Random Oracle Research Articles

An efficient ID-based cryptographic encryption based on group ring

For most of the traditional IBEs (identity-based encryptions), security totally relies on the safekeeping of private keys. In case the private key is exposed, all the previously generated ciphertext need to be reissued. Due to increased usage of unprotected devices or mobiles, the key exposure is frequent. Therefore, it is important to mitigate the threat originated due to the key exposure in case of IBE. To deal with this issue, in this paper, we construct a novel IBE based on group ring that also provides forward security. We show that the security of our novel IBE is based on the hardness of discrete logarithm problem in group ring. Moreover, against the chosen plaintext attack, we show that it is semantically secure in random oracle model. Finally, we compare our IBE with several other existing IBEs in terms of execution cost.

Post-quantum secure fully-dynamic logarithmic-size deniable group signature in code-based setting

<p style='text-indent:20px;'>Since its introduction by Chaum and Heyst, <i>group signature</i> has been one of the most active areas of cryptographic research with numerous applications to computer security and privacy. Group signature permits the members of a group to sign a document on behalf of the entire group keeping signer's identity secret and enabling disclosure of the signer's identity if required. In this work, we present the first code-based fully-dynamic group signature scheme which allows group members to join or leave the group at any point of time. We employ a code-based updatable <i>Merkle-tree accumulator</i> in our design to achieve logarithmic-size signature and utilize randomized <i>Niederreiter</i> encryption to trace the identity of the signer. More positively, we equipped our scheme with <i>deniability</i> characteristic whereby the tracing authority can furnish evidence showing that a given member is not the signer of a particular signature. Our scheme satisfies the security requirements of <i>anonymity</i>, <i>non-frameability</i>, <i>traceability</i> and <i>tracing-soundness</i> in the random oracle model under the hardness of generic decoding problem. We emphasize that our scheme provides full-dynamicity, features deniability in contrast to the existing code-based group signature schemes and works favourably in terms of signature size, group public key size and secret key size.</p>

Blockchain-Enabled Privacy-Preserving Authentication Mechanism for Transportation CPS With Cloud-Edge Computing

In this article, we propose a secure and effective blockchain-enabled privacy-preserving authentication scheme for the transportation cyber-physical system (CPS) with the cloud-edge computing environment, which supports unconditional anonymity and data batch integrity verification while greatly simplifying key management issues. The proposed privacy-preserving authentication scheme employs an elliptic curve to construct a pairing-free ring signature scheme, which greatly reduces the resources overhead in the transportation CPS with cloud-edge computing. Moreover, the authentication process is performed on the blockchain to provide more reliable service information for vehicular communication. Furthermore, the security proof of the scheme is demonstrated based on the elliptic curve discrete logarithm problem under the random oracle model, and gives the corresponding security analysis. Finally, a simulation experiment demonstrates that the proposed scheme is feasible compared with the existing schemes.

Streebog as a random oracle

Streebog as a random oracle

Big Data-based Authenticated Key Exchange Resilient to Ephemeral Key Leakage without Random Oracles

Big Data-based Authenticated Key Exchange Resilient to Ephemeral Key Leakage without Random Oracles

CKAA: Certificateless key‐agreement authentication scheme in digital twin telemedicine environment

AbstractDigital twin (DT) technology provides accurate and real‐time visualization data. It is increasingly used in telemedicine to enhance medical efficiency and improve the precision of remote diagnosis and treatment. In telemedicine, DT is used to collect patients' biomedical data and transmit it to cloud servers through wearable devices for simulation, enabling remote diagnosis and treatment. However, telemedicine poses security threats due to the risk of medical data leaks. The security of medical data in transit and the authentication of communication entities are two key issues in cryptography. To address these issue, we propose a certificateless key agreement authentication scheme that does not rely on traditional public key infrastructure and certificate management, reducing the storage cost of resource‐limited wearable devices and avoiding the use of bilinear pairings to lower computational costs. Our scheme includes two parts of key agreement: one between the patient and the cloud server and the other between the patient and the hospital. Through these key agreements, we can ensure the privacy and integrity of medical data during transmission. Furthermore, we prove that the security of our scheme is equivalent to the elliptic curve discrete logarithm assumption in the random oracle model. Therefore, we provide a secure and efficient certificateless key agreement authentication solution that is suitable in digital twin telemedicine environments, particularly for client devices with limited functionality.

