Efficient certificateless authenticated key agreement protocol from pairings

0 IntroductionKey agreement protocol is vital to Web security,whichallows two communication parties (i .e.the Web cli-ent and Web server) to establish a secret session key overan open network. The session key,generated with contri-butions fromall the communicating parties ,is usually sub-sequently be used to achieve some cryptographic goal be-tweenthe Web clients and servers ,such as confidentialityor dataintegrity. The first two-party key agreement proto-col was first proposed by Diffie and…     

A new certificateless public key encryption scheme

Certificateless public key cryptography （CL-PKC） enjoys the advantage of identity based cryptography without suffering from its inherent key escrow problem. In this paper, a new efficient certificateless public key encryption scheme is proposed and its security can reach chosen-ciphertext （CCA2） secure in the random oracle model assuming the CDH and p-BDHI problem are difficult. A comparison shows that the efficiency of the proposed scheme is better than all known paring-based certificateless public key encryption schemes in the random oracle model.     

A certificateless threshold public key encryption scheme

The decryption participant’s private key share for decryption is delegated by key generation center in the threshold IBE scheme.However,a key generation center which is absolutely trustworthy does not exist.So the author presents a certificateless threshold public key encryption scheme.Collaborating with an administrator,the decryption participant generates his whole private key share for decryption in the scheme.The administrator does not know the decryption participant’s private key share for decryption.Making use of q-SDH assumption,the author constructs a certificateless threshold public key encryption scheme.The security of the scheme is eventually reduced to the solving of Decisional Bilinear Diffie-Hellman problem.Moreover,the scheme is secure under the chosen ciphertext attack in the standard model.     

一种无证书强代理签名方案的设计

对某高效无证书代理签名方案进行分析,发现该方案达不到其声称的高效率,而且存在安全隐患.为进一步提高无证书代理签名方案的效率,利用双线性对构造了一个新的无证书代理签名方案,其安全性基于Diffie-Hellman困难问题,证明了新方案满足代理签名的安全性要求,且该方案比前述某高效无证书代理签名方案更为高效.     

一种可抵抗内部攻击的高效群组密钥协商协议编译器

目前设计可抵抗内部攻击的群组密钥协商协议需要调用2个不同的协议编译器,使得协议的执行效率较低而且协议设计的复杂度较高,为此,通过改进上述2个协议编译器,提出了一种新的编译器.该编译器只需对群组密钥协商协议进行一次编译,即可生成具有抵抗内部攻击能力的群组密钥协商协议.然后在随机预言机模型下,针对提出的编译器所生成的协议进行了安全性分析,并严格证明了生成的协议是具有抵抗内部攻击能力的群组密钥协商协议.最后对比分析表明,利用提出的编译器生成的协议与现有编译器生成的协议相比,具有较高的效率和较低的设计复杂度.     

An efficient certificateless ring signature scheme

To overcome the drawbacks such as high computational cost, unreasonable security model and long signature length in existing certificateless ring signature schemes, we propose an efficient certificateless ring signature scheme in this paper. Our construction is inspired by some efficient ID-based ring signature schemes, and uses bilinear pairings as a basic tool. Using a reasonable security model, the unforgeability of the proposed scheme is proven based on the intractability of the computational Diffie-Hellman （CDH） problem. The signature length of the new scheme is only ｜G2｜＋n｜G1｜ （｜Gi｜ is the bit length of an element in group Gi, i =1, 2）. Compared with other existing certificateless ring signature schemes, the newly proposed scheme has a shorter signature length and is more efficient and practical.     

Identity Based Group Key Agreement from Bilinear Pairing

0 IntroductionMulticast isthe core component of the groupcommunica-tions .There are several schemes proposed for securemulticast . The logical key hierarchy (LKH) was proposed byWonget al[1].Inthat ,the groupcontroller (GC) maintains alogical key tree where each node represents a key encryptionkey. An opti mizationthat haves the size of the rekeying mes-sages is described by Canettiet al[2]using a pseudo-randomgenerator tree(OFCT) . Another methodis the one-wayfunc-tion protocol (OFT)[3…     

一种贡献型的动态群密钥交换协议

利用DH(diffie hellman)问题、数字签名和哈希函数的内容,提出一种贡献型的动态群密钥交换协议,并对协议的安全性和计算效率进行了分析.所提出的协议中,每个群成员都贡献信息而生成会话密钥,协议能实现群成员的加入或离开.安全性分析表明,所提出的协议是安全的,能满足群密钥交换协议的安全性要求.协议效率比较分析表明所提协议的存储量和计算量都较小.     

无证书密钥隔离签名方案

由于移动互联网络的快速发展,如何保障签名过程中用户私钥在不安全的环境中不被泄露,成为倍受关注的问题。为了降低密钥泄露带来的危害,密钥隔离成为核心解决方法之一。文献[8]提出了一个基于身份的密钥隔离签名方案,并且在标准模型下证明了该方案的安全性。但在实际应用中文献[8]的方案是存在密钥托管问题的。为了弥补文献[8]中基于身份方案的不足,提出了一种无证书的密钥隔离签名方案。该方案不仅具有基于身份密钥隔离签名方案的核心功能,而且解决了基于身份密钥隔离签名方案中存在的密钥托管问题。     

Two-Party Authenticated Key Agreement in Certificateless Public Key Cryptography

0 Introduction To simplify the management of certificates of tradi- tional PKI, Shamir[1] proposed the identity-based public key cryptography (ID-PKC) in which the public key of each party is derived directly from certain aspects of its identity, for exam…     

Provable Security of ID-Based Proxy Multi-Signature Schemes

In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature （ID-PMS） schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.     

