A CCA-PKE Secure-Cryptosystem Resilient to Randomness Reset and Secret-Key Leakage

In recent years, several new notions of security have begun receiving consideration for public-key cryptosystems, beyond the standard of security against adaptive chosen ciphertext attack (CCA2). Among these are security against randomness reset attacks, in which the randomness used in encryption is forcibly set to some previous value, and against constant secret-key leakage attacks, wherein the constant factor of a secret key’s bits is leaked. In terms of formal security definitions, cast as attack games between a challenger and an adversary, a joint combination of these attacks means that the adversary has access to additional encryption queries under a randomness of his own choosing along with secret-key leakage queries. This implies that both the encryption and decryption processes of a cryptosystem are being tampered under this security notion. In this paper, we attempt to address this problem of a joint combination of randomness and secret-key leakage attacks through two cryptosystems that incorporate hash proof system and randomness extractor primitives. The first cryptosystem relies on the random oracle model and is secure against a class of adversaries, called non-reversing adversaries. We remove the random oracle oracle assumption and the non-reversing adversary requirement in our second cryptosystem, which is a standard model that relies on a proposed primitive called LM lossy functions. These functions allow up to M lossy branches in the collection to substantially lose information, allowing the cryptosystem to use this loss of information for several encryption and challenge queries. For each cryptosystem, we present detailed security proofs using the game-hopping procedure. In addition, we present a concrete instantation of LM lossy functions in the end of the paper—which relies on the DDH assumption.

Download Full-text

ID-based key-insulated signcryption with equality test in cloud computing

SN Applied Sciences ◽

10.1007/s42452-021-04469-9 ◽

2021 ◽

Vol 3 (4) ◽

Author(s):

Seth Alornyo ◽

Kingsford Kissi Mireku ◽

Mustapha Adamu Mohammed ◽

Daniel Adu-Gyamfi ◽

Michael Asante

Keyword(s):

Cloud Computing ◽

Random Oracle Model ◽

Random Oracle ◽

Harsh Environments ◽

Secret Key ◽

Secret Keys ◽

Security Property ◽

Equality Test ◽

Chosen Ciphertext Attack ◽

Chosen Message Attack

AbstractKey-insulated encryption reduces the problem of secret key exposure in hostile setting while signcryption cryptosystem attains the benefits of digitally signing a ciphertext and public key cryptosystem. In this study, we merge the primitives of parallel key-insulation cryptosystem and signcryption with equality test to construct ID-based parallel key-insulated signcryption with a test for equality (ID-PKSET) in cloud computing. The construction prevent data forgery, data re-play attacks and reduces the leakage of secret keys in harsh environments. Our scheme attains the security property of existential unforgeable chosen message attack (EUF-CMA) and indistinquishable identity chosen ciphertext attack (IND-ID-CCA2) using random oracle model.

Download Full-text

Novel Identity-Based Hash Proof System with Compact Master Public Key from Lattices in the Standard Model

International Journal of Foundations of Computer Science ◽

10.1142/s0129054119400148 ◽

2019 ◽

Vol 30 (04) ◽

pp. 589-606

Author(s):

Qiqi Lai ◽

Bo Yang ◽

Zhe Xia ◽

Yannan Li ◽

Yuan Chen ◽

...

Keyword(s):

