Efficient and Provable Secure Pairing-Free Security-Mediated Identity-Based Identification Schemes

Security-mediated cryptography was first introduced by Boneh et al. in 2001. The main motivation behind security-mediated cryptography was the capability to allow instant revocation of a user’s secret key by necessitating the cooperation of a security mediator in any given transaction. Subsequently in 2003, Boneh et al. showed how to convert a RSA-based security-mediated encryption scheme from a traditional public key setting to an identity-based one, where certificates would no longer be required. Following these two pioneering papers, other cryptographic primitives that utilize a security-mediated approach began to surface. However, the security-mediated identity-based identification scheme (SM-IBI) was not introduced until Chin et al. in 2013 with a scheme built on bilinear pairings. In this paper, we improve on the efficiency results for SM-IBI schemes by proposing two schemes that are pairing-free and are based on well-studied complexity assumptions: the RSA and discrete logarithm assumptions.

Download Full-text

Identity-Based Key Exchange on In-Vehicle Networks: CAN-FD & FlexRay

Sensors ◽

10.3390/s19224919 ◽

2019 ◽

Vol 19 (22) ◽

pp. 4919

Author(s):

Bogdan Groza ◽

Pal-Stefan Murvay

Keyword(s):

Bilinear Pairings ◽

Group Extension ◽

Key Exchange ◽

Area Network ◽

Secret Key ◽

Cryptographic Primitives ◽

Diffie Hellman ◽

Vehicle Networks ◽

Identity Based ◽

Diffie Hellman Key Exchange

Security has become critical for in-vehicle networks as they carry safety-critical data from various components, e.g., sensors or actuators, and current research proposals were quick to react with cryptographic protocols designed for in-vehicle buses, e.g., CAN (Controller Area Network). Obviously, the majority of existing proposals are built on cryptographic primitives that rely on a secret shared key. However, how to share such a secret key is less obvious due to numerous practical constraints. In this work, we explore in a comparative manner several approaches based on a group extension of the Diffie–Hellman key-exchange protocol and identity-based authenticated key agreements. We discuss approaches based on conventional signatures and identity-based signatures, garnering advantages from bilinear pairings that open road to several well-known cryptographic constructions: short signatures, the tripartite Diffie–Hellman key exchange and identity-based signatures or key exchanges. Pairing-based cryptographic primitives do not come computationally cheap, but they offer more flexibility that leads to constructive advantages. To further improve on performance, we also account for pairing-free identity-based key exchange protocols that do not require expensive pairing operations nor explicit signing of the key material. We present both computational results on automotive-grade controllers as well as bandwidth simulations with industry-standard tools, i.e., CANoe, on modern in-vehicle buses CAN-FD and FlexRay.

Download Full-text

Identity-Based Identification Scheme without Trusted Party against Concurrent Attacks

Security and Communication Networks ◽

10.1155/2020/8820271 ◽

2020 ◽

Vol 2020 ◽

pp. 1-9

Author(s):

Fei Tang ◽

Jiali Bao ◽

Yonghong Huang ◽

Dong Huang ◽

Fuqun Wang

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Bilinear Pairing ◽

Key Generation ◽

Secret Key ◽

Key Escrow ◽

Identification Scheme ◽

Identification Schemes ◽

Secret Keys ◽

Identity Based

Identification schemes support that a prover who holding a secret key to prove itself to any verifier who holding the corresponding public key. In traditional identity-based identification schemes, there is a key generation center to generate all users’ secret keys. This means that the key generation center knows all users’ secret key, which brings the key escrow problem. To resolve this problem, in this work, we define the model of identity-based identification without a trusted party. Then, we propose a multi-authority identity-based identification scheme based on bilinear pairing. Furthermore, we prove the security of the proposed scheme in the random oracle model against impersonation under passive and concurrent attacks. Finally, we give an application of the proposed identity-based identification scheme to blockchain.

Download Full-text

A CUBIC EL-GAMAL ENCRYPTION SCHEME BASED ON LUCAS SEQUENCE AND ELLIPTIC CURVE

Advances in Mathematics: Scientific Journal ◽

10.37418/amsj.10.11.5 ◽

2021 ◽

Vol 10 (11) ◽

pp. 3439-3447

Author(s):

T. J. Wong ◽

L. F. Koo ◽

F. H. Naning ◽

A. F. N. Rasedee ◽

M. M. Magiman ◽

...

Keyword(s):

Elliptic Curve ◽

Elliptic Curve Cryptography ◽

Mathematical Problem ◽

Public Key ◽

Public Key Cryptosystem ◽

Encryption Scheme ◽

Secret Key ◽

Chosen Plaintext Attack ◽

The Public ◽

Lucas Sequence

The public key cryptosystem is fundamental in safeguard communication in cyberspace. This paper described a new cryptosystem analogous to El-Gamal encryption scheme, which utilizing the Lucas sequence and Elliptic Curve. Similar to Elliptic Curve Cryptography (ECC) and Rivest-Shamir-Adleman (RSA), the proposed cryptosystem requires a precise hard mathematical problem as the essential part of security strength. The chosen plaintext attack (CPA) was employed to investigate the security of this cryptosystem. The result shows that the system is vulnerable against the CPA when the sender decrypts a plaintext with modified public key, where the cryptanalyst able to break the security of the proposed cryptosystem by recovering the plaintext even without knowing the secret key from either the sender or receiver.

