• Journal of KIISE:Information Networking
• /
• v.31 no.6
• /
• pp.545-555
• /
• 2004

Proxy signature scheme allow a designated proxy person to sign a message on behalf of the original signer. Partially blind signature scheme allows the signer to insert non-removable common information into his blind signature. Proxy signature and partially blind signature are very important technologies in secure e-commerce. In this paper we propose new proxy signature scheme and ID-based partially blind signature scheme using bilinear pairing. further combining them, we propose a proxy partially blind signature scheme. The security of our schemes relies on the hardness of Computational Diffie-Hellman Problem. If we removing common information form propose ID-based partially blind signature scheme and proxy partially blind signature scheme, then they become variants of ID-based blind signature scheme and proxy blind signature scheme of Zhangs respectively.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.2
• /
• pp.764-785
• /
• 2018

In this paper, we present a new public key encryption scheme with equality test (PKEwET). Compared to other PKEwET schemes, we find that its security can be improved since the proposed scheme is based on non-Abelian factorization problems. To our knowledge, it is the first scheme regarding equality test that can resist quantum algorithm attacks. We show that our scheme is one-way against chosen-ciphertext attacks in the case that the computational Diffie-Hellman problem is hard for a Type-I adversary. It is indistinguishable against chosen-ciphertext attacks in the case that the Decisional Diffie-Hellman problem is hard in the random oracle model for a Type-II adversary. To conclude the paper, we demonstrate that our scheme is more efficient.

• ETRI Journal
• /
• v.38 no.2
• /
• pp.397-404
• /
• 2016

In group-oriented applications, it is often required to verify a group of signatures/messages. The individual verification of signed messages in such applications comes at a high cost in terms of computations and time. To improve computational efficiency and to speed up the verification process, a batch verification technique is a good alternative to individual verification. Such a technique is useful in many real-world applications, such as mail servers, e-commerce, banking transactions, and so on. In this work, we propose a new, efficient identity-based signature (IDS) scheme supporting batch verifications. We prove that the proposed IDS scheme and its various types of batch verifications is tightly related to the Computational Diffie.Hellman problem under a random oracle paradigm. We compare the efficiency of the proposed scheme with related schemes that support batch verifications.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.12 no.3
• /
• pp.49-59
• /
• 2002

As the electronic commerce increases rapidly in the mobile communication, security issues become more important. A suitable authentication and key agreement for the mobile communication environment is a essential condition. Some protocols based on the public key cryptosystem such as Diffie-Hellman, EIGamal etc. were adapted in the mobile communication. But these protocols that are based on the difficult mathematical problem in the algebra, are so slow and have long key-length. Therefore, these have many limitation to apply to the mobile communication. In this paper, we propose an authentication and key agreement protocol based on NTRU to overcome the restriction of the mobile communication environment such as limited sources. low computational fewer, and narrow bandwidth. The proposed protocol is faster than other protocols based on ECC, because of addition and shift operation with small numbers in the truncated polynomial ring. And it is as secure as other existent mathematical problem because it is based on finding the Shortest or Closest Vector Problem(SVP/CVP).

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.46-55
• /
• 2009

We study the problem of searching documents containing each of several keywords (conjunctive keyword search) over encrypted documents. A conjunctive keyword search protocol consists of three entities: a data supplier, a storage system such as database, and a user of storage system. A data supplier uploads encrypted documents on a storage system, and then a user of the storage system searches documents containing each of several keywords. Recently, many schemes on conjunctive keyword search have been suggested in various settings. However, the schemes require high computation cost for the data supplier or user storage. Moreover, up to now, their securities have been proved in the random oracle model. In this paper, we propose efficient conjunctive keyword search schemes over encrypted documents, for which security is proved without using random oracles. The storage of a user and the computational and communication costs of a data supplier in the proposed schemes are constant. The security of the scheme relies only on the hardness of the Decisional Bilinear Diffie-Hellman (DBDH) problem.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.10 no.2
• /
• pp.881-896
• /
• 2016

