Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                



Dates are inconsistent

Dates are inconsistent

52 results sorted by ID

Possible spell-corrected query: Private ind
2024/705 (PDF) Last updated: 2024-10-17
Large-Scale MPC: Scaling Private Iris Code Uniqueness Checks to Millions of Users
Remco Bloemen, Bryan Gillespie, Daniel Kales, Philipp Sippl, Roman Walch
Cryptographic protocols

In this work we tackle privacy concerns in biometric verification systems that typically require server-side processing of sensitive data (e.g., fingerprints and Iris Codes). Concretely, we design a solution that allows us to query whether a given Iris Code is similar to one contained in a given database, while all queries and datasets are being protected using secure multiparty computation (MPC). Addressing the substantial performance demands of operational systems like World ID and aid...

2023/1099 (PDF) Last updated: 2024-04-15
A Digital Identity in the Hands of Swiss Citizens
Jean-Luc Beuchat, Valon Rexhepi
Applications

The Swiss law on electronic identity (LSIE) was rejected on March 7, 2021. Its opponents accused it of involving private companies which could thus collect citizens' data and store them centrally. Six motions with identical wording were tabled on March 10, 2021: they all ask the Swiss Federal Council to set up a state-run system allowing citizens to prove their identity online in complete confidence. They stipulate that only necessary information is collected and stored in a decentralized...

2023/986 (PDF) Last updated: 2023-06-24
Efficient Private Multiset ID Protocols
Cong Zhang, Weiran Liu, Bolin Ding, Dongdai Lin
Cryptographic protocols

Private-ID (PID) protocol enables two parties, each holding a private set of items, to privately compute a set of random universal identifiers (UID) corresponding to the records in the union of their sets, where each party additionally learns which UIDs correspond to which items in its set but not if they belong to the intersection or not. PID is very useful in the privacy computation of databases query, e.g. inner join and join for compute. Known PID protocols all assume the input of both...

2023/780 Last updated: 2024-05-06
An Anonymous Multireceiver Hybrid Signcryption for Broadcast Communication
Alia Umrani, Apurva K Vangujar, Paolo Palmieri
Public-key cryptography

Confidentiality, authentication, and anonymity are the basic security requirements in broadcast communication, that can be achieved by Digital Signature (DS), encryption, and pseudo-identity (PID) techniques. Signcryption offers both DS and encryption more efficiently than "sign-then-encrypt,". However, compared to hybrid signcryption, it has higher computational and communication costs. Our paper proposes an Anonymous Multi-receiver Certificateless Hybrid Signcryption (AMCLHS) for secure...

2023/012 (PDF) Last updated: 2023-12-30
Delegated Private Matching for Compute
Dimitris Mouris, Daniel Masny, Ni Trieu, Shubho Sengupta, Prasad Buddhavarapu, Benjamin Case
Cryptographic protocols

Private matching for compute (PMC) establishes a match between two datasets owned by mutually distrusted parties ($C$ and $P$) and allows the parties to input more data for the matched records for arbitrary downstream secure computation without rerunning the private matching component. The state-of-the-art PMC protocols only support two parties and assume that both parties can participate in computationally intensive secure computation. We observe that such operational overhead limits the...

2022/1196 (PDF) Last updated: 2022-11-10
Embedded Identity Traceable Identity-Based IPFE from Pairings and Lattices
Subhranil Dutta, Tapas Pal, Amit Kumar Singh, Sourav Mukhopadhyay
Public-key cryptography

We present the first fully collusion resistant traitor tracing (TT) scheme for identity-based inner product functional encryption (IBIPFE) that directly traces user identities through an efficient tracing procedure. We name such a scheme as embedded identity traceable IBIPFE (EI-TIBIPFE), where secret keys and ciphertexts are computed for vectors u and v respectively. Additionally, each secret key is associated with a user identification information tuple (i , id, gid) that specifies user...

