Identity-based Signature Scheme Research Articles

Provably Secure Online/Offline Identity-Based Signature Scheme Based on SM9

Abstract SM9 is a Chinese cryptography standard, which includes a set of identity-based cryptographic schemes over pairings. SM9 identity-based signature scheme (SM9-IBS) was standardized by ISO/IEC and has been widely used in many real-world applications such as blockchain. Nevertheless, the signing algorithm of SM9-IBS suffers from several heavy calculations (e.g. pairings, scalar multiplications in groups), which might be a bottleneck for lightweight devices such as sensors. In this paper, we modify the SM9-IBS scheme slightly to support fast signing. In order to achieve this, we make the use of online/offline methodology and propose a new online/offline IBS scheme based on SM9. The proposed scheme is proved to be EUF-sID-CMA secure and is about 99% faster than SM9-IBS in terms of signature generation. Precisely, the time cost of online signing is <1 ms. Our scheme is appropriate for the Internet of Things. The theoretical analysis and demonstration show that the proposed scheme is comparable to existing efficient online/offline IBS schemes.

An Efficient Post‐quantum Identity‐Based Signature

Digital signature is one of the most important cryptography primitives. Recently, more and more works have been done to construct signatures over lattice problems to keep them secure in the quantum age. Among them, a ring-based signature scheme named Dilithium is the most efficient one and a candidate in the third round of the National Institute of Standards and Technology's post-quantum cryptography project. To make those schemes work well in large network, we constructed the first ring-based Identity-based signature (IBS) scheme for light-weight authentication. The construction in this paper relies on the transformations introduced by Bellare et al. in Journal of Cryptology (Vol.22, No.1, pp.1–61, 2009) and its security can be proved under the hardness of ring-learning with errors problem in the random oracle model. Due to better trapdoor and polynomial ring setting, our proposed scheme are much better than the previous ones in terms of both computation and communication complexities.

Advanced Signature Functionalities from the Code Equivalence Problem

The LESS signature scheme, introduced in 2020, represented a fresh start for code-based signatures. In this paper we explore advanced functionalities for signature schemes, stemming from the work of LESS. First, we adapt a recent protocol of Beullens et al. to obtain a construction for (linkable) ring signatures. Then, we realize an identity-based signature scheme following the traditional approach by Joye and Neven. Our performance numbers confirm that signature schemes based on the code equivalence problem have considerable potential for practical applications.

A key-escrow free identity-based signature scheme without requirement of a secure channel in the private key issuance phase

Identity-based cryptosystem (IBC) provides us the simplest key management procedures over traditional public key cryptosystem (PKC) as it eliminates the need for certificates of PKC. Hence, no certificate management activities are involved in IBC. However, there are two major drawbacks with the identity-based cryptosystem. One is the key-escrow problem and the other one is the necessity of a channel which is secure for the transmission of the private key, generated by a trusted centre called key generation centre (KGC). In this work, we propose an identity-based signature scheme, fitted in an existing established variant IBC model. The proposed scheme avoids the necessity of the secure channel as well as it is key-escrow free. The proposed scheme is constructed using bilinear pairings and based on the blinding-binding technique.

A key-escrow free identity-based signature scheme without requirement of a secure channel in the private key issuance phase

A key-escrow free identity-based signature scheme without requirement of a secure channel in the private key issuance phase

Tight security for the generic construction of identity-based signature (in the multi-instance setting)

An identity-based signature (IBS) scheme can be generically constructed from any ordinary signature scheme by appending a chain of signatures. Until now, it has been known that a generic construction cannot lead to a tightly secure IBS scheme, although any tightly secure signature scheme can be used as a building block. In this study, we demonstrate that the generic construction of IBS can achieve tightness if the underlying signature scheme is tightly secure in the multi-user setting with corruption. In addition, we extend the tightness result of IBS to the multi-instance setting, where an adversary can corrupt multiple key generation centers and obtain multiple related master secret keys. As instantiations, we adopt the efficient and tightly secure signature scheme in the multi-user setting with corruption, recently proposed by Gjøsteen and Jager (CRYPTO 2018). As a result, we can obtain the first efficient and tightly secure IBS schemes (in the multi-instance setting) based on the Diffie–Hellman assumptions in the random oracle model.

