Security Analysis of a Certificateless Signature from Lattices

Security and Communication Networks ◽

10.1155/2017/3413567 ◽

2017 ◽

Vol 2017 ◽

pp. 1-7

Author(s):

Seunghwan Chang ◽

Hyang-Sook Lee ◽

Juhee Lee ◽

Seongan Lim

Keyword(s):

Hash Function ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Strong Type ◽

Security Proof ◽

Forking Lemma ◽

Certificateless Signature ◽

Adversarial Model

Tian and Huang proposed a lattice-based CLS scheme based on the hardness of the SIS problem and proved, in the random oracle model, that the scheme is existentially unforgeable against strong adversaries. Their security proof uses the general forking lemma under the assumption that the underlying hash function H is a random oracle. We show that the hash function in the scheme is neither one-way nor collision-resistant in the view of a strong Type 1 adversary. We point out flaws in the security arguments and present attack algorithms that are successful in the strong Type 1 adversarial model using the weak properties of the hash function.

Download Full-text

Pairing-Free Certificateless Signature with Security Proof

Journal of Computer Networks and Communications ◽

10.1155/2014/792063 ◽

2014 ◽

Vol 2014 ◽

pp. 1-6 ◽

Cited By ~ 3

Author(s):

Wenhao Liu ◽

Qi Xie ◽

Shengbao Wang ◽

Lidong Han ◽

Bin Hu

Keyword(s):

Discrete Logarithm ◽

Random Oracle Model ◽

Bilinear Pairings ◽

Random Oracle ◽

Public Key ◽

Public Key Cryptosystem ◽

Management Problem ◽

Security Proof ◽

Certificateless Public Key Cryptosystem ◽

Certificateless Signature

Since certificateless public key cryptosystem can solve the complex certificate management problem in the traditional public key cryptosystem and the key escrow problem in identity-based cryptosystem and the pairing computation is slower than scalar multiplication over the elliptic curve, how to design certificateless signature (CLS) scheme without bilinear pairings is a challenge. In this paper, we first propose a new pairing-free CLS scheme, and then the security proof is presented in the random oracle model (ROM) under the discrete logarithm assumption. The proposed scheme is more efficient than the previous CLS schemes in terms of computation and communication costs and is more suitable for the applications of low-bandwidth environments.

Download Full-text

HORSIC+: An Efficient Post-Quantum Few-Time Signature Scheme

Applied Sciences ◽

10.3390/app11167350 ◽

2021 ◽

Vol 11 (16) ◽

pp. 7350

Author(s):

Jaeheung Lee ◽

Yongsu Park

Keyword(s):

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Security Level ◽

Signature Scheme ◽

Signature Schemes ◽

Security Proof ◽

Time Signature ◽

Resistant Family ◽

Cryptographic Hash Functions

It is well known that conventional digital signature algorithms such as RSA and ECDSA are vulnerable to quantum computing attacks. Hash-based signature schemes are attractive as post-quantum signature schemes in that it is possible to calculate the quantitative security level and the security is proven. SPHINCS is a stateless hash-based signature scheme and introduces HORST few-time signature scheme which is an improvement of HORS. However, HORST as well as HORS suffers from pretty large signature sizes. HORSIC is proposed to reduce the signature size, yet does not provide in-depth security analysis. In this paper, we propose HORSIC+, which is an improvement of HORSIC. HORSIC+ differs from HORSIC in that HORSIC+ does not apply f as a plain function to the signature key, but uses a member of a function family. In addition, HORSIC+ uses the chaining function similar to W-OTS+. These enable the strict security proof without the need for the used function family to be a permutation or collision resistant. HORSIC+ is existentially unforgeable under chosen message attacks, assuming a second-preimage resistant family of undetectable one-way functions and cryptographic hash functions in the random oracle model. HORSIC+ reduces the signature size by as much as 37.5% or 18.75% compared to HORS and by as much as 61.5% or 45.8% compared to HORST for the same security level.

Download Full-text

Revisiting NIZK-Based Technique for Chosen-Ciphertext Security: Security Analysis and Corrected Proofs

Applied Sciences ◽

10.3390/app11083367 ◽

2021 ◽

Vol 11 (8) ◽

pp. 3367

Author(s):

Youngkyung Lee ◽

Dong Hoon Lee ◽

Jong Hwan Park

Keyword(s):

Recent Work ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Previous Method ◽

