Leakage-Resilient Outsourced Revocable Certificateless Signature with a Cloud Revocation Server

Yuh–Min Tseng; Jui-Di Wu; Sen-Shan Huang; Tung-Tso Tsai

doi:10.5755/j01.itc.49.4.25927

Leakage-Resilient Outsourced Revocable Certificateless Signature with a Cloud Revocation Server

Information Technology And Control ◽

10.5755/j01.itc.49.4.25927 ◽

2020 ◽

Vol 49 (4) ◽

pp. 464-481

Author(s):

Yuh–Min Tseng ◽

Jui-Di Wu ◽

Sen-Shan Huang ◽

Tung-Tso Tsai

Keyword(s):

Public Key Cryptography ◽

Public Key ◽

Side Channel ◽

Key Generation ◽

Side Channel Attacks ◽

Signature Schemes ◽

Certificateless Cryptography ◽

Secret Keys ◽

Leakage Resilient ◽

Certificateless Signature

Certificateless public-key system (CL-PKS) is a significant public-key cryptography and it solves both the key escrow and certificate management problems. Outsourced revocable certificateless public-key system (ORCL-PKS) with a cloud revocation server (CRS) not only provides a revocation mechanism, but also further outsources the revocation functionality to the CRS to reduce the computational burden of the key generation center (KGC). Recently, side-channel attacks have threatened some existing conventional cryptography (including CL-PKS). Indeed, adversaries can apply side-channel attacks to derive fractional constituents of private (or secret) keys to damage the security of these cryptographic protocols (or schemes). To withstand such attacks, leakage-resilient cryptography is an attractive approach. However, little research concerns with leakage-resilient certificateless cryptography. In this paper, the first leakage-resilient outsourced revocable certificateless signature (LR-ORCLS) scheme is presented. The proposed scheme allows adversaries to continually derive fractional constituents of private (or secret) keys and possesses overall unbounded leakage property. In the generic bilinear group (GBG) model, our scheme is shown to be existential unforgeable against adversaries. Finally, the comparisons between the proposed scheme and the previous revocable certificateless signature schemes are provided to demonstrate the merits of the proposed scheme.

Download Full-text

An Improved Montgomery Window Algorithm on Modular Exponentiation Secure against Side Channel Attacks

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.392.862 ◽

2013 ◽

Vol 392 ◽

pp. 862-866

Author(s):

Mu Han ◽

Jia Zhao ◽

Shi Dian Ma

Keyword(s):

Public Key Cryptography ◽

Public Key ◽

Side Channel ◽

Modular Exponentiation ◽

Side Channel Attacks ◽

The Core

As one of the core algorithms in most public key cryptography, modular exponentiation has a flaw of its efficiency, which often uses the Montgomerys algorithm to realize the fast operation. But the Montgomerys algorithm has the issue of side channel leakage from the final conditional subtraction. Aiming at this problem, this paper presents an improved fast Montgomery window algorithm. The new algorithm generates the remainder table with odd power to reduce the amount of pre-computation, and combines with the improved Montgomerys algorithm to realize modular exponentiation, which can accelerate the speed and reduce the side channel leakage. The new algorithm cant only thwart side channel attacks, but also improve the efficiency.

Download Full-text

Secure and Efficient Certificateless Signature and Blind Signature Scheme from Pairings

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.457-458.1262 ◽

2013 ◽

Vol 457-458 ◽

pp. 1262-1265

Author(s):

Min Qin Chen ◽

Qiao Yan Wen ◽

Zheng Ping Jin ◽

Hua Zhang

Keyword(s):

Random Oracle Model ◽

Public Key Cryptography ◽

Random Oracle ◽

Blind Signature ◽

Public Key ◽

Signature Scheme ◽

Signature Schemes ◽

Diffie Hellman ◽

Identity Based ◽

Certificateless Signature

Based an identity-based signature scheme, we givea certificateless signature scheme. And then we propose a certificateless blind signature (CLBS) scheme in this paper. This schemeis more efficient than those of previous schemes by pre-computing the pairing e (P, P)=g. Based on CL-PKC, it eliminates theusing of certificates in the signature scheme with respect to thetraditional public key cryptography (PKC) and solves key escrowproblems in ID-based signature schemes. Meanwhile it retains themerits of BS schemes. The proposed CLBS scheme is existentialunforgeable in the random oracle model under the intractabilityof the q-Strong Diffie-Hellman problem.