2022/1008 (PDF) Last updated: 2022-08-05
Multimodal Private Signatures
Khoa Nguyen, Fuchun Guo, Willy Susilo, Guomin Yang
Cryptographic protocols

We introduce Multimodal Private Signature (MPS) - an anonymous signature system that offers a novel accountability feature: it allows a designated opening authority to learn some partial information $\mathsf{op}$ about the signer's identity $\mathsf{id}$, and nothing beyond. Such partial information can flexibly be defined as $\mathsf{op} = \mathsf{id}$ (as in group signatures), or as $\mathsf{op} = \mathbf{0}$ (like in ring signatures), or more generally, as $\mathsf{op} =...

2022/652 (PDF) Last updated: 2024-02-01
Private Set Operations from Multi-Query Reverse Private Membership Test
Yu Chen, Min Zhang, Cong Zhang, Minglang Dong, Weiran Liu
Cryptographic protocols

Private set operations allow two parties to perform secure computation on their private sets, including intersection, union and functions of intersection/union. In this paper, we put forth a framework to perform private set operations. The technical core of our framework is the multi-query reverse private membership test (mqRPMT) protocol (Zhang et al., USENIX Security 2023), in which a client with a vector $X = (x_1, \dots, x_n)$ interacts with a server holding a set $Y$, and eventually the...

2021/770 (PDF) Last updated: 2021-06-09
Multi-key Private Matching for Compute
Prasad Buddhavarapu, Benjamin M Case, Logan Gore, Andrew Knox, Payman Mohassel, Shubho Sengupta, Erik Taubeneck, Min Xue
Cryptographic protocols

We extend two-party private set union for secure computation, by considering matching between records having multiple identifiers (or keys), for example email and phone. In the classical setting of this problem, two parties want to perform various downstream computations on the union of two datasets. The union is computed by joining two datasets with the help of a single agreed upon identifier, say email. By extending this to joining records with multiple identifiers, we bring it much closer...

2021/243 (PDF) Last updated: 2021-03-02
Private Set Operations from Oblivious Switching
Gayathri Garimella, Payman Mohassel, Mike Rosulek, Saeed Sadeghian, Jaspal Singh
Cryptographic protocols

Private set intersection reveals the intersection of two private sets, but many real-world applications require the parties to learn $\textit{only}$ partial information about the intersection. In this paper we introduce a new approach for computing arbitrary functions of the intersection, provided that it is safe to also reveal the cardinality of the intersection. In the most general case, our new protocol provides the participants with secret shares of the intersection, which can be fed...

2020/599 (PDF) Last updated: 2020-05-22
Private Matching for Compute
Prasad Buddhavarapu, Andrew Knox, Payman Mohassel, Shubho Sengupta, Erik Taubeneck, Vlad Vlaskin
Cryptographic protocols

We revisit the problem of two-party private set intersection for aggregate computation which we refer to as private matching for compute. In this problem, two parties want to perform various downstream computation on the intersection of their two datasets according to a previously agreed-upon identifier. We observe that prior solutions to this problem have important limitations. For example, any change or update to the records in either party's dataset triggers a rerun of the private...

2019/1412 (PDF) Last updated: 2019-12-21
Cryptanalysis and Improvement of Smart-ID's Clone Detection Mechanism
Augustin P. Sarr
Cryptographic protocols

At ESORICS 2017, Buldas et al. proposed an efficient (software only) server supported signature scheme, geared to mobile devices, termed Smart-ID. A major component of their design is a clone detection mechanism, which allows a server to detect the existence of clones of a client's private key share. We point out a flaw in this mechanism. We show that, under a realistic race condition, an attacker which holds a password camouflaged private share can lunch an online dictionary attack such...

2019/1376 (PDF) Last updated: 2019-12-17
Generic Constructions of RIBE via Subset Difference Method
Xuecheng Ma, Dongdai Lin
Public-key cryptography

Revocable identity-based encryption (RIBE) is an extension of IBE which can support a key revocation mechanism, and it is important when deploying an IBE system in practice. Boneh and Franklin (Crypto'01) presented the first generic construction of RIBE, however, their scheme is not scalable where the size of key updates is linear in the number of users in the system. The first generic construction of RIBE is presented by Ma and Lin with complete subtree (CS) method by combining IBE and...

