Sahadeo Padhye

An efficient certificateless two-party authenticated key agreement protocol

Since certificateless public key cryptography (CLPKC) has received widespread attention due to its efficiency in avoiding key escrow problems in identity-based public key cryptography (ID-PKC), the certificateless authenticated key agreement (CLAKA) protocol, an important part of CLPKC, has been studied a great deal. Most CLAKA protocols are built from pairings which need costly operations. To improve the performance, several pairing-free CLAKA protocols have been proposed. In this paper, we propose a new pairing-free CLAKA protocol. Compared with the related protocols, our protocol has better performance. Also, our protocol is provably secure in a very strong security model-the extended Canetti-Krawczyk (eCK) model.

ECDLP-based certificateless proxy signature scheme with message recovery

Certificateless public key cryptography PKC eliminates the use of certificates in traditional PKC and the key escrow problem in identity-based PKC. Up to now, a number of certificateless proxy signature CLPS schemes have been proposed. However, only a little attention has been paid to the construction of CLPS schemes with message recovery. Recently, Singh and Verma proposed a CLPS scheme with message recovery from bilinear pairings. Total computation cost of a pairing is higher than that of elliptic curve-based scalar multiplication over elliptic curve group. So, schemes without pairings would be more appealing in terms of efficiency. To the best of our knowledge, there is no provable secure CLPS scheme with message recovery based on elliptic curve discrete log problem. We first propose such CLPS scheme. Our scheme is secure against existential forgery under adaptive chosen message and ID attacks. Furthermore, it is more efficient than Singh and Vermas scheme for practical applications. Copyright

Provable secure identity-based multi-proxy signature scheme

Multi-proxy signature is one of the useful primitives of the proxy signature. Till now, only a few schemes of identity-based multi-proxy signature IBMPS have been proposed using bilinear pairings, but most of the schemes are insecure or lack a formal security proof. Because of the important application of IBMPS scheme in distributed systems, grid computing, and so on, construction of an efficient and provable-secure IBMPS scheme is desired. In 2005, Li & Chen proposed an IBMPS scheme from bilinear pairings, but their paper lacks a formal model and proof of the security. Further, in 2009, Cao & Cao presented an IBMPS scheme with the first formal security model for it. Unfortunately, their scheme is not secure against the Xiong et als attack. In this paper, first, we present an IBMPS scheme, then we formalize a security model for the IBMPS schemes and prove that the presented scheme is existential unforgeable against adaptive chosen message and identity attack in the random oracle model under the computational Diffie-Hellman assumption. Also, our scheme is not vulnerable for the Xiong et als attack. The presented scheme is more efficient in the sense of computation and operation time than the existing IBMPS schemes. Copyright

Provable secure proxy signature scheme without bilinear pairings

SUMMARY Proxy signature is an active research area in cryptography. A proxy signature scheme allows an entity to delegate his or her signing capability to another entity in such a way that the latter can sign messages on behalf of the former. Many proxy signature schemes using bilinear pairings have been proposed. But the relative computation cost of the pairing is more than 10 times of the scalar multiplication over elliptic curve group. In order to save the running time and the size of the signature, we propose a proxy signature scheme without bilinear pairings and prove its security against adaptive chosen-message attack in random oracle model. The security of our scheme is based on the hardness of the elliptic curve discrete logarithm problem. With the running time being saved greatly, our scheme is more practical than the previous related scheme for practical applications. Copyright

Identity-based multi-proxy multi-signature scheme provably secure in random oracle model

A multi-proxy multi-signature scheme is a useful extension of the basic proxy signature scheme, which allows a group of original signers to delegate their signing rights to a group of proxy signers. At the best of our knowledge, no formal security model and proof has been formalised for the identity-based multi-proxy multi-signature IBMPMS scheme from bilinear pairings so far, whereas due to applications of the IBMPMS scheme in distributed systems, grid computing, mobile agent environment and so on, construction of an efficient and provably secure IBMPMS scheme is desired. In this paper, we propose an IBMPMS scheme from bilinear pairings. We also formalise a security model for the IBMPMS schemes from bilinear pairings, and prove that the proposed scheme is secure against existential forgery on adaptive chosen-message and adaptive chosen-identity attacks in the random oracle model, under the computational Diffie-Hellman assumption. Moreover, the proposed scheme is more efficient in the sense of computation and operation time, with a small signature size than the existing IBMPMS schemes.Copyright