Provably secure lightweight certificateless lattice‐based authenticated key exchange scheme for IIoT

SummaryThrough the Industrial Internet of Things (IIoT), the manufacturing enterprises have significantly enhanced the production efficiency. The transmission of data in IIoT over public channels has brought about information leakage issues. Therefore, it is crucial to agree on a session key among the participants. In recent years, numerous authenticated key exchange (AKE) schemes have been designed. However, those AKE schemes which adopt the certificateless approach to tackle certificate management and key escrow may remain vulnerable to quantum attacks, and other AKE schemes which are based on lattice hard problem so as to achieve the post quantum security may incur key management issues. To simultaneously address the aforementioned challenges, we propose a lightweight certificateless lattice‐based authenticated key exchange (C2LAKE) scheme. Upon the hardness assumptions of the inhomogeneous small integer solution (ISIS) and computational bilateral inhomogeneous small integer solution (CBi‐ISIS) problems, the C2LAKE scheme has been demonstrated to be secure in the eCK model and the random oracle model (ROM). Better trade‐off among security and functionality features, and communication and computation costs make the C2LAKE scheme suitable and applicable in the IIoT environment.

Physical-Unclonable-Function-Based Lightweight Three-Factor Authentication for Multiserver Architectures

To support more complex and robust online services, enterprise-class applications prefer to interconnect multiple servers as the pedestal to enhance the system’s interoperability. However, the multiserver architecture always struggles to reconcile the trade-off between convenience and security, leaving users exposed to a variety of network attack threats. Existing security authentication schemes based on the Chebyshev Chaotic Map for multiserver architectures cannot provide three-factor (including password, biometric feature, and smart card) security. Therefore, we propose a novel Physical-Unclonable-Function-based Lightweight Three-Factor Authentication (PUF-LTA) scheme, which can achieve three-factor security. The PUF-LTA scheme mainly includes two components: (1) PUF-assisted registration and (2) lightweight mutual authentication with one-time interaction. During the PUF-assisted registration process, to defend against side-channel attacks on smart cards, the login credentials of users are XORed with the unique identifier generated by the PUF so that the adversary cannot obtain these secret login credentials. During the lightweight mutual authentication process, we combine the Chebyshev polynomial map and symmetric encryption/decryption to negotiate the session key between users and servers, which only needs one interaction. The security performance of PUF-LTA is theoretically proved by leveraging the random oracle model. In contrast with relevant multiserver authentication schemes, PUF-LTA is more efficient and suitable for resource-constrained multiserver environments because it can ensure secure three-factor authentication and support flexible biometrics and password updates with less computation cost.

A novel dual cloud server privacy-preserving scheme in spatial crowdsourcing

As a service for the public, the issue of location leakage in spatial crowdsourcing has attracted extensive attention from researchers and institutions in recent years. Facing this challenge, several encryption-based schemes have been proposed to protect participants' location information from untrusted cloud servers. However, these schemes mainly target insider threats but ignore the collusion problem between dishonest users and cloud servers. In this paper, we define the problem of Brute-Force Attack under collusion between dishonest users and cloud servers and find that there is no solution that can both guarantee efficient task assignment and address this attack. To fill this gap, we propose a novel dual cloud server privacy-preserving scheme. First, utilizing the GeoHash encoding algorithm, we design a grid-based index tree structure and a task assignment method called Locate-then-Find to achieve faster-than-linear assignment efficiency. Considering that traditional system models fail to address the problem of Brute-Force Attack while ensuring efficiency, we then design a dual cloud server system model, and propose a multi-user Two-Step Location Encryption scheme to protect participants' locations. In our model, both high efficiency and high security are promised. Security analysis demonstrates that our scheme is provably secure in the random oracle model and resistant to the Brute-Force Attack. In the experimental analysis, we first evaluate the resistance of existing grid-based schemes against the Brute-Force Attack, and subsequently demonstrate the performance of our scheme on a real-world dataset. The final comparison experiments show that our scheme exhibits superior performance under the same security conditions.

