Joseph K. Liu

Malicious KGC attacks in certificateless cryptography

Identity-based cryptosystems have an inherent key escrow issue, that is, the Key Generation Center (KGC) always knows user secret key. If the KGC is malicious, it can always impersonate the user. Certificateless cryptography, introduced by Al-Riyami and Paterson in 2003, is intended to solve this problem. However, in all the previously proposed certificateless schemes, it is always assumed that the malicious KGC starts launching attacks (so-called Type II attacks) only after it has generated a master public/secret key pair honestly. In this paper, we propose new security models that remove this assumption for both certificateless signature and encryption schemes. Under the new models, we show that a class of certificateless encryption and signature schemes proposed previously are insecure. These schemes still suffer from the key escrow problem. On the other side, we also give new proofs to show that there are two generic constructions, one for certificateless signature and the other for certificateless encryption, proposed recently that are secure under our new models.

Linkable Spontaneous Anonymous Group Signature for Ad Hoc Groups

We present a linkable spontaneously anonymous group (LSAG) signature scheme (alternatively known as linkable ring signature scheme) satisfying the following three properties. (1) Anonymity, or signer indistinguishability. (2) Linkability: That two signatures by the same signer can be linked. (3) Spontaneity: No group secret, therefore no group manager or group secret sharing setup. We reduce the security of our scheme to well-known problems under the random oracle model. Using the scheme, we construct a new efficient one-round e-voting system which does not have a registration phase. We also present a new efficient reduction of famous rewind simulation lemma which only relies on elementary probability theory. Threshold extensions of our scheme are also presented.

Separable linkable threshold ring signatures

A ring signature scheme is a group signature scheme with no group manager to setup a group or revoke a signer. A linkable ring signature, introduced by Liu, et al. [20], additionally allows anyone to determine if two ring signatures are signed by the same group member (a.k.a. they are linked). In this paper, we present the first separable linkable ring signature scheme, which also supports an efficient thresholding option. We also present the security model and reduce the security of our scheme to well-known hardness assumptions. In particular, we introduce the security notions of accusatory linkability and non-slanderability to linkable ring signatures. Our scheme supports “event-oriented” linking. Applications to such linking criterion is discussed.

Efficient online/offline identity-based signature for wireless sensor network

In this paper, we present an online/offline identity-based signature scheme for the wireless sensor network (WSN). We argue that due to significant reduction in costs of computation and storage, our scheme is particularly suitable for the WSN environment with severely constrained resources. One of the interesting features of our scheme is that it provides multi-time usage of the offline storage, which allows the signer to re-use the offline pre-computed information in polynomial time, in contrast to one-time usage in all previous online/offline signature schemes. As evidence of the practicality and feasibility of our scheme to be used in the WSN environment, we provide an actual implementation result of our scheme on the MicaZ platform.

A Secure Cloud Computing Based Framework for Big Data Information Management of Smart Grid

Smart grid is a technological innovation that improves efficiency, reliability, economics, and sustainability of electricity services. It plays a crucial role in modern energy infrastructure. The main challenges of smart grids, however, are how to manage different types of front-end intelligent devices such as power assets and smart meters efficiently; and how to process a huge amount of data received from these devices. Cloud computing, a technology that provides computational resources on demands, is a good candidate to address these challenges since it has several good properties such as energy saving, cost saving, agility, scalability, and flexibility. In this paper, we propose a secure cloud computing based framework for big data information management in smart grids, which we call “Smart-Frame.” The main idea of our framework is to build a hierarchical structure of cloud computing centers to provide different types of computing services for information management and big data analysis. In addition to this structural framework, we present a security solution based on identity-based encryption, signature and proxy re-encryption to address critical security issues of the proposed framework.

A Separable Threshold Ring Signature Scheme

We present a threshold ring signature scheme (spontaneous anonymous threshold signature scheme) that allows the use of both RSA-based and DL-based public keys at the same time. More generally, the scheme supports the mixture of public keys for any trapdoor-one-way type as well as three-move type signature schemes. This kind of ‘separability’ has useful applications in practice as a threshold ring signature is no longer limited to support only one particular type of public keys, as required by all the previous schemes. In the paper, we also show that the signature maintains the anonymity of participating signers unconditionally and is existential unforgeable against chosen message attacks in the random oracle model.

Self-Generated-Certificate Public Key Cryptography and certificateless signature/encryption scheme in the standard model: extended abstract

Certificateless Public Key Cryptography (CL-PKC) enjoys a number of features of Identity-Based Cryptography (IBC) while without having the problem of key escrow. However, it does suffer from an attack where the adversary, Carol, replaces Alices public key by someones public key so that Bob, who wants to send an encrypted message to Alice, uses Alices identity and others public key as the inputs to the encryption function. As a result, Alice cannot decrypt the message while Bob is unaware of this. We call it Denial-of-Decryption (DoD) Attack as its nature is similar to the well known Denial-of-Service (DoS) Attack. Based on CL-PKC, we propose a new paradigm called Self-Generated-Certificate Public Key Cryptography (SGC-PKC) that captures the DoD Attack. We also provide a generic construction of a self-generated-certificate public key encryption scheme in the standard model. Our generic construction uses certificateless signature and certificateless encryption as the building block. In addition, we further propose a certificateless signature and a certificateless encryption scheme with concrete implementation that are all provably secure in the standard model, which are the first in the literature regardless of the generic constructions by Yum and Lee which may contain security weaknesses as pointed out by others. We believe these concrete implementations are of independent interest.

Ring signatures without random oracles

Since the formalization of ring signature by Rivest, Shamir and Tauman in 2001, there are lots of variations appeared in the literature. Almost all of the variations rely on the random oracle model for security proof. In this paper, we propose a ring signature scheme based on bilinear pairings, which is proven to be secure against adaptive chosen message attack without using the random oracle model. It is one of the first in the literature to achieve this security level.

ID-Based ring signature scheme secure in the standard model

The only known construction of ID-based ring signature schemes which maybe secure in the standard model is to attach certificates to non-ID-based ring signatures. This method leads to schemes that are somewhat inefficient and it is an open problem to find more efficient and direct constructions. In this paper, we propose two such constructions. Our first scheme, with signature size linear in the cardinality of the ring, is secure in the standard model under the computational Diffie-Hellman assumption. The second scheme, achieving constant signature size, is secure in a weaker attack model (the selective ID and selective chosen message model), under the Diffie-Hellman Inversion assumption.

An Efficient Cloud-Based Revocable Identity-Based Proxy Re-encryption Scheme for Public Clouds Data Sharing

Identity-based encryption (IBE) eliminates the necessity of having a costly certificate verification process. However, revocation remains as a daunting task in terms of ciphertext update and key update phases. In this paper, we provide an affirmative solution to solve the efficiency problem incurred by revocation. We propose the first cloud-based revocable identity-based proxy re-encryption (CR-IB-PRE) scheme that supports user revocation but also delegation of decryption rights. No matter a user is revoked or not, at the end of a given time period the cloud acting as a proxy will re-encrypt all ciphertexts of the user under the current time period to the next time period. If the user is revoked in the forthcoming time period, he cannot decrypt the ciphertexts by using the expired private key anymore. Comparing to some naive solutions which require a private key generator (PKG) to interact with non-revoked users in each time period, the new scheme provides definite advantages in terms of communication and computation efficiency.