KSII Transactions on Internet and Information Systems (TIIS)

  • 제11권7호
  • /
  • Pages.3629-3647
  • /
  • 2017
  • /
  • 1976-7277(pISSN)
  • /
  • 1976-7277(eISSN)
한국인터넷정보학회 (Korean Society for Internet Information)
권호 표지
DOI QR코드

DOI QR Code

New Construction of Short Certificate-Based Signature against Existential Forgery Attacks

  • Lu, Yang (College of Computer and Information, Hohai University) ;
  • Wang, Gang (College of Computer and Information, Hohai University) ;
  • Li, Jiguo (College of Computer and Information, Hohai University) ;
  • Shen, Jian (School of Computer and Software, Nanjing University of Information Science and Technology)
  • 투고 : 2017.01.09
  • 심사 : 2017.04.17
  • 발행 : 2017.07.31
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

Certificate-based cryptography is a useful public key cryptographic primitive that combines the merits of traditional public key cryptography and identity-based cryptography. It not only solves the key escrow problem inherent in identity-based cryptography, but also simplifies the cumbersome certificate management problem in traditional public key cryptography. So far, four short certificate-based signature schemes have been proposed. However, three of them fail in achieving the existential unforgeability under adaptive chosen-message attacks and the remaining one was not constructed in the normal framework of certificate-based signature. In this paper, we put forward a new short certificate-based signature scheme. The proposed scheme is devised in the normal framework of certificate-based signature and overcomes the security weaknesses in the previous short certificate-based signature schemes. In the random oracle model, we formally prove that it achieves the existential unforgeability against adaptive chosen-message attacks. Performance comparison shows that it is efficient and practical.

