Dennis Y. W. Liu

Revocable Ring Signature

Group signature allows the anonymity of a real signer in a group to be revoked by a trusted party called group manager. It also gives the group manager the absolute power of controlling the formation of the group. Ring signature, on the other hand, does not allow anyone to revoke the signer anonymity, while allowing the real signer to form a group (also known as a ring) arbitrarily without being controlled by any other party. In this paper, we propose a new variant for ring signature, called Revocable Ring Signature. The signature allows a real signer to form a ring arbitrarily while allowing a set of authorities to revoke the anonymity of the real signer. This new variant inherits the desirable properties from both group signature and ring signature in such a way that the real signer will be responsible for what it has signed as the anonymity is revocable by authorities while the real signer still has the freedom on ring formation. We provide a formal security model for revocable ring signature and propose an efficient construction which is proven secure under our security model.

Formal definition and construction of nominative signature

Since the introduction of nominative signature in 1996, there are three problems that have still not been solved. First, there is no convincing application proposed; second, there is no formal security model available; and third, there is no proven secure scheme constructed, given that all the previous schemes have already been found flawed. In this paper, we give positive answers to these problems. First, we illustrate that nominative signature is a better tool for building user certification systems which were originally implemented using universal designated-verifier signature. Second, we propose a formal definition and adversarial model for nominative signature. Third, we show that Chaums undeniable signature can be transformed to an efficient nominative signature by simply using a standard signature. The security of our transformation can be proven under the standard number-theoretic assumption.

An efficient one-move Nominative Signature scheme

A signer in a Nominative Signature (NS) scheme can arbitrarily choose a nominee, then jointly generate a signature in such a way that the signature can only be verified with the nominees consent. NS is particularly useful in user certification systems. Currently, the only secure NS scheme available requires multiround communications between the nominator and the nominee during signature generation. This implies that an NS-based user certification system requires a certification issuer to interact with a user using a complicated multiround protocol for certificate issuance. It remains an open problem to construct an efficient and non-interactive NS scheme. In this article, we solve this problem by proposing the first efficient one-move (i.e. non-interactive) NS scheme. In addition, we propose an enhanced security requirement called Strong Invisibility, and prove that our scheme satisfies this strong security requirement.

Nominative signature from ring signature

Since the introduction of nominative signature (NS) in 1996, there have been a handful of schemes proposed and almost all of them have been found flawed. The only one which is secure requires multiround of communications between the nominator and the nominee for signature generation. In this paper, we propose a novel construction which is efficient and requires only one-move communication for signature generation. We also show that the construction is secure under the strongest security model currently available and the reductionist proofs only rely on standard number-theoretic assumptions. As of independent interest, our construction illustrates an interesting use of ring signature.

One-Move convertible nominative signature in the standard model

A Nominative Signature (NS) is a non-self-authenticating signature which is jointly generated by a signer (or a nominator) and a user (or a nominee), but once generated, its validity can only be determined by the user. No one else including the signer can tell the signatures validity unless the user confirms or disavows so, while the user cannot cheat either. One-move NS is an efficient type of NS that requires the signer to send only one message to the user during the signature generation stage. Currently, there exists only one one-move NS scheme which is proven secure in the standard model, and is convertible, that is, the user can transform a nominative signature to a publicly verifiable one without the help of the signer. However, the number of elements in the keys of both signer and user grows linearly with the value of the security parameter. In this paper, we propose a new one-move NS which is convertible, can be proven secure in the standard model, and also has a constant number of elements in the keys of both signer and user. We apply the Boneh-Boyen short standard signature in a novel way to build this nominative signature scheme. We show that this new scheme achieves the best performance among all the schemes proven secure in the standard model, and its security relies only on the standard q-SDH and DDH assumptions.