Download Full-text

Pairing-Free Certificateless Signature with Security Proof

Journal of Computer Networks and Communications ◽

10.1155/2014/792063 ◽

2014 ◽

Vol 2014 ◽

pp. 1-6 ◽

Cited By ~ 3

Author(s):

Wenhao Liu ◽

Qi Xie ◽

Shengbao Wang ◽

Lidong Han ◽

Bin Hu

Keyword(s):

Discrete Logarithm ◽

Random Oracle Model ◽

Bilinear Pairings ◽

Random Oracle ◽

Public Key ◽

Public Key Cryptosystem ◽

Management Problem ◽

Security Proof ◽

Certificateless Public Key Cryptosystem ◽

Certificateless Signature

Since certificateless public key cryptosystem can solve the complex certificate management problem in the traditional public key cryptosystem and the key escrow problem in identity-based cryptosystem and the pairing computation is slower than scalar multiplication over the elliptic curve, how to design certificateless signature (CLS) scheme without bilinear pairings is a challenge. In this paper, we first propose a new pairing-free CLS scheme, and then the security proof is presented in the random oracle model (ROM) under the discrete logarithm assumption. The proposed scheme is more efficient than the previous CLS schemes in terms of computation and communication costs and is more suitable for the applications of low-bandwidth environments.

Download Full-text

polarRLCE: A New Code-Based Cryptosystem Using Polar Codes

Security and Communication Networks ◽

10.1155/2019/3086975 ◽

2019 ◽

Vol 2019 ◽

pp. 1-10

Author(s):

Jingang Liu ◽

Yongge Wang ◽

Zongxiang Yi ◽

Zhiqiang Lin

Keyword(s):

Coding Theory ◽

Public Key ◽

Security Level ◽

Polar Codes ◽

Encryption Scheme ◽

Cryptographic Primitives ◽

The Public ◽

Security Challenges ◽

High Security Level ◽

Code Based Cryptography

Security challenges brought about by the upcoming 5G era should be taken seriously. Code-based cryptography leverages difficult problems in coding theory and is one of the main techniques enabling cryptographic primitives in the postquantum scenario. In this work, we propose the first efficient secure scheme based on polar codes (i.e., polarRLCE) which is inspired by the RLCE scheme, a candidate for the NIST postquantum cryptography standardization in the first round. In addition to avoiding some weaknesses of the RLCE scheme, we show that, with the proper choice of parameters, using polar codes, it is possible to design an encryption scheme to achieve the intended security level while retaining a reasonably small public key size. In addition, we also present a KEM version of the polarRLCE scheme that can attain a negligible decryption failure rate within the corresponding security parameters. It is shown that our proposal enjoys an apparent advantage to decrease the public key size, especially on the high-security level.

Download Full-text

Twin-Schnorr: A Security Upgrade for the Schnorr Identity-Based Identification Scheme

The Scientific World JOURNAL ◽

10.1155/2015/237514 ◽

2015 ◽

Vol 2015 ◽

pp. 1-9 ◽

Cited By ~ 3

Author(s):

Ji-Jian Chin ◽

Syh-Yuan Tan ◽

Swee-Huay Heng ◽

Raphael Chung-Wei Phan

Keyword(s):

Recent Literature ◽

Discrete Logarithm ◽

Identification Scheme ◽

Operation Costs ◽

Operational Costs ◽

Interactive Nature ◽

Identity Based ◽

Schnorr Signature ◽

The One ◽

Security Guarantees

Most identity-based identification (IBI) schemes proposed in recent literature are built using pairing operations. This decreases efficiency due to the high operation costs of pairings. Furthermore, most of these IBI schemes are proven to be secure against impersonation under active and concurrent attacks using interactive assumptions such as the one-more RSA inversion assumption or the one-more discrete logarithm assumption, translating to weaker security guarantees due to the interactive nature of these assumptions. The Schnorr-IBI scheme was first proposed through the Kurosawa-Heng transformation from the Schnorr signature. It remains one of the fastest yet most secure IBI schemes under impersonation against passive attacks due to its pairing-free design. However, when required to be secure against impersonators under active and concurrent attacks, it deteriorates greatly in terms of efficiency due to the protocol having to be repeated multiple times. In this paper, we upgrade the Schnorr-IBI scheme to be secure against impersonation under active and concurrent attacks using only the classical discrete logarithm assumption. This translates to a higher degree of security guarantee with only some minor increments in operational costs. Furthermore, because the scheme operates without pairings, it still retains its efficiency and superiority when compared to other pairing-based IBI schemes.

