Proof-carrying proxy certificates

2006

The term proxy certificate is used to describe a certificate that is issued by an end user for the purpose of delegating responsibility to another user so that the latter can perform certain actions on behalf of the former. Such certificates have been suggested for use in a number of applications, particularly in distributed computing environments where delegation of rights is common. In this paper, we present a new concept called proof-carrying proxy certificates. Our approach allows to combine the verification of the validity of the proxy certificate and the authorization decision making in an elegant way that enhances the privacy of the end user. In contrast with standard proxy certificates that are generated using standard (public-key) signature schemes, the proposed certificates are generated using a signature scheme for which the validity of a generated signature proves the compliance of the signer with a credential-based policy. We present a concrete realization of our approach using bilinear pairings over elliptic curves and we prove its security under adapted attack models.

Proxy signature, a variant of digital signature, is in the limelight in recent years for secure communication. For instance, when a manager is occupied with business matters, or travelling on business, he has to delegate an agent to deal with his day-to-day office concerns. Therefore, a proxy signature scheme is necessary in this scenario. Although identity-based proxy signature schemes have been proposed in many studies, certificateless public key cryptography (CL-PKC), first proposed by Al-Riyami and Pa-terson, has been widely used to avoid the key escrow problem in identity-based public key cryptography. In this paper, we combine the concepts of certificateless cryptography and proxy signature to propose a certificateless proxy signature scheme from bilinear pairings, and we also present its security model. This scheme is provably secure and existentially unforgeable under the chosen message attack in the random oracle model.

IACR Cryptology ePrint Archive, 2014

In this paper, we propose the first provable secure certificate-based proxy signature with message recovery without bilinear pairing. The notion of certificate-based cryptography was initially introduced by Gentry in 2003, in order to simplify certificate management in traditional public key cryptography (PKC) and to solve the key escrow problem in identity-based cryptosystems. To date, a number of certificate-based proxy signature (CBPS) schemes from bilinear pairing have been proposed. Nonetheless, the total computation cost of a pairing is higher than that of scalar multiplication (e.g., over elliptic curve group). Consequently, schemes without pairings would be more appealing in terms of efficiency. According to the available research in this regard, our scheme is the first provable secure CBPS scheme with message recovery which is based on the elliptic curve discrete logarithm problem. We prove the security of the presented scheme against existential forgery under adaptive chosen message and ID attacks in the random oracle model. Moreover, the paper will also show how it would be possible to convert this scheme to the CBPS scheme without message recovery. This scheme has more applications in situations with limited bandwidth and power-constrained devices.

2009

Certificate-based encryption was introduced in Eurocrypt'03 to solve the certificate management problem in public key encryption. Recently, this idea was extended to certificate-based signatures. Several new schemes and security models of certificate-based signatures have been proposed. In this paper, we first take a closer look at the certificate-based signature by comparing it with digital signatures in other popular public key systems. We introduce a new security model of certificate-based signature, which defines several new types of adversaries against certificate-based signatures, along with the security model of certificate-based signatures against them. The new model is clearer and more elaborated compared with other existing ones. We then investigate the relationship between certificate-based signatures and certificateless signatures, and propose a generic construction of certificate-based signatures. We prove that the generic construction is secure (in the random oracle model) against all types of adversaries defined in this paper, assuming the underlying certificateless signatures satisfying certain security notions. Based on our generic construction, we are able to construct new certificate-based signature schemes, which are more efficient in comparison with other schemes with similar security levels.

International Journal of Communication Systems, 2013

Proxy signature is an active research area in cryptography. A proxy signature scheme allows an entity to delegate his or her signing capability to another entity in such a way that the latter can sign messages on behalf of the former. Many proxy signature schemes using bilinear pairings have been proposed. But the relative computation cost of the pairing is more than 10 times of the scalar multiplication over elliptic curve group. In order to save the running time and the size of the signature, we propose a proxy signature scheme without bilinear pairings and prove its security against adaptive chosen-message attack in random oracle model. The security of our scheme is based on the hardness of the elliptic curve discrete logarithm problem. With the running time being saved greatly, our scheme is more practical than the previous related scheme for practical applications.

