Abstract.To alleviate the influence of key exposure, we combine forwardsecurity with certificate-based cryptography and give formal definitions and the security model of forward-secure certificate-based signatures. Then we propose a forward-secure certificate-based signature scheme, which is proven to be existentially unforgeable against adaptive chosen message attacks in the standard model. Hence, we partially solve the key exposure problem in certificate-based signature scheme and improve the system security.
Cryptographic computations are often carried out on insecure devices for which the threat of key exposure raises a serious concern. In an effort to address the key exposure problem, the notion of forward security was first presented by Günther in 1990. In a forward-secure scheme, secret keys are updated at regular periods of time; exposure of the secret key corresponding to a given time period does not enable an adversary to 'break' the scheme for any prior time period. In this paper, we first introduce forward security into certificate-based cryptography and define the security model of forward-secure certificate-based signatures (CBSs). Then we propose a forward-secure CBS scheme, which is shown to be secure against adaptive chosen message attacks under the computational DiffieHellman assumption in the random oracle model. Our result can be viewed as the first step toward solving the key exposure problem in CBSs and thus improving the security of the whole system.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.