FFEC: Fast and forward-secure equivalence-based ciphertext comparability for multiple users in cloud environment

With the expansion of cloud computing, an increasing amount of sensitive data is being encrypted and stored in public clouds to alleviate storage and management burdens. Secure equivalence-based retrieval of ciphertexts for multiple users is crucial in a cloud environment where diverse user data resides for processing purposes. Public key encryption with equality test (PKEET) has been introduced as a cryptographic tool to verify if two ciphertexts under different public keys contain the same message. However, existing PKEET schemes often face misuse of trapdoors due to their unlimited lifespan, potentially leading to unauthorized disclosure of user privacy. In this paper, we propose a novel approach called fast and forward-secure equivalence-based comparability (FFEC) for multiple users by employing a forward-secure PKEET (FS-PKEET). This restricts the retrieval process only to ciphertexts generated prior to the most recent trapdoor update. We present a concrete FS-PKEET scheme based on bilinear pairing and demonstrate its security using Bilinear Diffie–Hellman (BDH) assumption in the random oracle model. Comprehensive performance evaluation shows that our work has much efficiency of decryption, trapdoor generation and test execution thanks to greatly reducing the cost of trapdoor generation and thus is practical for the application of secure ciphertext information retrieval in cloud environment.

(Inner-Product) Functional Encryption with Updatable Ciphertexts

We propose a novel variant of functional encryption which supports ciphertext updates, dubbed ciphertext-updatable functional encryption. Such a feature further broadens the practical applicability of the functional encryption paradigm and allows for fine-grained access control even after a ciphertext is generated. Updating ciphertexts is carried out via so-called update tokens which a dedicated party can use to convert ciphertexts. However, allowing update tokens requires some care for the security definition. Our contribution is threefold: We define our new primitive with a security notion in the indistinguishability setting. Within CUFE, functional decryption keys and ciphertexts are labeled with tags such that only if the tags of the decryption key and the ciphertext match, then decryption succeeds. Furthermore, we allow ciphertexts to switch their tags to any other tag via update tokens. Such tokens are generated by the holder of the main secret key and can only be used in the desired direction.We present a generic construction of CUFE for any functionality as well as predicates different from equality testing on tags which relies on the existence of indistinguishability obfuscation (iO).We present a practical construction of CUFE for the inner-product functionality from standard assumptions (i.e., LWE) in the random-oracle model. On the technical level, we build on the recent functional encryption schemes with fine-grained access control and linear operations on encrypted data (Abdalla et al., AC’20) and introduce an additional ciphertext updatability feature. Proving security for such a construction turned out to be non-trivial, particularly when revealing keys for the updated challenge ciphertext is allowed. Overall, such construction enriches the set of known inner-product functional encryption schemes with the additional updatability feature of ciphertexts.

A Pairing-free Provable Secure and Efficient Identity-based Identification Scheme with Anonymity

In this paper, we propose a Blind Identity-Based Identification (Blind IBI) scheme based on the Guillou-Quisquater (GQ) scheme. Our proposed scheme combines the benefits of traditional Identity-Based Identification (IBI) schemes that can authenticate a user's identity without relying on a trusted third party with the Blind Signature (BS) scheme that provides anonymity. As a result, the proposed scheme assures absolute user privacy during the authentication process. It does not rely on a third party, yet the verifier can still be assured of the user's identity without the user actually revealing it. In our work, we show that the proposed scheme is provably secure under the random oracle model, with the assumption that the one-more-RSA-inversion problem is difficult. Furthermore, we demonstrate that the proposed scheme is secure against passive, active, and concurrent impersonation attacks. In conclusion, the proposed scheme is able to achieve the desired blindness property without compromising the security of the GQ-IBI scheme it is based upon.

