Strongly Unforgeable Certificateless Signature Resisting Attacks from Malicious-But-Passive KGC

In digital signature, strong unforgeability requires that an attacker cannot forge a new signature on any previously signed/new messages, which is attractive in both theory and practice. Recently, a strongly unforgeable certificateless signature (CLS) scheme without random oracles was presented. In this paper, we firstly show that the scheme fails to achieve strong unforgeability by forging a new signature on a previously signed message under its adversarial model. Then, we point out that the scheme is also vulnerable to the malicious-but-passive key generation center (MKGC) attacks. Finally, we propose an improved strongly unforgeable CLS scheme in the standard model. The improved scheme not only meets the requirement of strong unforgeability but also withstands the MKGC attacks. To the best of our knowledge, we are the first to prove a CLS scheme to be strongly unforgeable against the MKGC attacks without using random oracles.

Download Full-text

Secure Certificateless Signature with Revocation in the Standard Model

Mathematical Problems in Engineering ◽

10.1155/2014/728591 ◽

2014 ◽

Vol 2014 ◽

pp. 1-16 ◽

Cited By ~ 5

Author(s):

Tung-Tso Tsai ◽

Sen-Shan Huang ◽

Yuh-Min Tseng

Keyword(s):

Standard Model ◽

Public Key Cryptography ◽

Public Key ◽

Key Generation ◽

Security Model ◽

Certificateless Public Key Cryptography ◽

Random Oracles ◽

Diffie Hellman ◽

The Standard Model ◽

Certificateless Signature

Certificateless public key cryptography is very attractive in solving the key escrow problem which is inherent in identity- (ID-) based public key cryptography. In the past, a large number of certificateless cryptographic schemes and protocols were presented, but a secure certificateless signature in the standard model (without random oracles) is still not accessible until now. To the best of our knowledge, all the previously proposed certificateless signature schemes were insecure under a considerably strong security model in the sense that they suffered from outsiders’ key replacement attacks or the attacks from the key generation center (KGC). In this paper, we propose a certificateless signature scheme without random oracles. Moreover, our scheme is secure under the strong security model and provides a public revocation mechanism, called revocable certificateless signature (RCLS). Under the standard computational Diffie-Hellman assumption, we formally demonstrate that our scheme possesses existential unforgeability against adaptive chosen-message attacks.

Download Full-text

Key Replacement Attack on Two Certificateless Signature Schemes without Random Oracles

Key Engineering Materials ◽

10.4028/www.scientific.net/kem.439-440.1606 ◽

2010 ◽

Vol 439-440 ◽

pp. 1606-1611 ◽

Cited By ~ 15

Author(s):

Qi Xia ◽

Chun Xiang Xu ◽

Yong Yu

Keyword(s):

Standard Model ◽

Public Key ◽

Signature Scheme ◽

Signature Schemes ◽

The Public ◽

Random Oracles ◽

The Standard Model ◽

Replacement Attack ◽

Certificateless Signature

Liu et al. proposed the first certificateless signature scheme without random oracles in 2007. However, Xiong et al. showed that Liu et al.'s scheme is insecure against a malicious-but-passive KGC attack and proposed an improved scheme. In ISA 2009, Yuan et al. also proposed a new certificateless signature scheme without random oracles. Although they claimed that the two schemes are secure in the standard model, this paper shows that both Xiong et al.'s improved scheme and Yuan et al.'s new scheme are vulnerable to key replacement attack, where an adversary, obtaining a signature on a message and replacing the public key of a signer, can forge valid signatures on the same message under the replaced public key. We also give the corresponding modifications of the two schemes to resist key replacement attack.

Download Full-text

A Fuzzy Identity-Based Signature Scheme from Lattices in the Standard Model

Mathematical Problems in Engineering ◽

10.1155/2014/391276 ◽

2014 ◽

Vol 2014 ◽

pp. 1-10 ◽

Cited By ~ 1

Author(s):

Chunli Yang ◽

Shihui Zheng ◽

Licheng Wang ◽

Miaomiao Tian ◽

Lize Gu ◽

...