Download Full-text

On the Importance of Checking Multivariate Public Key Cryptography for Side-Channel Attacks: The Case of enTTS Scheme

The Computer Journal ◽

10.1093/comjnl/bxx010 ◽

2017 ◽

Vol 60 (8) ◽

pp. 1197-1209 ◽

Cited By ~ 7

Author(s):

Haibo Yi ◽

Weijian Li

Keyword(s):

Public Key Cryptography ◽

Public Key ◽

Side Channel ◽

Side Channel Attacks ◽

Multivariate Public Key

Download Full-text

Implementation Methodology of ECC to Overcome Side Channel Attacks

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i3.27.17989 ◽

2018 ◽

Vol 7 (3.27) ◽

pp. 421

Author(s):

M Maheswari ◽

R A. Karthika ◽

Anuska Chatterjee

Keyword(s):

Elliptic Curve ◽

Elliptic Curve Cryptography ◽

Public Key Cryptography ◽

Public Key ◽

Side Channel ◽

Side Channel Attacks ◽

Private Key ◽

Wide Range ◽

Cryptographic Algorithms ◽

Implementation Methodology

Elliptic Curve Cryptography (ECC) is a form of public-key cryptography. This implies that there is the involvement of a private key and a public key for the purpose of cryptography. ECC can be used for a wide range of applications. The keys used are much smaller than the non-ECC cryptographic algorithms. 256 bit and 384 bit ECC are used by NSA for storage of classified intel as ECC is considered to be a part of suit B cryptography by the NSA. When it comes to normal usage, other versions of ECC are used. So, many of the applications protected by ECC are vulnerable to side channel attacks. So, the objective is to modify the existing method of implementation of ECC is some regular domains like media, smart grid, etc., such that the side-channel attacks [7], [3] vulnerabilities are fixed.

Download Full-text

Secure Certificateless Signature with Revocation in the Standard Model

Mathematical Problems in Engineering ◽

10.1155/2014/728591 ◽

2014 ◽

Vol 2014 ◽

pp. 1-16 ◽

Cited By ~ 5

Author(s):

Tung-Tso Tsai ◽

Sen-Shan Huang ◽

Yuh-Min Tseng

Keyword(s):

Standard Model ◽

Public Key Cryptography ◽

Public Key ◽

Key Generation ◽

Security Model ◽

Certificateless Public Key Cryptography ◽

Random Oracles ◽

Diffie Hellman ◽

The Standard Model ◽

Certificateless Signature

Certificateless public key cryptography is very attractive in solving the key escrow problem which is inherent in identity- (ID-) based public key cryptography. In the past, a large number of certificateless cryptographic schemes and protocols were presented, but a secure certificateless signature in the standard model (without random oracles) is still not accessible until now. To the best of our knowledge, all the previously proposed certificateless signature schemes were insecure under a considerably strong security model in the sense that they suffered from outsiders’ key replacement attacks or the attacks from the key generation center (KGC). In this paper, we propose a certificateless signature scheme without random oracles. Moreover, our scheme is secure under the strong security model and provides a public revocation mechanism, called revocable certificateless signature (RCLS). Under the standard computational Diffie-Hellman assumption, we formally demonstrate that our scheme possesses existential unforgeability against adaptive chosen-message attacks.

Download Full-text

Certificateless Short Signature Scheme from Bilinear Pairings

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.380-384.2435 ◽

2013 ◽

Vol 380-384 ◽

pp. 2435-2438 ◽

Cited By ~ 2

Author(s):

Shu Rong Feng ◽

Jiao Mo ◽

Hua Zhang ◽

Zheng Ping Jin

Keyword(s):

Bilinear Pairings ◽

Public Key ◽

Security Level ◽

Signature Scheme ◽

Signature Schemes ◽

Short Signature ◽

Certificateless Signature ◽

Provably Secure

Certificateless short signature schemes can not only have the advantage of certificateless signature, but also provide a short signature size in communication. However, all existing certificateless short signature schemes only proven secure against a normal adversary which can only obtain the valid signature for the original public key rather than a super adversary which can obtain the valid signature for the replaced public key. Recently, Fan et al. proposed a certificateless short signature scheme which is very efficient, but we found it is still cannot against super adversary. In this paper, we first analysis their scheme, and then present an improved scheme which can against super adversaries. Furthermore, our scheme can provide both the strongest security level and the shortest signature size compared the existed provably secure certificateless short signature scheme.

Download Full-text

Lattice-Based Linearly Homomorphic Signature Scheme over F 2

Security and Communication Networks ◽

10.1155/2020/8857815 ◽

2020 ◽

Vol 2020 ◽

pp. 1-7

Author(s):

Jie Cai ◽

Han Jiang ◽

Hao Wang ◽

Qiuliang Xu

Keyword(s):

Public Key ◽

Side Channel ◽

Signature Scheme ◽

Side Channel Attacks ◽

Sampling Function ◽

Uniform Sampling ◽

Restricted Condition ◽

Gaussian Sampling

In this paper, we design a new lattice-based linearly homomorphic signature scheme over F 2 . The existing schemes are all constructed based on hash-and-sign lattice-based signature framework, where the implementation of preimage sampling function is Gaussian sampling, and the use of trapdoor basis needs a larger dimension m ≥ 5 n log q . Hence, they cannot resist potential side-channel attacks and have larger sizes of public key and signature. Under Fiat–Shamir with aborting signature framework and general SIS problem restricted condition m ≥ n log q , we use uniform sampling of filtering technology to design the scheme, and then, our scheme has a smaller public key size and signature size than the existing schemes and it can resist side-channel attacks.