An efficient and secure certificateless aggregate signature scheme

In recent years, the Internet of Things (IoT) has been developing rapidly and popularizing the world. Smart home is one of its important applications, the devices and household appliances are connected together through the network to provide intelligent services. However, malicious attacks often occur during the transmission of data information, resulting in data leakage or data changes. Therefore, it is necessary to ensure the integrity and availability of data. Based on this, we propose a new pairing-free certificateless aggregate signature (CLAS) scheme, which achieves efficient authentication of multiple messages and improves the verification rate. In addition, we demonstrate its security based on the hardness of the elliptic curve discrete logarithm problem in the random oracle model. Comparison with other CLAS schemes proves that our scheme has better security and higher efficiency through performance analysis.

Lightweight and Secure Multi-Message Multi-Receiver Certificateless Signcryption Scheme for the Internet of Vehicles

The Internet of Vehicles (IoV) improves traffic efficiency and enhances driving safety through the real-time collection and analysis of traffic-related data. Numerous secure and privacy-preserving communication protocols have been proposed for the IoV. However, various security threats, privacy leakage, and inefficient communications remain unaddressed. Therefore, a lightweight and secure multi-message multi-receiver certificateless signcryption (LS-MRCLSC) scheme based on elliptic curve cryptography (ECC) is proposed. The proposed scheme guarantees secure communication and promotes messaging efficiency with multi-cast mode. Multiple key generation centers (KGCs) collaborate to generate and update the system master key (SMK) using Feldman’s verifiable secret-sharing (FVSS) algorithm, avoiding the single point of failure (SPoF) problem. Formal security proofs under the random oracle model (ROM) demonstrate that the proposed scheme meets requirements such as data confidentiality, message unforgeability, anonymity, and unlinkability. Performance evaluations confirm that the LS-MRCLSC scheme is better than similar schemes in terms of efficiency, feasibility, and scalability.

Provably secure multi-signature scheme based on the standard SM2 signature scheme

The multi-signature scheme plays a crucial role in addressing trust and authentication challenges in digital transactions and other scenarios by allowing multiple users to sign the same message. Among various signature schemes, the SM2 signature scheme stands out for its exceptional security and efficiency, making it widely adopted in numerous fields. In this paper, we propose the first provably secure multi-signature scheme based on the standard SM2 signature scheme, i.e., the scheme can be reduced to the standard SM2 signature scheme when there is only one signer. We prove that our scheme is existential unforgeability under chosen message attacks in the bijective random oracle model, based on the assumption that the elliptic curve discrete logarithm problem is hard. Compared with the existing multi-signature schemes based on the SM2 signature scheme in the same category, our scheme exhibits improved efficiency in terms of communication delay and computational cost.

Fallen Sanctuary: A Higher-Order and Leakage-Resilient Rekeying Scheme

This paper presents a provably secure, higher-order, and leakage-resilient (LR) rekeying scheme named LR Rekeying with Random oracle Repetition (LR4), along with a quantitative security evaluation methodology. Many existing LR primitives are based on a concept of leveled implementation, which still essentially require a leak-free sanctuary (i.e., differential power analysis (DPA)-resistant component(s)) for some parts. In addition, although several LR pseudorandom functions (PRFs) based on only bounded DPA-resistant components have been developed, their validity and effectiveness for rekeying usage still need to be determined. In contrast, LR4 is formally proven under a leakage model that captures the practical goal of side-channel attack (SCA) protection (e.g., masking with a practical order) and assumes no unbounded DPA-resistant sanctuary. This proof suggests that LR4 resists exponential invocations (up to the birthday bound of key size) without using any unbounded leak-free component, which is the first of its kind. Moreover, we present a quantitative SCA success rate evaluation methodology for LR4 that combines the bounded leakage models for LR cryptography and a state-of-the-art information-theoretical SCA evaluation method. We validate its soundness and effectiveness as a DPA countermeasure through a numerical evaluation; that is, the number of secure calls of a symmetric primitive increases exponentially by increasing a security parameter under practical conditions.