Efficient ID-based multiproxy multisignature without bilinear maps in ROM

Most of the previously proposed identity-based multiproxy multisignature (IBMPMS) schemes used pairings in their construction. But pairing is regarded as an expensive cryptographic primitive in terms of complexity. The relative computation cost of a pairing is approximately more than ten times of the scalar multiplication over elliptic curve group. So, to reduce running time, we first define a model of a secure MPMS scheme, then propose an IBMPMS scheme without using pairings. We also prove the security of our scheme against chosen message attack in random oracle model. Our scheme’s construction avoids bilinear pairing operations but still provides signature in the ID-based setting and reduces running time heavily. Therefore, proposed scheme is more applicable than previous schemes in terms of computational efficiency for practical applications.

An ID-based multi-proxy multi-signature scheme

The identity (ID) based public key cryptosystem simplifies the key management and provides moderate security with comparison to the certificate based public key cryptosystem. Many signature schemes have been proposed using the identity of user. Proxy signature scheme enables the original signer to delegate his/her signing capability to a proxy signer. Bilinear pairings are useful in signature protocols for the ease of computation. In this paper, we have proposed an ID-based multi-proxy multi-signature scheme from bilinear pairing, using the schemes of Cao and Cao [2, 3] and Li and Chen [7]. We have also discussed the security properties of our scheme.

Efficient ID-based proxy multi-signature scheme secure in random oracle

Proxy signature schemes enable an entity to delegate its signing rights to any other party, called proxy signer. As a variant of proxy signature primitive, proxymultisignature allows a group of original signers to delegate their signing capabilities to a single proxy signer in such a way that the proxy signer can sign a message on behalf of the group of original signers. We propose a concrete ID-based proxy multi-signature scheme from bilinear pairings. The proposed scheme is existential unforgeable against adaptively chosen message and given ID-attack in random oracle model under the computational Diffie-Hellman (CDH) assumption. The fascinating property of new scheme is that the size of a proxy multi-signature is independent of the number of original signers. Furthermore the proposed scheme is simple and computationally more efficient than other ID-based proxy multisignature schemes.

Analysis on the generalization of proxy signature

Proxy signature is a specific digital signature, which allows an original signer to delegate her signing capability to proxy signer and then, the later can perform message signing on behalf of the former. Authentication is a desired property in cryptographic protocols. The proxy signature provides this property. In this article, we cover the research progress made on proxy signature and investigate its relationships with other existing signature schemes having continuous progress until now. We also provide real-world scenarios, to understand better the situations, where these schemes are applicable for security purposes. We analyze the security properties of existing schemes and make a comparison among them on the basis of different number theoretic problems. Some open problems are also discussed, to the best of our knowledge. In addition, we provide some future directions, which can be used as a hint to work further in the area of proxy signature. We hope that this article will provide a ready reference to work in the related area. Copyright

An ID-based proxy multi signature scheme without bilinear pairings

As a variation of ordinary digital signature scheme, a proxy signature scheme enables a proxy signer to sign messages on behalf of the original signer. Proxy multi-signature is an extension of the basic proxy signature primitive, and permits two or more entities to delegate their signing capabilities to some other entity. Many identity-based proxy multi signature (IBPMS) schemes using bilinear pairings have been proposed. But the relative computation cost of the pairing is approximately more than ten times of the scalar multiplication over elliptic curve group. In order to save the running time and the size of the signature, in this paper, we propose an IBPMS scheme without bilinear pairings. We also prove the security of our scheme against adaptive chosen message attack under random oracle model. With the running time being saved greatly, our scheme is more applicable than the previous related schemes for practical applications.