One-move convertible nominative signature in the standard model

A nominative signature NS is a non-self-authenticating signature that is jointly generated by a signer or a nominator and a user or a nominee, but once generated, its validity can only be determined by the user. No one else including the signer can tell the signatures validity unless the user confirms or disavows so, whereas the user cannot cheat either. One-move NS is an efficient type of NS that requires the signer to send only one message to the user during the signature generation stage. Currently, there exists only one one-move NS scheme that is proven secure in the standard model, and is convertible, that is, the user can transform a nominative signature to a publicly verifiable standard signature without the signers aid. However, the number of elements in the keys of both signer and user grows linearly with the value of the security parameter. In this paper, we propose a new one-move NS which is convertible, can be proven secure in the standard model, and also has a constant number of elements in the keys of both the signer and the user. We apply the Boneh-Boyen short standard signature in a novel way to build this nominative signature scheme. We show that this new scheme achieves the best performance among all the schemes proven secure in the standard model, and its security relies only on the standard q-strong Diffie-Hellman and decisional Diffie-Hellman assumptions. Finally, we will present a generic construction by utilizing a secure standard signature scheme and a secure encryption scheme. Copyright

Ambiguous One-Move Nominative Signature Without Random Oracles

Nominative Signature is a useful tool in situations where a signature has to be created jointly by two parties, a nominator (signer) and a nominee (user), while only the user can verify and prove to a third party about the validity of the signature. In this paper, we study the existing security models of nominative signature and show that though the existing models have captured the essential security requirements of nominative signature in a strong sense, especially on the unforgeability against malicious signers/users and invisibility, they are yet to capture a requirement regarding the privacy of the signer and the user, and this requirement has been one of the original ones since the notion of nominative signature was first introduced. In particular, we show that it is possible to build a highly efficient nominative signature scheme which can be proven secure in the existing security models, while in practice it is obvious to find out from the component(s) of a nominative signature on whether a particular signer or user has involved in the signature generation, which may not be desirable in some actual applications. We therefore propose an enhanced security property, named “Ambiguity”, and also propose a new one-move nominative scheme for fulfilling this new security requirement without random oracles, and among the various types of nominative signature, one-move is the most efficient type. Furthermore, this new scheme is at least 33 % more efficient during signature generation and 17 % shorter in signature size when compared with the existing one-move signature schemes without random oracles even that the existing ones in the literature may not satisfy this new Ambiguity requirement.

Performance of Digital Signature Schemes on Mobile Devices

Exchanges of information (with various types of documents, images and movies) among mobile devices are very common nowadays because these devices have been widely used in people’s daily lives. The fact that the information being handled may be sensitive and valuable has increased people’s awareness in the need for mobile security. In the context of digital communications, the common security requirements include authentication integrity and nonrepudiation. The standard solution is a technique from the cryptographic community known as digital signature. In practice, the solution is quite adequate, since the personal computers of today are perfectly capable of signature generation and verification. In this chapter, we plan to investigate the situation in which everything goes mobile. The main difference is that mobile devices are limited by their computational power and battery capacity. Specifically, we conduct performance evaluations on two digital signature schemes. We examine the computation time and energy consumption in the signature generation and verification process on two mobile devices. Our results show that modern mobile devices are capable of handling digital signatures.

A project-problem based learning approach for appreciating ancient cultural heritage through technologies: Realizing mystical buildings in Dunhuang Mural

This paper reports a project-problem based learning approach for motivating technically skilled students to learn and appreciate cultural heritage, a discipline which is unrelated to their own majors. A group of undergraduate students participated in this pilot project. They were placed in an interdisciplinary environment, instructed to apply 3D design and 3D printing technologies to realize ancient drawings of buildings found in the Dunhuang Mural from the Tang Dynasty, China (618–907 AD). Self-learning and peer-learning pedagogies were adopted in the project, they guided students to overcome the challenges and attain the project outcomes. All participants had successfully completed the assigned tasks and their achievements were recognized in a public exhibition. From the qualitative and quantitative feedbacks, participants reported statistically significant improvement in their perceptions of learning and appreciating cultural heritage through the project. It also revealed that peer-learning was essential for them to complete the 3D designs, while self-learning was adopted in learning cultural heritage knowledge.