2019/1366 (PDF) Last updated: 2019-11-27
A Lattice-based Enhanced Privacy ID
Nada EL Kassem, Luis Fiolhais, Paulo Martins, Liqun Chen, Leonel Sousa
Cryptographic protocols

The Enhanced Privacy ID (EPID) scheme is currently used for hardware enclave attestation by an increasingly large number of platforms that implement Intel Software Guard Extensions (SGX). However, the scheme currently deployed by Intel is supported on Elliptic Curve Cryptography (ECC), and will become insecure should a large quantum computer become available. As part of National Institute of Standards and Technology (NIST)'s effort for the standardisation of post-quantum cryptography, there...

2019/940 (PDF) Last updated: 2019-08-18
Security analysis of two lightweight certificateless signature schemes
Nasrollah Pakniat
Public-key cryptography

Certificateless cryptography can be considered as an intermediate solution to overcome the issues in traditional public key infrastructure (PKI) and identity-based public key cryptography (ID-PKC). There exist a vast number of certificateless signature (CLS) schemes in the literature; however, most of them are not efficient enough to be utilized in limited resources environments such as Internet of things (IoT) or Healthcare Wireless Sensor Networks (HWSN). Recently, two lightweight CLS...

2019/121 (PDF) Last updated: 2019-02-13
Anonymous Attestation for IoT
Santosh Ghosh, Andrew H. Reinders, Rafael Misoczki, Manoj R. Sastry
Implementation

Internet of Things (IoT) have seen tremendous growth and are being deployed pervasively in areas such as home, surveillance, health-care and transportation. These devices collect and process sensitive data with respect to user's privacy. Protecting the privacy of the user is an essential aspect of security, and anonymous attestation of IoT devices are critical to enable privacy-preserving mechanisms. Enhanced Privacy ID (EPID) is an industry-standard cryptographic scheme that offers...

2018/1148 (PDF) Last updated: 2018-12-03
Towards Practical Security of Pseudonymous Signature on the BSI eIDAS Token
Mirosław Kutyłowski, Lucjan Hanzlik, Kamil Kluczniak
Cryptographic protocols

In this paper we present an extension of Pseudonymous Signature introduced by the German Federal BSI authority as a part of technical recommendations for electronic identity documents. Without switching to pairing friendly groups we enhance the scheme so that: (a) the issuer does not know the private keys of the citizen (so it cannot impersonate the citizen), (b) a powerful adversary that breaks any number of ID cards created by the Issuer cannot forge new cards that could be proven as...

2018/1131 (PDF) Last updated: 2018-11-29
A CCA-secure collusion-resistant Identity-based Proxy Re-encryption Scheme
Arinjita Paul, Varshika Srinivasavaradhan, S. Sharmila Deva Selvi, C. Pandu Rangan

Cloud storage enables its users to store confidential information as encrypted files in the cloud. A cloud user (say Alice) can share her encrypted files with another user (say Bob) by availing proxy re-encryption services of the cloud. Proxy Re-Encryption (PRE) is a cryptographic primitive that allows transformation of ciphertexts from Alice to Bob via a semi-trusted proxy, who should not learn anything about the shared message. Typically, the re-encryption rights are enabled only for a...

2017/222 Last updated: 2019-08-21
A Note on Obtain Confidentiality or/ and Authenticity in Big Data by ID-Based Generalized Signcryption
Nizamud Dina, Arif Iqbal Umar, Abdul Waheed, Noor ul Amin
Public-key cryptography

ID based generalized signcryption can adaptively work as a signature scheme, an encryption scheme or a signcryption scheme and avoid weighty and complicated certificate management like Public Key Infrastructure. It has application in emerging paradigm big data security. Recently,Wei et al proposed a new ID based generalized signcryption scheme to obtain con…dentiality or/and authenticity in big data, and claimed that their scheme is provably secure in standard model. Unfortunately, by...

