BlockREV: Blockchain-Enabled Multi-Controller Rule Enforcement Verification in SDN

Compared with the classical structure with only one controller in software-defined networking (SDN), multi-controller topology structure in SDN provides a new type of cross-domain forwarding network architecture with multiple centralized controllers and distributed forwarding devices. However, when the network includes multiple domains, lack of trust among the controllers remains a challenge how to verify the correctness of cross-domain forwarding behaviors in different domains. In this paper, we propose a novel secure multi-controller rule enforcement verification (BlockREV) mechanism in SDN to guarantee the correctness of cross-domain forwarding. We first adopt blockchain technology to provide the immutability and privacy protection for forwarding behaviors. Furthermore, we present an address-based aggregate signature scheme with appropriate cryptographic primitives, which is provably secure in the random oracle model. Moreover, we design a verification algorithm based on hash values of forwarding paths to check the consistency of forwarding order. Finally, experimental results demonstrate that the proposed BlockREV mechanism is effective and suitable for multi-controller scenarios in SDN.

Download Full-text

Another Attack on Tso's Short Signature Scheme Based on Bilinear Pairings

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.63-64.785 ◽

2011 ◽

Vol 63-64 ◽

pp. 785-788

Author(s):

Fan Yu Kong ◽

Lei Wu ◽

Jia Yu

Keyword(s):

Random Oracle Model ◽

Bilinear Pairings ◽

Random Oracle ◽

Public Key ◽

Signature Scheme ◽

Short Signature ◽

Provably Secure

In 2009, R. Tso et al. proposed an efficient pairing-based short signature scheme which is provably secure in the Random Oracle Model. In this paper, we propose a new key substitution attack on Raylin Tso et al.’s short signature scheme. For a given message and the corresponding valid signature, the malicious attacker can generate a substituted public key. Everyone verifies the signature successfully with the malicious attacker’s substituted public key. Therefore, Raylin Tso et al.’s short signature scheme has a security flaw in the multi-user setting.

Download Full-text

Efficient Convertible User Designating Confirmer Partially Blind Signature with Provable Security

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.282-283.307 ◽

2011 ◽

Vol 282-283 ◽

pp. 307-311

Author(s):

Li Zhen Ma

Keyword(s):

Provable Security ◽

Discrete Logarithm ◽

Random Oracle Model ◽

Random Oracle ◽

Blind Signature ◽

Discrete Logarithm Problem ◽

Public Key ◽

Signature Schemes ◽

Partially Blind Signature ◽

Provably Secure

Any one who knows the signer’s public key can verify the validity of a given signature in partially blind signature schemes. This verifying universality may be used by cheats if the signed message is sensitive or personal. To solve this problem, a new convertible user designating confirmer partially blind signature, in which only the designated confirmer (designated by the user) and the user can verify and confirm the validity of given signatures and convert given signatures into publicly verifiable ones, is proposed. Compared with Huang et al.’s scheme, the signature size is shortened about 25% and the computation quantity is reduced about 36% in the proposed scheme. Under random oracle model and intractability of Discrete Logarithm Problem the proposed scheme is provably secure.

Download Full-text

A Blockchain-Based Hierarchical Authentication Scheme for Multiserver Architecture

Security and Communication Networks ◽

10.1155/2021/5592119 ◽

2021 ◽

Vol 2021 ◽

pp. 1-20

Author(s):

Miqi Wu ◽

Lin You ◽

Gengran Hu ◽

Liang Li ◽

Chengtang Cao

Keyword(s):

Secure Communication ◽

Random Oracle Model ◽

Random Oracle ◽

Authentication Scheme ◽

Security Risks ◽

Private Key ◽

Blockchain Technology ◽

Man In The Middle ◽

User Revocation ◽

Authentication Schemes

In a multiserver architecture, authentication schemes play an important role in the secure communication of the system. In many multiserver authentication schemes, the security of the mutual authentications among the participants is based on the security of the registration center’s private key. This centralized architecture can create security risks due to the leakage of the registration center’s private key. Blockchain technology, with its decentralized, tamper-proof, and distributed features, can provide a new solution for multiserver authentication schemes. In a lot of multiserver authentication schemes, users’ permission is generally controlled by the registration center (RC), but these permission control methods cannot be applied in the decentralized blockchain system. In this paper, a blockchain-based authentication scheme for multiserver architecture is proposed. Our scheme provides a hierarchical authentication method to solve the problems of user permission control and user revocation caused by no registration center. The security of our scheme is formally proved under the random oracle model. According to our analysis, our scheme is resistant to attacks such as impersonation attacks and man-in-the-middle attacks. In addition, our performance analysis shows that the proposed scheme has less computation overhead.

