Rouzbeh Behnia

Cryptanalysis of a certificateless identification scheme

In 2013, Dehkordi and Alimoradi proposed a certificateless identification scheme using supersingular elliptic curves. This proposal came independent of the parallel work of Chin et al. in proposing the first known security models for certificateless identification with provable security. In this paper, we show that there are some design flaws in the Dehkordi-Alimoradi scheme, which lead one to conclude that their scheme is insecure. Copyright

An efficient certificateless undeniable signature scheme

Certificateless cryptography addresses the private key escrow problem in identity-based systems, while overcoming the costly issues in traditional public key cryptography. Undeniable signature schemes were proposed with the aim of limiting the public verifiability of ordinary digital signatures. The first certificateless undeniable signature scheme was put forth by Duan. The proposed scheme can be considered as the certificateless version of the identity-based undeniable signature scheme which was introduced by Libert and Quisquater. In this paper, we propose a new scheme which is much more efficient comparing to Duans scheme. Our scheme requires only one pairing evaluation for signature generation and provides more efficient confirmation and disavowal protocols for both the signer and the verifier. We also prove the security of our scheme in the strong security model based on the intractability of some well-known pairing-based assumptions in the random oracle model.

An Efficient and Provable Secure Security-Mediated Identity-Based Identification Scheme

In USENIX 2001, Boneh et al. introduced a new way of obtaining fast revocation for RSA keys with the help of a security mediator. In 2003, Boneh et al. also showed how to convert the security-mediated RSA encryption scheme into an identity-based mediated RSA encryption scheme. This new technique addressed the shortcoming of identity-based cryptography where revocation required appending the valid date for a users keys together with his identity-string, allowing for instant revocation of invalid user keys. Subsequently, many security-mediated cryptographic primitives were proposed. Surprisingly however, no work has yet to be done to address security-mediated identity-based identification schemes despite more than a decade has passed since this feature was incorporated into encryption and signature primitives. In this paper, we provide that contribution by defining the appropriate security notions for achieving fast revocation for identity-based identification schemes. Subsequently we show a concrete scheme that achieves these security notions under provable security.

The insecurity of a certificateless undeniable signature scheme

Duan proposed the first certificateless undeniable signature scheme in 2008. Later in 2012, Zhao and Ye proffered an efficient scheme which enjoys from a pairing-free sign algorithm. In this paper, we prove the insecurity of their efficient scheme by mounting two attacks on its invisibility and non-impersonation. In addition, we propose an improved scheme that addresses both of the above attacks while providing better flexibility and additional features for the signer.

Cryptanalysis of an Identity-Based Convertible Undeniable Signature Scheme

In this paper, we cryptanalyze an identity-based convertible undeniable signature scheme which claimed to be secure under the random oracle model. Our result shows that the signature leaks information on signer identity and fails to provide both invisibility and anonymity under the known message attack. We propose a fix for the vulnerability by removing some information from the signature with the need for the signer to keep the record of every signed message.

Applications of undeniable signature schemes

Online applications such as e-auction, e-voting, and e-cash require common security properties such as integrity, unforgeability, confidentiality, non-repudiation, authentication, and anonymity. In this paper, besides identifying the security properties needed by these three applications, we also discuss the importance of access control. We show that undeniable signature schemes and its variants fulfil the security requirements and access control needed by the applications. We also propose a generic method to combine an undeniable signature scheme with a trapdoor function for constructing the applications mentioned above.

On the Security of Two Pairing-Based Signature Schemes

Digital signatures have uncountable applications in our everyday life. They provide authentication, integrity and non-repudiation. Pairing-based cryptography with its special features and properties has given rise not only to ceritiface- free (e.g. identity-based and certificateless) cryptography but also to the development of many efficient signature schemes. In 2013, Sharma Sahu and Sharma proposed a pairing-based based signature scheme which was derived from the identification scheme proposed by Popescu. Certificateless cryptography was proposed with the aim of bridging between traditional public key cryptography and identity-based cryptography. Zhang et al. proposed an efficient certificateless signature scheme and claimed that their proposed scheme is better than all the existing schemes in the literature in terms of efficiency. In this paper, we mount a total break attack on Sharma et al.s scheme and show that Zhang et al.s certificateless scheme is not secure by mounting a universal forgery attack on their scheme.

Cryptanalysis of Two Identification Schemes

Identification scheme is a cryptographic authentication protocol which allows a client to convince the corresponding server on the authenticity of his identity, without the need to share his secret with the server. In this paper, we cryptanalyze two identification schemes and show that they are not secure against impersonation under passive attack. We also propose a fix for one of the schemes to upgrade their security to secure against impersonation under passive, active and concurrent attacks.

A provable secure pairing-free certificateless identification scheme

Certificateless identification (CLI) schemes offer an alternative solution to the certificate management problem of traditional identification schemes, as well as remove the key escrow from key generation, an inherent property of identity-based identification. In this paper, we provide a pairing-free CLI scheme, provable secure against passive and active/concurrent attacks for both Type-1 and Type-2 adversaries. This shows that our scheme is computationally efficient because no bilinear pairings are involved.

Notes on Two Flawed Attacks on Undeniable Signature Schemes

In Eurocrypt 2005, Kurosawa and Heng proposed a set of 3-move witness indistinguishable protocols to be incorporated in the confirmation and disavowal protocols of the FDH variant of undeniable signature schemes. Their 3-move protocols gave rise to the development of many other variants of undeniable signature schemes. In 2010, Zhou, Zhang and Li showed a weakness in Kurosawa and Hengs proof system which enables a malicious prover to impersonate the signer. Libert and Quisquater proposed the first identity-based undeniable signature scheme. In 2007, Li et al. proposed a universal forgery attack on their scheme. In this paper, we show that both of the attacks which were proposed on Kurosawa and Hengs proof system and Libert and Quisquaters scheme have fatal errors, and therefore, both claims are false.