2015/098 (PDF) Last updated: 2015-02-23
Adaptive-ID Secure Revocable Identity-Based Encryption from Lattices via Subset Difference Method
Shantian Cheng, Juanyang Zhang
Public-key cryptography

In view of the expiration or reveal of user's private credential (or private key) in a realistic scenario, identity-based encryption (IBE) schemes with an efficient key revocation mechanism, or for short, revocable identity-based encryption (RIBE) schemes, become prominently significant. In this paper, we present an RIBE scheme from lattices by combining two Agrawal et al.'s IBE schemes with the subset difference (SD) method. Our scheme is secure against adaptive identity-time attacks in the...

2014/067 (PDF) Last updated: 2016-03-11
Efficient and Strongly Secure Dynamic Domain-Specific Pseudonymous Signatures for ID Documents
Julien Bringer, Hervé Chabanne, Roch Lescuyer, Alain Patey
Public-key cryptography

The notion of domain-specific pseudonymous signatures (DSPS) has recently been introduced for private authentication of ID documents, like passports, that embed a chip with computational abilities. Thanks to this privacy-friendly primitive, the document authenticates to a service provider through a reader and the resulting signatures are anonymous, linkable inside the service and unlinkable across services. A subsequent work proposes to enhance security and privacy of DSPS through group...

2013/399 (PDF) Last updated: 2013-06-18
Attack on Liao and Hsiao's Secure ECC-based RFID Authentication Scheme integrated with ID-Verifier Transfer Protocol
Roel Peeters, Jens Hermans
Cryptographic protocols

We show that the Liao and Hsiao's protocol achieves neither tag-authentication nor privacy.

2012/618 Last updated: 2014-10-22
An ultra-lightweight ID-based pairwise key establishment scheme aiming at full collusion resistance
Oscar Garcia-Morchon, Ronald Rietman, Ludo Tolhuizen, Domingo Gomez-Perez, Jaime Gutierrez, Santos Merino del Pozo

This paper introduces a new key establishment scheme aiming at fully collusion-resistant identity-based symmetric-key agreement. In an identity-based pairwise key agreement scheme, a Trusted Third Party (TTP) manages the system and securely provides any node, e.g., Alice or Bob, with private keying materials. Alice can generate a pairwise key with Bob given her own secret keying material and Bob's identity. The full collusion resistance property would ensure that the scheme remains secure...

2012/531 (PDF) Last updated: 2013-05-06
Generic Construction of Trace and Revoke Schemes
Murat Ak, Aggelos Kiayias, Serdar Pehlivanoglu, Ali Aydin Selcuk

Broadcast encryption (BE) is a cryptographic primitive that allows a broadcaster to encrypt digital content to a privileged set of users and in this way prevent revoked users from accessing the content. In BE schemes, a group of users, called traitor s may leak their keys and enable an adversary to receive the content. Such malicious users can be detected through traitor tracing (TT) schemes. The ultimate goal in a content distribution system would be combining traitor tracing and broadcast...

2012/394 (PDF) Last updated: 2012-07-23
An ID-Based Key Agreement Protocol Based on ECC Among Users of Separate Networks
Mohammad Sabzinejad Farash, Mahmoud Ahmadian Attari
Cryptographic protocols

In this article we propose an identity based key agreement protocol based on elliptic curve cryptography (ECC) between users of different networks with independent private key generations (PKGs). Our protocol is based on Cao et al.'s protocol ,proposed in 2010, in which instead of bilinear pairings, elliptic curves are used for constructing an ID-based key agreement protocol . Our protocol develops Cao et al's protocol for situations that two users of independent organizations or networks...

2012/250 (PDF) Last updated: 2012-05-03
New Identity Based Encryption And Its Proxy Re-encryption
Xu An Wang, Xiaoyuan Yang
Public-key cryptography

Identity based encryption (IBE) has received great attention since Boneh and Franklin's breakthrough work on bilinear group based IBE [4]. Till now, many IBE schemes relying on bilinear groups with diff erent properties have been proposed [5, 25, 29, 14]. However, one part of the user's private key in all these IBE schemes is constructed as y = f(msk), where msk is the master key and y is an element in the underlying bilinear group G. In this paper, we propose a new IBE: one part of the...

