scholarly journals Revisiting NIZK-Based Technique for Chosen-Ciphertext Security: Security Analysis and Corrected Proofs

2021 ◽  
Vol 11 (8) ◽  
pp. 3367
Author(s):  
Youngkyung Lee ◽  
Dong Hoon Lee ◽  
Jong Hwan Park
Keyword(s):  
Recent Work ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Previous Method ◽  
Zero Knowledge ◽  
Conversion Method ◽  
Security Proof ◽  
Chosen Ciphertext Security ◽  
Proof Strategy

Non-interactive zero-knowledge (NIZK) proofs for chosen-ciphertext security are generally considered to give an impractical construction. An interesting recent work by Seo, Abdalla, Lee, and Park (Information Sciences, July 2019) proposed an efficient semi-generic conversion method for achieving chosen-ciphertext security based on NIZK proofs in the random oracle model. The recent work by Seo et al. demonstrated that the semi-generic conversion method transforms a one-way (OW)-secure key encapsulation mechanism (KEM) into a chosen-ciphertext secure KEM while preserving tight security reduction. This paper shows that the security analysis of the semi-generic conversion method has a flaw, which comes from the OW security condition of the underlying KEM. Without changing the conversion method, this paper presents a revised security proof under the changed conditions that (1) the underlying KEM must be chosen-plaintext secure in terms of indistinguishability and (2) an NIZK proof derived from the underlying KEM via the Fiat–Shamir transform must have the properties of zero-knowledge and simulation soundness. This work extended the security proof strategy to the case of identity-based KEM (IBKEM) and also revise the security proof for IBKEM of previous method by Seo et al. Finally, this work gives a corrected security proof by applying the new proofs to several existing (IB)KEMs.

scholarly journals HORSIC+: An Efficient Post-Quantum Few-Time Signature Scheme

2021 ◽  
Vol 11 (16) ◽  
pp. 7350
Author(s):  
Jaeheung Lee ◽  
Yongsu Park
Keyword(s):  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Security Level ◽  
Signature Scheme ◽  
Signature Schemes ◽  
Security Proof ◽  
Time Signature ◽  
Resistant Family ◽  
Cryptographic Hash Functions

It is well known that conventional digital signature algorithms such as RSA and ECDSA are vulnerable to quantum computing attacks. Hash-based signature schemes are attractive as post-quantum signature schemes in that it is possible to calculate the quantitative security level and the security is proven. SPHINCS is a stateless hash-based signature scheme and introduces HORST few-time signature scheme which is an improvement of HORS. However, HORST as well as HORS suffers from pretty large signature sizes. HORSIC is proposed to reduce the signature size, yet does not provide in-depth security analysis. In this paper, we propose HORSIC+, which is an improvement of HORSIC. HORSIC+ differs from HORSIC in that HORSIC+ does not apply f as a plain function to the signature key, but uses a member of a function family. In addition, HORSIC+ uses the chaining function similar to W-OTS+. These enable the strict security proof without the need for the used function family to be a permutation or collision resistant. HORSIC+ is existentially unforgeable under chosen message attacks, assuming a second-preimage resistant family of undetectable one-way functions and cryptographic hash functions in the random oracle model. HORSIC+ reduces the signature size by as much as 37.5% or 18.75% compared to HORS and by as much as 61.5% or 45.8% compared to HORST for the same security level.

scholarly journals Security Analysis of a Certificateless Signature from Lattices

2017 ◽  
Vol 2017 ◽  
pp. 1-7
Author(s):  
Seunghwan Chang ◽  
Hyang-Sook Lee ◽  
Juhee Lee ◽  
Seongan Lim
Keyword(s):  
Hash Function ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Strong Type ◽  
Security Proof ◽  
Forking Lemma ◽  
Certificateless Signature ◽  
Adversarial Model

Tian and Huang proposed a lattice-based CLS scheme based on the hardness of the SIS problem and proved, in the random oracle model, that the scheme is existentially unforgeable against strong adversaries. Their security proof uses the general forking lemma under the assumption that the underlying hash function H is a random oracle. We show that the hash function in the scheme is neither one-way nor collision-resistant in the view of a strong Type 1 adversary. We point out flaws in the security arguments and present attack algorithms that are successful in the strong Type 1 adversarial model using the weak properties of the hash function.

