Identity-based Signature Research Articles

White-Box Implementation of the Identity-Based Signature Scheme in the IEEE P1363 Standard for Public Key Cryptography

White-Box Implementation of the Identity-Based Signature Scheme in the IEEE P1363 Standard for Public Key Cryptography

Leakage-free ID-Based Signature, Revisited

Abstract Recently, Tseng et al. proposed a new notion for identity-based signature (IBS) scheme to resist ephemeral secret leakage (ESL) attacks, called leakage-free identity-based signature (leakage-free IBS), and devised the first secure leakage-free IBS scheme. However, they only considered the situation of the leakage of ephemeral secrets used for generating the signatures. Notice that the private key extraction procedure is probabilistic as well in their scheme, that is, there are ephemeral secrets used by the key generation center to generate the signers’ private keys. It is practical to consider that if the adversary comprises these ephemeral secrets, then he can reveal the master key of the system. Therefore, it is desired to introduce a new security notion for the leakage-free IBS schemes to consider the ESL attacks on both private key extraction and signing procedures. In this paper, we present such security notion. Moreover, we propose two IBS schemes that are proved to be secure under the new security notion.

Scalable Revocable Identity-Based Signature Scheme with Signing Key Exposure Resistance from Lattices

In 2014, a new security definition of a revocable identity-based signature (RIBS) with signing key exposure resistance was introduced. Based on this new definition, many scalable RIBS schemes with signing key exposure resistance were proposed. However, the security of these schemes is based on traditional complexity assumption, which is not secure against attacks in the quantum era. Lattice-based cryptography has many attractive features, and it is believed to be secure against quantum computing attacks. We reviewed existing lattice-based RIBS schemes and found that all these schemes are vulnerable to signing key exposure. Hence, in this paper, we propose the first lattice-based RIBS scheme with signing key exposure resistance by using the left-right lattices and delegation technology. In addition, we employ a complete subtree revocation method to ensure our construction meeting scalability. Finally, we prove that our RIBS scheme is selective-ID existentially unforgeable against chosen message attacks (EUF-sID-CMA) under the standard short integer solutions (SIS) assumption in the random oracle model.

Scalable revocable identity-based signature over lattices in the standard model

Revocable identity based signature (RIBS) is a useful cryptographic primitive, which provides a revocation mechanism to revoke misbehaving or malicious users over ID-based public key settings. In the past, many RIBS schemes have been previously proposed, but the security of all these existing schemes is based on traditional complexity assumptions, which are not secure against attacks in the quantum era. Lattice-based cryptography has many attractive features and it is all believed to be secure against attacks of quantum computing. Recently, Hung et al. proposed a RIBS with short size over lattices. However, in their scheme, it requires the private key generator (PKG) to perform linear work in the number of users and does not scale well. Moreover, their scheme is secure in the random oracle model. In this paper, we adopt the binary tree structure to present a scalable lattice-based RIBS scheme which greatly reduces the PKG’S workload associated with users from linear to logarithm. We prove that our proposed scheme is existentially unforgeable against chosen message attacks (EUF-CMA) under standard short integer solutions (SIS) assumption, in the standard model. Compared with the existing RIBS schemes over lattices, our proposed RIBS construction is secure in the standard model with scalability and meanwhile has efficient revocation mechanism with public channels.

Enhancing Performance Of WSN By Utilizing Secure Qos Based Explicit Routing

Wireless sensor networks (WSN) are infrastructure less and self-configured a wireless network that allows monitoring the physical conditions of an environment. Many researchers focus on enhancing the performance of WSN in order to provide effective delivery of data on the network, but still results in lower quality of services like energy consumption, delay and routing. We tackle this problem by introducing a new routing algorithm, QoS-based explicit routing algorithm which helps in transmitting the data from source node to destination node on WSN. We also involve clustering process in WSN based on genetic algorithm and particle swarm optimisation (GA and PSO) algorithm. We proposed identity-based digital signature (IBDS) and enhanced identity-based digital signature (EIBDS) that involves reduction of computation overhead and also increasing resilience on the WSN. We also use advanced encryption standard (AES), for ensuring the security between nodes and avoid hacking of data by other intruders.

Identity-Based Signature With Server-Aided Verification Scheme for 5G Mobile Systems

Recently, security and privacy issues in mobile communication systems became an enormous challenge due to the limited resources of mobile networks regarding communication overhead, computational cost, and battery power. 5G systems provide high performance and flexibility that can connect billion of objects through Heterogeneous Wireless Networks (HWN) concerning the Internet of Things (IoT). However, some of these security challenges can be addressed by using outsourced assistants such as Server-Aided Verification (SAV) to contribute partially with the authentication process among 5G network entities. In this paper, we propose an efficient and secure identity-based signature scheme with Server-Aided Verification for 5G mobile systems (IBS-SAV). We provide a performance evaluation based on security proof of the proposed IBS-SAV scheme under existential unforgeable in the random oracle model as well as the security against collusion and adaptive chosen message attack (EUF-CMA). The performance evaluation and security analysis demonstrate that our IBS-SAV scheme is not only secure but also can reduce the communication and computation complexity for mobile systems efficiently.