키워드

참고문헌

  1. A. Shamir, "Identity-based cryptosystems and signature schemes," in Proc. of Crypto 1984, pp. 47-53, August 19-22, 1984.
  2. S. S. Al-Riyami and K. G. Paterson, "Certificateless public key cryptography," in Proc. of Asiacrypt 2003, pp. 452-473, November 30-December 4, 2003.
  3. C. Gentry, "Certificate-based encryption and the certificate revocation problem," in Proc. of Eurocrypt 2003, pp. 272-293, May 4-8, 2003.
  4. D. Boneh and M. Franklin, "Identity-based encryption from the Weil pairing," in Proc. of Crypto 2001, pp. 213-229, August 19-23, 2001.
  5. D.H. Yum and P.J. Lee, "Identity-based cryptography in public key management," in Proc. of EuroPKI 2004, pp.71-84, June 25-26, 2004.
  6. D. Galindo, P. Morillo and C. Rafols, "Breaking Yum and Lee generic constructions of certificateless and certificate-based encryption schemes," in Proc. of EuroPKI 2006, pp.81-91, June 19-20, 2006.
  7. S.S. Al-Riyami and K.G. Paterson, "CBE from CL-PKE: a generic construction and efficient schemes," in Proc. of PKC 2005, pp. 398-415, January 23-26, 2005.
  8. B.G. Kang and J.H. Park, "Is it possible to have CBE from CL-PKE?" Cryptology ePrint Archive, Report 2005/431.
  9. W. Wu, Y. Mu, W. Susilo, X. Huang and L. Xu, "A provably secure construction of certificate-based encryption from certificateless encryption," The Computer Journal, vol. 55, no. 10, pp. 1157-1168, January, 2012. https://doi.org/10.1093/comjnl/bxr130
  10. D. Galindo, P. Morillo and C. Rafols, "Improved certificate-based encryption in the standard model," Journal of Systems and Software, vol. 81, no. 7, pp. 1218-1226, July, 2008. https://doi.org/10.1016/j.jss.2007.09.009
  11. B. Waters, "Efficient identity-based encryption without random oracles," in Proc. of Eurocrypt 2005, pp. 114-127, May 22-26, 2005.
  12. D. Boneh and X. Boyen, "Efficient selective-id secure identity based encryption without random oracles," in Proc. of Eurocrypt 2004, pp. 223-238, May 2-6, 2004.
  13. J. K. Liu and J. Zhou, "Efficient certificate-based encryption in the standard model," in Proc. of SCN 2008, pp. 144-155, September 10-12, 2008.
  14. Y. Lu and J. Li, "Efficient construction of certificate-based encryption secure against public key replacement attacks in the standard model," Journal of Information Science and Engineering, vol. 30, no. 5, pp. 1553-1568, September, 2014.
  15. Q. Yu, J. Li and Y. Zhang, "Leakage-resilient certificate-based encryption," Security and Communication Networks, vol. 8, no, 18, pp. 3346-3355, May, 2015. https://doi.org/10.1002/sec.1258
  16. Y. Lu and Q. Zhang, "Enhanced certificate-based encryption scheme without bilinear pairings," KSII Transactions on Internet and Information Systems, vol. 10, no. 2, pp. 881-896, February, 2016. https://doi.org/10.3837/tiis.2016.02.024
  17. Q. Yu, J. Li, Y. Zhang, W. Wu, X. Huang and Y. Xiang, "Certificate-based encryption resilient to key leakage," Journal of Systems and Software, vol. 116, pp. 101-112, June, 2016. https://doi.org/10.1016/j.jss.2015.05.066
  18. J. Li, Y. Guo, Q. Yu, Y. Lu, Y. Zhang and F. Zhang, "Continuous leakage-resilient certificate-based encryption," Information Sciences, vol. 355-356, pp. 1-14, August, 2016. https://doi.org/10.1016/j.ins.2016.03.032
  19. Y. Lu and J. Li, "A provably secure certificate-based encryption scheme secure against malicious CA attacks in the standard model," Information Sciences, vol. 372, pp. 745-757, December, 2016. https://doi.org/10.1016/j.ins.2016.08.082
  20. C. Sur, C. D. Jung and K. H. Rhee, "Multi-receiver certificate-based encryption and application to public key broadcast encryption," in Proc. of 2007 ECSIS Symposium on Bio-inspired, Learning, and Intelligent Systems for Security, pp. 35-40, August 4-6, 2007.
  21. L. Wang, J. Shao, Z. Cao, M. Mambo and A. Yamamura, "A certificate-based proxy cryptosystem with revocable proxy decryption power," in Proc. of Indocrypt 2007, pp. 297-311, December 9-13, 2007.
  22. Y. Lu and J. Li, "A pairing-free certificate-based proxy re-encryption scheme for secure data sharing in public clouds," Future Generation Computer Systems, vol. 62, pp. 140-147, September, 2016. https://doi.org/10.1016/j.future.2015.11.012
  23. B. G. Kang, J. H. Park and S. G. Hahn, "A certificate-based signature scheme," in Proc. of Topics in Cryptology - CT-RSA 2004, pp. 99-111, February 23-27, 2004.
  24. J. Li, X. Huang, Y. Mu, W. Susilo and Q. Wu, "Certificate-based signature: security model and efficient construction," in Proc. of EuroPKI 2007, pp. 110-125, June 28-30, 2007.
