Ting Yi Chang

A (t,n) multi-secret sharing scheme

In the (t,n) multi-secret sharing scheme, there are n participants in the system. At least t or more participants can easily pool their secrets shadows and reconstruct p secrets at the same time. Chien et al. [IEICE Trans. Fundamentals E83-A (2000) 2762] used (n+p-t+1) public values, (2(n+p)-t)x(n+p) storages, and solved (n+p-t) simultaneous equations to share p secrets. In this article, we shall propose an alternative (t,n) multi-secret sharing based on Shamirs secret sharing. We shall use (n+p-t+1) or (n+1) public values, 2(t-1) or 2(p-1) storages, and employ the Lagrange interpolation polynomial to share p secrets. Our scheme will have exactly the same power as Chien et al.s scheme.

A communication-efficient three-party password authenticated key exchange protocol

Three-party password authenticated key exchange (3PAKE) protocols allow two users (clients) to establish a session key through an authentication server over an insecure channel. Clients only share an easy-to-remember password with the trusted server. In the related literature, most schemes employ the server public keys to ensure the identities of both the servers and symmetric cryptosystems to encrypt the messages. This paper describes an efficient 3PAKE based on LHL-3PAKE proposed by Lee et al. Our 3PAKE requires neither the server public keys nor symmetric cryptosystems such as DES. The formal proof of security of our 3PAKE is based on the computational Diffie-Hellman assumption in the random oracle model along with a parallel version of the proposed 3PAKE. The comparisons have shown that our 3PAKE is more practical than other 3PAKEs.

An improvement of the Yang-Shieh password authentication schemes

Recently, Yang and Shieh proposed two password authentication schemes by employing smart cards. One is a timestamp-based password authentication scheme and the other is a nonce-based password authentication scheme. In 2002, Chan and Cheng pointed out that Yang and Shiehs timestamp-based password authentication scheme was vulnerable to the forgery attack. However, in 2003, Sun and Yeh pointed out that Chan and Chengs attack was unreasonable. At the same time, Sun and Yeh pointed out that Yang and Shiehs password authentication schemes were still vulnerable to the forgery attack. In this paper, we shall improve Yang and Shiehs schemes to resist Sun and Yehs attack.

A new multi-stage secret sharing scheme using one-way function

He and Dawson proposed a multi-stage secret sharing scheme based on one-way function. In that scheme, many secrets are reconstructed stage-by-stage in the dealers predetermined order, and only one secret shadow is kept by every participant. When all the secrets have been reconstructed, the dealer needs not redistribute fresh shadows to every participant. Later, Harn further improved the He-Dawson scheme to reduce the total number of public values. However, in this paper, we will show that both the He-Dawson scheme and Harns scheme are one-time-use schemes and that many secrets cannot in fact be reconstructed stage-by-stage. At the same time, we shall also modify the He-Dawson scheme to improve the drawbacks above and show the improved scheme can be applied.

An improvement on the Lin-Wu (t,n) threshold verifiable multi-secret sharing scheme

Lin and Wu [IEE Proc. Comput. Digit. Tech. 146 (1999) 264] have proposed an efficient (t,n) threshold verifiable multi-secret sharing (VMSS) scheme based on the factorization problem and the discrete logarithm modulo a large composite problem. In their scheme, the dealer can arbitrarily give any set of multiple secrets to be shared, and only one reusable secret shadow is to be kept by every participant. On the other hand, they have claimed that their scheme can provide an efficient solution to the cheating problems between the dealer and any participant. However, He and Wu [IEE Proc. Comput. Digit. Tech. 148 (2001) 139] have shown that Lin and Wus scheme is in fact insecure against a cheating participant. In this paper, we shall try to improve the security of Lin and Wus scheme while providing more efficient performance than other VMSS schemes in terms of computational complexity.

A new anonymous conference key distribution system based on the elliptic curve discrete logarithm problem

In 1999, Tseng and Jan [Comput. Commun. 22 (1999) 749] proposed two conference key distribution systems (CKDS) with user anonymity based on the discrete logarithm problem and the interpolating properties of polynomials. Their first CKDS scheme uses a one-way hash function to hide the identities of the participants and to protect each participants common key that is shared with the chairperson. In this article, we will propose a more efficient CKDS scheme with user anonymity that is based on the elliptic curve discrete logarithm problem and the properties of the line. Our scheme has the advantage of requiring less computing time than the Tseng-Jan CKDS with a one-way hash function.

A Convertible Multi-Authenticated Encryption scheme for group communications

Recently, Wu et al. proposed a Convertible Multi-Authenticated Encryption (CMAE) scheme, which allows a signing group with multiple signers to generate a multi-authenticated ciphertext signature on the chosen message so that only a designated verifier can recover and verify the message. In case of later dispute, the verifier can convert the multi-authenticated ciphertext signature into an ordinary one that can be verified by anyone. In this study, a CMAE scheme for group communications is proposed. This is presented by first reviewing the concepts of group-oriented encryption schemes and the merits of Wu et al.s scheme. This shows that not only can a multi-authenticated ciphertext signature be generated by a signing group, but also the message can be recovered and verified by a verifying group with multiple verifiers. The security of the proposed scheme is based solely on the DDH problem, which provides higher security confidence than using the CDH problem in Wu et al.s CMAE scheme.

Threshold Signatures: Current Status and Key Issues

In this paper, we survey all related threshold signature schemes and classify them with different properties. In order to compare them with different properties, we image there is an ideal threshold signature scheme which satisfies all requirements of threshold signature schemes. Based on this ideal threshold signature, readers can easily to understand what the next generation of threshold signature schemes is and attempt to propose it.

A solution to mobile IP registration for AAA

The Internet Engineering Task Force (IETF) Mobile IP working group has proposed the Mobile IP to support that an MH has the ability of roaming around a foreign domain. However, when it roams around a foreign domain, the authentication, authorization and accounting (AAA) for an MH must be done by the foreign domain. For this reason, the IETF suggests that the existence of some server capable of performing authentication, authorization, and accounting (AAA) services could help. So in this article we propose that employing simultaneously the public key cryptosystem and symmetric cryptosystem to accomplish the mission of Mobile IP registration for AAA.

An Improved Multi-stage Secret Sharing Scheme Based on the Factorization Problem

Lee and Hwang proposed a multi-stage (t, n) secret sharing scheme which has fewer public values than per- vious schemes. In their scheme, a group of participants share multiple secrets stage-by-stage, and only one secret share should been kept by each participant. However, in this article, we will show that multiple secrets cannot, in fact, be reconstructed stage-by-stage by the secret holders determination and that the secret holder cannot determine the values of the secrets in Lee and Hwangs scheme. Moreover, their scheme belongs to the family of one-time-use schemes. At the same time, we shall also modify their scheme to improve the above weaknesses and show the improved scheme can be applied. The security of the proposed scheme is based on the factorization problem which provides higher security confidence than using the hash function in Harns and Chang et al.s multi-stage secret sharing schemes. http://dx.doi.org/10.5755/j01.itc.40.3.633