Zero Knowledge ◽

Conversion Method ◽

Security Proof ◽

Chosen Ciphertext Security ◽

Proof Strategy

Non-interactive zero-knowledge (NIZK) proofs for chosen-ciphertext security are generally considered to give an impractical construction. An interesting recent work by Seo, Abdalla, Lee, and Park (Information Sciences, July 2019) proposed an efficient semi-generic conversion method for achieving chosen-ciphertext security based on NIZK proofs in the random oracle model. The recent work by Seo et al. demonstrated that the semi-generic conversion method transforms a one-way (OW)-secure key encapsulation mechanism (KEM) into a chosen-ciphertext secure KEM while preserving tight security reduction. This paper shows that the security analysis of the semi-generic conversion method has a flaw, which comes from the OW security condition of the underlying KEM. Without changing the conversion method, this paper presents a revised security proof under the changed conditions that (1) the underlying KEM must be chosen-plaintext secure in terms of indistinguishability and (2) an NIZK proof derived from the underlying KEM via the Fiat–Shamir transform must have the properties of zero-knowledge and simulation soundness. This work extended the security proof strategy to the case of identity-based KEM (IBKEM) and also revise the security proof for IBKEM of previous method by Seo et al. Finally, this work gives a corrected security proof by applying the new proofs to several existing (IB)KEMs.

Download Full-text

A certificateless signature scheme with strong unforgeability in the random oracle model

Journal of Computational Methods in Sciences and Engineering ◽

10.3233/jcm-180823 ◽

2018 ◽

Vol 18 (3) ◽

pp. 715-724

Author(s):

Xia Yang ◽

Xing-Ping Sheng ◽

Mian Zhang

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Signature Scheme ◽

Certificateless Signature ◽

Strong Unforgeability

Download Full-text

An efficient certificateless multi-receiver threshold decryption scheme

RAIRO - Theoretical Informatics and Applications ◽

10.1051/ita/2019001 ◽

2019 ◽

Vol 53 (1-2) ◽

pp. 67-84 ◽

Cited By ~ 1

Author(s):

Ronghai Gao ◽

Jiwen Zeng ◽

Lunzhi Deng

Keyword(s):

Security Analysis ◽

Mobile Network ◽

Random Oracle Model ◽

Bilinear Pairings ◽

Random Oracle ◽

Bilinear Pairing ◽

Public And Private ◽

The Public ◽

Public Keys ◽

Threshold Decryption

Threshold decryption allows only quorum cooperate users to decrypt ciphertext encrypted under a public key. However, such threshold decryption scheme cannot be applied well in this situation where all users have their public and private key pairs, but do not share any private keys corresponding to the public keys, such as mobile network featured with dynamic character. The direct way to achieve threshold decryption in this case is to divide the message into several pieces and then encrypt these pieces with the public keys of different users. However, this is very inefficient. Multireceiver threshold decryption scheme that could be applied efficiently in the above situation. Recently, some certificateless (ID-based) multireceiver threshold decryption (signcryption) schemes are introduced. But the bilinear pairings are used in most of the existing schemes. In this paper, we propose an efficient certificateless threshold decryption scheme using elliptic curve cryptography (ECC) without bilinear pairing. Performance analysis shows that the proposed scheme has lower computation cost than existing some threshold decryption schemes in both encryption and decryption process. Security analysis shows that our scheme is IND-CCA secure, and no one outside of selected receivers can disclose receivers identities, against the adversaries defined in CL-PKC system under the random oracle model.

Download Full-text

An Improved Anonymous Authentication Protocol for Wearable Health Monitoring Systems

Wireless Communications and Mobile Computing ◽

10.1155/2020/5686498 ◽

2020 ◽

Vol 2020 ◽

pp. 1-13

Author(s):

Jiaqing Mo ◽

Wei Shen ◽

Weisheng Pan

Keyword(s):

Health Monitoring ◽

Denial Of Service ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Authentication Protocol ◽

Wireless Channel ◽

Formal Proofs ◽

Insider Attack ◽

Quadratic Residues

Wearable health monitoring system (WHMS), which helps medical professionals to collect patients’ healthcare data and provides diagnosis via mobile devices, has become increasingly popular thanks to the significant advances in the wireless sensor network. Because health data are privacy-related, they should be protected from illegal access when transmitted over a public wireless channel. Recently, Jiang et al. presented a two-factor authentication protocol on quadratic residues with fuzzy verifier for WHMS. However, we observe that their scheme is vulnerable to known session special temporary information (KSSTI) attack, privileged insider attack, and denial-of-service (DoS) attack. To defeat these weaknesses, we propose an improved two-factor authentication and key agreement scheme for WHMS. Through rigorous formal proofs under the random oracle model and comprehensive informal security analysis, we demonstrate that the improved scheme overcomes the disadvantages of Jiang et al.’s protocol and withstands possible known attacks. In addition, comparisons with several relevant protocols show that the proposed scheme achieves more security features and has suitable efficiency. Thus, our scheme is a reasonable authentication solution for WHMS.

