Identity Based Public Verifiable Signcryption Scheme
pandu adi2010
Sign up for access to the world's latest research
checkGet notified about relevant papers
checkSave papers to use in your research
checkJoin the discussion with peers
checkTrack your impact
Abstract
Signcryption as a cryptographic primitive that offers both confidentiality and authentication simultaneously. Generally, in signcryption schemes, the message is hidden and thus the validity of the signcryption can be verified only after the unsigncryption process. Thus, a third party will not be able to verify whether the signcryption is valid or not. Signcryption schemes that allow any one to verify the validity of signcryption without the knowledge of the message are called public verifiable signcryption schemes. Third party verifiable signcryption schemes allow the receiver of a signcryption, to convince a third party that the signcryption is valid, by providing some additional information along with the signcryption. This information can be anything other than the receiver’s private key and the verification may or may not require the exposure of the corresponding message. This paper shows the security weaknesses in two such existing schemes namely [14] and [4]. The scheme in [14] is Public Key Infrastructure (PKI) based scheme and the scheme in [4] is an identity based scheme. More specifically, [14] is based on elliptic curve digital signature algorithm (ECDSA). We also, provide a new identity based signcryption scheme that provides both public verifiability and third party verification. We formally prove the security of the newly proposed scheme in the random oracle model.
Related papers
A secure ID-based signcryption scheme based on elliptic curve cryptography
International Journal of Computational Intelligence Studies, 2017
Signcryption is a cryptographic primitive which at the same time give both the capacity of digital signature and public key encryption in a single logical step. Identity based cryptography is a distinct option for the traditional certificate based cryptosystem. Its principal thought is that every client utilises his identity information as his public key. Elliptic curve cryptosystem (ECC) have new received consistent attention because of their higher security per bit as compare to other cryptosystem. This paper presents a new identity based signcryption based on elliptic curve cryptography. Its security is dependent on elliptic curve discrete logarithm problem (ECDLP) and elliptic curve Diffie-Hellman problem (ECDHP). The proposed scheme can be very useful in low-end resource devices such as mobile communication, mobile banking, personal digital assistant (PDA) and internet of things (IoT).
A provable secure key-escrow-free identity-based signature scheme without using secure channel at the phase of private key issuance
Sādhanā
The identity-based cryptosystems furnish us with simplest key management procedures. Yet, they have a very slow adoption in cryptography due to the key escrow problem and the necessity of a secure channel between the user and the Private Key Generator (PKG) to transmit the created private key to the user. In this paper, we propose an identity-based signature scheme that not only solves the key escrow problem but also eliminates the requirement of the secure channel. The proposed scheme is secure against existential forgery under adaptively chosen message and ID attacks in the random oracle model assuming the hardness of the Computational Diffie-Hellmann Problem (CDHP). Furthermore, we compare the efficiency of our scheme to that of a similar established scheme.
A Robust Identity-Based Signature Scheme that Avoids Key Escrow Problem
Proceedings of the 6th ETSI Annual Security Workshop, January 19 – 20, 2011, Sophia Antipolis, France. docbox.etsi.org, 2011
The notion of identity-based cryptography was put forth by Shamir to simplify the authentication of a public key by merely using an identity string as the public key. From the verifier’s or the encryptor’s point of view, only the identity of the other party is required. Hence, there is no necessity to ensure the validity of the public key. Due this nice property, a series of identity-based schemes have subsequently been proposed including identity-based signatures, identity-based encryption, and hierarchical identity-based cryptography. In these identity-based cryptosystems, there is a trusted party called the private key generator (PKG) who generates the secret key for each user identity. As the PKG generates and holds the secret key for all users, a complete trust must be placed on the PKG. However, this may not be a desirable approach in a real world scenario, where a malicious PKG can sell users’ keys, sign messages or decrypt ciphertexts on behalf of users without being confronted in a court of law. This is known as the key escrow problem. This problem seems to be inherent in identity-based cryptosystems. Some propositions have been made for employing multiple PKGs to solve this problem. The master secret key is jointly computed by a number of PKGs, such that no single PKG has the knowledge of it. However, this approach requires an extra infrastructure and communication cost between users and different PKGs. A user needs to run the key extraction protocol with different PKGs by proving his identity to them. Furthermore, maintaining multiple PKGs for a commercially used infrastructure is a daunting task. In this work, we introduce the concept of escrow-free identity-based signatures to reduce the trust in the PKG. In this model, each signer has his own public key and secret