A Relational Credential System from qq-SDH-based Graph Signatures

An attribute-based credential system enables users to prove possession of a credential and statements over certified attributes to verifiers in zero-knowledge while maintaining anonymity and unlinkability. In a relational anonymous credential system, users can further prove their relationship to other entities in their social graph, such as position in an organizational hierarchy or friends-of-friends status in an online social network graph, while protecting their own privacy and that of other users involved in the social graph. While traditional anonymous credential schemes make no provisions for privacy-preserving relationship predicates, a relational credential system is more usable, because it can facilitate relationship-based access control with a wide range of predicates and offers strong privacy guarantees for relationship proofs. We propose the first relational credential scheme, based on a new $q$-SDH graph signature scheme and an efficient zero-knowledge proof system for graph predicates. We rigorously prove the security for the proposed scheme and provide a benchmark using Facebook social graphs

A q-SDH-based Graph Signature Scheme on Full-Domain Messages with Efficient Protocols

A graph signature scheme is a digital signature scheme that allows a recipient to obtain a signature on a graph and subsequently prove properties thereof in zero-knowledge proofs of knowledge. While known to be expressive enough to encode statements from NP languages, one main use of graph signatures is in topology certification and confidentiality-preserving security assurance. In this paper, we present an efficient and provably secure graph signature scheme in the standard model with tight reduction. Based on the MoniPoly attribute-based credential system, this new graph signature scheme offers zero-knowledge proofs of possession of the signature itself as well as confidentiality-preserving show proofs on logical statements such as the existence of vertices, graph connectivity or isolation

Design And Analysis Of Identity-Based Identification Schemes And Their Variants

An identification protocol is an interactive process that enables a prover with a private key to identify himself to a verifier with the correspondence public key

Cryptanalysis of an ID-based Blind Signature Scheme

In 2010, Rao et al. proposed an identity-based blind signature scheme based on bilinear pairings. The proposed scheme is claimed to have achieved blindness and also secure against unforgeability in the generic proofs. In this paper, we show that the security claim is invalid where the IBBS does not achieve blindness, though the signature is unforgeable. To be precise, the signer can link a blinded message to the corresponding signature signed for a user

On the security of a lightweight authentication and encryption scheme for mobile ad hoc network

In 2011, Eissa, Razak and Ngadi proposed a lightweight authentication and encryption scheme to enhance the performance for mobile ad hoc network in Wireless Network, Vol. 17, No. 4, 2011. The main building block of such scheme is an identity-based encryption scheme. The scheme was proven secure in the random oracle model assuming the computational Diffie–Hellman assumption is hard. In this paper, we show that the proposed scheme is not even secure against chosen plaintext attack, which is the lowest acceptable level of security. In addition, we demonstrate the RSA parameter suggested by Eissa et al. to yield a better network performance is not appropriate under a wrong security assumption that each mobile node is totally trusted. Such short RSA parameter leads to a key recovery attack

Comment on “Secure Data Access Control With Ciphertext Update and Computation Outsourcing in Fog Computing for Internet of Things”

In this comment paper, we point out a security flaw in a data access control system which is built on ciphertext-policy attribute-based encryption (CP-ABE) and attribute-based signature schemes. In particular, we show that the underlying CP-ABE is vulnerable to the collusion attack. As a result, malicious users can collaborate to decrypt a ciphertext, which they are not authorized to decrypt

New Identity-Based Identification and Signature Schemes in the Standard Model

In this paper, we propose an efficient identity-based identification (IBI) scheme provably secure against impersonation under active and concurrent attacks in the standard model. Based on the proposed IBI scheme and two-tier signature technique, we construct an efficient IBS scheme that is provably secure against strong existential forgery under chosen message attack in the standard model. The security for our proposed IBI and IBS schemes are based on the established q-SDH assumption. The comparison analysis shows that our proposed schemes outperform some state-of-the-art schemes which are also provably secure in the standard model

On the security of a strongly secure efficient certificateless signature scheme

Certificateless cryptography overcomes the private key escrow problem in identity-based cryptography while addressing the costly issues in traditional public key cryptography. Due to their applications, particularly in mobile devices, efficient signature schemes with short signature length have attracted much attention within the cryptography community. In 2012, Tso, Huang and Susilo proposed an efficient certificateless signature scheme. While all the existing short certificateless signature schemes in the literature are only secure against the weakest type of adversary, namely, normal adversary, the new scheme claims to be secure against the strongest type of adversary, namely, super adversary. In this paper, we falsify Tso et al.'s claim by mounting an attack on their scheme. We show that upon a public key replacement attack, a Type I strong adversary (which is weaker than a super adversary) is able to forge signatures on behalf of the signer

ECQV-IBI: Identity-based identification with implicit certification

Identity-based identification (IBI) schemes allow a prover to provide entity identification, based on its unique identity. This paper provides the first non-trivial IBI scheme with implicit certification by using the Elliptic Curve Qu Vanstone (ECQV) implicit certification scheme. In contrast to the conventional identity-based schemes, the implicit certificate based approach is resistant against key escrow since the trusted authority only a part of the secret key, which is used as input by the user to construct its own user secret key. We show our scheme is able to achieve Trust Level 3 according to Girault’s definitions, while requiring less resources when compared to certificateless identification. A corresponding formal security model is defined, showing the resistance of our proposed scheme against impersonation attacks. Compared to other Schnorr-based IBI schemes, our proposed IBI scheme with implicit certification outperforms in storage, computation and communication efficiency and thus offers a viable solution to be applied in an internet of things (IoT) context

Searchable Symmetric Encryption Security Definitions

After many searchable symmetric schemes have been proposed and proven secure, a few published work show empirical evidence of successful attacks on all published schemes. The attacks indicate a gap between the current security models and the practical attackers. This work reviews indistinguishability and semantic security games for SSE. Finally, a new security defnition against the practical attacks is proposed and proven to imply current security de�nitions