple IBE systems into one system, e.g., due to the merge of the departments or companies. However, this issue has not been formally studied in the literature and the naive solution of creating a completely new system is inefficient. In order to efficiently address this problem, in this paper we propose the notion of mergeable and revocable identity-based encryption (MRIBE). Our scheme provides the first solution to efficiently revoke users and merge multiple IBE systems into a single system. The proposed scheme also has several nice features: when two systems are merged, there is no secure channel needed for the purpose of updating user private keys; and the size of the user private key remains unchanged when multiple systems are merged. We also propose a new security model for MRIBE, which is an extension of the security model for RIBE, and prove that the proposed scheme is semantically secure without random oracles

Strong identity-based proxy signature schemes, revisited

tru

The Improvement of 3D Traveltime Tomographic Inversion Method

As 3D high-precision seismic exploration is more and more widely used in seismic data acquisition, traveltime tomographic inversion based on first arrivals is developed from 2D to 3D. However, magnanimity data of 3D traveltime inversion brings about the problem of data storage; the absence of first arrivals with near offset reduces the precision of shallow layer; the utilization of prior information, such as small refraction and micro-logging data, can improve the precision of 3D traveltime inversion. Therefore, we make some improvements in 3D traveltime inversion method. We take compression storage for large and sparse matrix, propose virtual receivers technology, and add prior information to tomographic inversion linear equations. The application in 3D real data indicates that the improvements can effectively improve 3D traveltime tomographic inversion.Key words: 3D seismic exploration; 3D traveltime inversion method; 3D traveltime tomographic inversio

Constant-size ciphertexts in threshold attribute-based encryption without dummy attributes

Attribute-based encryption (ABE) is an augmentation of public key encryption that allows users to encrypt and decrypt messages based on users’ attributes. In a ( t, s ) threshold ABE, users who can decrypt a ciphertext must hold at least t attributes among the s attributes specified by the encryptor. At PKC 2010, Herranz, Laguillaumie and Ràfols proposed the first threshold ABE with constant-size ciphertexts. In order to ensure the encryptor can flexibly select the attribute set and a threshold value, they use dummy attributes to satisfy the decryption requirement. The advantage of their scheme is that any addition or removal of the attributes will not require any change to users’ private keys or public parameters. Unfortunately, the need for dummy attributes makes their scheme inefficient, since the computational cost of encryption is linear to the size of selected attribute set and dummy attribute set. In this work, we improve Herranz et al.’s work, and propose a new threshold ABE scheme which does not use any dummy attribute . Our scheme not only retains the nice feature of Herranz et al.’s scheme, but also offers two improvements in comparison to the previous work. Firstly, the computational costs of encryption and decryption are only linear in the size of the selected attribute set. Secondly, without any dummy attribute, most of the computations can be conducted without the knowledge of the threshold t . Hence, threshold change in the encryption phase does not require complete recomputation of the ciphertext

Authentication and transaction verification using QR codes with a mobile device

User authentication and the verification of online transactions that are performed on an untrusted computer or device is an important and challenging problem. This paper presents an approach to authentication and transaction verification using a trusted mobile device, equipped with a camera, in conjunction with QR codes. The mobile device does not require an active connection (e.g., Internet or cellular network), as the required information is obtained by the mobile device through its camera, i.e. solely via the visual channel. The proposed approach consists of an initial user authentication phase, which is followed by a transaction verification phase. The transaction verification phase provides a mechanism whereby important transactions have to be verified by both the user and the server. We describe the adversarial model to capture the possible attacks to the system. In addition, this paper analyzes the security of the propose scheme, and discusses the practical issues and mechanisms by which the scheme is able to circumvent a variety of security threats including password stealing, man-in-the-middle and man-in-the-browser attacks. We note that our technique is applicable to many practical applications ranging from standard user authentication implementations to protecting online banking transactions

A new construction for linkable secret handshake

National Research Foundation (NRF) Singapore; AXA Research Fun

RFID ownership transfer with positive secrecy capacity channels

RFID ownership transfer protocols (OTPs) transfer tag ownership rights. Recently, there has been considerable interest in such protocols, however, guaranteeing privacy for symmetric-key settings without trusted third parties (TTPs) is a challenge still unresolved. In this paper, we address this issue and show that it can be solved by using channels with positive secrecy capacity. We implement these channels with noisy tags and provide practical values, thus proving that perfect secrecy is theoretically possible. We then define a communication model that captures spatiotemporal events and describe a first example of symmetric-key based OTP that: (i) is formally secure in the proposed communication model and (ii) achieves privacy with a noisy tag wiretap channel without TTPs

DDH-based Multisignatures with Public Key Aggregation

A multisignature scheme allows a group of signers to produce a joint signature on a common message, which is more compact than a collection of distinct signatures from all signers. Given this signature and the list of signers\u27 public keys, a verifier is able to check if every signer in the group participated in signing. Recently, a multisignature scheme with public key aggregation has drawn a lot of attention due to their applications into the blockchain technology. Such multisignatures provide not only a compact signature, but also a compact aggregated public key, that is both the signature size and the public key size used to verify the correctness of the signature are independent from the number of signers. This is useful for a blockchain because of its duplication over a distributed network, and thus it is required to be as compact as possible. In this paper, we introduce a new multisignature scheme with such a feature. Our scheme is proven secure under the Decisional Diffie-Hellman assumption. In addition, in the presence of rogue key attacks, the security of our scheme is proven in the plain public key model