A Certificate-Based Provable Data Possession Scheme in the Standard Model

Certificate-based cryptosystem can not only resolve the private key escrow problem inherent in the identity-based cryptosystem but also reduce the cost of public key certificate management in the public key infrastructure-(PKI-) based cryptosystem. Provable data possession (PDP) can ensure the integrity of users’ data stored in the cloud at a very high probability. By combining these two concepts, we propose a certificate-based PDP scheme. We prove that our scheme is secure in the standard model assuming that the Squ-CDH problem is hard. Based on the index logic table, our scheme can be extended to support dynamic operations easily. Efficiency analysis shows that our scheme has high efficiency.

Download Full-text

Comparative research on two kinds of certification systems of the public key infrastructure (PKI) and the identity based encryption (IBE)

CSQRWC 2012 ◽

10.1109/csqrwc.2012.6294997 ◽

2012 ◽

Cited By ~ 3

Author(s):

Qing-hai Bai

Keyword(s):

Comparative Research ◽

Public Key Infrastructure ◽

Public Key ◽

The Public ◽

Identity Based Encryption ◽

Identity Based

Download Full-text

An Implementation Suite for a Hybrid Public Key Infrastructure

Symmetry ◽

10.3390/sym13081535 ◽

2021 ◽

Vol 13 (8) ◽

pp. 1535

Author(s):

Jason Chia ◽

Swee-Huay Heng ◽

Ji-Jian Chin ◽

Syh-Yuan Tan ◽

Wei-Chuen Yau

Keyword(s):

Public Key Infrastructure ◽

Public Key ◽

Practical Implementation ◽

Public And Private ◽

Industry Standard ◽

Cryptographic Keys ◽

Identity Based ◽

Identity Based Cryptography ◽

The Cost ◽

Enterprise Java Bean

Public key infrastructure (PKI) plays a fundamental role in securing the infrastructure of the Internet through the certification of public keys used in asymmetric encryption. It is an industry standard used by both public and private entities that costs a lot of resources to maintain and secure. On the other hand, identity-based cryptography removes the need for certificates, which in turn lowers the cost. In this work, we present a practical implementation of a hybrid PKI that can issue new identity-based cryptographic keys for authentication purposes while bootstrapping trust with existing certificate authorities. We provide a set of utilities to generate and use such keys within the context of an identity-based environment as well as an external environment (i.e., without root trust to the private key generator). Key revocation is solved through our custom naming design which currently supports a few scenarios (e.g., expire by date, expire by year and valid for year). Our implementation offers a high degree of interoperability by incorporating X.509 standards into identity-based cryptography (IBC) compared to existing works on hybrid PKI–IBC systems. The utilities provided are minimalist and can be integrated with existing tools such as the Enterprise Java Bean Certified Authority (EJBCA).

Download Full-text

Efficient Hierarchical Identity-Based Encryption System for Internet of Things Infrastructure

Symmetry ◽

10.3390/sym11070913 ◽

2019 ◽

Vol 11 (7) ◽

pp. 913

Author(s):

Lifeng Guo ◽

Jing Wang ◽

Wei-Chuen Yau

Keyword(s):

Internet Of Things ◽

Standard Model ◽

Main Concern ◽

The Public ◽

Private Key ◽

Identity Based Encryption ◽

Dual System Encryption ◽

The Standard Model ◽

Identity Based ◽

The Internet Of Things

Security is a main concern for the Internet of Things (IoT) infrastructure as large volumes of data are collected and processed in the systems. Due to the limited resources of interconnected sensors and devices in the IoT systems, efficiency is one of the key considerations when deploying security solutions (e.g., symmetric/asymmetric encryption, authentication, etc.) in IoT. In this paper, we present an efficient Hierarchical Identity-Based Encryption (HIBE) system with short parameters for protecting data confidentiality in distributed IoT infrastructure. Our proposed HIBE system has the public parameters, private key, and ciphertext, each consisting of a constant number of group elements. We prove the full security of the HIBE system in the standard model using the dual system encryption technique. We also implement the proposed scheme and compare the performance with the original Lewko–Waters HIBE. To the best of our knowledge, our construction is the first HIBE system that achieves both full security in the standard model and short parameters in terms of the public parameters, private key, and ciphertext.