Tightly Secure Hierarchical Identity-Based Encryption

We construct the first tightly secure hierarchical identity-based encryption (HIBE) scheme basedon standard assumptions, which solves an open problem from Blazy, Kiltz, and Pan (CRYPTO 2014).At the core of our constructions is a novel randomization technique that enables us to randomizeuser secret keys for identities with flexible length.The security reductions of previous HIBEs lose at least a factor of Q, which is the number ofuser secret key queries. Different to that, the security loss of our schemes is only dependent onthe security parameter. Our schemes are adaptively secure based on the Matrix Diffie-Hellmanassumption, which is a generalization of standard Diffie-Hellman assumptions such as k-Linear. Wehave two tightly secure constructions, one with constant ciphertext size, and the other with tightersecurity at the cost of linear ciphertext size. Among other things, our schemes imply the first tightlysecure identity-based signature scheme by a variant of the Naor transformation.

Secure and Efficient Two-Party Signing Protocol for the Identity-Based Signature Scheme in the IEEE P1363 Standard for Public Key Cryptography

Mobile device and application (app) security are increasingly important, partly due to the constant and fast-paced cyberthreat evolution. To ensure the security of communication (e.g., data-in-transit), a number of identity-based signature schemes have been designed to facilitate authorization identification and validation of messages. However, in many of these schemes, a user's private key may leak when a new signature is generated since the private keys are stored on the device. Seeking to improve the security of the private key, we propose the first two-party distributed signing protocol for the identity-based signature scheme in the IEEE P1363 standard. This protocol requires that two devices separately store one part of the user's private key, and allows these two devices to generate a valid signature without revealing the entire private key of the user. We formally prove that the security of the protocol in the random oracle model. Then, we implement the protocol using the MIRACL library and evaluate the protocol on two mobile devices. Compared with the protocol of Lindell (CRYPTO'17) that uses the zero-knowledge proof for its security, our protocol is more suitable for deployment in the mobile environment.

CsiIBS: A post-quantum identity-based signature scheme based on isogenies

Digital signatures are important cryptographic primitive for authentication. To resist quantum attacks, many post-quantum signature schemes have been proposed. Among them, isogeny-based signature schemes, such as SeaSign, rapid development in recent years along with the proposed CSIDH construction. In this paper, inspired by the Fiat-Shamir transform, we construct the first identity-based signature scheme based on isogenies from the isogeny-based identification scheme. Then, we analyze its security in the random oracle model under the hardness of the isogeny problem, and demonstrate that it achieves the required security properties. Finally, we evaluate the performance and give the corresponding computational and storage costs.

Comments on an identity-based signature scheme for VANETs

Abstract In this letter, we analyze the identity-based signature with conditional privacy-preserving authentication scheme (short for IBS-CPPA, published in Journal of Systems Architecture, doi: 10.1016/j.sysarc.2019.101692 ) and demonstrate that it cannot provide secure authentication between vehicles. Specifically, in IBS-CPPA, two types of adversaries can launch different attacks to forge a valid signature on any traffic-related message to impersonate a target vehicle, so as to invalidate the authentication between vehicles.

Novel efficient identity-based signature on lattices

With the rapid development of electronic information technology, digital signature has become an indispensable part of our lives. Traditional public key certificate cryptosystems cannot overcome the limitations of certificate management. Identity-based cryptosystems can avoid the certificate management issues. The development of quantum computers has brought serious challenges to traditional cryptography. Post-quantum cryptography research is imperative. At present, almost all post-quantum identity-based signature (IBS) schemes are constructed using Gaussian sampling or trapdoor technologies. However, these two technologies have a great impact on computational efficiency. To overcome this problem, we construct an IBS scheme on lattices by employing Lyubashevsky’s signature scheme. Based on the shortest vector problem on lattices, our scheme does not use Gaussian sampling or trapdoor technologies. In the random oracle model, it is proved that our scheme is strongly unforgeable against adaptive chosen messages and identity attacks. The security level of our scheme is strongly unforgeable, which is a higher level than the existential unforgeability of other schemes. Compared with other efficient schemes, our scheme has advantages in computation complexity and security.

