• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제10권10호
• /
• pp.5190-5208
• /
• 2016

Because of the advantages of certificateless and no escrow feature over the regular signature and identity-based signature, certificateless signature has been widely applied in e-business, e-government and software security since it was proposed in 2003. Although a number of certificateless signature schemes have been proposed, there is only one lattice-based certificateless signature scheme which is still secure in the quantum era. But its efficiency is not very satisfactory. In this paper, the first certificateless signature scheme on NTRU lattice is proposed, which is proven to be secure in random oracle model. Moreover, the efficiency of the new scheme is higher than that of the only one lattice-based certificateless signature.

• Journal of Communications and Networks
• /
• 제10권1호
• /
• pp.10-17
• /
• 2008

In traditional digital signature schemes, certificates signed by a trusted party are required to ensure the authenticity of the public key. In Asiacrypt 2003, the concept of certificateless signature scheme was introduced. The advantage of certificateless public key cryptography successfully eliminates the necessity of certificates in the traditional public key cryptography and simultaneously solves the inherent key escrow problem suffered in identity-based cryptography. Recently, Yap et al. proposed an efficient certificateless signature scheme and claimed that their scheme is existentially unforgeable in the random oracle model. In this paper, we show that the certificateless signature scheme proposed by Yap et al. is insecure against public key replacement attacks. Furthermore, we propose an improved certificateless signature scheme, which is existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model and provide the security proof of the proposed scheme.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권8호
• /
• pp.1972-1988
• /
• 2013

In order to deal with key exposure problem, we introduce forward secure technique into certificateless proxy signature scheme, and propose the formal definition and security model of the forward secure certificateless proxy signature. Our security model takes into account the super adversary in certificateless signature. Furthermore, we present a construction of forward secure certificateless proxy signature scheme with bilinear maps. Based on the difficulty of computational Diffie-Hellman problem, we prove the scheme is secure against chosen message attack in the random oracle model. Finally, we analyze efficiency of the proposed scheme.

• 정보보호학회논문지
• /
• 제18권6A호
• /
• pp.27-37
• /
• 2008

일반서명은 누구나 서명의 정당성을 검증 가능하기 때문에 메시지에 대한 인증을 제 3자에게 전가함으로서 프라이버시 침해를 일으키기도 한다. 이에 Jakobsson 등은 지정된 사람만이 서명을 검증할 수 있게 하는 지정된 검증자 서명기법을 처음 소개 하였다. 지정된 검증자 서명기법은 오직 선택된 검증자만이 서명을 검증할 수 있게 하는 기법으로 메시지 인증성질의 문제점과 프라이버시 침해를 해결한다. 본 논문에서는 '인증서가 없는(Certificateless)' 개념을 기반으로, 서명자의 프라이버시를 강화한 인증서 없는 강한 지정된 검증자 서명기법을 제안하고자 한다. 제안하는 기법은 기존의 인증서 없는 지정된 검증자 서명기법에 비해 다소 효율성이 떨어지나 강한의 성질과 양도성의 문제를 가지지 않는 인증서가 없는 강한 지정된 검증자 서명 기법은 본 논문이 최초이다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권11호
• /
• pp.5625-5641
• /
• 2017

Certificateless public key cryptography resolves the certificate management problem in traditional public key cryptography and the key escrow problem in identity-based cryptography. In recent years, some good results have been achieved in speeding up the computation of bilinear pairing. However, the computation cost of the pairing is much higher than that of the scalar multiplication over the elliptic curve group. Therefore, it is still significant to design cryptosystem without pairing operations. A multi-signer universal designated multi-verifier signature scheme allows a set of signers to cooperatively generate a public verifiable signature, the signature holder then can propose a new signature such that only the designated set of verifiers can verify it. Multi-signer universal designated multi-verifier signatures are suitable in many different practical applications such as electronic tenders, electronic voting and electronic auctions. In this paper, we propose a certificateless multi-signer universal designated multi-verifier signature scheme and prove the security in the random oracle model. Our scheme does not use pairing operation. To the best of our knowledge, our scheme is the first certificateless multi-signer universal designated multi-verifier signature scheme.