Security Analysis of Broadcaster Group Key Exchange Protocols

0 IntroductionAs a result of the increased development of network,group communication occursin many different settings .Anumber of group key exchange protocols have been pub-lished duringthelast years[1-11].This paper discusses thefirsttype; we calledit broadcaster protocols .Secure group communicationis not a si mple extension ofsecure two-party communication. They should provide dy-namic security that is the most complicated aspect . Groupcommunication mutates ( members leave and join) afte…     

New multivariate-based certificateless hybrid signcryption scheme for multi-recipient

With the development of quantum computer,multivariate public key cryptography withstanding quantum attack has became one of the research focus.The existed signcryption schemes from discrete logarithm and bilinear paring are facing the serious threats.Based on multivariate public key cryptography,a new certificateless multi-receiver hybrid signcryption scheme has been proposed.The proposal reduced the cipher text and could handle arbitrary length messages by employing randomness reusing and hybrid encryption,as well as keeping security.In the random oracle model,the scheme’s confidentiality could withstand the IND-CCA2 adversary and its unforgeability could withstand the UF-CMA adversary under the hardness of multivariate quadratic(MQ)problem and isomorphism of polynomials(IP)assumption.It has less computation overhead and higher transmission efficiency than others.It reduced 33%cipher data compared with the existed similar scheme.     

Efficient Authenticated Key Agreement Protocol Using Self-Certified Public Keys from Pairings

An efficient authenticated key agreement protocol is proposed, which makes use of bilinear pairings and selfcertified public keys. Its security is based on the security assumptions of the bilinear Diffie-Hellman problem and the computational Diffic-Hellman problem. Users can choose their private keys independently. The public keys and identities of users can bc verified implicitly when the session key being generating in a logically single step. A trusted Key Generation Center is no longer required as in the ID-based authenticated key agreement protocols. Compared with existing authenticated key agreement protocols from pairings, the new proposed protocol is more efficient and secure.     

群密钥协商协议的效率分析

给出了两类群密钥协商协议的效率比较,它们分别是基于口令群密钥协商协议和基于双线性对群密钥协商协议。比较的结果为对密钥协商协议的安全性分析,形式化证明及设计更有效、更安全的群密钥协商协议提供了很大的帮助。     

Breaking and repairing the certificateless key agreement protocol from ASIAN 2006

The certificateless authenticated key agreement protocol proposed by Mandt et al does not haVE the property of key-compromise impersonation （K-CI） resilience. An improved protocol with a simple modification of their protocol is proposed in this paper. In particular, our improved protocol is proved to be immune to the K-CI attack and at the same time possess other security properties.     

Off-line dictionary attack on password-based authenticated key exchange protocols

In 2010,Lee et al proposed two simple and efficient three-party password-authenticated key exchange protocols that had been proven secure in the random oracle model.They argued that the two protocols could resist offline dictionary attacks.Indeed,the provable approach did not provide protection against off-line dictionary attacks.This paper shows that the two protocols are vulnerable to off-line dictionary attacks in the presence of an inside attacker because of an authentication flaw.This study conducts a detailed analysis on the flaw in the protocols and also shows how to eliminate the security flaw.     

无证书有序多重签名方案的安全性分析

为了提高分布式环境下信任链上推荐信息的认证效率,秦艳琳等人提出一个高效的有固定签名长度的无证书有序多重签名方案,并证明了她们的方案是安全的.但是,秦方案的设计存在安全缺陷,通过具体攻击方法进行分析,结果显示,任意一个敌手都可以篡改其信任路径上的信息,可以伪造所有节点对信息的多重签名.     

Password-Based Group Key Agreement Protocol for Client-Server Application

0 IntroductionWith the rapid advances of computer networks , moreand more users are connecting together to exchangelarge amounts of information and share useful resources .However ,the security issue is still a major gating factor fortheir full adoption; mainly due to many malicious adversariesresidingin networked environments will eavesdrop,interceptand modify the transmittedinformation.The client-server model , over past years , has enjoyedsignificant and continually increasing popularity in…     

基于身份的多服务器认证密钥协商方案

将基于身份的密码体制与远程多服务器密钥协商相结合,提出一种基于身份的远程多服务器密钥协商方案.用户注册时由私钥生成中心颁发私钥并安全存放于智能卡中.用户登录服务器前,双方采用基于身份的双线性配对计算进行双向身份认证,并协商生成会话密钥.服务器端无须保存口令表,用户端无须建立数据表存储相关登录信息,无须在终端能离线更改登录口令.该方案减少了密钥协商的通信开销、计算开销以及存储开销,在标准BR安全模型下该方案被证明是安全的.