Standard Model ◽

Random Oracle Model ◽

Random Oracle ◽

Public Key ◽

Proof System ◽

Secret Key ◽

Random Lattice ◽

The Standard Model ◽

Identity Based ◽

Hash Proof System

As the progress of quantum computers, it is desired to propose many more efficient cryptographic constructions with post-quantum security. In the literatures, almost all cryptographic schemes and protocols can be explained and constructed modularly from certain cryptographic primitives, among which an Identity-Based Hash Proof System (IB-HPS) is one of the most basic and important primitives. Therefore, we can utilize IB-HPSs with post-quantum security to present several types of post-quantum secure schemes and protocols. Up until now, all known IB-HPSs with post-quantum security are instantiated based on latticed-based assumptions. However, all these lattice-based IB-HPSs are either in the random oracle model or not efficient enough in the standard model. Hence, it should be of great significance to construct more efficient IB-HPSs from lattices in the standard model. In this paper, we propose a new smooth IB-HPS with anonymity based on the Learning with Errors (LWE) assumption in the standard model. This new construction is mainly inspired by a classical identity-based encryption scheme based on LWE due to Agreawal et al. in Eurocrypt 2010. And our innovation is to employ the algorithm SampleGaussian introduced by Gentry et al. and the property of random lattice to simulate the identity secret key with respect to the challenge identity. Compared with other existing IB-HPSs in the standard model, our master public key is quite compact. As a result, our construction has much lower overheads on computation and storage.

Download Full-text

MPKC-based Threshold Proxy Signcryption Scheme

The International Arab Journal of Information Technology ◽

10.34028/iajit/17/2/7 ◽

2019 ◽

Vol 17 (2) ◽

pp. 196-206

Author(s):

Li Huixian ◽

Gao Jin ◽

Wang Lingyun ◽

Pang Liaojun2

Keyword(s):

Quantum Computer ◽

Discrete Logarithm ◽

Random Oracle Model ◽

Random Oracle ◽

Public Key ◽

Group Signature ◽

Large Integer ◽

Efficient Technology ◽

Public Key Cryptosystems ◽

Signcryption Scheme

The threshold proxy signcryption can implement signature and encryption simultaneously in one logical step, and can be used to realize the decentralized protection of the group signature key, so it is an efficient technology for network security. Currently, most of the existing threshold proxy signcryption schemes are designed based on the traditional public key cryptosystems, and their security mainly depends on the difficulty of the large integer decomposition and the discrete logarithm. However, the traditional public key cryptosystems cannot resist the quantum computer attack, which makes the existing threshold proxy signcryption schemes based on traditional public key cryptosystems insecure against quantum attacks. Motivated by these concerns, we proposed a threshold proxy signcryption scheme based on Multivariate Public Key Cryptosystem (MPKC) which is one of the quantum attack-resistent public key algorithms. Under the premise of satisfying the threshold signcryption requirements of the threshold proxy, our scheme can not only realize the flexible participation of the proxy signcrypters but also resist the quantum computing attack. Finally, based on the assumption of Multivariate Quadratic (MQ) problem and Isomorphism Polynomial (IP) problem, the proof of the confidentiality and the unforgeability of the proposed scheme under the random oracle model is given.

Download Full-text

One-Round Attribute-Based Key Exchange in the Multi-Party Setting

International Journal of Foundations of Computer Science ◽

10.1142/s0129054117400159 ◽

2017 ◽

Vol 28 (06) ◽

pp. 725-742 ◽

Cited By ~ 1

Author(s):

Yangguang Tian ◽

Guomin Yang ◽

Yi Mu ◽

Shiwei Zhang ◽

Kaitai Liang ◽

...

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Key Exchange ◽

Secret Key ◽

Security Issue ◽

User Privacy ◽

Session Key ◽

Shared Secret ◽

Key Exchange Protocols ◽

Straightforward Approach

Attribute-based authenticated key exchange (AB-AKE) is a useful primitive that allows a group of users to establish a shared secret key and at the same time enables fine-grained access control. A straightforward approach to design an AB-AKE protocol is to extend a key exchange protocol using an attribute-based authentication technique. However, insider security is a challenge security issue for AB-AKE in the multi-party setting and cannot be solved using the straightforward approach. In addtion, many existing key exchange protocols for the multi-party setting (e.g., the well-known Burmester-Desmedt protocol) require multiple broadcast rounds to complete the protocol. In this paper, we propose a novel one-round attribute-based key exchange (OAKE) protocol in the multi-party setting. We define the formal security models, including session key security, insider security and user privacy, for OAKE, and prove the security of the proposed protocol under some standard assumptions in the random oracle model.

