Proxy Signcryption Scheme Research Articles

Proxy signcryption scheme in the standard model

AbstractProxy signcryption is a novel cryptographic primitive that combines the functionality of a proxy signature with that of a signcryption. However, the security of all the known proxy signcryption schemes were proven in the random oracle, which has received a lot of criticism that the proofs in the random oracle model are not sound with respect to the standard model. Hence, it is an interesting research problem on how to construct a provably secure proxy signcryption scheme in the standard model. In this paper, motivated by Waters' signature scheme, we propose a new construction of proxy signcryption scheme based on bilinear pairing without using random oracles. Then, we use the techniques from provable security to show that the proposed scheme is indistinguishability under adaptive chosen ciphertext attacks secure under the decisional bilinear Diffie–Hellman assumption and existentially unforgeable under the computational Diffie–Hellman assumptions. Compared with the existing schemes with formal security proof, we show that no pairing computation is required in our proxy signcrypt phase with pre‐computations. To the best of our knowledge, our proposed scheme is the first provably secure proxy signcryption scheme in the standard model. Copyright © 2014 John Wiley & Sons, Ltd.

The insecurity of two proxy signcryption schemes: proxy credential forgery attack and how to prevent it

Securing different online e-business activities usually requires applying different cryptographic algorithms. The proxy signcryption algorithms are designed for applications such as online proxy auction or online proxy signatures on business contracts, which require a proxy agent to sign on confidential messages. This paper proposes a proxy credential forgery attack to two recent proxy signcryption schemes in the literature. Using the attack, a malicious proxy signer can create a fake proxy credential from his original credential to extend his signing power. Simple modifications to these two schemes are also provided in this paper to prevent the attack without adding too much computational complexity. In addition to the contribution of introducing a new type of attacks to signcryption schemes, the paper also points out that, while designing a secure proxy signcryption scheme, not only the unforgeability of proxy signatures is important, but also that of proxy credentials as well.

A Provably Secure Proxy Signcryption Scheme Using Bilinear Pairings

As people in modern societies are busier than any human era and computer network has profound impact on how people work and live through fast and convenient information exchange, people need more help from each other to accomplish more work via network connections in limited period of time. Therefore, privilege delegation mechanism has become a necessary service in modern enterprises and organizations. Proxy signcryption scheme provides a secure privilege delegation mechanism for a person to delegate his privilege to his proxy agent to accomplish things. In 2010, Lin et al. had proposed an efficient signcryption scheme using bilinear pairings. However, we found that the proxy signcryption scheme of Lin et al. is vulnerable to the chosen warrant attack. A provably secure proxy signcryption scheme using bilinear pairings is introduced accordingly. In terms of performance efficiency, the proposed scheme is superior to other existing schemes. In addition, a new security model is proposed to describe proxy signcryption scheme; based on the security model we show that the proposed scheme is provably secure in terms of indistinguishability under adaptive chosen ciphertext attack (IND-CCA2), unforgeability under adaptive chosen message attack (EF-CMA), and unforgeability under adaptive chosen warrant attack (EF-CWA).

Identity-Based Proxy Signcryption Schemes

Identity-based encryption and signature schemes that allow any pair of users to communicate securely and to verify each other's signatures without verifying certificate. A signcryption is a primitive that provides the properties of both digital signatures and encryption schemes in a way that is more efficient than signing and encrypting separately. Proxy signature schemes are a variation of ordinary digital signature scheme that allow a proxy signer to sign messages on behalf of the original singer which proxy signcryption simultaneously fulfill both the functions of signature and encryption in a single step with a lower computational cost than that required by the traditional signature-then-encryption. In this paper, we present identity-based proxy signcryption schemes with lower efficient..

An Efficient ID-based Proxy Signcryption Scheme without Bilinear Pairings

Signcryption is a cryptographic primitive which simultaneously provides both confidentiality and authenticity in a single logical step. Signcryption based on elliptic curves provides the same level of security using smaller keys compared to schemes based on the discrete logarithm problem over finite fields. Identity-based cryptography serves as an efficient alternative to the traditional certificate-based cryptosystems. The idea of identity-based cryptography is to enable a user to use any arbitrary string that uniquely identifies him as his public key. In a proxy signcryption scheme, an original signer delegates his signing power to a proxy agent, who signcrypts a message on behalf of him. This paper introduces a new identity based proxy signcryption scheme without bilinear pairings. Its security is based on the Elliptic Curve Discrete Logarithm Problem (ECDLP) with a reduced computational complexity compared to other schemes in literature. In this proposed scheme, the receiver is the only one who can verify the origin of the ciphertext. Moreover, in this scheme, an authorized proxy signcrypter can create valid proxy signatures after verifying the identity of the original signcrypter. The proposed scheme achieves the various desirable security requirements.