Download Full-text

A Lattice-Based Provably Secure Multisignature Scheme in Quantum Random Oracle Model

Provable and Practical Security - Lecture Notes in Computer Science ◽

10.1007/978-3-030-62576-4_3 ◽

2020 ◽

pp. 45-64

Author(s):

Masayuki Fukumitsu ◽

Shingo Hasegawa

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Provably Secure

Download Full-text

An Improved RSA-Based Certificateless Signature Scheme

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.687-691.2165 ◽

2014 ◽

Vol 687-691 ◽

pp. 2165-2168

Author(s):

Xue Dong Dong ◽

Hui Min Lu

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Type I ◽

Signature Scheme ◽

The Public ◽

Public Keys ◽

Security Properties ◽

Identity Based ◽

Certificateless Signature ◽

Provably Secure

Certificateless-based signature can eliminate the need of certificates in the Public Key Infrastructure and solve the inherent key escrow problem in the identity-based cryptography. In 2012 Zhang et al. [J. Zhang and J. Mao, An efficient RSA-based certificateless signature scheme, Journal of Systems and Software, vol. 85, pp. 638-642, 2012] proposed the first certificateless signature scheme based on RSA operations and showed that their scheme is provably secure in the random oracle model. However, He et al. [D. He, M.Khan, and S. Wu, On the security of a RSA-based certificateless signature scheme, International Journal of Network Security, vol.16, no.1, pp.78-80, 2014] recently showed that Zhang et al.'s scheme is insecure against a type I adversary who can replace users' public keys. In this paper, we propose an improved version based on RSA which not only keeps the original security properties of the signature, but also is secure against a type I adversary.

Download Full-text

A Provably Secure Certificate-Based Signature Scheme with Bilinear Pairings

Key Engineering Materials ◽

10.4028/www.scientific.net/kem.439-440.1271 ◽

2010 ◽

Vol 439-440 ◽

pp. 1271-1276 ◽

Cited By ~ 1

Author(s):

Jian Hong Zhang ◽

Hua Chen ◽

Yi Xian Yang

Keyword(s):

Discrete Logarithm ◽

Random Oracle Model ◽

Bilinear Pairings ◽

Random Oracle ◽

Third Party ◽

Maintenance Cost ◽

Signature Scheme ◽

Key Escrow ◽

Identity Based ◽

Provably Secure

Traditional public key cryptosystem (PKC) requires high maintenance cost for certificate management. Although, identity based cryptosystem (IBC) reduces the overhead of management, it suffers from the drawback of key escrow. Certificate-based cryptosystem solves certificate revocation problem and eliminate third party queries in the traditional PKI. In addition, it also solves the inherent key escrow problem in the IBC. In this paper, we proposed an efficient certificate-based signature and the result shows that the scheme is provable secure against two game attacks of certificate-based signature in the random oracle model. The security is closely related to the difficulty of solving the discrete logarithm problem.

Download Full-text

Provably Secure Covert Communication on Blockchain

Cryptography ◽

10.3390/cryptography2030018 ◽

2018 ◽

Vol 2 (3) ◽

pp. 18 ◽

Cited By ~ 11

Author(s):

Juha Partala

Keyword(s):

Hash Function ◽

Random Oracle Model ◽

Data Integrity ◽

Random Oracle ◽

Covert Communication ◽

Smart Contracts ◽

Cryptographic Hash Function ◽

Rigorous Definition ◽

Open Nature ◽

Provably Secure

Blockchain is a public open ledger that provides data integrity in a distributed manner. It is the underlying technology of cryptocurrencies and an increasing number of related applications, such as smart contracts. The open nature of blockchain together with strong integrity guarantees on the stored data makes it a compelling platform for covert communication. In this paper, we suggest a method of securely embedding covert messages into a blockchain. We formulate a simplified ideal blockchain model based on existing implementations and devise a protocol that enables two parties to covertly communicate through the blockchain following that model. We also formulate a rigorous definition for the security and covertness of such a protocol based on computational indistinguishability. Finally, we show that our method satisfies this definition in the random oracle model for the underlying cryptographic hash function.