2011/187 (PDF) Last updated: 2012-01-12
Accelerating ID-based Encryption based on Trapdoor DL using Pre-computation
Hyung Tae Lee, Jung Hee Cheon, Jin Hong

The existing identity-based encryption (IBE) schemes based on pairings require pairing computations in encryption or decryption algorithm and it is a burden to each entity which has restricted computing resources in mobile computing environments. An IBE scheme (MY-IBE) based on a trapdoor DL group for RSA setting is one of good alternatives for applying to mobile computing environments. However, it has a drawback for practical use, that the key generation algorithm spends a long time for...

2010/606 (PDF) Last updated: 2010-11-25
Weakness of two ID-based remote mutual authentication with key agreement protocols for mobile devices
He Debiao, Chen Jianhua, Hu Jin
Public-key cryptography

Recently, Yoon et al. and Wu proposed two improved remote mutual authentication and key agreement schemes for mobile devices on elliptic curve cryptosystem. In this paper, we show that Yoon et al.’s protocol fails to provide explicit key perfect forward secrecy and fails to achieve explicit key confirmation. We also point out Wu’s scheme decreases efficiency by using the double secret keys and private/public pair, and is vulnerable to the password guessing attack and the forgery attack.

2010/194 (PDF) (PS) Last updated: 2010-04-09
Identity-Based Online/Offline Key Encapsulation and Encryption
Sherman S. M. Chow, Joseph K. Liu, Jianying Zhou
Public-key cryptography

An identity-based online/offline encryption (IBOOE) scheme splits the encryption process into two phases. The first phase performs most of the heavy computations, such as modular exponentiation or pairing over points on elliptic curve. The knowledge of the plaintext or the receiver's identity is not required until the second phase, where the ciphertext is produced by only light computations, such as integer addition/multiplication or hashing. This division of computations makes encryption...

2009/468 (PDF) Last updated: 2010-04-27
Password Based Key Exchange with Hidden Elliptic Curve Public Parameters
Julien Bringer, Herve Chabanne, Thomas Icart

We here describe a new Password-based Authenticated Key Exchange (PAKE) protocol based on elliptic curve cryptography. We prove it secure in the Bellare-Pointcheval-Rogaway (BPR) model. Our proposal is conceived in a such a way that it ensures that the elliptic curve public parameters remain private. This is important in the context of ID contactless devices as, in this case, it is easy to link these parameters with the nationality of the ID document owners.

2009/355 (PDF) (PS) Last updated: 2010-07-23
Asynchronous Distributed Private-Key Generators for Identity-Based Cryptography
Aniket Kate, Ian Goldberg
Public-key cryptography

An identity-based encryption (IBE) scheme can greatly reduce the complexity of sending encrypted messages over the Internet. However, an IBE scheme necessarily requires a private-key generator (PKG), which can create private keys for clients, and so can passively eavesdrop on all encrypted communications. Although a distributed PKG has been suggested as a way to mitigate this problem for Boneh and Franklin's IBE scheme, the security of this distributed protocol has not been proven and the...

2009/160 (PDF) (PS) Last updated: 2009-05-20
Leakage-Resilient Public-Key Cryptography in the Bounded-Retrieval Model
Joel Alwen, Yevgeniy Dodis, Daniel Wichs
Public-key cryptography

We study the design of cryptographic primitives resilient to key leakage attacks, where an attacker can repeatedly and adaptively learn information about the secret key, subject only to the constraint that the overall amount of such information is bounded by some parameter $\ell$. We construct a variety of leakage-resilient public-key systems including the first known identification schemes (ID), signature schemes and authenticated key agreement protocols (AKA). Our main result is an...