Keyword(s):

Standard Model ◽

Secret Key ◽

Random Oracles ◽

Sharing Scheme ◽

The Standard Model ◽

Identity Based ◽

Shamir Secret Sharing Scheme ◽

Fuzzy Identity ◽

Shamir Secret Sharing ◽

Strong Unforgeability

A fuzzy identity-based signature (FIBS) scheme allows a user with identityIDto issue a signature that could be verified with identityID'if and only ifIDandID'lie within a certain distance. To obtain an FIBS scheme that can resist known quantum attacks, we use the double-trapdoor technique from ABB10a for secret key extracting and the vanishing trapdoor technique from Boyen10 for message signing. In addition, in order to reflect the functionality of fuzziness, Shamir secret sharing scheme is also used in our construction. In this paper, we propose an FIBS scheme from lattices and prove that this new scheme achieves strong unforgeability under selective chosen-identity and adaptive chosen-message attacks (SU-sID-CMA) in the standard model. To the best of our knowledge, our scheme is not only the first FIBS scheme from lattices without random oracles but also the first FIBS scheme that achieves strong unforgeability.

Download Full-text

Certificateless Signature with Strong Unforgeability in the Standard Model

Informatica ◽

10.15388/informatica.2015.70 ◽

2015 ◽

Vol 26 (4) ◽

pp. 663-684 ◽

Cited By ~ 8

Author(s):

Ying-Hao Hung ◽

Sen-Shan Huang ◽

Yuh-Min Tseng ◽

Tung-Tso Tsai

Keyword(s):

Standard Model ◽

The Standard Model ◽

Certificateless Signature ◽

Strong Unforgeability

Download Full-text

Strong Designated Verifier Signature Scheme with Undeniability and Strong Unforgeability in the Standard Model

Applied Sciences ◽

10.3390/app9102062 ◽

2019 ◽

Vol 9 (10) ◽

pp. 2062

Author(s):

Xiaodong Yang ◽

Guilan Chen ◽

Ting Li ◽

Rui Liu ◽

Meiding Wang ◽

...

Keyword(s):

Standard Model ◽

Signature Scheme ◽

Signature Schemes ◽

Private Key ◽

Random Oracles ◽

Computational Overhead ◽

The Standard Model ◽

Designated Verifier ◽

Designated Verifier Signature ◽

Strong Unforgeability

Strong designated verifier signature can provide an efficient way to protect the identity privacy of the signer and the integrity of the data transmitted over the public channel. These characteristics make it very useful in outsourcing computing, electronic voting, electronic bidding, electronic auction and other fields. However, most strong designated verifier signature schemes are unable to identify the real signature generator when the signer and the designated verifier dispute a signature. In addition, the existing strong designated verifier signature schemes in the standard model rarely satisfy strong unforgeability, and thus cannot prevent the attacker from forging a valid signature on any previously signed message. Therefore, designing a strong designated verifier signature scheme without random oracles that satisfies strong unforgeability and undeniability is very attractive in both practice and theory. Motivated by these concerns, we design the first undeniable strong designated verifier signature scheme without random oracles, in which the arbiter can independently perform the judgment procedure to prove whether a controversial signature is generated by the signer or the designated verifier. Under standard assumptions, the scheme is proved to be strongly unforgeable in standard model. Furthermore, it not only achieves non-transferability and privacy of the signer’s identity but also satisfies the undeniable property of traditional digital signature schemes. Performance analysis results show that the length of the signer’s private key, the designated verifier’s private key and signature length are 40 bits, 40 bits and 384 bits, respectively. Compared with he related schemes, the proposed scheme has higher performance in signature length, private key size and computational overhead. Finally, we show how to apply it to implement outsourcing computation in cloud computing.

Download Full-text

A Strongly Unforgeable Certificateless Signature Scheme and Its Application in IoT Environments

Sensors ◽

10.3390/s19122692 ◽

2019 ◽

Vol 19 (12) ◽

pp. 2692 ◽

Cited By ~ 4

Author(s):

Xiaodong Yang ◽

Xizhen Pei ◽

Guilan Chen ◽

Ting Li ◽

Meiding Wang ◽

...