SCM: secured communication model for urban VANET applications

The primary concern of any vehicular ad hoc network (VANET) application is to offer safety and infotainment related services to commuters in a dynamic and reliable way. The characteristics of both VANET environment and the participating vehicles raise several challenges for the application development. The success of any application depends on the strength of the underlying communication model. Thus scalable, secure and robust communication models that work well with different traffic conditions and varying mobility speeds are required. We have proposed a secured communication model (SCM) for VANETs to facilitate dedicated short range communication (DSRC). The model was designed based on the specifications of IEEE 802.11p standard and the security component was offered through IDbased encryption and signature schemes. Several urban communication scenarios with different vehicle densities were created in EXata emulator. These scenarios were emulated on the proposed SCM using four routing protocols- AODV, Bellman Ford, OLSR and LAR. At higher vehicle densities the proposed model had resulted in good throughput with an acceptable delay. Out of the four routing protocols, location aided routing (LAR) protocol was found efficient on the proposed SCM.

An energy efficient authentication scheme based on hierarchical IBDS and EIBDS in grid-based wireless sensor networks

Wireless sensor network is a peculiar kind of ad hoc network, consists of hundreds of tiny, resource constrained as sensor nodes. Clustering is a demanding task in such environment mainly due to the unique constraints such as energy efficiency and dynamic topology. In this paper, a novel energy efficient cluster-based routing algorithm is proposed on which hierarchical identity-based digital signature (IBDS) and enhanced-identity-based digital signature (EIBDS) scheme is concerning in grid-based wireless sensor networks. Firstly we form clusters using multi-parameters-based type-2 fuzzy logic algorithm. This paper proposes an improved ant colony optimisation algorithm, which optimises the energy consumption on data transfer in a WSN. Each node in a sensor network is authenticated using elliptic curve cryptography (ECC). After a set of simulation tests on NS-3 simulator, our proposed work achieves good performance for various metrics.

A Lightweight Identity-Based Signature Scheme for Mitigation of Content Poisoning Attack in Named Data Networking With Internet of Things

Named Data Networking (NDN) is one of the future envisioned networking paradigm used to provide fast and efficient content dissemination with interest-based content retrieval, name-based routing and in-network content caching. On the one hand, this new breed of future Internet architecture is becoming a key technology for data dissemination in the IoT networks; on the other hand, NDN suffers from new challenges in terms of data security. Among them, a content poisoning attack is the most common data security challenge. The aim of this attack is to inject poisoned content with an invalid signature to the network. Therefore, to prevent NDN against possible content poisoning attack, a signature of the contents is appended to each data packet for verifications. In this paper, we propose an identity-based signature scheme for IoT-based NDN networks, with a special emphasis on content integrity and authenticity. The proposed scheme is based on the concept of the Hyperelliptic curves, which provide the same level of security as Rivest-Shamir-Adleman (RSA), Bilinear pairing and Elliptic Curve Cryptosystems (ECC) with lower-key size. The proposed scheme is subject to both formal and informal security analysis in order to show the feasibility of our scheme. Finally, the performance of the proposed scheme is analyzed via comparison with the relevant existing schemes that authenticates the superiority of our scheme in terms of security and efficiency.

Security Analysis of an Identity-Based Signature From Factorization Problem

Many sensitive data are generated by resource-limitation devices in the Vehicular ad hoc network (VANET). When these data are divulged, people 's life and property will be threatened. To solve these problems, Wei et al. proposed a lightweight privacy-preserving protocol based on RSA assumption for VANET and they claimed that their protocol was secure and low overhead. In this paper, first of all, we show that the basic signature scheme to be used in Wei et al.'s protocol is not secure, i.e., the user's private key will be revealed from the pairs of message-signatures, which causes the protocol to be insecure. We also show that our security analysis is feasible and effective in practice from the theory and experiments. Then we construct a new identity-based signature scheme based RSA assumption and prove it is existentially unforgeable under the chosen message attack without random oracle. Finally, we update the Wei et al.'s protocol and do some experiments to evaluate the efficiency of our scheme in the updated protocol.

