Provably secure revocable ID‐based signature in the standard model

Tsai, Tung Tso; Tseng, Yuh‐Min

doi:10.1002/sec.696

Cited by 29 publications

(29 citation statements)

References 31 publications

(49 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the adversary model, there are two types of adversaries, namely, Type I adversary (a curious CRA or an outsider) and Type II adversary (a revoked user). As compared with the adversary models of RIBS schemes presented in Tsai et al (2013b), Hung et al (2017), Jia et al (2017), three new key leakage queries, namely, the key extract leak query, time key update leak query and signing leak query are added to our new adversary model. These added leak queries allow an adversary to continuously extract fractional content of private/secret keys participated in the computation rounds.…”

Section: Contribution and Organizationmentioning

confidence: 99%

“…Computability:ê(g, g) rs can be computed efficiently for any r, s ∈ Z * p . For the detailed properties and settings with regard to bilinear groups, please refer to Boneh and Franklin (2001), Tsai et al (2013b), Lynn (2015), Scott (2011).…”

Section: Bilinear Groupsmentioning

confidence: 99%

“…By extending the adversary model (security notions) presented in the RIBS schemes (Tsai et al, 2013b;Hung et al, 2017;Jia et al, 2017), we present an adversary model of LR-RIBS schemes with CRA, which allows an adversary to extract fractional content of the private/secret keys. According to our framework, an adversary can extract fractional content of the PKG's system secret key (SSK i,1 , SSK i,2 ) in the i-th invocation of the Key extract algorithm.…”

Section: Adversary Model (Security Notions)mentioning

confidence: 99%

“…Here, we compare the performance between previously proposed RIBS schemes (Tsai et al, 2013b;Jia et al, 2017) and our LR-RIBS scheme with CRA. In the following, four notations are defined respectively to represent four time-consuming operation costs of bilinear groups:…”

Section: Performance Comparisonsmentioning

confidence: 99%

“…Namely, for all non-revoked users, the PKG periodically generates and sends the associated time update keys to these users using a public channel. Subsequently, numerous cryptographic primitives based on RID-PKS settings were presented, such as revocable ID-based encryption (RIBE) (Tsai et al, 2012(Tsai et al, , 2013a and revocable ID-based signature (RIBS) schemes (Tsai et al, 2013b;Hung et al, 2017). Furthermore, several RIBE and RIBS schemes (Li et al, 2015;Tseng et al, 2018;Jia et al, 2017) have been proposed to outsource the periodical generations of time update keys to a cloud revocation authority (CRA).…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

Leakage-Resilient Revocable Identity-Based Signature with Cloud Revocation Authority

Wu¹,

Tseng²,

Huang³

et al. 2020

Informatica

Self Cite

View full text Add to dashboard Cite

Very recently, side-channel attacks have threatened all traditional cryptographic schemes. Typically, in traditional cryptography, private/secret keys are assumed to be completely hidden to adversaries. However, by side-channel attacks, an adversary may extract fractional content of these private/secret keys. To resist side-channel attacks, leakage-resilient cryptography is a countermeasure. Identity-based public-key system (ID-PKS) is an attractive public-key setting. ID-PKS settings not only discard the certificate requirement, but also remove the construction of the public-key infrastructure. For solving the user revocation problem in ID-PKS settings, revocable ID-PKS (RID-PKS) setting has attracted significant attention. Numerous cryptographic schemes based on RID-PKS settings have been proposed. However, under RID-PKS settings, no leakage-resilient signature or encryption scheme is proposed. In this article, we present the first leakage-resilient revocable ID-based signature (LR-RIBS) scheme with cloud revocation authority (CRA) under the continual leakage model. Also, a new adversary model of LR-RIBS schemes with CRA is defined. Under this new adversary model, security analysis is made to demonstrate that our LR-RIBS scheme with CRA is provably secure in the generic bilinear group (GBG) model. Finally, performance analysis is made to demonstrate that our scheme is suitable for mobile devices.

show abstract

Section: Contribution and Organizationmentioning

confidence: 99%

Section: Bilinear Groupsmentioning

confidence: 99%

Section: Adversary Model (Security Notions)mentioning

confidence: 99%

Section: Performance Comparisonsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

Leakage-Resilient Revocable Identity-Based Signature with Cloud Revocation Authority

Wu¹,

Tseng²,

Huang³

et al. 2020

Informatica

Self Cite

View full text Add to dashboard Cite

show abstract

Lattice‐based batch authentication scheme with dynamic identity revocation in VANET

Cui

Wang

et al. 2022

Int J of Intelligent Sys

View full text Add to dashboard Cite

Aggregate signatures allow someone to aggregate multiple signatures into one signature, which is suitable for resource‐constrained and computationally inefficient environments. Identify‐based aggregate signature can solve the storage problem of public key certificates while achieving efficient signature verification. However, in most of the identity‐based aggregate signature schemes, the user identity revocation process is time‐consuming and cannot resist quantum attacks. To solve above problems, this paper proposes a lattice‐based aggregate signature scheme with dynamic identity revocation by combining lattice‐based cryptography and an aggregate signature scheme. The security of the proposed lattice‐based aggregate signature scheme with dynamic identity revocation has been proved in the random oracle model. In addition, the verification efficiency of the aggregate signature has been improved compared with multiple different signatures. Much of the data transfer in Vehicular Ad Hoc Network (VANET) is carried out wirelessly, which makes VANET vulnerable to identity spoofing attacks. Identity authentication technology can prevent attackers from impersonating legitimate users, thus ensuring the security of VANET. Based on the proposed lattice‐based aggregate signature scheme with dynamic identity revocation, this paper proposes a lattice‐based batch authentication scheme with dynamic identity revocation in VANET. Through the proposed batch authentication scheme, we can effectively resist the impersonation attack of VANET in the quantum computer environment, and the efficiency of authentication is improved.

show abstract

Revocable and strongly unforgeable identity‐based signature scheme in the standard model

Liu

Zhang

et al. 2016

Security Comm Networks

View full text Add to dashboard Cite

Revocation functionality is crucial for the practicality of the public key cryptosystems, especially for that of identity‐based cryptosystems. When some users lose their private keys, the cryptosystems must support an efficient revocation method to revoke such users. On the other hand, strong unforgeability provides stronger security than existential unforgeability and ensures the adversary cannot even produce a new signature for a previously signed message. However, existing revocable identity‐based signature schemes can support neither efficient key revocation nor strong unforgeability. In this paper, we propose a strongly unforgeable identity‐based signature scheme with efficient revocation. In the proposed scheme, the master key is randomly divided into two parts: one is used to construct the initial secret key, the other is used to generate the key update. Furthermore, they are used to periodically and re‐randomly produce signing keys for non‐revoked users. Thus, the proposed scheme can efficiently revoke users and resist key exposure attacks. In the standard model, our scheme is proven to be strongly unforgeable under the CDH hardness assumption. Copyright © 2016 John Wiley & Sons, Ltd.

show abstract

Provably secure revocable ID‐based signature in the standard model

Cited by 29 publications

References 31 publications

Leakage-Resilient Revocable Identity-Based Signature with Cloud Revocation Authority

Leakage-Resilient Revocable Identity-Based Signature with Cloud Revocation Authority

Lattice‐based batch authentication scheme with dynamic identity revocation in VANET

Revocable and strongly unforgeable identity‐based signature scheme in the standard model

Contact Info

Product

Resources

About