Wyniki wyszukiwania - BazTech

Ograniczanie wyników

4 Fundamenta Informaticae

Powiadomienia systemowe

Sesja wygasła!

Znaleziono wyników: 4

Liczba wyników na stronie

Wyniki wyszukiwania

Wyszukiwano:
w słowach kluczowych: certificateless signature

Sortuj według:

Ogranicz wyniki do:

Cryptanalysis and Improvement for Certificateless Aggregate Signature

Li J., Yuan H., Zhang Y.

Fundamenta Informaticae

2018

Vol. 157, nr 1/2

111--123

In order to satisfy application in resource constrained environment, aggregate signature schemes have been widely investigated. Recently, He et al. pointed out that certificateless aggregate signature (CLAS) scheme proposed by Xiong et al. was insecure against the Type II adversary and presented an possible improvement. In this article, we show that their improved scheme is not secure against a malicious-but-passive KGC attack. We analyze attack reason and propose an improved certificateless aggregate signature scheme. Based on the CDH difficult problem assumption, the proposed CLAS scheme is existentially unforgeable against adaptive chosen-message attacks in the random oracle model.

Certificateless Public Key Cryptography in the Standard Model

Canard S., Trinh V. C.

Fundamenta Informaticae

2018

Vol. 161, nr 3

219--248

Identity-based cryptography has been introduced by Shamir at Crypto’84 to avoid the use of expensive certificates in certified public key cryptography. In such system, the identity becomes the public key and each user needs to interact with a designated authority to obtain the related private key. It however suffers the key escrow problem since the authority knows the private keys of all users. To deal with this problem, Riyami and Paterson have introduced, at Asiacrypt’03, the notion of certificateless public key cryptography. In this case, there is no need to use the certificate to certify the public key, and neither the user nor the authority can derive the full private key by himself. There have been several efforts to propose a certificateless signature (CLS) scheme in the standard model, but all of them either make use of the Waters’ technique or of the generic conversion technique (proposed by Yum and Lee at ACISP’04) which both lead to inefficient CLS schemes. Besides making use of the Waters’ technique and the generic conversion technique (proposed also by Yum and Lee at ICCSA’04), there exists direct approaches to construct certificateless public key encryption (CLE) scheme in the standard model. In this paper, we introduce a new and direct approach to construct a CLS scheme in the standard model with constant-size of all parameters and having efficient computing time. We also show that the Boneh et al.’s identity-based encryption scheme secured in the standard model at EC’04 can be extended to the certificateless setting. Interestingly, the resulting scheme can be comparable with the existing CLE schemes in term of both efficiency and security.

Security Pitfalls of the Certificateless Signature and Multi-Receiver Signcryption Schemes

Shim K. A., Lee Y. L.

Fundamenta Informaticae

2011

Vol. 112, nr 4

365-376

Recently, Xiong et al. and Selvi et al. proposed a certificateless signature scheme secure in the standard model and a certificateless multi-receiver signcryption scheme secure in the random oracle model, respectively. In this paper, we show that they are insecure against malicious-butpassive KGC attacks. More specifically, the former does not achieve unforgeability and the latter does not satisfy confidentiality against type II adversaries.

An Improved Certificateless Signature Scheme Secure in the Standard Model

Xiong H., Qin Z., Li F.

Fundamenta Informaticae

2008

Vol. 88, nr 1-2

193-206

In ASIACCS 2007, Liu et al proposed a certificateless signature scheme which is provably secure in the standard model. However, as we will show in this paper, the proposed scheme is insecure against a malicious-but-passive KGC attack. This implies that the malicious-but-passive KGC, which generates system parameters based on the information of the target user, can forge valid signatures for that signer without being detected. Furthermore, we propose an improved scheme that remedies the weakness of Liu et al’s scheme. The improved scheme can be proven secure against malicious-but-passive KGC attack in the standard model.