Download Full-text

Full secure identity-based encryption scheme with short public key size over lattices in the standard model

International Journal of Computer Mathematics ◽

10.1080/00207160.2015.1029464 ◽

2015 ◽

Vol 93 (6) ◽

pp. 854-863 ◽

Cited By ~ 10

Author(s):

Fenghe Wang ◽

ZhenHua Liu ◽

Chunxiao Wang

Keyword(s):

Standard Model ◽

Public Key ◽

Encryption Scheme ◽

Identity Based Encryption ◽

The Standard Model ◽

Identity Based

Download Full-text

Key Replacement Attack on Two Certificateless Signature Schemes without Random Oracles

Key Engineering Materials ◽

10.4028/www.scientific.net/kem.439-440.1606 ◽

2010 ◽

Vol 439-440 ◽

pp. 1606-1611 ◽

Cited By ~ 15

Author(s):

Qi Xia ◽

Chun Xiang Xu ◽

Yong Yu

Keyword(s):

Standard Model ◽

Public Key ◽

Signature Scheme ◽

Signature Schemes ◽

The Public ◽

Random Oracles ◽

The Standard Model ◽

Replacement Attack ◽

Certificateless Signature

Liu et al. proposed the first certificateless signature scheme without random oracles in 2007. However, Xiong et al. showed that Liu et al.'s scheme is insecure against a malicious-but-passive KGC attack and proposed an improved scheme. In ISA 2009, Yuan et al. also proposed a new certificateless signature scheme without random oracles. Although they claimed that the two schemes are secure in the standard model, this paper shows that both Xiong et al.'s improved scheme and Yuan et al.'s new scheme are vulnerable to key replacement attack, where an adversary, obtaining a signature on a message and replacing the public key of a signer, can forge valid signatures on the same message under the replaced public key. We also give the corresponding modifications of the two schemes to resist key replacement attack.

Download Full-text

Revocable IBE combined with CRA to overcome the inadaptability problem

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.a1014.1091s19 ◽

2019 ◽

Vol 9 (1S) ◽

pp. 71-77

Keyword(s):

Public Key Infrastructure ◽

Public Key ◽

The Public ◽

Identity Based Encryption ◽

Cryptographic System ◽

Identity Based ◽

Key Update

Identity based encryption (IBE) is an open key cryptographic system and takes out the requesting of the Public key infrastructure(PKI) and confirmation relationship by and large key settings. Due to the nonappearance in PKI, the cancelation problem has become a primary issue in the IBE settings. Two or three cancellable IBE plans have been already proposed concerning this point. As of late, by embeddings an outsourcing figuring framework into the IBE, Li et al. presented a cancellable IBE scheme with the feature of key-update cloud authority association (KU-CSP). Regardless, their arrangement faces two disadvantages. One demerit is that the costs of figuring, correspondence are more than past cancellable IBE designs. Alternate limitation is nonattendance of adaptability as in KU-CSP should maintain secret regard for individual customer. Here another cancellable IBE plot with cloud cancellation authority (CRA) to understand the two disadvantages in which the execution is by and large upgraded and the CRA has only a system puzzle for each one of their customers.

Download Full-text

Novel Identity-Based Hash Proof System with Compact Master Public Key from Lattices in the Standard Model

International Journal of Foundations of Computer Science ◽

10.1142/s0129054119400148 ◽

2019 ◽

Vol 30 (04) ◽

pp. 589-606

Author(s):

Qiqi Lai ◽

Bo Yang ◽

Zhe Xia ◽

Yannan Li ◽

Yuan Chen ◽

...

Keyword(s):

Standard Model ◽

Random Oracle Model ◽

Random Oracle ◽

Public Key ◽

Proof System ◽

Secret Key ◽

Random Lattice ◽

The Standard Model ◽

Identity Based ◽

Hash Proof System

As the progress of quantum computers, it is desired to propose many more efficient cryptographic constructions with post-quantum security. In the literatures, almost all cryptographic schemes and protocols can be explained and constructed modularly from certain cryptographic primitives, among which an Identity-Based Hash Proof System (IB-HPS) is one of the most basic and important primitives. Therefore, we can utilize IB-HPSs with post-quantum security to present several types of post-quantum secure schemes and protocols. Up until now, all known IB-HPSs with post-quantum security are instantiated based on latticed-based assumptions. However, all these lattice-based IB-HPSs are either in the random oracle model or not efficient enough in the standard model. Hence, it should be of great significance to construct more efficient IB-HPSs from lattices in the standard model. In this paper, we propose a new smooth IB-HPS with anonymity based on the Learning with Errors (LWE) assumption in the standard model. This new construction is mainly inspired by a classical identity-based encryption scheme based on LWE due to Agreawal et al. in Eurocrypt 2010. And our innovation is to employ the algorithm SampleGaussian introduced by Gentry et al. and the property of random lattice to simulate the identity secret key with respect to the challenge identity. Compared with other existing IB-HPSs in the standard model, our master public key is quite compact. As a result, our construction has much lower overheads on computation and storage.

