Shengbao Wang

An improved identity-based key agreement protocol and its security proof

We revisit the identity-based (ID-based) key agreement protocol due to Ryu et al. The protocol is highly efficient and suitable for real-world applications despite offering no resilience against key-compromise impersonation (K-CI). We show that the protocol is also insecure against reflection attacks. We propose a slight modification to the protocol and prove its security in a widely accepted model.

On the anonymity of some authentication schemes for wireless communications

In 2004, Zhu and Ma proposed a new and efficient authentication scheme claiming to provide anonymity for wireless environments. Two years later, Lee et al. revealed several previously unpublished flaws in Zhu-Mas authentication scheme and proposed a fix. More recently in 2008, Wu et al. pointed out that Lee et al.s proposed fix fails to preserve anonymity as claimed and then proposed yet another fix to address the problem. In this paper, we use Wu et al.s scheme as a case study and demonstrate that due to an inherent design flaw in Zhu-Mas scheme, the latter and its successors are unlikely to provide anonymity. We hope that by identifying this design flaw, similar structural mistakes can be avoided in future designs.

Efficient Certificateless Authentication and Key Agreement (CL-AK) for Grid Computing

Most of the current security architectures for grid systems use conventional public key infrastructure (PKI) to authenticate grid members and to secure resource allocation to these members. Certificateless public-key cryptography (CL-PKC) has some attractive properties which seem to align well with the demands of grid computing. In this paper, we present a certificateless protocol for authentication and key agreement (CL-AK) which fits well with the Grid Security Infrastructure (GSI) and provides a more lightweight key management approach for grid users. We show that the newly proposed protocol is of great efficiency and practical. Moreover, we prove that it provides perfect forward secrecy plus all the other security attributes of authentication and key agreement protocols such as known-key secrecy and no key control.

Perfect forward secure identity-based authenticated key agreement protocol in the escrow mode

The majority of existing escrowable identity-based key agreement protocols only provide partial forward secrecy. Such protocols are, arguably, not suitable for many real-word applications, as the latter tends to require a stronger sense of forward secrecy—perfect forward secrecy. In this paper, we propose an efficient perfect forward-secure identity-based key agreement protocol in the escrow mode. We prove the security of our protocol in the random oracle model, assuming the intractability of the Gap Bilinear Diffie-Hellman (GBDH) problem.

Security Analysis of a Dynamic Program Update Protocol for Wireless Sensor Networks

In 2008, Das and Joshi proposed a new dynamic program update protocol for wireless sensor networks using the orthogonality principle. We identify an inherent flaw in their design and demonstrate that the Das-Joshi scheme is vulnerable to an impersonation attack, in violation of their security claim. We then present a modified scheme to eliminate the security vulnerability.

Identity-Based threshold proxy signature scheme with known signers

Threshold proxy signature is a variant of the proxy signature scheme in which only some subgroup of proxy signers with efficient size can sign messages on behalf of the original signer. Some threshold proxy signature schemes have been proposed up to data. But nearly all of them are under the certificate-based (CA-based) public key systems. In this paper, we put forward an identity-based (ID-based) threshold proxy signature scheme with known signers from bilinear pairings for the first time. Most of our constructions would be simpler but still with high security due to the properties of bilinear map built from Weil pairing or Tate pairing.

Improvement on Tzeng et al.'s nonrepudiable threshold multi-proxy multi-signature scheme with shared verification

Tzeng et al. proposed a novel variation of proxy signature scheme called threshold multi-proxy multi-signature scheme with shared verification. However, their scheme has some security weaknesses. In this paper, by identifying some concrete instances and analyses, we will show that their scheme cannot resist frame attacks. That is, after intercepting a valid proxy signature generated by a subset of a proxy group, an adversary can frame new signatures, which can be authenticated as if they were generated by the subset of the proxy group on behalf of the adversary. Furthermore, their scheme needs a trusty share distribution center (SDC) for setting some parameters and initialization of the scheme. To overcome these weaknesses, we also propose our improvement with no SDC in this paper.

Security of an efficient ID-Based authenticated key agreement protocol from pairings

Authenticated key agreement protocols are essential for secure communications in open and distributed environments. In 2004, Ryu et al. proposed an efficient two-party identity-based authenticated key agreement protocol based on pairings. However, in this paper, we demonstrate that their protocol is vulnerable to a key-compromise impersonation attack. The attacking scenario is described in details. Furthermore,we point out that their protocol provides the property of deniability and at the same time it is the mechanism used to achieve deniability that allows the key-compromise impersonation attack.

Remarks on Wu-Hsu's threshold signature scheme using self-certified public keys

Wu and Hsu proposed a (t,n) threshold signature scheme using self-certified public keys in order to integrate the properties of self-certified public key schemes and threshold signature schemes. Even though their scheme is more efficient when compared to previous works based on the certificate-based public key systems, we find some design defects of their scheme. In this paper, by identifying some concrete instances and analyses we will show that their scheme is not as secure as they claimed.

Two-Pass ID-Based Authenticated Key Agreement Protocol with Key Confirmation Using Pairings

In the area of secure communications, key agreement is one of the most important issues. In this paper, a practical two-party ID-based authenticated key agreement protocol is proposed, which uses pairings on certain elliptic curves. An important advantage of our protocol is that it provides unilateral key confirmation to the protocol initiator only in two passes. We first put forward a variant of the ID-based signature scheme due to Sakai et al., then we describe our protocol, which uses the variant as a building block. We show that the newly proposed key agreement protocol is fit for real-world applications, and at the same time, it satisfies every desired security requirements of key agreement protocols