Certificate-based cryptography is a useful public key cryptographic primitive that combines the merits of traditional public key cryptography and identity-based cryptography. It not only solves the key escrow problem inherent in identity-based cryptography, but also simplifies the cumbersome certificate management problem in traditional public key cryptography. In this paper, by giving a concrete attack, we first show that the certificate-based encryption scheme without bilinear pairings proposed by Yao et al. does not achieve either the chosen-ciphertext security or the weaker chosen-plaintext security. To overcome the security weakness in Yao et al.'s scheme, we propose an enhanced certificate-based encryption scheme that does not use the bilinear pairings. In the random oracle model, we formally prove it to be chosen-ciphertext secure under the computational Diffie-Hellman assumption. The experimental results show that the proposed scheme enjoys obvious advantage in the computation efficiency compared with the previous certificate-based encryption schemes. Without costly pairing operations, it is suitable to be employed on the computation-limited or power-constrained devices.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.9
• /
• pp.4527-4547
• /
• 2018

Signcryption is a cryptographic primitive that provides authentication (signing) and confidentiality (encrypting) simultaneously at a lower computational cost and communication overhead. With the proposition of certificateless public key cryptography (CLPKC), certificateless signcryption (CLSC) scheme has gradually become a research hotspot and attracted extensive attentions. However, many of previous CLSC schemes are constructed based on time-consuming pairing operation, which is impractical for mobile devices with limited computation ability and battery capacity. Although researchers have proposed pairing-free CLSC schemes to solve the issue of efficiency, many of them are in fact still insecure. Therefore, the challenging problem is to keep the balance between efficiency and security in CLSC schemes. In this paper, several existing CLSC schemes are cryptanalyzed and a new CLSC scheme without pairing based on elliptic curve cryptosystem (ECC) is presented. The proposed CLSC scheme is provably secure against indistinguishability under adaptive chosen-ciphertext attack (IND-CCA2) and existential unforgeability under adaptive chosen-message attack (EUF-CMA) resting on Gap Diffie-Hellman (GDH) assumption and discrete logarithm problem in the random oracle model. Furthermore, the proposed scheme resists the ephemeral secret leakage (ESL) attack, public key replacement (PKR) attack, malicious but passive KGC (MPK) attack, and presents efficient computational overhead compared with the existing related CLSC schemes.

• Journal of Communications and Networks
• /
• v.8 no.4
• /
• pp.461-474
• /
• 2006

A group key exchange protocol is a cryptographic primitive that describes how a group of parties communicating over a public network can come up with a common secret key. Due to its significance both in network security and cryptography, the design of secure and efficient group key exchange protocols has attracted many researchers' attention over the years. However, despite all the efforts undertaken, there seems to have been no previous systematic look at the growing problem of key exchange over combined wired and wireless networks which consist of both stationary computers with sufficient computational capabilities and mobile devices with relatively restricted computing resources. In this paper, we present the first group key exchange protocol that is specifically designed to be well suited for this rapidly expanding network environment. Our construction meets simplicity, efficiency, and strong notions of security.

• Journal of Communications and Networks
• /
• v.10 no.1
• /
• pp.10-17
• /
• 2008

In traditional digital signature schemes, certificates signed by a trusted party are required to ensure the authenticity of the public key. In Asiacrypt 2003, the concept of certificateless signature scheme was introduced. The advantage of certificateless public key cryptography successfully eliminates the necessity of certificates in the traditional public key cryptography and simultaneously solves the inherent key escrow problem suffered in identity-based cryptography. Recently, Yap et al. proposed an efficient certificateless signature scheme and claimed that their scheme is existentially unforgeable in the random oracle model. In this paper, we show that the certificateless signature scheme proposed by Yap et al. is insecure against public key replacement attacks. Furthermore, we propose an improved certificateless signature scheme, which is existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model and provide the security proof of the proposed scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.13 no.5
• /
• pp.2718-2731
• /
• 2019

Conjunctive keyword search encryption is an important technique for protecting sensitive data that is outsourced to cloud servers. However, the process of searching outsourced data may facilitate the leakage of sensitive data. Thus, an efficient data search approach with high security is critical. To solve this problem, an efficient conjunctive keyword search scheme based on ciphertext-policy attribute-based encryption is proposed for cloud storage environment. This paper proposes an efficient mechanism for removing the secure channel and resisting off-line keyword-guessing attacks. The storage overhead and the computational complexity are regardless of the number of keywords. This scheme is proved adaptively secure based on the decisional bilinear Diffie-Hellman assumption in the standard model. Finally, the results of theoretical analysis and experimental simulation show that the proposed scheme has advantages in security, storage overhead and efficiency, and it is more suitable for practical applications.