  25. J. Li, X. Huang, Y. Mu, W. Susilo and Q. Wu, "Constructions of certificate-based signature secure against key replacement attacks," Journal of Computer Security, vol. 18, no. 3, pp. 421-449, August, 2010. https://doi.org/10.3233/JCS-2009-0366
  26. J. K. Liu, J. Baek, W. Susilo, and J. Zhou, "Certificate based signature schemes without pairings or random oracles," in Proc. of ISC 2008, pp. 285-297, September 15-18, 2008.
  27. J. Zhang, "On the security of a certificate-based signature scheme and its improvement with pairings," in Proc. of ISPEC 2009, pp. 47-58, April 13-15, 2009.
  28. W. Wu, Y. Mu, W. Susilo, X. Huang, "Certificate-based signatures, revisited," Journal of Universal Computer Science, vol. 15, no. 8, pp. 1659-1684, April, 2009.
  29. J.K. Liu, F. Bao and J. Zhou, "Short and efficient certificate-based signature," in Proc. of Networking 2011 Workshops, pp. 167-178, May 13, 2011.
  30. J. Li, X. Huang, Y. Zhang and L. Xu, "An Efficient short certificate-based signature scheme," Journal of Systems and Software, vol. 85, no. 2, pp. 314-322, February, 2012. https://doi.org/10.1016/j.jss.2011.08.014
  31. Y.H. Hung, S.S. Huang and Y.M. Tseng, "A short certificate-based signature scheme with provable security," Information Technology and Control, vol. 45, no. 3, pp. 243-253, March, 2016.
  32. J. Li, Z. Wang and Y. Zhang, "Provably secure certificate-based signature scheme without pairings," Information Science, vol. 233, pp. 313-320, June, 2013. https://doi.org/10.1016/j.ins.2013.01.013
  33. Y. Lu and J. Li, "An improved certificate-based signature scheme without random oracles," IET Information Security, vol. 10, no. 2, pp. 80-86, February, 2016. https://doi.org/10.1049/iet-ifs.2015.0188
  34. M.H. Au, J.K. Liu, W. Susilo and T.H. Yuen, "Certificate based (linkable) ring signature," in Proc. of ISPEC 2007, pp. 79-92, May 7 - 10, 2007.
  35. J. K. Liu, J. Baek and J. Zhou, "Certificate-based sequential aggregate signature," in Proc. of the 2nd ACM Conference on Wireless Network Security, pp. 21-28, March 16 - 19, 2009.
  36. J. Li, H. Du and Y. Zhang, "Certificate-based key-insulated signature in the standard model," The Computer Journal, vol. 59, no. 7 pp. 1028-1039, July, 2016. https://doi.org/10.1093/comjnl/bxv115
  37. K. Barr and K. Asanovic, "Energy-aware lossless data compression," ACM Transactions on Computer Systems, vol. 24, no. 3, pp. 250-291, August, 2006. https://doi.org/10.1145/1151690.1151692
  38. D. Boneh, B. Lynn and H. Shacham, "Short signatures from the Weil pairing," in Proc. of Asiacrypt 2001, pp. 514-533, December 9-13, 2001.
  39. D. Boneh and X. Boyen, "Short signatures without random oracles," in Proc. of Eurocrypt 2004, pp.56-73, May 2-6, 2004.
  40. F. Zhang, R. Safavi-Naini and W. Susilo, "An efficient signature scheme from bilinear pairings and its applications," in Proc. of PKC 2004, pp. 277-290, March 1-4, 2004.
  41. X. Huang, W. Susilo, Y. Mu and F. Zhang, "Short designated verifier signature scheme and its identity-based variant," International Journal of Network Security, vol. 6, no. 1, pp. 82-93, January, 2008.
  42. L. Zhang, Y. Hu and Q. Wu, "New identity-based short signature without random oracles," Procedia Engineering, vol. 15, pp. 3445-3449, 2011. https://doi.org/10.1016/j.proeng.2011.08.645
  43. X. Huang, Y. Mu, W. Susilo, D.S. Wong and W. Wu, "Certificateless signature revisited," in Proc. of ACISP 2007, pp. 308-322, July 2-4, 2007.
  44. R. Tso, X. Yi and X. Huang, "Efficient and short certificateless signatures secure against realistic adversaries," Journal of Supercomputing, vol. 55, no. 2, pp. 173-191, February, 2011. https://doi.org/10.1007/s11227-010-0427-x
  45. R. Tso, X. Huang and W. Susilo, "Strongly secure short certificateless signatures," Journal of Systems and Software, vol. 85, no. 6, pp. 1409-1417, June, 2012. https://doi.org/10.1016/j.jss.2012.01.016
  46. L. Cheng, Y. Xiao and G. Wang, "Cryptanalysis of a certificate-based on signature scheme," Procedia Engineering, vol. 29, no. 4, pp. 2821-2825, February, 2012. https://doi.org/10.1016/j.proeng.2012.01.397
  47. M. Bellare and P. Rogaway, "Random oracles are practical: a paradigm for designing efficient protocols," in Proc. of ACMCCS 1993, pp. 62-73, November 3-5, 1993.
  48. R. Canetti, O. Goldreich and S. Halevi, "The random oracle methodology, revisited," Journal of ACM, vol. 51, no. 4, pp. 209-218, July, 2004.
  49. S. Mitsunari, R. Sakai and M. Kasahara, "A new traitor tracing," IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, vol. E85-A, no.2, pp. 481-484, February, 2002.
  50. B. Lynn, "PBC library: The pairing-based cryptography library," http://crypto.stanford.edu/pbc/.