Download Full-text

Compiled Constructions towards Post-Quantum Group Key Exchange: A Design from Kyber

Mathematics ◽

10.3390/math8101853 ◽

2020 ◽

Vol 8 (10) ◽

pp. 1853

Author(s):

José Ignacio Escribano Pablos ◽

María Isabel González Vasco ◽

Misael Enrique Marriaga ◽

Ángel Luis Pérez del Pozo

Keyword(s):

Random Oracle Model ◽

Building Blocks ◽

Random Oracle ◽

Key Exchange ◽

Encryption Scheme ◽

Secret Key ◽

Key Exchange Protocol ◽

Group Key ◽

Group Key Exchange ◽

Starting Point

A group authenticated key exchange (GAKE) protocol allows a set of parties belonging to a certain designated group to agree upon a common secret key through an insecure communication network. In the last few years, many new cryptographic tools have been specifically designed to thwart attacks from adversaries which may have access to (different kinds of) quantum computation resources. However, few constructions for group key exchange have been put forward. Here, we propose a four-round GAKE which can be proven secure under widely accepted assumptions in the Quantum Random Oracle Model. Specifically, we integrate several primitives from the so-called Kyber suite of post-quantum tools in a (slightly modified) compiler from Abdalla et al. (TCC 2007). More precisely, taking as a starting point an IND-CPA encryption scheme from the Kyber portfolio, we derive, using results from Hövelmanns et al. (PKC 2020), a two-party key exchange protocol and an IND-CCA encryption scheme and prove them fit as building blocks for our compiled construction. The resulting GAKE protocol is secure under the Module-LWE assumption, and furthermore achieves authentication without the use of (expensive) post-quantum signatures.

Download Full-text

Efficient KDM-CCA Secure Public-Key Encryption via Auxiliary-Input Authenticated Encryption

Security and Communication Networks ◽

10.1155/2017/2148534 ◽

2017 ◽

Vol 2017 ◽

pp. 1-27 ◽

Cited By ~ 1

Author(s):

Shuai Han ◽

Shengli Liu ◽

Lin Lyu

Keyword(s):

Public Key ◽

Authenticated Encryption ◽

Public Key Encryption ◽

Secret Key ◽

Diffie Hellman ◽

Affine Functions ◽

Generic Construction ◽

Hash Proof System ◽

Auxiliary Input ◽

Ddh Assumption

KDM[F]-CCA security of public-key encryption (PKE) ensures the privacy of key-dependent messages f(sk) which are closely related to the secret key sk, where f∈F, even if the adversary is allowed to make decryption queries. In this paper, we study the design of KDM-CCA secure PKE. To this end, we develop a new primitive named Auxiliary-Input Authenticated Encryption (AIAE). For AIAE, we introduce two related-key attack (RKA) security notions, including IND-RKA and weak-INT-RKA. We present a generic construction of AIAE from tag-based hash proof system (HPS) and one-time secure authenticated encryption (AE) and give an instantiation of AIAE under the Decisional Diffie-Hellman (DDH) assumption. Using AIAE as an essential building block, we give two constructions of efficient KDM-CCA secure PKE based on the DDH and the Decisional Composite Residuosity (DCR) assumptions. Specifically, (i) our first PKE construction is the first one achieving KDM[Faff]-CCA security for the set of affine functions and compactness of ciphertexts simultaneously. (ii) Our second PKE construction is the first one achieving KDM[Fpolyd]-CCA security for the set of polynomial functions and almost compactness of ciphertexts simultaneously. Our PKE constructions are very efficient; in particular, they are pairing-free and NIZK-free.

Download Full-text

On the KDM-CCA Security from Partial Trapdoor One-Way Family in the Random Oracle Model

The Computer Journal ◽

10.1093/comjnl/bxz044 ◽

2019 ◽

Vol 62 (8) ◽

pp. 1232-1245

Author(s):

Jinyong Chang ◽

Genqing Bian ◽

Yanyan Ji ◽

Maozhi Xu

Keyword(s):