Download Full-text

An Efficient Chaotic Map-Based Authentication Scheme with Mutual Anonymity

Applied Computational Intelligence and Soft Computing ◽

10.1155/2016/3916942 ◽

2016 ◽

Vol 2016 ◽

pp. 1-10

Author(s):

Yousheng Zhou ◽

Junfeng Zhou ◽

Feng Wang ◽

Feng Guo

Keyword(s):

Key Management ◽

Chaotic Map ◽

Mutual Authentication ◽

Security Analysis ◽

Random Oracle Model ◽

Random Oracle ◽

Authentication Scheme ◽

Session Key ◽

The Real ◽

Shared Key

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

Download Full-text

Secure and Efficient Certificateless Signature and Blind Signature Scheme from Pairings

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.457-458.1262 ◽

2013 ◽

Vol 457-458 ◽

pp. 1262-1265

Author(s):

Min Qin Chen ◽

Qiao Yan Wen ◽

Zheng Ping Jin ◽

Hua Zhang

Keyword(s):

Random Oracle Model ◽

Public Key Cryptography ◽

Random Oracle ◽

Blind Signature ◽

Public Key ◽

Signature Scheme ◽

Signature Schemes ◽

Diffie Hellman ◽

Identity Based ◽

Certificateless Signature

Based an identity-based signature scheme, we givea certificateless signature scheme. And then we propose a certificateless blind signature (CLBS) scheme in this paper. This schemeis more efficient than those of previous schemes by pre-computing the pairing e (P, P)=g. Based on CL-PKC, it eliminates theusing of certificates in the signature scheme with respect to thetraditional public key cryptography (PKC) and solves key escrowproblems in ID-based signature schemes. Meanwhile it retains themerits of BS schemes. The proposed CLBS scheme is existentialunforgeable in the random oracle model under the intractabilityof the q-Strong Diffie-Hellman problem.

Download Full-text

Advanced Wireless Body Area Network

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.d1953.029420 ◽

2020 ◽

Vol 9 (4) ◽

pp. 3079-3082

Keyword(s):

Service Providers ◽

Wireless Body Area Network ◽

Random Oracle Model ◽

Random Oracle ◽

Area Network ◽

Authentication Protocols ◽

Body Area ◽

Computational Overhead ◽

Security Properties ◽

Certificateless Signature

Wireless Body Area Networks (WBANs) is the most widely used in many fields to overcome the issues identified in various applications. In general, various authentication protocols are utilized with a novel certificateless signature (CLS) scheme, which is computational, efficient, and provably secure against existential forgery on adaptively chosen message attack in the random oracle model. Also, the proposed designs ensure that application or service providers have no privilege to disclose the real identities of users. Even the network manager, which serves as private key generator in the authentication protocols, is prevented from impersonating legitimate users. The performance of our designs is evaluated through both theoretic analysis and experimental simulations, and the comparative studies demonstrate that they outperform the existing schemes in terms of better trade-off between desirable security properties and computational overhead, nicely meeting the needs of WBANs.

Download Full-text

Efficient Certificateless Conditional Privacy-Preserving Authentication Scheme in VANETs

Mobile Information Systems ◽

10.1155/2019/7593138 ◽

2019 ◽

Vol 2019 ◽

pp. 1-19 ◽

Cited By ~ 12

Author(s):

Yang Ming ◽

Hongliang Cheng

Keyword(s):

Traffic Safety ◽

Vehicular Ad Hoc Networks ◽

Ad Hoc ◽

Security Analysis ◽

Real Life ◽

Random Oracle Model ◽

Random Oracle ◽

Privacy Preserving ◽

Bilinear Pairing ◽

Security And Privacy

Vehicular ad hoc networks (VANETs) are an increasing important paradigm for greatly enhancing roadway system efficiency and traffic safety. To widely deploy VANETs in real life, it is critical to deal with the security and privacy issues in VANETs. In this paper, we propose a certificateless conditional privacy preserving authentication (CCPPA) scheme based on certificateless cryptography and elliptic curve cryptography for secure vehicle-to-infrastructure communication in VANETs. In the proposed scheme, a roadside unit (RSU) can simultaneously verify plenty of received messages such that the total verification time may be sharply decreased. Furthermore, the security analysis indicates that the proposed scheme is provably secure in the random oracle model and fulfills all the requirements on security and privacy. To further improve efficiency, both map-to-point hash operation and bilinear pairing operation are not employed. Compared with previous CCPPA schemes, the proposed scheme prominently cuts down computation delay of message signing and verification by 66.9%–85.5% and 91.8%–93.4%, respectively, and reduces communication cost by 44.4%. Extensive simulations show that the proposed scheme is practicable and achieves prominent performances of very little average message delay and average message loss ratio and thus is appropriate for realistic applications.

Download Full-text