An efficient certificateless multi-receiver threshold decryption scheme

2019 ◽  
Vol 53 (1-2) ◽  
pp. 67-84 ◽  
Author(s):  
Ronghai Gao ◽  
Jiwen Zeng ◽  
Lunzhi Deng
Keyword(s):  
Security Analysis ◽  
Mobile Network ◽  
Random Oracle Model ◽  
Bilinear Pairings ◽  
Random Oracle ◽  
Bilinear Pairing ◽  
Public And Private ◽  
The Public ◽  
Public Keys ◽  
Threshold Decryption

Threshold decryption allows only quorum cooperate users to decrypt ciphertext encrypted under a public key. However, such threshold decryption scheme cannot be applied well in this situation where all users have their public and private key pairs, but do not share any private keys corresponding to the public keys, such as mobile network featured with dynamic character. The direct way to achieve threshold decryption in this case is to divide the message into several pieces and then encrypt these pieces with the public keys of different users. However, this is very inefficient. Multireceiver threshold decryption scheme that could be applied efficiently in the above situation. Recently, some certificateless (ID-based) multireceiver threshold decryption (signcryption) schemes are introduced. But the bilinear pairings are used in most of the existing schemes. In this paper, we propose an efficient certificateless threshold decryption scheme using elliptic curve cryptography (ECC) without bilinear pairing. Performance analysis shows that the proposed scheme has lower computation cost than existing some threshold decryption schemes in both encryption and decryption process. Security analysis shows that our scheme is IND-CCA secure, and no one outside of selected receivers can disclose receivers identities, against the adversaries defined in CL-PKC system under the random oracle model.

scholarly journals Pairing-Free Certificateless Signature with Security Proof

2014 ◽  
Vol 2014 ◽  
pp. 1-6 ◽  
Author(s):  
Wenhao Liu ◽  
Qi Xie ◽  
Shengbao Wang ◽  
Lidong Han ◽  
Bin Hu
Keyword(s):  
Discrete Logarithm ◽  
Random Oracle Model ◽  
Bilinear Pairings ◽  
Random Oracle ◽  
Public Key ◽  
Public Key Cryptosystem ◽  
Management Problem ◽  
Security Proof ◽  
Certificateless Public Key Cryptosystem ◽  
Certificateless Signature

Since certificateless public key cryptosystem can solve the complex certificate management problem in the traditional public key cryptosystem and the key escrow problem in identity-based cryptosystem and the pairing computation is slower than scalar multiplication over the elliptic curve, how to design certificateless signature (CLS) scheme without bilinear pairings is a challenge. In this paper, we first propose a new pairing-free CLS scheme, and then the security proof is presented in the random oracle model (ROM) under the discrete logarithm assumption. The proposed scheme is more efficient than the previous CLS schemes in terms of computation and communication costs and is more suitable for the applications of low-bandwidth environments.

scholarly journals An Improved Anonymous Authentication Protocol for Wearable Health Monitoring Systems

2020 ◽  
Vol 2020 ◽  
pp. 1-13
Author(s):  
Jiaqing Mo ◽  
Wei Shen ◽  
Weisheng Pan
Keyword(s):  
Health Monitoring ◽  
Denial Of Service ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Authentication Protocol ◽  
Wireless Channel ◽  
Formal Proofs ◽  
Insider Attack ◽  
Quadratic Residues

Wearable health monitoring system (WHMS), which helps medical professionals to collect patients’ healthcare data and provides diagnosis via mobile devices, has become increasingly popular thanks to the significant advances in the wireless sensor network. Because health data are privacy-related, they should be protected from illegal access when transmitted over a public wireless channel. Recently, Jiang et al. presented a two-factor authentication protocol on quadratic residues with fuzzy verifier for WHMS. However, we observe that their scheme is vulnerable to known session special temporary information (KSSTI) attack, privileged insider attack, and denial-of-service (DoS) attack. To defeat these weaknesses, we propose an improved two-factor authentication and key agreement scheme for WHMS. Through rigorous formal proofs under the random oracle model and comprehensive informal security analysis, we demonstrate that the improved scheme overcomes the disadvantages of Jiang et al.’s protocol and withstands possible known attacks. In addition, comparisons with several relevant protocols show that the proposed scheme achieves more security features and has suitable efficiency. Thus, our scheme is a reasonable authentication solution for WHMS.

scholarly journals An Efficient Chaotic Map-Based Authentication Scheme with Mutual Anonymity

2016 ◽  
Vol 2016 ◽  
pp. 1-10
Author(s):  
Yousheng Zhou ◽  
Junfeng Zhou ◽  
Feng Wang ◽  
Feng Guo
Keyword(s):  
Key Management ◽  
Chaotic Map ◽  
Mutual Authentication ◽  
Security Analysis ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Authentication Scheme ◽  
Session Key ◽  
The Real ◽  
Shared Key

A chaotic map-based mutual authentication scheme with strong anonymity is proposed in this paper, in which the real identity of the user is encrypted with a shared key between the user and the trusted server. Only the trusted server can determine the real identity of a user during the authentication, and any other entities including other users of the system get nothing about the user’s real identity. In addition, the shared key of encryption can be easily computed by the user and trusted server using the Chebyshev map without additional burdensome key management. Once the partnered two users are authenticated by the trusted server, they can easily proceed with the agreement of the session key. Formal security analysis demonstrates that the proposed scheme is secure under the random oracle model.

scholarly journals Efficient Certificateless Conditional Privacy-Preserving Authentication Scheme in VANETs

2019 ◽  
Vol 2019 ◽  
pp. 1-19 ◽  
Author(s):  
Yang Ming ◽  
Hongliang Cheng
Keyword(s):  
Traffic Safety ◽  
Vehicular Ad Hoc Networks ◽  
Ad Hoc ◽  
Security Analysis ◽  
Real Life ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Privacy Preserving ◽  
Bilinear Pairing ◽  
Security And Privacy