PPT-LBS: Privacy-preserving top-k query scheme for outsourced data of location-based services

Location-based service (LBS) is enjoying a great popularity with the fast growth of mobile Internet. As the volume of data increases dramatically, an increasing number of location service providers (LSPs) are moving LBS data to cloud platforms for benefit of affordability and stability. However, while cloud server provides convenience and stability, it also leads to data security and user privacy leakage. Aiming at the problems of insufficient privacy protection and inefficient query in the existing LBS data outsourcing schemes, this paper presents a novel privacy-preserving top-k query for outsourcing situations. Firstly, to ensure data security of LSP and privacy of the user, the enhanced asymmetric scalar-product preserving encryption and public key searchable encryption have been adopted to encrypt outsourced data and LBS query, which can effectively lower the computational cost and realize the privacy protection search. Secondly, an efficient and secure index structure is constructed by using a coded quadtree and the bloom filter, so that the cloud server can quickly locate the user’s query region to improve retrieval efficiency. Finally, the formal security analysis is given under the random oracle model, and the performance is evaluated by experiments which demonstrates that our scheme is preferable to existing schemes.

An Efficient Certificateless Signature Scheme With Provably Security and Its Applications

The Internet of Things (IoT) is helpful in making people's life more convenient and efficient. To ensure that the nodes within IoT can interact securely, a certificateless signature (CLS) can be used to protect message authentication in the IoT. Recently, some concrete constructions of CLS schemes have been proposed in the literature, but through our analyses, we demonstrate that some existing CLS schemes cannot keep their claimed security because of various security flaws. For example, a valid signature can be forged by any Type I adversary by replacing the corresponding user's public key. In this article, we describe the security flaws that need to be addressed and introduce a novel CLS scheme without using bilinear mapping. The existential unforgeability in our proposed scheme can be proved based on the hardness of the elliptic curve discrete logarithm problem in the random oracle model. The comparison with existing CLS schemes shows that our scheme not only enjoys more security features but also is more efficient in computation. Moreover, we introduce an identity authentication protocol as the application of our proposed CLS scheme, which achieves mutual authentication and anonymity in communications.

Provably secure and lightweight three-factor authentication scheme for industrial medical CPS

Cyber-Physical System (CPS) is a multidimensional complex system that integrates computing, network, and physical environment, which is widely used to promote the upgrading of industrial production and technology. Recently, the application of industrial CPS in the medical field has attracted the attention of scholars and medical experts. Medical CPS can establish a perfect medical network to help doctors monitor patients’ conditions in real-time and make treatments. However, how to design a provably secure and lightweight authentication protocol for industrial medical CPS is a challenge. Very recently, Qi et al. proposed an authentication protocol for industrial medical CPS based on the chaotic map, the Artificial Intelligence (AI) biometric technique is used in the protocol to resist password guessing attack and smart card lost attack. However, we find that their protocol is still vulnerable to identity guessing attack, user impersonation attack, trace attack, desynchronization attack, and has no perfect forward secrecy. Therefore, we propose a security-enhanced and lightweight authentication protocol for industrial medical CPS. In the protocol, a dynamic temporary identity strategy is designed to protect anonymity and privacy, which enables the updating of temporary identities while resisting desynchronization attacks. The protocol is proved secure through formal security proof in random oracle model. Meanwhile, compared with the related protocols, our protocol is superior in security and cost to meet the lightweight requirements in medical scenarios.

Possibility of decryption speed-up by parallel processing in CCA secure hashed ElGamal.

In order to prove the ElGamal CCA(Chosen Ciphertext Attack) security in the random oracle model, it is necessary to use the group where ICDH(Interactive Computational Diffie Hellman) assumption holds. Until now, only bilinear group with complex algebraic structure has been known as the ICDH group. In this paper, we introduce the ICDH group with simple algebraic structure. In other words, we prove that ICDH assumption holds in the integer group with composite modulus. On the basis of this, we propose the CCA secure hashed ElGamal and its fast variant to speed up decryption by parallel processing. Our parallel scheme has the fastest decryption among all CCA secure PKE(Public Key Encryption) schemes implemented in integer group and gives the possibility that ElGamal protocol could be practical when the big modulus numbers are used to resist the quantum attack.