key. The PKG generates the identity-based secret key for the signer with respect to the user public key. Then the signer uses both secret keys to sign a message. Therefore, the signer is protected against a malicious PKG that may attempt to release a signature by itself on the behalf of the user. To verify the signature, it only requires the signer’s identity and the message. This is the main difference between the proposed protocol with existing certificate-based signatures (CBS), certificate-less signatures (CLS), self-certificated signatures (SCS). The verification protocols of these currently existing schemes require signer’s public key to be verified. The proposed protocol is therefore an identity-based signature (IBS) scheme and solves the key escrow problem. We also show that the proposed escrow-free IBS is more efficient than CBS, CLS and SCS since the user public key is not involved and is not sent to the verifier. """
Provable Secure Identity Based Signcryption Schemes without Random Oracles
International Journal of Network Security & Its Applications, 2012
Signcryption is a cryptographic primitive which performs encryption and signature in a single logical step with the cost lower than signature-then-encryption approach. Recently, Li et al. [35] proposed the first provable secure identity based signcryption without random oracles. In their scheme sender signs the ciphertext. However, in [11] Boyen showed that non-repudiation is easily achieved if the sender sign the plaintext rather than ciphertext. In this paper we proposed an identity based signcryption scheme without random oracles, which provides the non-repudiation with respect to plaintext. We also proposed an identity based public verifiable signcryption scheme with third party verification in the standard model.
Signcryption scheme for Identity-based Cryptosystems
IACR Cryptol. ePrint Arch., 2003
An Identity-based cryptosystem is a Public Key cryptosystem in which the public keys of the entities are their identities, or strings derived from their identities. Signcryption combines digital signatures and encryption with a cost significantly smaller than that required for signature-thenencryption. This paper proposes an ID-based signcryption scheme based on bilinear pairings on elliptic curves. It is shown that the new scheme is an improved version of the existing signcryption scheme [10] by comparing the computations in both the schemes.
A Directly Public Verifiable Signcryption Scheme based on Elliptic Curves
2010
A directly public verifiable signcryption scheme is introduced in this paper that provides the security attributes of message confidentiality, authentication, integrity, non-repudiation, unforgeability, and forward secrecy of message confidentiality. It provides the attribute of direct public verifiability so anyone can verify the signcryption without any need for any secret information from the corresponding participants. The proposed scheme is based on
Identity based Signcryption and security attacks and prevention- A Survey
Abstract— Secret and secure delivery of message is most important concern in field of security hence signcryption were used. The term signcryption is a new paradigm in public key cryptography that simultaneously fulfils both the functions of digital signature and public key encryption in a logically single step, and with a cost significantly lower than that required by the traditional “signature and encryption” approach. Identity based signcryption is used to encrypt the message using receiver identity. In this paper we are presenting some signcryption based methods.
An identity based ring signcryption scheme with public verifiability
2010 International Conference on Security and Cryptography (SECRYPT), 2010
Signcryption is a cryptographic primitive which offers authentication and confidentiality simultaneously with a cost lower than signing and encrypting the message independently. Ring signcryption enables a user to anonymously signcrypt a message on behalf of a set of users including himself. Thus a ring signcrypted message has anonymity in addition to authentication and confidentiality. Ring signcryption schemes have no centralized coordination: any user can choose a ring of users, that includes himself and signcrypt any message without any assistance from the other group members. Ring Signcryption is useful for leaking trustworthy secrets in an anonymous, authenticated and confidential way. To the best of our knowledge, ten identity based ring signcryption schemes are reported in the literature. Three of them were proved to be insecure in (Li et al., 2008a), (Zhang et al., 2009a) and (Vivek et al., 2009). Four of them were proved to be insecure in (Selvi et al., 2009). In this pape...
ENHANCED IDENTITY-BASED SIGNCRYPTION SYSTEM
Transstellar, 2019
A combination of encryption and signature is a cryptosystem called traditional signcryption, wherein sender authentication is considered a key task to be verified by third party or judge. Without the knowledge of the sender, the judge can authenticate the message using the receiver decryption parameters and the process is called the signcryption scheme. The paper's objective is to analyse the security and confidentiality of message and then to integrate authentication, enforceability, forward secrecy, public verifiable along with packet mechanisms. In this study, using the SSL mechanism the information to be sent is split into various parts and are all parts collected at the receiver end. This mechanism proved to be resource efficient, producing high precise results compared to the previous one.
