Swee-Huay Heng

An efficient certificateless signature scheme

Certificateless public key cryptography (CLPKC) is a paradi-gm to solve the inherent key escrow problem suffered by identity-based cryptography (IBC). While certificateless signature is one of the most important security primitives in CLPKC, there are relatively few proposed schemes in the literature. In this paper, we manage to construct an efficient certificateless signature scheme based on the intractability of the computational Diffie-Hellman problem. By using a shorter public key, two pairing computations can be saved in the verification algorithm. Besides, no pairing computation is needed in the signing algorithm. The proposed scheme is existential unforgeable in the random oracle model. We also present an extended construction whose trust level is the same as that of a traditional signature scheme.

The security of the FDH variant of Chaum's undeniable signature scheme

In this paper, a new kind of adversarial goal called forge-and-impersonate in undeniable signature schemes is introduced. Note that forgeability does not necessarily imply impersonation ability. The security of the full-domain hash (FDH) variant of Chaums undeniable signature scheme is then classified according to three dimensions, the goal of adversaries, the attacks, and the zero-knowledge (ZK) level of confirmation and disavowal protocols. Each security is then related to some well-known computational problem. In particular, the security of the FDH variant of Chaums scheme with noninteractive zero-knowledge (NIZK) protocol confirmation and disavowal protocols is proven to be equivalent to the computational Diffie-Hellman (CDH) problem, as opposed to the gap Diffie-Hellman (GDH) problem as claimed by Okamoto and Pointcheval.

Off-Line Keyword Guessing Attacks on Recent Public Key Encryption with Keyword Search Schemes

The Public Key Encryption with Keyword Search Scheme (PEKS) was first proposed by Boneh et al. in 2004. This scheme solves the problem of searching on data that is encrypted using a public key setting. Recently, Baek et al. proposed a Secure Channel Free Public Key Encryption with Keyword Search (SCF-PEKS) scheme that removes the secure channel for sending trapdoors. They later proposed another improved PEKS scheme that integrates with a public key encryption (PKE) scheme, called PKE/PEKS. In this paper, we present off-line keyword guessing attacks on SCF-PEKS and PKE/PEKS schemes. We demonstrate that outsider adversaries that capture the trapdoors sent in a public channel can reveal encrypted keywords by performing off-line keyword guessing attacks. While, insider adversaries can perform the attacks regardless the trapdoors sent in a public or secure channel.

3-Move undeniable signature scheme

In undeniable signature schemes, zero-knowledgeness and non-transferability have been identified so far. In this paper, by separating these two notions, we show the first 3-move confirmation and disavowal protocols for Chaums undeniable signature scheme which is secure against active and concurrent attacks. Our main observation is that while the signer has one public key and one secret key, there exist two witnesses in the confirmation and disavowal proofs of Chaums scheme.

The security of the FDH variant of chaum's undeniable signature scheme

In this paper, a new kind of adversarial goal called forge-and-impersonate in undeniable signature schemes is introduced. Note that forgeability does not necessarily imply impersonation ability. The security of the full-domain hash (FDH) variant of Chaums undeniable signature scheme is then classified according to three dimensions, the goal of adversaries, the attacks, and the zero-knowledge (ZK) level of confirmation and disavowal protocols. Each security is then related to some well-known computational problem. In particular, the security of the FDH variant of Chaums scheme with noninteractive zero-knowledge (NIZK) protocol confirmation and disavowal protocols is proven to be equivalent to the computational Diffie-Hellman (CDH) problem, as opposed to the gap Diffie-Hellman (GDH) problem as claimed by Okamoto and Pointcheval.

Identity-based identification without random oracles

This paper shows identity-based (ID-based) identification schemes which are provably secure in the standard model. The schemes are derived from Boneh-Boyen signature scheme, a signature scheme which is provably secure in the standard model based on the strong Diffie-Hellman assumption. More precisely, we present two canonical schemes, namely, a scheme which is secure against impersonation under passive attack, and a scheme which is secure against impersonation under active and concurrent attacks.

Security Mediated Certificateless Signatures

In PKC 2006, Chow, Boyd and Gonzalez Neito introduced the notion of security mediated certificateless (SMC) cryptography. SMC cryptography equips certificateless cryptography with instantaneous revocation. They presented a formal security model with two constructions for SMC encryption. This paper studies SMC signatures. We first present a security analysis of a previous attempt by Ju et al.in constructing a SMC signature scheme. We then formalize the notion of SMC signatures and propose the first concrete provable scheme without bilinear pairing. Our scheme is existential unforgeable in the random oracle model based on the intractability of the discrete logarithm problem, has a short public key size, and achieves a trust level which is the same as that of a traditional public key signature.

The power of identification schemes

In this paper, we show that identification schemes (ID-schemes) are very powerful in some areas of cryptography. We first prove an equivalence between non-interactive trapdoor commitment schemes and a natural class of identification schemes. We next propose a more efficient on-line/off-line signature transformation than Shamir-Tauman. As an application, we present a variant of Boneh-Boyen (BB) signature scheme which is not only on-line/off-line but also has a smaller public key size than the original BB scheme. Finally, we present the first identity-based ID-scheme which is secure against concurrent man-in-the-middle attack without random oracles by using our variant of BB signature scheme.

Proxy Re-encryption with Keyword Search: New Definitions and Algorithms

We propose a new definition for searchable proxy re-encryption scheme (Re-PEKS), define the first known searchable proxy re-encryption scheme with a designated tester (Re-dPEKS), and then give concrete constructions of both Re-PEKS and Re-dPEKS schemes that are secure in the random oracle model.

Java implementation for pairing-based cryptosystems

We present a Java implementation for Tate pairing over the supersingular curve y2=x3+x in