Secure and Efficient Identity-based Batch Verification Signature Scheme for ADS-B System

Secure and Efficient Identity-based Batch Verification Signature Scheme for ADS-B System

A New Secure and Anonymous Metering Scheme for Smart Grid Communications

The smart meter is one of the most important components of the smart grid, which enables bi-directional communication between electric power providers and in-home appliances. However, the fine-grained metering mechanism that reports real-time electricity usage to the provider may result in some privacy and security issues for the owner of the smart meter. In this paper, we propose a new secure and anonymous smart metering scheme based on the technique of direct anonymous attestation and identity-based signatures. We utilize the trusted platform module to realize the tamper resistance of the smart meter. Moreover, our scheme is able to detect malfunctioning meters in which data is reported more than once in a time period. Finally, the performance and security results show that our proposed scheme is efficient and satisfies the security requirements of the smart grid communication system.

An efficient identity-based signature scheme without bilinear pairing for vehicle-to-vehicle communication in VANETs

Vehicles exchange traffic-related messages with neighboring vehicles to aid passengers and provide efficient traffic management. This is done via wireless communication channels in Vehicular Ad Hoc Networks (VANETs). Security and privacy issues are a major concern in VANETs. A typical attack consists of a malicious third party modifying and retransmitting intercepted messages. Current state of the art solutions enable a verifier to authenticate the source of received messages as well as to check their integrity before accepting them. However, these solutions do not adequately address the efficiency with which multiple messages are verified in VANETs deployed in high traffic density areas. Due to this, the computational load on a verifier is increased. In this paper, an efficient Identity-Based Signature with Conditional Privacy-Preserving Authentication (IBS-CPPA) scheme based on the Elliptic Curve Cryptography (ECC) and general one-way hash functions for V2V communication is proposed. This scheme supports the batch signature verification method, which enables each vehicle to authenticate a large number of messages at the same time. We provide a security proof of the proposed IBS-CPPA scheme in the random oracle model. The performance evaluation indicates that our scheme is more efficient in terms of computational cost with respect to similar schemes.

Identity-based quantum signature scheme with strong security

Recently, Chen et al. proposed an identity-based quantum signature scheme (IDQSS). Their scheme has the advantages of the classical identity-based signature (IDS) scheme. However, Chen et al.’s scheme cannot resist against the private key generator (PKG)’s forgery attack. On the other hand, in their scheme, many rounds of quantum swap tests have to be performed by the verifier during the signature verification phase. To improve the security and efficiency of the IDQSS, a new IDQSS is proposed. In our scheme, the private key of the signer is generated by PKG according to the signer’s identity, which is used as the corresponding public key. The signer generates a quantum signature with her private key and the secret parameters shared with the verifier. Anyone can verify the quantum signature with the identity of the signer. Our scheme overcomes the security drawback of Chen et al.’s scheme and inherits the merits of the classical IDS system. It has the security properties such as information-theoretical security, non-repudiation and unforgeability. At the same time, in our scheme, the verifier need not perform any quantum swap test. Therefore, our IDQSS is more secure and efficient.

Identity-Based Key Exchange on In-Vehicle Networks: CAN-FD & FlexRay.

Security has become critical for in-vehicle networks as they carry safety-critical data from various components, e.g., sensors or actuators, and current research proposals were quick to react with cryptographic protocols designed for in-vehicle buses, e.g., CAN (Controller Area Network). Obviously, the majority of existing proposals are built on cryptographic primitives that rely on a secret shared key. However, how to share such a secret key is less obvious due to numerous practical constraints. In this work, we explore in a comparative manner several approaches based on a group extension of the Diffie–Hellman key-exchange protocol and identity-based authenticated key agreements. We discuss approaches based on conventional signatures and identity-based signatures, garnering advantages from bilinear pairings that open road to several well-known cryptographic constructions: short signatures, the tripartite Diffie–Hellman key exchange and identity-based signatures or key exchanges. Pairing-based cryptographic primitives do not come computationally cheap, but they offer more flexibility that leads to constructive advantages. To further improve on performance, we also account for pairing-free identity-based key exchange protocols that do not require expensive pairing operations nor explicit signing of the key material. We present both computational results on automotive-grade controllers as well as bandwidth simulations with industry-standard tools, i.e., CANoe, on modern in-vehicle buses CAN-FD and FlexRay.

Optimistic Fair Exchange in Cloud-Assisted Cyber-Physical Systems

Recently, optimistic fair exchange in electronic commerce (e-commerce) or mobile commerce (m-commerce) has made great progress. However, new technologies create large amounts of data and it is difficult to handle them. Fortunately, with the assistance of cloud computing and big data, optimistic fair exchange of digital items in cyber-physical systems (CPSes) can be efficiently managed. Optimistic fair exchange in cloud-assisted CPSes mainly focuses on online data exchange in e-commerce or online contracts signing. However, there exist new forms of risks in the uncertain network environment. To solve the above problems, we use a new technique called verifiably encrypted identity-based signature (VEIS) to construct optimistic fair exchange in cloud-assisted CPSes. VEIS is an encrypted signature, and we can check the validity of the underlying signature without decrypting it. We introduce a robust arbitration mechanism to guarantee fairness of the exchange, and even the trusted third party (TTP) cannot get the original signatures of the exchange parties. And the TTP in our protocol is offline, which greatly improves the efficiency. Besides, we show that our protocol is secure, fair, and practical.