Certificateless Signatures: New Schemes and Security Models
The Computer Journal, 2012
We present a study of security in certificateless signatures. We divide potential adversaries according to their attack power, and for the first time, three new kinds of adversaries are introduced into certificateless signatures. They are Normal Adversary, Strong Adversary and Super Adversary (ordered by their attack power). Combined with the known Type IAdversary and Type IIAdversary in certificateless cryptography, we then define the security of certificateless signatures in different attack scenarios. Our new security models, together with others in the literature, provide a clear definition of the security in certificateless signatures. Two concrete schemes with different security levels are also proposed in this paper. The first scheme, which is proven secure (in the random oracle model) against Normal Type I and Super Type II adversaries, has the shortest signature length among all known certificateless signature schemes. The second scheme is secure (in the random oracle model) against Super Type I and Type II adversaries. Compared with another scheme that has a similar security level, our second scheme requires less operational cost but a little longer signature length. Two server-aided verification protocols are also proposed to reduce the verification cost on the verifier. 1 This is the revised and full version of an extended abstract presented at ACISP 2007 [1].
Identity Based Encryption and Identity Based Signature Scheme : A Research on Security Schemes 1333
2019
1330 Published By: Blue Eyes Intelligence Engineering & Sciences Publication Retrieval Number: F12700486S419/19©BEIESP DOI: 10.35940/ijitee.F1270.0486S419 Abstract— In computer based system, key for the problem of identification, authentication and secrecy can be found in the field of cryptography. Dependence on public key infrastructure and to receive certificates signed by Certificate Authority (CA) to authenticate oneself for exchange of encrypted messages is one of the most significant limitation for the widespread adoption of Public Key Cryptography (PKC) as this process is time engrossing and error prone. Identity based cryptography (IBC) aspires to reduce the certificate and key management overhead of PKC. IBC’s important primordial is Identity-based Encryption (IBE). IBE provided emergent for perception of Identity based signature (IBS) schemes. In this paper, overview of IBE and IBS schemes has been given. Also, a survey on various IBE and IBS schemes has been performed to ...
A New Approach to Keep the Privacy Information of the Signer in a Digital Signature Scheme
Information
In modern applications, such as Electronic Voting, e-Health, e-Cash, there is a need that the validity of a signature should be verified by only one responsible person. This is opposite to the traditional digital signature scheme where anybody can verify a signature. There have been several solutions for this problem, the first one is we combine a signature scheme with an encryption scheme; the second one is to use the group signature; and the last one is to use the strong designated verifier signature scheme with the undeniable property. In this paper, we extend the traditional digital signature scheme to propose a new solution for the aforementioned problem. Our extension is in the sense that only a designated verifier (responsible person) can verify a signer’s signature, and if necessary (in case the signer refuses to admit his/her signature) the designated verifier without revealing his/her secret key is able to prove to anybody that the signer has actually generated the signatu...
Certificate-Based Signature: Security Model and Efficient Construction
2007
In Eurocrypt 2003, Gentry introduced the notion of certificate-based encryption. The merit of certificate-based encryption lies in the following features: (1) providing more efficient public-key infrastructure (PKI) that requires less infrastructure, (2) solving the certificate revocation problem, and (3) eliminating third-party queries in the traditional PKI. In addition, it also solves the inherent key escrow problem in the identity-based cryptography. In this paper, we first introduce a new attack called the “Key Replacement Attack” in the certificate-based system and refine the security model of certificate-based signature. We show that the certificate-based signature scheme presented by Kang, Park and Hahn in CT-RSA 2004 is insecure against key replacement attacks. We then propose a new certificate-based signature scheme, which is shown to be existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model. Compared with the certificate-based signature scheme in CT-RSA 2004, our scheme enjoys shorter signature length and less operation cost, and hence, our scheme outperforms the existing schemes in the literature.
An Efficient Key Escrow-Free Identity-Based Signature Scheme
2017
There are mainly two drawbacks of identity-based cryptosystem. First one is that it suffers from key escrow problem and the second one is that it uses a secure channel at the stage of private key issuance by the Private Key Generator (PKG). In this paper, we propose a key escrow-free identitybased signature scheme without using secure channel in the process of private key issuance stage. The bilinear pairing is used for the construction of the proposed scheme. The scheme is secure against adaptive chosen message attack and given ID attack under the assumption that the computation DiffieHellman problem is hard.