An Efficient Proxy Signcryption Scheme Based on the Discrete Logarithm Problem

Signcryption is a cryptographic primitive which simultaneously provides both confidentiality and authenticity in a single logical step. In a proxy signature scheme, an original signer delegates his signing power to a proxy agent, who signs a message on behalf of him. This paper introduces a new proxy signcryption scheme based on the Discrete Logarithm Problem (DLP) with a reduced computational complexity compared to other schemes in literature. In this proposed scheme, the receiver is the only one who can verify the origin of the ciphertext. Moreover, in this scheme, an authorized proxy signcrypter can create valid proxy signatures after verifying the identity of the original signcrypter. The proposed scheme achieves the various desirable security requirements. An elliptic curve based version of the proposed proxy signcryption scheme has been implemented using Mathematica for realistic (256-bit) parameters to emphasize the ease of its practical use.

An Efficient ID-Based Proxy Signcryption Scheme

Signcryption is a cryptographic primitive that performs encryption and signature in a single logical step, at lower computational cost and communication over heads than the signature-then-encryption. Proxy signcryption schemes are variations of ordinary signcryption schemes and have been useful in many applications where the delegation of rights is quite common. By combining the functionalities of proxy signature scheme and signcryption scheme, in this paper, we proposed a new ID-based proxy signcryption scheme which offers both public verifiability and forward security. The security requirements and performance of the proposed scheme are analyzed.

A new proxy signcryption scheme using warrants

In this paper, a new proxy signcryption scheme is proposed suitable for use by resource constrained devices such as pagers and mobile phones. The proposed scheme is based on delegating the signing rights of the original signer to one of his proxies using warrants. The use of warrants enables explicit specification of the signing rights of the proxy agent. The proxy agent and the original signer are assumed to be registered within the same traditional public key infrastructure. To offer a higher level of security, the proxy key is derived from the personal key of the proxy signer to prevent the proxy signer from denying a signature it created and protects it from framing attacks mounted by the original signer against it. We also consider a variant of our main scheme that works over elliptic curves since they have proven recently the possibility of reducing the key sizes.

Efficient proxy signcryption scheme with provable CCA and CMA security

For facilitating the confidential transaction with delegation such as on-line proxy auction and business contract signing by an authorized proxy, we propose an efficient proxy signcryption scheme from pairings. Our scheme allows an original signer to delegate his signing power to a proxy one such that the latter can signcrypt a plaintext on behalf of the former. The signcrypted message can only be decrypted by a designated recipient who is also responsible for verifying the recovered proxy signature. To deal with a later dispute over repudiation, the designated recipient can easily announce the ordinary proxy signature for public verification without extra computational efforts. To guarantee the realistic applicability, we demonstrate that our scheme outperforms previous works in terms of functionalities and computational efficiency. Moreover, the security requirement of confidentiality against indistinguishability under adaptive chosen-ciphertext attacks (IND-CCA2) and that of unforgeability against existential forgery under adaptive chosen-message attacks (EF-CMA) are proved in random oracle models.

Proxy signcryption scheme with public verifiability and controllable authority

The Shin's signcryption scheme with public verifiability of Shin et al. and the proxy signcryption scheme of Jung et al. were cryptoanalyzed and improved. By studying the confidentiality of Shin's scheme and Jung's scheme, and the proxy authority of Jung's scheme, the fact is that the confidentiality of Shin's scheme and Jung's scheme was lost, and the proxy authority of Jung's scheme was not controlled. Then a modification based on Shin's scheme was presented. The modification was a security proxy signcryption scheme with public verifiability and controllable authority. Based on some cryptographic assumptions, the security of the scheme was also proved.

ID-based threshold proxy signcryption scheme from bilinear pairings

A (t, n) threshold proxy signcryption scheme allows t or more proxy signcrypters from a designated group of n proxy signcrypters to signcrypt messages on behalf of an original signcrypter. In this paper, a new identity-based threshold proxy signcryption scheme from bilinear pairings is proposed. Our construction is based on Baek and Zheng's pairing-based verifiable secret sharing scheme and Libert and Quisquater's identity-based signcryption scheme. As compared to Wang and Liu's identity-based threshold proxy signcryption scheme, our scheme is more secure and efficient.

In situ tests and a stochastic structural model of rock and soil aggregate in the Three Gorges reservoir area, China

Recently, the Industrial Internet of Things (IIoT) has become increasingly important for applications in the industry. IIoT has essentially become a prime security focus for implementing secure communication. Among the available cryptographic tools, identity-based signcryption provide a sound solution to fulfill the security requirement of IIoT. On the other hand a generalized proxy signcryption can work adaptively as proxy signature and proxy signcryption using a single algorithm. In order to accomplish effective and on-time communication whenever the manager of the company went out for a usual business trip or an IIoT device which has lack of resources, then it must need to delegate her/his signcryption rights to their subordinates (proxy agents/device). For this purpose, to make the delegation procedure more efficient and reliable, we proposed a lightweight identity-based generalized proxy signcryption (IBGPS) scheme for IIoT. The IBGPS scheme is provably secure in terms of indistinguishability against adaptive chosen ciphertext attack (IND − IBGPS − CCA) and existential unforgeable against a possible adaptive chosen message attack (EUF − IBGPS − CMA) under Hyperelliptic Curve Decisional Diffie-Hellman problem (HEDHP) and Hyperelliptic Curve Discrete Logarithm problem (HECDLP) in the random oracle model. Furthermore the performance evaluation in terms of computation and communication costs shows that the IBGPS scheme is more effective than the existing schemes.