• 한국정보통신학회논문지
• /
• 제11권3호
• /
• pp.507-513
• /
• 2007

본 논문에서는 Certificateless 서명기법을 이용하여 Vehicular Ad-hoc 네트워크에서 공개키 인증서 관리 및 취소 문제를 다루지 않는 효율적인 인증 프로토콜을 제안한다. 또한, 빠르고 동적인 Vehicular Ad-hoc 네트워크의 노드(Vehicles)들의 특성을 고려하여 전통적인 공개키 구조에서의 인증서 취소 문제를 보다 효율적으로 해결하기위하여 구간 서명키 개념을 도입한다.

• Journal of Information Processing Systems
• /
• 제13권4호
• /
• pp.970-986
• /
• 2017

Certificateless public key cryptography (CL-PKC) is a new benchmark in modern cryptography. It not only simplifies the certificate management problem of PKC, but also avoids the key escrow problem of the identity based cryptosystem (ID-PKC). In this article, we propose a certificateless blind signature protocol which is based on elliptic curve cryptography (CLB-ECC). The scheme is suitable for the wireless communication environment because of smaller parameter size. The proposed scheme is proven to be secure against attacks by two different kinds of adversaries. CLB-ECC is efficient in terms of computation compared to the other existing conventional schemes. CLB-ECC can withstand forgery attack, key only attack, and known message attack. An e-cash framework, which is based on CLB-ECC, has also been proposed. As a result, the proposed CLB-ECC scheme seems to be more effective for applying to real life applications like e-shopping, e-voting, etc., in handheld devices.

• 정보보호학회논문지
• /
• 제19권6호
• /
• pp.17-22
• /
• 2009

인증서 없는 공개키 시스템은 기존의 공개키 암호시스템에서 인증서의 필요성을 제거하고 신원 기반 암호시스템에서 키 위탁 문제를 해결하였다. 본 논문에서는 Guo 등과 Wang 등에 의해서 제안된 각각의 인증서 없는 서명 기법들이 공격자 종류 I에 의해 키 대치공격에 취약하다는 것을 보인다. 다시 말해, 서명자의 공개키를 대치할 수 있는 능력을 가진 공격자가 서명자의 비밀키를 알지 못함에도 불구하고 서명을 위조할 수 있음을 보이고 이러한 공격을 방지하기 위한 대응법을 제안한다.

• Journal of Communications and Networks
• /
• 제14권1호
• /
• pp.104-110
• /
• 2012

Group key agreement protocols allow a group of users, communicating over a public network, to establish a shared secret key to achieve a cryptographic goal. Protocols based on certificateless public key cryptography (CL-PKC) are preferred since CL-PKC does not need certificates to guarantee the authenticity of public keys and does not suffer from key escrow of identity-based cryptography. Most previous certificateless group key agreement protocols deploy signature schemes to achieve authentication and do not have constant rounds. No security model has been presented for group key agreement protocols based on CL-PKC. This paper presents a security model for a certificateless group key agreement protocol and proposes a constant-round group key agreement protocol based on CL-PKC. The proposed protocol does not involve any signature scheme, which increases the efficiency of the protocol. It is formally proven that the proposed protocol provides strong AKE-security and tolerates up to $n$-2 malicious insiders for weak MA-security. The protocol also resists key control attack under a weak corruption model.

• 정보보호학회논문지
• /
• 제17권1호
• /
• pp.3-10
• /
• 2007

본 논문에서는 ICISC 2004에 제안된 status certificate-based encryption(SCBE) 기법과 EUC Workshops 2006에 제안된 certificateless signature(CLS) 기법의 취약성을 제시한다. 이 두 기법은 ID 기반 암호시스템이 가지는 키 위탁 성질을 없애기 위해 사용자와 관리서버(CA또는 KGC)가 함께 사용자 키(SCBE: 복호용 키, CLS: 서명용 키)를 생성하게 되어 있고, 이들 중 한쪽만을 제어할 수 있는 공격자는 암호시스템에 위해를 가할 수 있는 어떠한 이점도 가질 수 없다고 알려져 있다. 그러나, 본 논문에서는 각 기법의 공격모델에서 허용하는 공격자가 공개키 변조를 통해 독자적으로 사용자 키를 생성하여 사용할 수 있음을 보인다.