2009/095 (PDF) Last updated: 2009-03-02
Enhanced Privacy ID from Bilinear Pairing
Ernie Brickell, Jiangtao Li
Cryptographic protocols

Enhanced Privacy ID (EPID) is a cryptographic scheme that enables the remote authentication of a hardware device while preserving the privacy of the device. EPID can be seen as a direct anonymous attestation scheme with enhanced revocation capabilities. In EPID, a device can be revoked if the private key embedded in the hardware device has been extracted and published widely so that the revocation manager finds the corrupted private key. In addition, the revocation manager can revoke...

2007/469 (PDF) Last updated: 2008-12-04
ID-Based Group Password-Authenticated Key Exchange
Xun Yi, Raylin Tso, Eiji Okamoto

Password-authenticated key exchange (PAKE) protocols are designed to be secure even when the secret key used for authentication is a human-memorable password. In this paper, we consider PAKE protocols in the group scenario, in which a group of clients, each of them shares a password with an ``honest but curious'' server, intend to establish a common secret key (i.e., a group key) with the help of the server. In this setting, the key established is known to the clients only and no one else,...

2007/217 (PDF) (PS) Last updated: 2007-06-13
Identity-Based Broadcast Encryption
Ryuichi Sakai, Jun Furukawa
Public-key cryptography

Broadcast encryption schemes enable senders to efficiently broadcast ciphertexts to a large set of receivers in a way that only non-revoked receivers can decrypt them. Identity-based encryption schemes are public key encryption schemes that can use arbitrary strings as public keys. We propose the first public key broadcast encryption scheme that can use any string as a public key of each receiver. That is, identity-based broadcast encryption scheme. Our scheme has many desirable properties....

2007/194 (PDF) Last updated: 2007-08-22
Enhanced Privacy ID: A Direct Anonymous Attestation Scheme with Enhanced Revocation Capabilities
Ernie Brickell, Jiangtao Li
Cryptographic protocols

Direct Anonymous Attestation (DAA) is a scheme that enables the remote authentication of a Trusted Platform Module (TPM) while preserving the user's privacy. A TPM can prove to a remote party that it is a valid TPM without revealing its identity and without linkability. In the DAA scheme, a TPM can be revoked only if the DAA private key in the hardware has been extracted and published widely so that verifiers obtain the corrupted private key. If the unlinkability requirement is relaxed, a...

2007/160 (PS) Last updated: 2007-05-07
Analysis of Collusion-Attack Free ID-Based Non-Interactive Key Sharing
Muxiang Zhang
Public-key cryptography

Recently, Tanaka proposed an identity based non-interactive key sharing scheme and its corresponding identity based encryption scheme based on the intractability of integer factorization and discrete logarithm. The proposed identity based non-interactive key sharing scheme is similar to the well-known Maurer-Yacobi public key distribution scheme but the computational complexity for private key generation can be significantly reduced. It is also claimed that the proposed identity based...

2007/135 (PDF) Last updated: 2007-04-18
Efficient ID-based Signature Without Trusted PKG
Jingwei Liu, Rong Sun, Weidong Kou, Xinmei Wang
Public-key cryptography

In this paper, we introduce the exact concept of ID-based signature without trusted Private Key Generator (PKG), which solves the key escrow problem through binding two partially public keys with a same identity. In this scheme, PKG is prevented from forging a legal user’s signature because he only generates the partially private key. Using Gap Diffie-Hellman (GDH) groups, we construct an efficient ID-based signature scheme without trusted PKG, which security relies on the hardness of the...

2007/100 (PDF) (PS) Last updated: 2007-11-26
Practical Identity-Based Encryption (IBE) in Multiple PKG Environments and Its Applications
Shengbao Wang, Zhenfu Cao

Identity-based encryption (IBE) schemes are usually used in multiple-PKG environments --- on the one hand, each administrative domain (e.g., a relatively small and close organization) maintains its own private key generator (PKG); on the other hand, encryption across domains becomes a prevalent requirement. In this paper, we present a new IBE scheme using bilinear pairings. Compared with the famous IBE scheme of Boneh and Franklin, we show that ours is more practical in the multiple-PKG...