Download Full-text

An Efficient and Provably-Secure Certificateless Proxy-Signcryption Scheme for Electronic Prescription System

Security and Communication Networks ◽

10.1155/2018/7524102 ◽

2018 ◽

Vol 2018 ◽

pp. 1-11 ◽

Cited By ~ 3

Author(s):

Li Li ◽

Siqin Zhou ◽

Kim-Kwang Raymond Choo ◽

Xiaohong Li ◽

Debiao He

Keyword(s):

Random Oracle Model ◽

Research Area ◽

Random Oracle ◽

Performance Evaluations ◽

Electronic Prescription ◽

Limited Bandwidth ◽

Cryptographic Primitive ◽

And Performance ◽

Signcryption Scheme ◽

Provably Secure

Electronic prescription is increasingly popular in our society, particularly in technologically advanced countries. Due to strict legal requirements and privacy regulations, authorization and data confidentiality are two important features in electronic prescription system. By combining signature and encryption functions, signcryption is an efficient cryptographic primitive that can be used to provide these two features. While signcryption is a fairly established research area, most signcryption schemes proposed recently have several limitations (e.g., high communication costs, limited bandwidth, and insecurity), and designing secure and practical signcryption schemes remains challenging. In this paper, we propose an improved certificateless proxy signcryption (CLPSC) scheme, based on elliptic curve cryptography (ECC). We also demonstrate that the proposed CLPSC scheme is secure in the random oracle model and evaluate its performance with related schemes. The security and performance evaluations show that the proposed CLPSC scheme can potentially be implemented on resource-constrained low-computing mobile devices in an electronic prescription system.

Download Full-text

Decentralized Inner-Product Encryption with Constant-Size Ciphertext

Applied Sciences ◽

10.3390/app12020636 ◽

2022 ◽

Vol 12 (2) ◽

pp. 636

Author(s):

Yi-Fan Tseng ◽

Shih-Jie Gao

Keyword(s):

Distributed System ◽

Single Point ◽

Random Oracle Model ◽

Random Oracle ◽

Inner Product ◽

Cryptographic Primitives ◽

Fine Grained ◽

Constant Size ◽

Attribute Vector ◽

Encryption Decryption

With the rise of technology in recent years, more people are studying distributed system architecture, such as the e-government system. The advantage of this architecture is that when a single point of failure occurs, it does not cause the system to be invaded by other attackers, making the entire system more secure. On the other hand, inner product encryption (IPE) provides fine-grained access control, and can be used as a fundamental tool to construct other cryptographic primitives. Lots of studies for IPE have been proposed recently. The first and only existing decentralized IPE was proposed by Michalevsky and Joye in 2018. However, some restrictions in their scheme may make it impractical. First, the ciphertext size is linear to the length of the corresponding attribute vector; second, the number of authorities should be the same as the length of predicate vector. To cope with the aforementioned issues, we design the first decentralized IPE with constant-size ciphertext. The security of our scheme is proven under the ℓ-DBDHE assumption in the random oracle model. Compared with Michalevsky and Joye’s work, ours achieves better efficiency in ciphertext length and encryption/decryption cost.

Download Full-text

A Provably Secure E-Cash Scheme with Loss-Tracing

Advanced Materials Research ◽

10.4028/www.scientific.net/amr.748.958 ◽

2013 ◽

Vol 748 ◽

pp. 958-966

Author(s):

Bin Lian ◽

Gong Liang Chen ◽

Jian Hua Li

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Third Party ◽

Trusted Third Party ◽

Security Proofs ◽

Almost All ◽

Practical Scheme ◽

Provably Secure

E-cash should be spent anonymously in normal circumstances, while in many schemes, the trusted authority is the only one who acts as customer-tracer and e-coin-tracer for preventing illegal transactions, but it is not the case in the reality. In our practical scheme, the bank traces double-spenders without the help of others, and the trusted third party traces e-coins and the owner only when the customer is involved in crimes. When customers lose their e-coins for some reasons, the loss-tracing can be triggered in our scheme which is neglected by almost all existing schemes, so if the lost coins haven't been spent by anyone, the customers can get the refund from the bank. And then the security proofs for our E-cash scheme are provided in the random oracle model.

Download Full-text