Xiangguo Cheng

Forward-secure identity-based signature: Security notions and construction

The security of traditional identity-based signatures wholly depends on the security of secret keys. Exposure of secret keys requires reissuing all previously assigned signatures. This limitation becomes more obvious today as key exposure is more common with increasing use of mobile and unprotected devices. Under this background, mitigating the damage of key exposure in identity-based signatures is an important problem. To deal with this problem, we propose to integrate forward security into identity-based signatures. In this paper, we firstly formalize the definition and security notions for forward-secure identity-based signature scheme, and then construct an efficient scheme. All parameters in our scheme have, at most, log-squared complexity in terms of the total number of time periods. The scheme is provably secure without random oracles.

One forward-secure signature scheme using bilinear maps and its applications☆

Abstract Forward-secure signatures are proposed to deal with the key exposure problem. Compared to regular signatures, forward-secure signatures have a special update algorithm that can evolve the new private key in each time period. Therefore, it can protect the security of signatures previous to the time period of key exposure. The efficiency is an important issue of forward-secure signatures. In this paper, we construct a new forward-secure signature scheme using bilinear maps. In this scheme, all performance parameters have complexities of log magnitude in terms of the total time periods. In addition, our scheme needs very few (only triple) pairing operations in the verifying algorithm, which is very important because the pairing operation is very time-consuming. This scheme is proved to be forward secure in the random oracle model assuming the CDH problem is hard. Finally, we give some applications of this scheme including constructing an intrusion-resilient signature scheme and constructing a forward-secure threshold signature scheme.

Construction of Yet Another Forward Secure Signature Scheme Using Bilinear Maps

Forward secure signatures are proposed to deal with the key exposure problem. Compared to regular signatures, forward secure signatures can protect the security of signatures previous to the time period of key exposure. The efficiency is an important issue of forward secure signatures. In this paper, we construct yet another forward secure signature scheme using bilinear maps. In this scheme, all performance parameters have complexities of log magnitude in terms of the total time periods. In addition, our scheme needs very few pairing operations in verifying algorithm, which is very important because the pairing operation is very time-consuming. At last, we prove that our scheme is forward secure in random oracle model assuming CDH problem is hard.

Intrusion-resilient identity-based signature: Security definition and construction

Traditional identity-based signatures depend on the assumption that secret keys are absolutely secure. Once a secret key is exposed, all signatures associated with this secret key have to be reissued. Therefore, limiting the impact of key exposure in identity-based signature is an important task. In this paper, we propose to integrate the intrusion-resilient security into identity-based signatures to deal with their key exposure problem. Compared with forward-secure identity-based signatures and key-insulated identity-based signatures, our proposal can achieve higher security. The proposed scheme satisfies that signatures in any other time periods are secure even after arbitrarily many compromises of base and signer, as long as the compromises do not happen simultaneously. Furthermore, the intruder cannot generate signatures pertaining to previous time periods, even if she compromises base and signer simultaneously to get all their secret information. The scheme enjoys nice average performance. There are no cost parameters including key setup time, key extract time, base (signer) key update time, base (signer) key refresh time, signing time, verifying time, and signature size, public parameter size, base (signer) storage size having complexity more than O(logT) in terms of the total number of time periods T in this scheme. We also give the security definition of intrusion-resilient identity-based signature scheme and prove that our scheme is secure based on this security definition in the random oracle model assuming CDH problem is hard.

Applying trust enhancements to reactive routing protocols in mobile ad hoc networks

AbstractDue to the characteristics of mobile ad hoc networks, such networks are more susceptible to the destruction of malicious attacks or denial of cooperation. It would be easy for an adversary or a malicious node to launch attacks on routing function, especially attacks on packet routing. In order to mitigate these hazards, we incorporate the concept of ‘trust’ into MANETs, and abstract a decentralized trust inference model. The core of this model is trust computation, which is divided into two parts: historical trust assessment and trust prediction. We can quantify a node’s historical trust based on its historical behaviors via introducing multiple trust attributes. The fuzzy AHP method based on entropy weights is used to calculate the weight of trust attributes. By making use of the obtained historical trust data sequence, we propose an improved dynamic grey-Markov chain prediction measure to effectively estimate node’s trust prediction. In order to verify the validity of our trust model, we propose a trust-enhanced unicast routing protocol and a trust-enhanced multicast routing protocol, respectively. Both of the two new protocols can provide a feasible approach to kick out the untrustworthy nodes and choose the optimal trusted routing path. Moreover, the new proposed data-driven route maintenance mechanisms can reduce the routing overhead. The persuasive experiments have been conducted to evaluate the effectiveness of the new proposed trust-enhanced routing protocols in the aspects of packets delivery ratio, end-to-end latency, malicious node detection and attack resistance.

