A Forward-Secure Certificate-Based Signature Scheme

Li, Jiguo; Teng, Huiyun; Huang, Xinyi; Zhang, Yichen; Zhou, Jianying

doi:10.1093/comjnl/bxt141

Cited by 8 publications

(6 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In a different view, several pieces of research resolve an issue that occurs when the forward security is applied to certificate-based cryptography. Lu and Li first apply the forward security notion into certificate-based cryptography, and they propose a forward secure certificate based signature scheme without a random oracle model [36]. They solve an issue that occurs when a certificated authority is malicious [37] and propose a certificate-based key-insulated signature that improves the security in certificate-based cryptography [38].…”

Section: Related Workmentioning

confidence: 99%

Forward-Secure Multi-User Aggregate Signatures Based on zk-SNARKs

Lee

Kim

2021

IEEE Access

View full text Add to dashboard Cite

As a solution to mitigate the key exposure problems in the digital signature, the forward security has been proposed. The forward security guarantees the integrity of the messages generated in the past despite leaks of a current time period secret key by evolving a secret key on each time period. In this paper, we propose a new forward secure aggregate signature scheme utilizing recursive zk-SNARKs (zero knowledge Succinct Non-interactive ARguments of Knowledge). Our proposal has constant complexities in key/signature sizes, signature generation, and verification time. The proposed forward secure signature scheme can aggregate signatures generated by multiple users as well as a single user. The security of the proposed scheme is formally proven under zero-knowledge assumption and random oracle model. The experiment results show that our signature scheme yields 12s for signing time, 1ms for verification time, 25s for aggregation time, with the 1.6KB secret key size and signature size independent of the number of time periods.

show abstract

Section: Related Workmentioning

confidence: 99%

Forward-Secure Multi-User Aggregate Signatures Based on zk-SNARKs

Lee

Kim

2021

IEEE Access

View full text Add to dashboard Cite

show abstract

“…Similarly, it can also benefit from the adoption of FourQ curve, especially when considered with the DBPV due to its optimized EC addition. In [43], [44], efficient digital signature and signcryption schemes were proposed. Although these schemes include bilinear pairing and therefore, cannot adopt FourQ curve, they can benefit from IoD-Crypt optimizations.…”

Section: A Broad Application To Iod and Ec-based Schemesmentioning

confidence: 99%

IoD-Crypt: A Lightweight Cryptographic Framework for Internet of Drones

Ozmen,

Behnia,

Yavuz

2019

Preprint

View full text Add to dashboard Cite

Internet of Drones (IoD) is expected to play a central role in many civilian and military applications, that require sensitive and mission-critical information to be processed. It is therefore vital to ensure the security and privacy of IoD. However, unlike traditional networks, IoD has a broader attack surface and is highly energy-constrained, which hinder the direct adoption of standard cryptographic protocols for IoD.We propose an energy-efficient cryptographic framework (namely IoD-Crypt), which can potentially meet the requirements of battery-limited IoD. Specifically, IoD-Crypt utilizes special precomputation techniques and self-certified primitives to gain significant computation and communication efficiency over the standard public key cryptography (PKC) suites. Our integrations and optimizations are broadly applicable to key exchange, digital signature and public key encryption schemes that encompass generic applications of PKC in IoD. We prove that IoD-Crypt is secure in the random oracle model. We fully implemented IoD-Crypt on two common drone processors, namely 8-bit AVR and 32-bit ARM, and conducted an in-depth energy analysis. Our experiments (on both platforms) showed that IoD-Crypt offers up to 48× less energy consumption compared to standard techniques. We have open-sourced our implementations for wide adoption and public testing purposes.

show abstract

“…As introduced in [38,39], the adversarial model for FS-CBS should distinguish two different types of adversaries. The Type-I adversary (denoted by  I ) acts as an outside attacker who has not been certified by the CA.…”

Section: Framework and Security Definitions Of Fs-cbsmentioning

confidence: 99%

“…Below, we compare the enhanced FS-CBS scheme with Li et al's scheme [38]. Considering that the FS-CBS scheme in [39] is designed in the random oracle model, we do not include it in the comparison. Table 1, we mainly consider four distinct cryptographic operations in the computation cost comparison, including the bilinear pairing, the multiplication in G 2 , the exponentiation in G 1 and the multiplication in bits.…”

Section: Comparisonmentioning

confidence: 99%

See 1 more Smart Citation

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

Lu¹,

Li²

2019

KSII TIIS

View full text Add to dashboard Cite

Leakage of secret keys may be the most devastating problem in public key cryptosystems because it means that all security guarantees are missing. The forward security mechanism allows users to update secret keys frequently without updating public keys. Meanwhile, it ensures that an attacker is unable to derive a user's secret keys for any past time, even if it compromises the user's current secret key. Therefore, it offers an effective cryptographic approach to address the private key leakage problem. As an extension of the forward security mechanism in certificate-based public key cryptography, forward-secure certificate-based signature (FS-CBS) has many appealing merits, such as no key escrow, no secure channel and implicit authentication. Until now, there is only one FS-CBS scheme that does not employ the random oracles. Unfortunately, our cryptanalysis indicates that the scheme is subject to the security vulnerability due to the existential forgery attack from the malicious CA. Our attack demonstrates that a CA can destroy its existential unforgeability by implanting trapdoors in system parameters without knowing the target user's secret key. Therefore, it is fair to say that to design a FS-CBS scheme secure against malicious CAs without lying random oracles is still an unsolved issue. To address this problem, we put forward an enhanced FS-CBS scheme without random oracles. Our FS-CBS scheme not only fixes the security weakness in the original scheme, but also significantly optimizes the scheme efficiency. In the standard model, we formally prove its security under the complexity assumption of the square computational Diffie-Hellman problem. In addition, the comparison with the original FS-CBS scheme shows that our scheme offers stronger security guarantee and enjoys better performance.

show abstract

A Forward-Secure Certificate-Based Signature Scheme

Cited by 8 publications

References 36 publications

Forward-Secure Multi-User Aggregate Signatures Based on zk-SNARKs

Forward-Secure Multi-User Aggregate Signatures Based on zk-SNARKs

IoD-Crypt: A Lightweight Cryptographic Framework for Internet of Drones

A Forward-Secure Certificate-Based Signature Scheme with Enhanced Security in the Standard Model

Contact Info

Product

Resources

About