Download Full-text

Certificateless Public Key Encryption Scheme with Hybrid Problems and Its Application to Internet of Things

Mathematical Problems in Engineering ◽

10.1155/2014/980274 ◽

2014 ◽

Vol 2014 ◽

pp. 1-9 ◽

Cited By ~ 5

Author(s):

Rui Guo ◽

Qiaoyan Wen ◽

Huixian Shi ◽

Zhengping Jin ◽

Hua Zhang

Keyword(s):

Internet Of Things ◽

Public Key Cryptography ◽

Public Key ◽

Encryption Scheme ◽

Public Key Encryption ◽

Certificateless Cryptography ◽

Diffie Hellman ◽

Identity Based ◽

Certificate Management ◽

Certificateless Public Key Encryption

Certificateless cryptography aims at combining the advantages of public key cryptography and identity based cryptography to avoid the certificate management and the key escrow problem. In this paper, we present a novel certificateless public key encryption scheme on the elliptic curve over the ring, whose security is based on the hardness assumption of Bilinear Diffie-Hellman problem and factoring the large number as in an RSA protocol. Moreover, since our scheme requires only one pairing operation in decryption, it is significantly more efficient than other related schemes. In addition, based on our encryption system, we also propose a protocol to protect the confidentiality and integrity of information in the scenario of Internet of Things with constrained resource nodes.

Download Full-text

Encryption and Decryption of data using Elliptical Curve Cryptography

International Journal of Innovative Technology and Exploring Engineering - Special Issue ◽

10.35940/ijitee.i7909.078919 ◽

2019 ◽

Vol 8 (9) ◽

pp. 1141-1144

Keyword(s):

Performance Metrics ◽

Personal Information ◽

Public Key Cryptography ◽

Original Data ◽

Public Key ◽

Key Generation ◽

Plain Text ◽

Private Key ◽

Encryption And Decryption ◽

Pixel Value

Aadhaar database is the world's largest biometric database system. The security of Aadhaar database plays a major role. In order to secure such huge database, an encryption and decryption algorithm has been proposed in this paper. Elliptic Curve Cryptography (ECC) is a public key cryptography which is used to provide high security to those databases. The Aadhaar database contains individual personal information as well as their biometric identities. ECC is widely used for providing security to all kinds of data. ECC has smaller key size, fast computation, high throughput compared to other cryptographic algorithms. The data’s present in database are converted into their corresponding Pixel or ASCII values. After that the encryption process is done with the help of public key, private key, generation points and plain text. After the encryption process, the encrypted coordinates can be mapped with the generated points and from that corresponding ASCII value for text, pixel value for image can be retrieved. Then, the alphabet which is corresponding to ASCII will be displayed so that the cipher text can be viewed. This encrypted data is stored in the database. In order to retrieve the original data decryption process using ECC is carried out. In decryption process, receiver’s private key and cipher coordinates which is retrieved from encryption process are used. Therefore, the personal details of an individual can be retrieved with the presence of that particular person who only knows that private key. So, the hackers will not be able to retrieve the database of any individual just by knowing their Aadhaar ID. The proposed work is implemented in the MATLAB software. The Performance metrics like PSNR, Similarity, Correlation Coefficient, NPCR and UACI has been done for analysis.

Download Full-text

Generic Side-channel attacks on CCA-secure lattice-based PKE and KEMs

IACR Transactions on Cryptographic Hardware and Embedded Systems ◽

10.46586/tches.v2020.i3.307-335 ◽

2020 ◽

pp. 307-335 ◽

Cited By ~ 2

Author(s):

Prasanna Ravi ◽

Sujoy Sinha Roy ◽

Anupam Chattopadhyay ◽

Shivam Bhasin

Keyword(s):

Experimental Validation ◽

Error Correcting Codes ◽

Public Key ◽

Side Channel ◽

Public Key Encryption ◽

Side Channel Attacks ◽

Key Recovery ◽

Binary Information ◽

Channel Information ◽

Standardization Process

In this work, we demonstrate generic and practical EM side-channel assisted chosen ciphertext attacks over multiple LWE/LWR-based Public Key Encryption (PKE) and Key Encapsulation Mechanisms (KEM) secure in the chosen ciphertext model (IND-CCA security). We show that the EM side-channel information can be efficiently utilized to instantiate a plaintext checking oracle, which provides binary information about the output of decryption, typically concealed within IND-CCA secure PKE/KEMs, thereby enabling our attacks. Firstly, we identified EM-based side-channel vulnerabilities in the error correcting codes (ECC) enabling us to distinguish based on the value/validity of decrypted codewords. We also identified similar vulnerabilities in the Fujisaki-Okamoto transform which leaks information about decrypted messages applicable to schemes that do not use ECC. We subsequently exploit these vulnerabilities to demonstrate practical attacks applicable to six CCA-secure lattice-based PKE/KEMs competing in the second round of the NIST standardization process. We perform experimental validation of our attacks on implementations taken from the open-source pqm4 library, running on the ARM Cortex-M4 microcontroller. Our attacks lead to complete key-recovery in a matter of minutes on all the targeted schemes, thus showing the effectiveness of our attack.

Download Full-text