Vehicular ad hoc networks (VANETs) are an increasing important paradigm for greatly enhancing roadway system efficiency and traffic safety. To widely deploy VANETs in real life, it is critical to deal with the security and privacy issues in VANETs. In this paper, we propose a certificateless conditional privacy preserving authentication (CCPPA) scheme based on certificateless cryptography and elliptic curve cryptography for secure vehicle-to-infrastructure communication in VANETs. In the proposed scheme, a roadside unit (RSU) can simultaneously verify plenty of received messages such that the total verification time may be sharply decreased. Furthermore, the security analysis indicates that the proposed scheme is provably secure in the random oracle model and fulfills all the requirements on security and privacy. To further improve efficiency, both map-to-point hash operation and bilinear pairing operation are not employed. Compared with previous CCPPA schemes, the proposed scheme prominently cuts down computation delay of message signing and verification by 66.9%–85.5% and 91.8%–93.4%, respectively, and reduces communication cost by 44.4%. Extensive simulations show that the proposed scheme is practicable and achieves prominent performances of very little average message delay and average message loss ratio and thus is appropriate for realistic applications.

Large Universe CCA2 CP-ABE With Equality and Validity Test in the Standard Model

2020 ◽  
Author(s):  
Cong Li ◽  
Qingni Shen ◽  
Zhikang Xie ◽  
Xinyu Feng ◽  
Yuejian Fang ◽  
...  
Keyword(s):  
Standard Model ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Fine Grained ◽  
Validity Check ◽  
Attribute Based Encryption ◽  
The Standard Model ◽  
Series Of Experiments ◽  
Ciphertext Policy ◽  
Chosen Ciphertext Security

Abstract Attribute-based encryption with equality test (ABEET) simultaneously supports fine-grained access control on the encrypted data and plaintext message equality comparison without decrypting the ciphertexts. Recently, there have been several literatures about ABEET proposed. Nevertheless, most of them explore the ABEET schemes in the random oracle model, which has been pointed out to have many defects in practicality. The only existing ABEET scheme in the standard model, proposed by Wang et al., merely achieves the indistinguishable against chosen-plaintext attack security. Considering the aforementioned problems, in this paper, we propose the first direct adaptive chosen-ciphertext security ciphertext-policy ABEET scheme in the standard model. Our method only adopts a chameleon hash function and adds one dummy attribute to the access structure. Compared with the previous works, our scheme achieves the security improvement, ciphertext validity check and large universe. Besides, we further optimize our scheme to support the outsourced decryption. Finally, we first give the detailed theoretical analysis of our constructions in computation and storage costs, then we implement our constructions and carry out a series of experiments. Both results indicate that our constructions are more efficient in Setup and Trapdoor and have the shorter public parameters than the existing ABEET ones do.

scholarly journals Efficient Certificateless Anonymous Multi-Receiver Encryption Scheme without Bilinear Parings

2018 ◽  
Vol 2018 ◽  
pp. 1-13 ◽  
Author(s):  
Ronghai Gao ◽  
Jiwen Zeng ◽  
Lunzhi Deng
Keyword(s):  
Mobile Devices ◽  
Security Analysis ◽  
Mobile Network ◽  
Random Oracle Model ◽  
Random Oracle ◽  
Bilinear Pairing ◽  
Internet Technology ◽  
Security And Privacy ◽  
Encryption Scheme ◽  
The Troubles

With the growing development of Internet technology and popularization of mobile devices, we easily access the Internet anytime and anywhere by mobile devices. It has brought great convenience for our lives. But it brought more challenges than traditional wired communication, such as confidentiality and privacy. In order to improve security and privacy protection in using mobile network, numerous multi-receiver identity-based encryption schemes have been proposed with bilinear pairing and probabilistic hap-to-point (HTP) function. To address the troubles of private key escrow in multi-receiver encryption scheme based on ID-PKC, recently, some certificateless anonymous multi-receiver encryption (CLAMRE) schemes are introduced. But previous CLAMRE schemes using the bilinear pairing are not suitable to mobile device because the use of bilinear pairing and probabilistic hash-to-point (HTP) function results in expensive operation costs in encryption or decryption. In this paper, we propose an efficient CLAMRE scheme using elliptic curve cryptography (ECC) without bilinear pairing and HTP hash function. Since our scheme does not use bilinear pairing and HTP operation during the encryption and decryption process, the proposed CLAMRE scheme has much less computation cost than the latest CLAMRE schemes. Performance analysis shows that runtime of our scheme is much less when the sender generates ciphertext, compared with existing schemes. Security analysis shows proposed CLAMRE scheme provides confidentiality of message and receiver anonymity under the random oracle model with the difficulties of decision Diffie-Hellman problem and against the adversaries defined in CL-PKC system.

Sign in / Sign up

Export Citation Format

Share Document