Distributed signing protocol for IEEE P1363‐compliant identity‐based signature scheme

The identity-based signature (IBS) scheme is one of the most promising secure and widely used cryptographic primitives for electronic commerce applications. For example, ID-based signing in a multi-party setting, without ever revealing any private and secret information, has received considerable interest in distributed applications such as a global manufacturer. However, there is no practical solution for such a group setting (e.g. more than two parties). Therefore, in this study, the authors present the first distributed identity-based signing protocol for the global electronic commerce system. Specifically, the authors’ designed protocol allows a group of parties to generate the signature in a decentralised and fair manner. They also prove that their proposed protocol is secure against a malicious adversary under the discrete logarithm and decisional Diffie–Hellman assumptions. Moreover, they implement the protocol using the MIRACL libraries on physical computing devices. Findings from the evaluations demonstrate the practical utility of their proposed protocol, in terms of achieving high level of security within a reasonable time framework (e.g. signing time (including communication latency and waiting delay) takes 311.86 ms for three parties, 558.2 ms for five parties, and 707.21 ms for seven parties, under a single-thread implementation).

Escrow-Less Identity-Based Signature Scheme with Outsourced Protection in Cloud Computing

The identity-based cryptosystem (IBC) outfits with the most beneficial key management procedures. The IBC is bounded to the small network system due to the internal key escrow problem, which leads to two other problems: key abusing and user slandering problems. Some solutions that address the key escrow problem are certificate-less cryptosystems and multiple authorities-based IBC. However, they are expensive in terms of computation or loss of the identity-based feature. This paper presents an escrow-less identity-based signature (EL-IBS) scheme, where we employ one key generation center that authenticates a user and many authorities that issue a protected private key share without user authentication. We also outsource the key protection overhead to the cloud privacy centers. We proved that the our EL-IBS scheme is existential unforgeable, key abusing and existential user slandering secured against adaptively chosen message attack under the random oracle model and the well-known computational Diffie–Hellman problem.

A PROFICIENT IDENTITY BASED SIGNATURE SCHEME WITH DESIGNATED VERIFIER FOR E-VOTING

A democratic system cannot be complete without adding the key feature of “Voting” in it. There are two ways to execute the voting process. One is physical voting system and the other one is electronic voting or e-voting system. Our study has been done in the context of e-voting system. In our paper, we have studied the identity (ID) based signature scheme with designated verifier to construct an e-voting system much trustworthy by the side of the voter. In this scheme, not only the voter can authenticate that whether her/his vote is casted or not but he/she can also validate it by using facility of receipt generation. This scheme also protects the privacy of casted vote. We have achieved this by proposing a proficient Identity –Based signature scheme with designated verifier for receipt generation in e-voting.

On the General Construction of Tightly Secure Identity-Based Signature Schemes

AbstractA tightly secure scheme has a reduction, where the reduction loss is a small constant. Identity-based signature (IBS) is an important cryptographic primitive, and tightly secure IBS schemes enjoy the advantage that the security parameter can be optimal to achieve a certain security level. General constructions of IBS schemes (Bellare, M., Namprempre, C., and Neven, G. (2004) Security Proofs for Identity-Based Identification and Signature Schemes. In Proc. EUROCRYPT 2004, May 2–6, pp. 268–286. Springer, Berlin, Interlaken, Switzerland; Galindo, D., Herranz, J., and Kiltz, E. (2006) On the Generic Construction of Identity-Based Signatures With Additional Properties. In Proceedings of ASIACRYPT 2006, December 3–7, pp. 178–193. Springer, Berlin, Shanghai, China) and their security have been extensively studied. However, the security is not tight and how to generally construct a tightly secure IBS scheme remains unknown. In this paper, we concentrate on the general constructions of IBS schemes. We first take an insight into previous constructions and analyze the reason why it cannot achieve tight security. To further study possible tightly secure constructions, we propose another general construction, which could be seen as a different framework of IBS schemes. Our construction requires two traditional signature schemes, whereas the construction by Bellare et al. uses one scheme in a two-round iteration. There are no additional operations in our general construction. Its main advantage is providing the possibility of achieving tight security for IBS schemes in the random oracle model. Combining two known signature schemes, we present an efficient IBS scheme with tight security as an example.