Key-insulated aggregate signature

In order to minimize the damage caused by key exposure in aggregate signatures, a key-insulated aggregate signature scheme is proposed in this paper. We give the definition and the security model of the key-insulated aggregate signature. We also construct a concrete key-insulated aggregate signature scheme that meets our definition. Our scheme has the properties of efficient verification and short signature length. We prove the security of our scheme in the random oracle model under the computation Diffie-Hellman assumption.

Forward-Secure Multisignature, Threshold Signature and Blind Signature Schemes

Forward-secure signatures are proposed to tackle the key exposure problem , in which the security of all signatures prior to key leakage is still kept even if the secret key leaks. In this paper, we construct two forward-secure multisignature schemes, one forward-secure threshold signature scheme, and one forward-secure blind signature scheme. Our constructions are based on the recently proposed forward-secure signature scheme from bilinear maps in [11]. Our constructions are very efficient and useful thanks to the elegant structure of the base scheme. Such schemes play an important role in many electronic applications such as cryptographic election systems , digital cash schem es, and e-cheques.

Intrusion-resilient identity-based signatures: Concrete scheme in the standard model and generic construction

Abstract Key exposure problem is a very serious problem for identity-based signatures. Once the secret key is exposed in identity-based signatures, all signatures generated from this secret key will become insecure. To mitigate this serious damage, the intrusion-resilient mechanism has been introduced into identity-based signatures. However, all existing schemes can only be proven secure in random oracles. As we know, security proofs in random oracles do not always imply the security of actual schemes in the real world. In order to deal with this problem, in this paper, we propose the first intrusion-resilient identity-based signature (IRIBS) scheme that can be proven secure in the standard model. In the proposed scheme, the homomorphic structure in the key update is employed to refresh secret keys in one time period. It makes the scheme achieve the intrusion resilience when key exposure happens. In addition, we also provide the first solution for how to generically construct IRIBS schemes. We make use of the separable structure between the users key material used for updating and that used for the actual signing. As a result, our solution can produce IRIBS schemes from forward-secure identity-based signature (FSIBS) schemes with a special property. This contribution will also simplify the future designs of IRIBS schemes and FSIBS schemes.

Forward-Secure Identity-Based Signature Scheme in Untrusted Update Environments

Forward-secure signatures are proposed to diminish the damage of key exposure, in which the security of signatures prior to the period of key exposure can be kept. Identity-based signatures can reduce the complexity and the cost for managing the public key because the public key is replaced by any known information of a user’s identity. In this paper, we discuss a new issue related to integrating forward-secure and identity-based primitives into standard applications of personal network communication security such as pretty good privacy suite and secure/multipurpose internet mail extensions in which the secret key is additionally protected by an extra secret that is possibly derived from a password. One major contribution of this paper is to construct the first forward-secure identity-based signature scheme in untrusted update environments. In this scheme, the public key can be derived from some arbitrary identification value such as an email address or a phone number, and the signing key is additionally shielded by a second factor derived from a user’s password. Key update can be completed by the encrypted version of signing keys. The second factor is only needed when the signatures are produced. In addition, we give the definitions of forward security and update security in this kind of signature. At last, formal proofs of forward security and update security in the random oracle model are provided under the CDH assumption.

A Novel Privacy Preserving Keyword Search Scheme over Encrypted Cloud Data

As the cloud computing becomes prevalent, data owners are motivated to outsource a large number of documents to the cloud for the great flexibility and convenience. Although encryption before outsourcing can keep users data confidential, it raises a new challenge for users to retrieve some of the encrypted files containing specific keywords from the cloud. In this paper, we propose a novel privacy preserving keyword search scheme over encrypted cloud data to address this problem. To enable users to search over encrypted data, we firstly adopt a structure named as Inverted Matrix (IM) to build search index. The IM is consisted of a number of index vectors, each of which is associated with a keyword. Then we map a keyword to a value as an address used to locate the corresponding index vector. Finally, we mask index vectors with pseudo-random bits to obtain an Encrypted Enlarged Inverted Matrix (EEIM) to preserve the privacy of users. Through the security analysis, we show that our proposed scheme is secure.