Slight Modification ◽

Random Oracle Model ◽

Random Oracle ◽

Public Key ◽

Public Key Encryption ◽

Know How ◽

One Way Function ◽

Chosen Ciphertext Attack

Abstract In PKC 2000, Pointcheval presented a generic technique to make a highly secure cryptosystem from any partially trapdoor one-way function in the random oracle model. More precisely, any suitable problem providing a one-way cryptosystem can be efficiently derived into a chosen-ciphertext attack (CCA) secure public key encryption (PKE) scheme. In fact, the overhead only consists of two hashing and a XOR. In this paper, we consider the key-dependent message (KDM) security of the Pointcheval’s transformation. Unfortunately, we do not know how to directly prove its KDM-CCA security because there are some details in the proof that we can not bypass. However, a slight modification of the original transformation (we call twisted Pointcheval’s scheme) makes it possible to obtain the KDM-CCA security. As a result, we prove that the twisted Pointcheval’s scheme achieves the KDM-CCA security without introducing any new assumption. That is, we can construct a KDM-CCA secure PKE scheme from partial trapdoor one-way injective family in the random oracle model.

Download Full-text

Identity-Based Identification Scheme without Trusted Party against Concurrent Attacks

Security and Communication Networks ◽

10.1155/2020/8820271 ◽

2020 ◽

Vol 2020 ◽

pp. 1-9

Author(s):

Fei Tang ◽

Jiali Bao ◽

Yonghong Huang ◽

Dong Huang ◽

Fuqun Wang

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Bilinear Pairing ◽

Key Generation ◽

Secret Key ◽

Key Escrow ◽

Identification Scheme ◽

Identification Schemes ◽

Secret Keys ◽

Identity Based

Identification schemes support that a prover who holding a secret key to prove itself to any verifier who holding the corresponding public key. In traditional identity-based identification schemes, there is a key generation center to generate all users’ secret keys. This means that the key generation center knows all users’ secret key, which brings the key escrow problem. To resolve this problem, in this work, we define the model of identity-based identification without a trusted party. Then, we propose a multi-authority identity-based identification scheme based on bilinear pairing. Furthermore, we prove the security of the proposed scheme in the random oracle model against impersonation under passive and concurrent attacks. Finally, we give an application of the proposed identity-based identification scheme to blockchain.

Download Full-text

Improvement of a Self Proxy Signature Scheme

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.40-41.643 ◽

2010 ◽

Vol 40-41 ◽

pp. 643-646

Author(s):

Qi Xie

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Proxy Signature ◽

Signature Scheme ◽

Secret Key ◽

Improvement Scheme ◽

Provably Secure

The aim of self proxy is to protect the signer’s permanent secret key. In 2007, Kim and Chang proposed a self proxy signature scheme. In this paper, we show that their scheme cannot resist the warrant revision attack. Anyone can forge a valid proxy warrant and generate a valid self proxy signature for any message, when he gets a self proxy signature. To overcome their weakness, an improvement scheme is proposed, which is provably secure in random oracle model.

Download Full-text

Linkable Ring Signature Scheme Using Biometric Cryptosystem and NIZK and Its Application

Security and Communication Networks ◽

10.1155/2021/7266564 ◽

2021 ◽

Vol 2021 ◽

pp. 1-14

Author(s):

Xuechun Mao ◽

Lin You ◽

Chengtang Cao ◽

Gengran Hu ◽

Liqin Hu

Keyword(s):

Random Oracle Model ◽

Random Oracle ◽

Identity Authentication ◽

Signature Scheme ◽

Secret Key ◽

Ring Signature ◽

Transaction Model ◽

Security Proof ◽

Biometric Encryption ◽

Biometric Cryptosystem

Biometric encryption, especially based on fingerprint, plays an important role in privacy protection and identity authentication. In this paper, we construct a privacy-preserving linkable ring signature scheme. In our scheme, we utilize a fuzzy symmetric encryption scheme called symmetric keyring encryption (SKE) to hide the secret key and use non-interactive zero-knowledge (NIZK) protocol to ensure that we do not leak any information about the message. Unlike the blind signature, we use NIZK protocol to cancel the interaction between the signer (the prover) and the verifier. The security proof shows that our scheme is secure under the random oracle model. Finally, we implement it on a personal computer and analyze the performance of the constructed scheme in practical terms. Based on the constructed scheme and demo, we give an anonymous cryptocurrency transaction model as well as mobile demonstration.

Download Full-text