Efficient Obfuscation for Encrypted Identity-Based Signatures in Wireless Body Area Networks

The rapid development of the Internet of Things has contributed to the emergence of novel applications in recent years, such as wireless body area networks (WBANs). The latter can potentially provide people with convenience and high-quality healthcare. However, how to protect the confidentiality and privacy of user data remains challenging. Although a number of schemes using cryptographic tools in WBANs have been proposed, they are not practical due to the low computing power and storage capabilities of the sensors. To remedy this shortcoming, in this article, we propose an efficient obfuscation for encrypted identity-based signatures in WBANs, which can securely and efficiently use the resources of mobile devices to sign and encrypt data collected by sensors. In particular, our proposed scheme employs the identity-based signature scheme in the IEEE P1363 standard. We prove the security of our scheme, and that it satisfies the virtual black box properties. Moreover, we implement our scheme using the Java pairing-based cryptography library on a laptop and an Android phone. The experimental results the utility of our scheme in WBANs.

White-Box Implementation of the Identity-Based Signature Scheme in the IEEE P1363 Standard for Public Key Cryptography

White-Box Implementation of the Identity-Based Signature Scheme in the IEEE P1363 Standard for Public Key Cryptography

Leakage-free ID-Based Signature, Revisited

Abstract Recently, Tseng et al. proposed a new notion for identity-based signature (IBS) scheme to resist ephemeral secret leakage (ESL) attacks, called leakage-free identity-based signature (leakage-free IBS), and devised the first secure leakage-free IBS scheme. However, they only considered the situation of the leakage of ephemeral secrets used for generating the signatures. Notice that the private key extraction procedure is probabilistic as well in their scheme, that is, there are ephemeral secrets used by the key generation center to generate the signers’ private keys. It is practical to consider that if the adversary comprises these ephemeral secrets, then he can reveal the master key of the system. Therefore, it is desired to introduce a new security notion for the leakage-free IBS schemes to consider the ESL attacks on both private key extraction and signing procedures. In this paper, we present such security notion. Moreover, we propose two IBS schemes that are proved to be secure under the new security notion.

Scalable Revocable Identity-Based Signature Scheme with Signing Key Exposure Resistance from Lattices

In 2014, a new security definition of a revocable identity-based signature (RIBS) with signing key exposure resistance was introduced. Based on this new definition, many scalable RIBS schemes with signing key exposure resistance were proposed. However, the security of these schemes is based on traditional complexity assumption, which is not secure against attacks in the quantum era. Lattice-based cryptography has many attractive features, and it is believed to be secure against quantum computing attacks. We reviewed existing lattice-based RIBS schemes and found that all these schemes are vulnerable to signing key exposure. Hence, in this paper, we propose the first lattice-based RIBS scheme with signing key exposure resistance by using the left-right lattices and delegation technology. In addition, we employ a complete subtree revocation method to ensure our construction meeting scalability. Finally, we prove that our RIBS scheme is selective-ID existentially unforgeable against chosen message attacks (EUF-sID-CMA) under the standard short integer solutions (SIS) assumption in the random oracle model.

SCM: secured communication model for urban VANET applications

The primary concern of any vehicular ad hoc network (VANET) application is to offer safety and infotainment related services to commuters in a dynamic and reliable way. The characteristics of both VANET environment and the participating vehicles raise several challenges for the application development. The success of any application depends on the strength of the underlying communication model. Thus scalable, secure and robust communication models that work well with different traffic conditions and varying mobility speeds are required. We have proposed a secured communication model (SCM) for VANETs to facilitate dedicated short range communication (DSRC). The model was designed based on the specifications of IEEE 802.11p standard and the security component was offered through IDbased encryption and signature schemes. Several urban communication scenarios with different vehicle densities were created in EXata emulator. These scenarios were emulated on the proposed SCM using four routing protocols- AODV, Bellman Ford, OLSR and LAR. At higher vehicle densities the proposed model had resulted in good throughput with an acceptable delay. Out of the four routing protocols, location aided routing (LAR) protocol was found efficient on the proposed SCM.