2007/084 (PDF) (PS) Last updated: 2007-03-05
Constant Size Ciphertext HIBE in the Augmented Selective-ID Model and its Extensions
Sanjit Chatterjee, Palash Sarkar
Cryptographic protocols

At Eurocrypt 2005, Boneh, Boyen and Goh presented a constant size ciphertext hierarchical identity based encryption (HIBE) protocol. Our main contribution is to present a variant of the BBG-HIBE. The new HIBE is proved to be secure (without any degradation) in an extension of the sID model (denoted the s$^+$-ID model) and the components of the identities are from $\bbbz_p$, where $p$ is a suitable large prime. The BBG-HIBE is proved to be secure in the selective-ID (sID) security model and...

2006/446 (PDF) (PS) Last updated: 2007-09-05
New Identity-Based Authenticated Key Agreement Protocols from Pairings (without Random Oracles)
Shengbao Wang, Zhenfu Cao, Kim-Kwang Raymond Choo

We present the first provably secure ID-based key agreement protocol, inspired by the ID-based encryption scheme of Gentry, in the standard (non-random-oracle) model. We show how this key agreement can be used in either escrowed or escrowless mode. We also give a protocol which enables users of separate private key generators to agree on a shared secret key. All our proposed protocols have comparable performance to all known protocols that are proven secure in the random oracle model.

2006/308 (PDF) Last updated: 2006-09-06
Efficient ID-based Threshold Signature Schemes without Pairings
Jun Shao, Zhenfu Cao, Licheng Wang
Public-key cryptography

The focus of this paper is to design an efficient and secure solution addressing the key escrow problem in ID-based signature schemes, i.e., the Private Key Generator (PKG) knows the user's private key, which damages the essential requirement--``non-repudiation" property of signature schemes. In this paper, we proposed two ID-based threshold signature schemes, which both reach Girault's trusted level 3, and in which there exists only one PKG in our ID-based threshold signature schemes....

2006/245 (PDF) Last updated: 2006-07-19
Secure and Efficient Threshold Key Issuing Protocol for ID-based Cryptosystems
K. Phani Kumar, G. Shailaja, Ashutosh Saxena
Public-key cryptography

Key issuing protocols deal with overcoming the two inherent problems: key escrow and secure channel requirement of the identity based cryptosystems. An efficient key issuing protocol enables the identity based cryptosystems to be more acceptable and applicable in the real world. We present a secure and efficient threshold key issuing protocol. In our protocol, neither KGC nor KPA can impersonate the users to obtain the private keys and thus it achieves the trust level III \cite{girault}....

2005/326 (PDF) Last updated: 2010-07-01
A Suite of Non-Pairing ID-Based Threshold Ring Signature Schemes with Different Levels of Anonymity
Patrick P. Tsang, Man Ho Au, Joseph K. Liu, Willy Susilo, Duncan S. Wong
Public-key cryptography

Since the introduction of Identity-based (ID-based) cryptography by Shamir in 1984, numerous ID-based signature schemes have been proposed. In 2001, Rivest et al. introduced ring signature that provides irrevocable signer anonymity and spontaneous group formation. In recent years, ID-based ring signature schemes have been proposed and all of them are based on bilinear pairings. In this paper, we propose the first ID-based threshold ring signature scheme that is not based on bilinear...

2005/180 (PDF) Last updated: 2005-06-15
A Note on Secure Key Issuing in ID-based Cryptography
XU Chunxiang, ZHOU Junhui, QIN Zhiguang
Public-key cryptography

Most recently, Lee B. et al proposed a key issuing protocol for ID-based cryptography to solve the key escrow problem. However in this letter, we show that a malicious key generation center (KGC) can successfully attack the protocol to obtain users¡¯ private keys. This means that in the protocol, the key escrow problem isn¡¯t really removed.

