A Forward-Secure Certificate-Based Signature Scheme in the Standard Model

Li, Jiguo; Zhang, Yichen; Teng, Huiyun

doi:10.1007/978-3-642-35362-8_28

Cited by 6 publications

(17 citation statements)

References 22 publications

(35 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…As shown in [27,35], it is very likely to compromise a target's message privacy or signature unforgeability without the knowledge of the corresponding secret key by injecting some malicious trapdoors into the system. In this paper, we demonstrate that Li et al's FS-CBS scheme [38] is insecure under the existential forgery attack from the malicious CA. Our presented attack shows that a CA can easily inject trapdoors into the system and forge valid signatures in the name of any user.…”

Section: Contributionsmentioning

confidence: 77%

“…Our proofs in the standard model demonstrate that it achieves the unforgeability against chosen-message attacks under the complexity assumption of the square computational Diffie-Hellman problem. Compared with Li et al's FS-CBS scheme [38], the enhanced scheme enjoys three advantages. First of all, it can offer stronger safety guarantee for the practical application since it is immune to the existential forgery attack by the malicious CA.…”

Section: Contributionsmentioning

confidence: 99%

“…The goal of this paper is to fix the security vulnerability in the FS-CBS scheme presented by Li et al in [38]. In Li et al's scheme, the CA is supposed to be honest but curious.…”

Section: Contributionsmentioning

confidence: 99%

“…They also provided a generic method to construct the FS-CBE schemes. Subsequently, Li et al [38] put forward the concept of forward-secure CBS (FS-CBS) along with a FS-CBS scheme without random oracles. In the standard model, Li et al proved the security of their scheme under the complexity assumptions of the many Diffie-Hellman (Many-DH) and the generalized computational Diffie-Hellman (GCDH) problems.…”

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

Lu¹,

Li²

2019

KSII TIIS

View full text Add to dashboard Cite

Leakage of secret keys may be the most devastating problem in public key cryptosystems because it means that all security guarantees are missing. The forward security mechanism allows users to update secret keys frequently without updating public keys. Meanwhile, it ensures that an attacker is unable to derive a user's secret keys for any past time, even if it compromises the user's current secret key. Therefore, it offers an effective cryptographic approach to address the private key leakage problem. As an extension of the forward security mechanism in certificate-based public key cryptography, forward-secure certificate-based signature (FS-CBS) has many appealing merits, such as no key escrow, no secure channel and implicit authentication. Until now, there is only one FS-CBS scheme that does not employ the random oracles. Unfortunately, our cryptanalysis indicates that the scheme is subject to the security vulnerability due to the existential forgery attack from the malicious CA. Our attack demonstrates that a CA can destroy its existential unforgeability by implanting trapdoors in system parameters without knowing the target user's secret key. Therefore, it is fair to say that to design a FS-CBS scheme secure against malicious CAs without lying random oracles is still an unsolved issue. To address this problem, we put forward an enhanced FS-CBS scheme without random oracles. Our FS-CBS scheme not only fixes the security weakness in the original scheme, but also significantly optimizes the scheme efficiency. In the standard model, we formally prove its security under the complexity assumption of the square computational Diffie-Hellman problem. In addition, the comparison with the original FS-CBS scheme shows that our scheme offers stronger security guarantee and enjoys better performance.

show abstract

Section: Contributionsmentioning

confidence: 77%

Section: Contributionsmentioning

confidence: 99%

“…The goal of this paper is to fix the security vulnerability in the FS-CBS scheme presented by Li et al in [38]. In Li et al's scheme, the CA is supposed to be honest but curious.…”

Section: Contributionsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

Lu¹,

Li²

2019

KSII TIIS

View full text Add to dashboard Cite

show abstract

“…Recently, Li et al . proposed a forward‐secure certificate‐based signature scheme, which is proven to be secure in the standard model. The proposed scheme alleviates the influence of key exposure.…”

Section: Introductionmentioning

confidence: 99%

Provably secure certificate‐based key‐insulated signature scheme

Zhang

et al. 2013

Concurrency and Computation

Self Cite

View full text Add to dashboard Cite

SUMMARYCertificate-based signature computation is often performed on insecure devices where the signature key is easy to be exposed. To reduce the influence of key exposure, we introduce key-insulated mechanism into certificate-based cryptography and formalize the notion and security model of the certificate-based key-insulated signature scheme. We then present a certificate-based key-insulated signature scheme, which is proven to be existentially unforgeable against adaptive chosen message attacks in the random oracle model. The proposed scheme has potential applications in trusted computing.

show abstract

A provably secure certificate-based encryption scheme against malicious CA attacks in the standard model

2016

Information Sciences

View full text Add to dashboard Cite

A Forward-Secure Certificate-Based Signature Scheme in the Standard Model

Cited by 6 publications

References 22 publications

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

Provably secure certificate‐based key‐insulated signature scheme

A provably secure certificate-based encryption scheme against malicious CA attacks in the standard model

Contact Info

Product

Resources

About