Tzong-Sun Wu

New nonrepudiable threshold proxy signature scheme with known signers

Based on Kim et al.s threshold proxy signature scheme, Sun proposed an nonrepudiable threshold proxy signature scheme with known signers. In Suns scheme, actual proxy signers cannot deny the signatures they have signed. However, his scheme is vulnerable against the conspiracy attack. Any t malicious proxy signers can collusively derive the secret keys of other proxy signers and impersonate some other proxy signers to generate proxy signatures. In this paper, we proposed a new nonrepudiable threshold proxy signature scheme that overcomes the above weakness. Furthermore, the proposed scheme is more efficient than Suns in terms of computational complexities and communication costs.

Efficient user identification scheme with key distribution preserving anonymity for distributed computer networks

In 2000, Lee and Chang (Comput Syst Sci Eng 15 (2000) 211) presented a user identification scheme that also can simultaneously achieve key exchange requirement while preserving the user anonymity. Their idea is valuable especially when it is applied to some applications in which the identity of the user should be protected from the public in the distributed computer networks. Unfortunately, our paper shows that their scheme is insecure under two attacks and we further proposed a more efficient identification scheme preserving the same merits. The proposed scheme not only effectively eliminates the security leaks of the Lee-Chang scheme, but also reduces computational complexities and communication costs as compared with their scheme.

Convertible authenticated encryption scheme

The digital signature provides the functions of integration, authentication, and non-repudiation for the signing message. In some applications, however, the signature only needs to be verified by some specified recipients while keeping the message secret from the public. The authenticated encryption schemes can be used to achieve this purpose. To protect the recipients benefit in the case of a later dispute, we should further enable the recipient to convert the signature into an ordinary one that can be verified by anyone. Recently, Araki et al. proposed a convertible limited verifier scheme to resolve the problem. Their scheme equips the recipient with the ability to convert the signature into an ordinary one. However, the conversion requires the cooperation of the signer. In the paper, we proposed a convertible authenticated encryption scheme that can easily produce the ordinary signature without the cooperation of the signer. Further, the proposed scheme is more efficient than Araki et al.s in terms of the computation complexities and the communication costs.

Improvement of threshold proxy signature scheme

Recently, Sun et al. pointed out some weaknesses of Zhangs threshold proxy signature scheme and a disadvantage of Kims threshold proxy signature scheme. They further proposed a new (t,n) threshold proxy signature scheme based on Zhangs scheme to eliminate these drawbacks. Unfortunately, their scheme suffered from a weakness which is shown in this paper. The authors also propose an improvement to counter it.

Refereed paper: Cryptanalyses and improvements of two cryptographic key assignment schemes for dynamic access control in a user hierarchy

Recently, Wu and Chang and Shen and Chen separately proposed a cryptographic key assignment scheme for solving access control problem in a partially ordered user hierarchy. However, this paper will show the security leaks inherent in both schemes based on polynomial interpolations. That is, the users can have access to the information items held by others without following the predefined partially ordered relation. Finally, we proposed two improvements to eliminate such security flaws.

Improvement of modified authenticated key agreement protocol

Recently, Ku and Wang showed that Tsengs modified authenticated key agreement protocol is vulnerable to two attacks and proposed an improvement to withstand these attacks. However, this letter will show that this improvement is still vulnerable to the modification attack, which is contrary to their claims. Additionally, we proposed an improvement to eliminate this security flaw.

ID-based multisignatures with distinguished signing authorities for sequential and broadcasting architectures

The multisignatures achieve the purpose for many individuals to cooperatively sign the same document. However, for the sake of the division of labor, it might be required that each individual sign a partial group message that he is responsible for. These schemes are called multisignatures with distinguished signing authorities. Based on the difficulty of the factorization problem, we proposed two ID-based multisignature schemes with distinguished signing authorities. One scheme is suitable for the sequential architecture and the other for the broadcasting one.

New proxy multi-signature scheme

In 2000, Yi et al.s proposed two proxy multi-signature schemes which enable some original signers to delegate their signing power to the proxy signer. However, their schemes suffer from some drawbacks. To improve the performance, this paper presented a new proxy multi-signature scheme. As compared with Yi et al.s scheme, the proposed one requires less computational efforts and communication costs. Our proposed scheme has the properties that the size of a proxy signature is independent of the number of the original signers, and the validity of a proxy signature and public keys can be verified simultaneously.

Efficient nonrepudiable threshold proxy signature scheme with known signers against the collusion attack

In 1999, Sun proposed a nonrepudiable (t,n) threshold proxy signature scheme with known signers. Latter, Hwang et al. pointed out Suns scheme is vulnerable to the so-called collusion attack that (n-1) malicious proxy signers in the proxy group could conspire to impersonate the remainder one. Hwang et al. further proposed an improvement to withstand such an attack. In this paper, however, we will show that Hwang et al.s improvement is still vulnerable to their proposed collusion attack and unable to achieve the nonrepudiation requirement as they claimed. Finally, we proposed a new efficient nonrepudiable threshold proxy signature scheme not only to eliminate the security leaks but also to be more efficient than Hwang et al.s scheme in terms of computational complexities and communication costs.

Self-certified threshold proxy signature schemes with message recovery, nonrepudiation, and traceability

In this paper, we propose a new (t,n) threshold proxy signature scheme, in which at least t out of n proxy signers delegated by the original signer can sign messages on behalf of the original signer. The proposed scheme has the following main properties: (i) Message recovery that the signing message is unnecessary to be transmitted and can be recovered from the proxy signature; (ii) Nonrepudiation that the verifier can identify the proxy group which is responsible for a threshold proxy signature; (iii) Traceability that the verifier can identify the actual proxy signers from the proxy group; (iv) Self-certified public keys that the authenticity of public keys can be verified without requiring any certificate and combined with the tasks of verifying of the proxy signature and recovering of the signing message in a single logical step. In addition, we propose an elliptic curve variant suitable for some cryptographic applications with limited computing power and storage space, e.g., smart card or Java card. As compared with the previous works based on the certificate-based public key system, the proposed schemes are more secure and efficient.