2005/015 (PDF) (PS) Last updated: 2006-01-26
Hierarchical Identity Based Encryption with Constant Size Ciphertext
Dan Boneh, Xavier Boyen, Eu-Jin Goh
Public-key cryptography

We present a Hierarchical Identity Based Encryption (HIBE) system where the ciphertext consists of just three group elements and decryption requires only two bilinear map computations, independent of the hierarchy depth. Encryption is as efficient as in other HIBE systems. We prove that the scheme is selective-ID secure in the standard model and fully secure in the random oracle model. Our system has a number of applications: it gives very efficient forward secure public key and identity...

2005/013 (PDF) Last updated: 2005-01-20
Comments: Insider attack on Cheng et al.'s pairing-based tripartite key agreement protocols
Hung-Yu Chien
Cryptographic protocols

Recently, Cheng et al. proposed two tripartite key agreement protocols from pairings: one is certificate-based and the other is identity-based (ID-based). In this article, we show that the two schemes are vulnerable to the insider impersonation attack and the ID-based scheme even discloses the entities¡¦ private keys. Solutions to this problem are discussed.

2004/322 (PDF) (PS) Last updated: 2005-07-18
Separable and Anonymous Identity-Based Key Issuing
Ai-fen Sui, Sherman S. M. Chow, Lucas C. K. Hui, S. M. Yiu, K. P. Chow, W. W. Tsang, C. F. Chong, K. H. Pun, H. W. Chan
Public-key cryptography

In identity-based (ID-based) cryptosystems, a local registration authority (LRA) is responsible for authentication of users while the key generation center (KGC) is responsible for computing and sending the private keys to users and therefore, a secure channel is required. For privacy-oriented applications, it is important to keep in secret whether the private key corresponding to a certain identity has been requested. All of the existing ID-based key issuing schemes have not addressed this...

2004/172 (PDF) (PS) Last updated: 2004-12-08
Efficient Selective-ID Secure Identity Based Encryption Without Random Oracles
Dan Boneh, Xavier Boyen
Public-key cryptography

We construct two efficient Identity Based Encryption (IBE) systems that are selective identity secure {\em without the random oracle model} in groups equipped with a bilinear map. Selective identity secure IBE is a slightly weaker security model than the standard security model for IBE. In this model the adversary must commit ahead of time to the identity that it intends to attack, whereas in the standard model the adversary is allowed to choose this identity adaptively. The first system...

2004/086 (PDF) Last updated: 2005-03-03
Fuzzy Identity Based Encryption
Amit Sahai, Brent Waters
Public-key cryptography

We introduce a new type of Identity-Based Encryption (IBE) scheme that we call Fuzzy Identity-Based Encryption. In Fuzzy IBE we view an identity as set of descriptive attributes. A Fuzzy IBE scheme allows for a private key for an identity, $\omega$, to decrypt a ciphertext encrypted with an identity, $\omega'$, if and only if the identities $\omega$ and $\omega'$ are close to each other as measured by the ``set overlap'' distance metric. A Fuzzy IBE scheme can be applied to enable...

2003/192 (PDF) (PS) Last updated: 2003-09-17
Universal Designated-Verifier Signatures
Ron Steinfeld, Laurence Bull, Huaxiong Wang, Josef Pieprzyk

Motivated by privacy issues associated with dissemination of signed digital certificates, we define a new type of signature scheme called a ‘Universal Designated-Verifier Signature’ (UDVS). A UDVS scheme can function as a standard publicly-verifiable digital signature but has additional functionality which allows any holder of a signature (not necessarily the signer) to designate the signature to any desired designated-verifier (using the verifier’s public key). Given the...

2002/018 (PS) Last updated: 2002-02-16
An Identity-Based Signature from Gap Diffie-Hellman Groups
Jae Choon Cha, Jung Hee Cheon

In this paper we propose an identity(ID)-based signature scheme using gap Diffie-Hellman (GDH) groups. Our scheme is proved secure against existential forgery on adaptively chosen message and ID attack under the random oracle model. Using GDH groups obtained from bilinear pairings, as a special case of our scheme, we obtain an ID-based signature scheme that shares the same system parameters and the same private/public key pairs with the ID-based encryption scheme (BF-IBE) by Boneh and...

Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.