Download Full-text

Certificateless Public Key Encryption Scheme with Hybrid Problems and Its Application to Internet of Things

Mathematical Problems in Engineering ◽

10.1155/2014/980274 ◽

2014 ◽

Vol 2014 ◽

pp. 1-9 ◽

Cited By ~ 5

Author(s):

Rui Guo ◽

Qiaoyan Wen ◽

Huixian Shi ◽

Zhengping Jin ◽

Hua Zhang

Keyword(s):

Internet Of Things ◽

Public Key Cryptography ◽

Public Key ◽

Encryption Scheme ◽

Public Key Encryption ◽

Certificateless Cryptography ◽

Diffie Hellman ◽

Identity Based ◽

Certificate Management ◽

Certificateless Public Key Encryption

Certificateless cryptography aims at combining the advantages of public key cryptography and identity based cryptography to avoid the certificate management and the key escrow problem. In this paper, we present a novel certificateless public key encryption scheme on the elliptic curve over the ring, whose security is based on the hardness assumption of Bilinear Diffie-Hellman problem and factoring the large number as in an RSA protocol. Moreover, since our scheme requires only one pairing operation in decryption, it is significantly more efficient than other related schemes. In addition, based on our encryption system, we also propose a protocol to protect the confidentiality and integrity of information in the scenario of Internet of Things with constrained resource nodes.

Download Full-text

Private Predicate Encryption for Inner Product from Key-Homomorphic Pseudorandom Function

Security and Communication Networks ◽

10.1155/2021/6678194 ◽

2021 ◽

Vol 2021 ◽

pp. 1-12

Author(s):

Yi-Fan Tseng ◽

Zi-Yuan Liu ◽

Jen-Chieh Hsu ◽

Raylin Tso

Keyword(s):

Discrete Logarithm ◽

Public Key ◽

Inner Product ◽

Sensitive Information ◽

Public Key Encryption ◽

Secret Key ◽

New Paradigm ◽

Generic Construction ◽

Predicate Encryption ◽

Pseudorandom Function

Predicate encryption (PE), formalized by Katz et al., is a new paradigm of public-key encryption that conceptually captures the public-key encryption that supports fine-grained access control policy. Because of the nature of PE, it is used for cloud storage so that users can retrieve encrypted data without revealing any information about the data to cloud servers and other users. Although lots of PE schemes have been studied, the predicate-hiding security is seldom considered; that is, the user’s secret key may leak sensitive information of the predicate. Additionally, the security of the current predicate-hiding PE schemes relies on the discrete logarithm assumption which cannot resist the quantum attacks in the future. In this paper, we propose a generic PE for inner product under symmetric-key setting, called private IPE, from specific key-homomorphic pseudorandom function (PRF). The rigorous proofs are provided to show that the construction is payload-hiding, attribute-hiding, and predicate-hiding secure. With the advantage of the generic construction, if the underlying PRF can resist quantum attacks, then, through our proposed generic construction, a quantum-resistant private IPE can be obtained.

Download Full-text

Correction to: Identity-based Multi-Recipient Public Key Encryption Scheme and Its Application in IoT

Mobile Networks and Applications ◽

10.1007/s11036-020-01512-8 ◽

2020 ◽

Author(s):

Jing Li ◽

Xiangyan Tang ◽

Zhijun Wei ◽

Yu Wang ◽

Wenbin Chen ◽

...

Keyword(s):

Public Key ◽

Encryption Scheme ◽

Public Key Encryption ◽

Identity Based

Download Full-text

Pairing-Free Identity-Based Encryption with Authorized Equality Test in Online Social Networks

International Journal of Foundations of Computer Science ◽

10.1142/s0129054119400185 ◽

2019 ◽

Vol 30 (04) ◽

pp. 647-664

Author(s):

Libing Wu ◽

Yubo Zhang ◽

Kim-Kwang Raymond Choo ◽

Debiao He

Keyword(s):

Social Networking ◽

Online Social Networks ◽

Keyword Search ◽

Public Key ◽

Encryption Scheme ◽

Public Key Encryption ◽

Identity Based Encryption ◽

Identity Based ◽

Equality Test ◽

Chosen Ciphertext Attack

Online social networking applications have become more and more popular in the advance of the technological age. Much of our personal information has been disclosed in social networking activities and privacy-preserving still remains a research challenge in social network. Public key encryption scheme with equality test(PKEET), which is an extension of public key encryption with keyword search (PEKS), seems to be a solution. PKEET enables the tester to check whether two given ciphertexts are derived from the same plaintext. Recently, Zhu et al. proposed a pairing-free public key encryption scheme with equality test based on the traditional public key cryptosystem. However, it suffers from certificates management issue. In this paper, we propose a pairing-free identity-based encryption scheme with authorized equality test(PF-IBEAET). The PF-IBEAET scheme also provides fine-grained authorizations. We prove that the scheme is one way secure against chosen identity and chosen ciphertext attack (OW-ID-CCA) and indistinguishable against chosen-identity and chosen-ciphertext attack (IND-ID-CCA) in the random oracle model (ROM). Performance analysis shows that the scheme achieves a better performance than similar schemes.

Download Full-text