Journal of Cryptology, 2012

A proxy signature scheme permits an entity to delegate its signing rights to another. These schemes have been suggested for use in numerous applications, particularly in distributed computing. Before our work [6] appeared, no precise definitions or proven-secure schemes had been provided. In this paper, we formalize a notion of security for proxy signature schemes and present provably-secure schemes. We analyze the security of the well-known delegation-by-certificate scheme and show that after some slight but important modifications, the resulting scheme is secure, assuming the underlying standard signature scheme is secure. We then show that employment of aggregate signature schemes permits bandwidth and computational savings. Finally, we analyze the proxy signature scheme of Kim, Park and Won, which offers important performance benefits. We propose modifications to this scheme which preserve its efficiency and yield a proxy signature scheme that is provably secure in the random-oracle model, under the discrete-logarithm assumption.

2013

Proxy signature scheme is an extension of digital signature scheme first introduced by Mambo et al. in 1996, which allows a signer to delegate the signing capability to a designated person, called a proxy signer. There are three types of delegation, namely, full delegation, partial delegation, and delegation by warrant. In early proxy signature schemes, the identity of the proxy signer can be revealed by any trusted authority if needed. However, a secured proxy signature scheme must satisfy various properties, such as, verifiability, strong unforgeability, nonrepudiation, privacy, and strong identifiability. In this thesis, we propose a strong proxy signature scheme based on two computationally hard assumptions, namely, Discrete Logarithmic Problem (DLP) and Computational Diffie-Helmann (CDH) problem, which satisfies all the security properties of a standard proxy signature scheme. The property ‘strong’ refers to the fact that only a designated person can only verify the authenticit...

2007

Multi-proxy signature allows an original signer authorizing a proxy group as his proxy agent and only the cooperation of all proxy signers in the group can create a proxy signature on behalf of the original signer. Recently, Jin and Wen defined a formal model of certificateless multi-proxy signature and proposed a concrete scheme. They claimed that their scheme is provably secure in their security model. Unfortunately, by giving concrete attacks, we show that Jin-Wen's certificateless multi-proxy signature scheme is not secure according to their security model. Possible improvements of their scheme are also suggested to prevent these attacks.

annals of telecommunications - annales des télécommunications, 2015

Multi-proxy multi-signature scheme is one of the useful primitives of proxy signature scheme which enables a group of signers to delegate their signing rights to another group of their proxy signers. In literatures, only a few schemes of identity (ID)-based multi-proxy multi-signature (IBMPMS) from bilinear pairings are available but those schemes cannot be considered practical for implementations because either those are insecure or cost inefficient. Whereas due to numerous applications of IBMPMS scheme in distributed systems, grid computing, global distribution networks, etc., construction of an efficient and secure IBMPMS scheme is desired. In this paper, we propose a new construction of IBMPMS scheme from bilinear pairings. We also discuss a security model for IBMPMS schemes and prove that the proposed scheme is existential unforgeable against adaptive chosen-message and adaptive chosen-ID attacks under the computational Diffie-Hellman (CDH) assumption. Moreover, the proposed scheme is more efficient in the view of computation and operation time than the

Information Technology And Control, 2014

The elliptic curve cryptosystem (ECC) achieves the security level equivalent to that of digital signature algorithm (DSA), but has a lower computational cost and a smaller key size than the DSA. Till now so many proxy multi-signature schemes based on ECC without pairings have been proposed. To the best of our knowledge, none of them are provable secure. Having motivated, we first define a formal security model and then propose a provable secure proxy multi-signature scheme based on ECC without pairings. Our proposed scheme can play a crucial role in application to distributed systems, grid computing, mobile agent environment etc.