On the Security of Identity Based Ring Signcryption Schemes
Lecture Notes in Computer Science, 2009
Signcryption is a cryptographic primitive which offers authentication and confidentiality simultaneously with a cost lower than signing and encrypting the message independently. Ring signcryption enables a user to signcrypt a message along with the identities of a set of potential senders (that includes him) without revealing which user in the set has actually produced the signcryption. Thus a ring signcrypted message has anonymity in addition to authentication and confidentiality. Ring signcryption schemes have no group managers, no setup procedures, no revocation procedures and no coordination: any user can choose any set of users (ring), that includes himself and signcrypt any message by using his private and public key as well as other users (in the ring) public keys, without getting any approval or assistance from them. Ring Signcryption is useful for leaking trustworthy secrets in an anonymous, authenticated and confidential way.
An Efficient and Publicly Verifiable Id-Based Multi-Signcryption Scheme
Arxiv preprint arXiv:0909.1412, 2009
Multi-signcryption is used when different senders wants to authenticate a single message without revealing it. This paper proposes a multi signcryption scheme in which no pairing is computed on the signcryption stage and the signatures can be verified publicly.
A Public Verifiability Signcryption Scheme without Pairings
International Journal of Computer Applications, 2017
This paper introduces a new scheme " A Public Verifiability Signcryption Scheme Without Pairings " , based on elliptic curve discrete logarithm problem (ECDLP) and in addition to achieve the functionality of the Signcryption schemes, unforgeability, confidentiality and nonrepudiation, it achieves forward security and public verifiability directly. Also, it uses a strong encryption key depends on random choose value and the sender's private key, although the proposed scheme is slower than the Zheng's signcryption scheme, it achieves saving in communication overhead reach to 50% with respect to the traditional approach signature then encryption. The proposed scheme has been verified using the Mathematica program.
A Provably Secure ID-Based Signcryption Protocol for Secure and Authentic Energy Efficient Communication
2021
Singcryption was first proposed by Yuliang Zheng [1] in 1997, based on the construction of a shortened ElGamal-based signature scheme in parallel to authenticated encryption in a symmetric environment. Signcryption is a cryptographic primitive that enables the conventional two-step method of secure and authenticated message transmission or storage (sign-then-encrypt or encrypt-then-sign) to be done in a single step at a much lower computational cost than the traditional two-step approach. This article concentrates on designing a provably secure identity-based signcryption (IBSC) scheme. The user performs pairing-free computation during encryption in the proposed scheme, making it user-side effective. In addition, the IBSC structure is shown to be secure when dealing with modified bilinear Diffie-Hellman inversion (MBDHI) and modified bilinear strong Diffie-Hellman (MBSDH) problems. The proposed framework supports efficient communication, protection against chosen cipher attack, and ...
A Novel Signcryption Scheme Based on ECC with Public Verifi- cation and Encrypted Message Authentication
2014
Data exchange is more essential to achieve the different tasks. Protection of that data moves in an unsecure communication network is a crucial issue for the reason that it may get tempered by third party. Everyone desires their messages must be travel in the network in a secure fashion. The message does not tempered by any unauthorized one. So our focal is how we can add more security to the messages than the existing so that it can fulfil the user requirements without any damage. There are various cryptographic techniques be present which offers security to the messages. Traditional Signature-then-encryption technique be responsible for security to the messages by performing signature scheme and encryption scheme in two unlike logical steps. As it achieves signature and encryption scheme in two unlike logical steps it takes more computational cost and communication overhead. The novel technique titled as “signcryption” in 1997 announced by Yuling Zheng, accomplishes both the funct...
Identity-Based Ring Signcryption Schemes: Cryptographic Primitives for Preserving Privacy and Authenticity in the Ubiquitous World
19th International Conference on Advanced Information Networking and Applications (AINA'05) Volume 1 (AINA papers), 2005
In this paper, we present a new concept called an identity based ring signcryption scheme (IDRSC). We argue that this is an important cryptographic primitive that must be used to protect privacy and authenticity of a collection of users who are connected through an ad-hoc network, such as Bluetooth. We also present an efficient IDRSC scheme based on bilinear pairing. As a regular signcryption scheme, our scheme combines the functionality of signature and encryption schemes. However, the idea is to have an identity based system. In our scheme, a user can anonymously signcrypts a message on behalf of the group. We show that our scheme outperforms a traditional identity based scheme, that is obtained by a standard sign-then-encrypt mechanism, in terms of the length of the ciphertext. We also provide a formal proof of our scheme with the chosen ciphertext security under the Decisional Bilinear Diffie-Hellman assumption, which is believed to be intractable.
Related topics
Loading Preview
Sorry, preview is currently unavailable. You can download the paper by clicking the button above.