Keyword(s):

Security Requirements ◽

Widespread Application ◽

Random Oracles ◽

Replay Attacks ◽

Security Research ◽

Viable Solution ◽

Iot Devices ◽

Certificateless Signature ◽

The Internet Of Things ◽

Strong Unforgeability

With the widespread application of the Internet of Things (IoT), ensuring communication security for IoT devices is of considerable importance. Since IoT data are vulnerable to eavesdropping, tampering, forgery, and other attacks during an open network transmission, the integrity and authenticity of data are fundamental security requirements in the IoT. A certificateless signature (CLS) is a viable solution for providing data integrity, data authenticity, and identity identification in resource-constrained IoT devices. Therefore, designing a secure and efficient CLS scheme for IoT environments has become one of the main objectives of IoT security research. However, the existing CLS schemes rarely focus on strong unforgeability and replay attacks. Herein, we design a novel CLS scheme to protect the integrity and authenticity of IoT data. In addition to satisfying the strong unforgeability requirement, the proposed scheme also resists public key replacement attacks, malicious-but-passive key-generation-centre attacks, and replay attacks. Compared with other related CLS schemes without random oracles, our CLS scheme has a shorter private key, stronger security, and lower communication and computational costs.

Download Full-text

Strongly Unforgeable Ring Signature Scheme from Lattices in the Standard Model

Journal of Applied Mathematics ◽

10.1155/2014/371924 ◽

2014 ◽

Vol 2014 ◽

pp. 1-12

Author(s):

Geontae Noh ◽

Ji Young Chun ◽

Ik Rae Jeong

Keyword(s):

Standard Model ◽

Signature Scheme ◽

Signature Schemes ◽

Ring Signature ◽

Arbitrary Ring ◽

Computational Overhead ◽

The Standard Model ◽

First Time ◽

Strong Unforgeability

In a ring signature scheme, a user selects an arbitrary ring to be able to sign a message on behalf of the ring without revealing the signer’s identity. Whistle-blowers especially find this useful. To date, various ring signature schemes have been proposed, all considered to be secure as existentially unforgeable with respect to insider corruption; that is, an adversary who chooses ring-message pairs for which he requests signatures, corrupts honest users, and obtains their signing keys can not produce forgeries for new ring-message pairs. Lattice-based ring signature schemes offer lower computational overhead and security from quantum attacks. In this paper, we offer a lattice-based scheme. We begin by showing that the existing ring signature schemes are not sufficiently secure, because existential unforgeability still permits a signer to potentially produce a new signature on previously signed messages. Furthermore, we show that existing ring signature schemes from lattices are not even existentially unforgeable with respect to insider corruption. We then improve previous schemes by applying, for the first time, the concept of strong unforgeability with respect to insider corruption to a ring signature scheme in lattices. This offers more security than any previous ring signature scheme: adversaries cannot produce new signatures for any ring-message pair, including previously signed ring-message pairs.

Download Full-text

New Constructions of Hierarchical Identity-Based Signature in the Standard Model

Key Engineering Materials ◽

10.4028/www.scientific.net/kem.474-476.1356 ◽

2011 ◽

Vol 474-476 ◽

pp. 1356-1361

Author(s):

Qing Wu ◽

Su Xia Sun

Keyword(s):

Standard Model ◽

Provable Security ◽

Security Model ◽

Private Key ◽

Random Oracles ◽

Diffie Hellman ◽

The Standard Model ◽

Cdh Assumption ◽

Identity Based ◽

Provably Secure

In this paper, a new construct of hierarchical identity-based signature(HIBS) scheme is proposed at first. It has many advantages over those available, such as fully secure without using random oracles, efficient signing algorithm. Additionally, it is provably secure under the computational Diffie-Hellman(CDH) assumption. This assumption is more natural than many of the hardness assumptions recently introduced to HIBS in the standard model. However, the length of its private key and signature increases as the hierarchy depth expands. Then a modified scheme is presented. The signature of modified scheme consists of three group elements and the private keys size shrinks as the identity depth increases. Under the h-CDH assumption, it is provable security in full security model without using random oracles.

Download Full-text