Provably Secure Identity-Based Encryption and Signature over Cyclotomic Fields

Identity-based cryptography is a type of public key cryptography with simple key management procedures. To our knowledge, till now, the existing identity-based cryptography based on NTRU is all over power-of-2 cyclotomic rings. Whether there is provably secure identity-based cryptography over more general fields is still open. In this paper, with the help of the results of collision resistance preimage sampleable functions (CRPSF) over cyclotomic fields, we give concrete constructions of provably secure identity-based encryption schemes (IBE) and identity-based signature schemes (IBS) based on NTRU over any cyclotomic field. Our IBE schemes are provably secure under adaptive chosen-plaintext and adaptive chosen-identity attacks, meanwhile, our IBS schemes are existentially unforgeable against adaptively chosen message and adaptively chosen identity attacks for any probabilistic polynomial time (PPT) adversary in the random oracle model. The securities of both schemes are based on the worst-case approximate shortest independent vectors problem (SIVPγ) over corresponding ideal lattices. The secret key size of our IBE (IBS) scheme is short—only one (two) ring element(s). The ciphertext (signature) is also short—only two (three) ring elements. Meanwhile, as the case of NTRUEncrypt, our IBE scheme could encrypt n bits in each encryption process. These properties may make our schemes have more advantages for some IoT applications over postquantum world in theory.

Efficient Identity-based Signature Scheme with Message Recovery

Digital signature is one of the important primitive of public-key cryptography and has become an essential technique in providing security services in modern communications. Due to the limitations imposed by both the communication bandwidth and computational power of wireless communication devices, signature schemes with less bandwidth and less computational cost are desirable for practical applications. Signature schemes with message recovery provide a feature that the message is recoverable from the signature and hence does not need to be transmitted separately for signature verification. Recently many signature schemes with message recovery have been designed in traditional as well as Identity based settings and most of the schemes are constructed using bilinear pairings over elliptic curves. Nevertheless, the computational cost of a pairing is more expensive and is higher than the scalar multiplication. Thus, signature schemes without pairing would be more appealing in terms of efficiency. In this paper, we propose an efficient identity-based message recovery scheme without pairings. In our scheme the message itself is not required to be transmitted together with the signature and so it turns out to have the least data size of communication cost. Also, we compare our scheme with the existing ID-based signature schemes with message recovery in terms of computational and communicational point of view. With the pairing-free realization, the proposed scheme is efficient and applicable for resource constrained devices.

Identity Based Encryption and Identity Based Signature Scheme on Security Schemes

In computer based system, key for the problem of identification, authentication and secrecy can be found in the field of cryptography. Dependence on public key infrastructure and to receive certificates signed by Certificate Authority (CA) to authenticate oneself for exchange of encrypted messages is one of the most significant limitation for the widespread adoption of Public Key Cryptography (PKC) as this process is time engrossing and error prone. Identity based cryptography (IBC) aspires to reduce the certificate and key management overhead of PKC. IBC’s important primordial is Identity-based Encryption (IBE). IBE provided emergent for perception of Identity based signature (IBS) schemes. In this paper, overview of IBE and IBS schemes has been given. Also, a survey on various IBE and IBS schemes has been performed to review different problems related to them. Finally, feasibility and applicability of IBC in current and future environments has been discussed.

Accomplishing Data Integrity and Confidentiality in Data Markets

As a noteworthy business worldview, a few on-line information stages have developed to fulfill society's wants for individual explicit learning, any place a service provider assembles raw data from data givers, at that point offers data services to data clients. Notwithstanding, inside the data exchanging level, the data customers face a squeezing issue, i.e., an approach to confirm whether the service provider has actually gathered and handled data. During this paper, we propose TPDM, that effectively compose truthfulness and Privacy protection in data Markets. TPDM is structured inside in partner degree Encrypt-then-Sign way; utilize mostly homomorphism encryption and identity-based signature. It along encourage bunch confirmation, processing, and result check, though giving identity protection and data confidentiality. We used dataset and 2015 RECS dataset, severally. Our examination and investigation results that TPDM accomplishes numerous alluring properties, though obtaining low calculation and correspondence overheads once sustaining huge size data markets.