Download Full-text

Multi-use Deterministic Public Key Proxy Re-Encryption from Lattices in the Auxiliary-Input Setting

International Journal of Foundations of Computer Science ◽

10.1142/s0129054120500252 ◽

2020 ◽

Vol 31 (05) ◽

pp. 551-567

Author(s):

Juyan Li ◽

Chunguang Ma ◽

Zhen Gu

Keyword(s):

Standard Model ◽

Public Key ◽

Public Key Encryption ◽

Basic Construction ◽

Model Based ◽

Cryptographic Primitive ◽

Semantic Security ◽

The Standard Model ◽

Identity Based ◽

Auxiliary Input

Proxy Re-Encryption (PRE) is a cryptographic primitive that allows a proxy to turn an Alice’s ciphertext into a Bob’s ciphertext on the same plaintext. All of the PRE schemes are public key encryption and semantic security. Deterministic Public Key Encryption (D-PKE) provides an alternative to randomized public key encryption in various scenarios where the latter exhibits inherent drawbacks. In this paper, we construct the first multi-use unidirectional D-PRE scheme from Lattices in the auxiliary-input setting. We also prove that it is PRIV1-INDr secure in the standard model based on the LWR. Finally, an identity-based D-PRE is obtained from the basic construction.

Download Full-text

A Short Server-Aided Certificateless Aggregate Multisignature Scheme in the Standard Model

Security and Communication Networks ◽

10.1155/2019/3424890 ◽

2019 ◽

Vol 2019 ◽

pp. 1-14 ◽

Cited By ~ 1

Author(s):

Viet Cuong Trinh

Keyword(s):

Standard Model ◽

Public Key Cryptography ◽

Public Key ◽

Constant Size ◽

Aggregate Signature ◽

Diffie Hellman ◽

Combination Scheme ◽

The Standard Model ◽

Identity Based ◽

Short Signature

Aggregate signature scheme allows each signer to sign a different message and then all those signatures are aggregated into a single short signature. In contrast, multisignature scheme allows multisigners to jointly sign only one message. Aggregate multisignature scheme is a combination of both aforementioned signature schemes, where signers can choose to generate either a multisignature or an aggregate signature. This combination scheme has many concrete application scenarios such as Bitcoin blockchain, Healthcare, Multicast Acknowledgment Aggregation, and so on. On the other hand, to deal with the problems of expensive certificates in certified public key cryptography and key escrow in identity-based cryptography, the notion of certificateless public key cryptography has been introduced by Riyami and Paterson at Asiacrypt’03. In this paper, we propose the first certificateless aggregate multisignature scheme that achieves the constant-size of signature and is secure in the standard model under a generalization of the Diffie-Hellman exponent assumption. In our scheme, however, the signature is generated with the help of the authority.

Download Full-text

On the Security of a Certificateless Signature Scheme

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.519-520.965 ◽

2014 ◽

Vol 519-520 ◽

pp. 965-968

Author(s):

Lin Cheng ◽

Qiao Yan Wen

Keyword(s):

System Parameter ◽

Public Key Cryptography ◽

Public Key Infrastructure ◽

Public Key ◽

Signature Scheme ◽

System Parameters ◽

Certificateless Public Key Cryptography ◽

The Standard Model ◽

Identity Based ◽

Certificateless Signature

Certificateless public key cryptography eliminates inherent key escrow problem in identity-based cryptography, and does not yet requires certificates as in the traditional public key infrastructure. Recently, Yu et al. propose a new certificateless signature scheme and their scheme offers shorter system parameters and higher computational efficiency than the previous schemes in the standard model. However, in this paper, we show Yu et al.'s certificateless signature scheme is vulnerable to malicious-but-passive KGC attack where a malicious KGC can forge valid signatures by embedding extra trapdoors in the system parameter.

Download Full-text