Abstract. Recently, Park and Lim (1998) proposed two key distribution systems for secure VSAT sat... more Abstract. Recently, Park and Lim (1998) proposed two key distribution systems for secure VSAT satellite communications. One provides indirect authentication, and another scheme enables that two parties can directly authenticate each other. However, this article will show that the proposed schemes are insecure enough by presenting two impersonation attacks on them. Besides, an im-proved scheme will be proposed, which is secure against the impersonation attack and provides direct mutual authentication between two parties. Key words: satellite communication, key distribution, cryptanalysis. 1.
Abstract—A partially blind signature is a variant of the blind signature. The partially blind sig... more Abstract—A partially blind signature is a variant of the blind signature. The partially blind signature scheme allows a signer to sign a partially blind message that explicitly includes the pre-agreed information. In 2005, Chow et al. first proposed an ID-based partially blind signature scheme with bilinear pairings. ID-based public key systems with bilinear pairings defined on elliptic curves offer a flexible approach to achieve both simplifying the certificate management and reducing the computational cost. However, their scheme is time-consuming for requesters (or clients) with mobile devices. In 2007, Hu and Huang proposed an efficient ID-based partially blind signature scheme based on bilinear pairings. They claimed that the proposed scheme is provably secure under the random oracle model. However, this paper shows that the Hu-Huang scheme suffers from forgery attacks. Index Terms—Security, Partially blind signature, Bilinear pairings, Identity-based.
By its very nature, a non-authenticated multi-party key agreement protocol cannot provide partici... more By its very nature, a non-authenticated multi-party key agreement protocol cannot provide participant and message authentication, so it must rely on an authenticated network channel. This paper presents the inability of two famous multi-party key agreement protocols to withstand malicious participant attacks, even though their protocols are based on the authenticated network channel. This attack involves a malicious participant disrupting the multi-party key agreement among honest participants. In this case, other honest participants do not correctly agree on a common key. Obviously, the malicious participant cannot obtain the common key either, and the communication confidentiality among participants is not breached. However, in some emergency situations or applications, a multi-party key agreement protocol design that is resistant to malicious participants is useful. Therefore, in this paper, a non-authenticated multi-party key agreement protocol resistant to malicious participant...
International Journal of Innovative Computing Information and Control, 2012
Global mobility networks provide effective global roaming services for personal communication use... more Global mobility networks provide effective global roaming services for personal communication users. Through the universal roaming technology, legitimate mobile users can enjoy the ubiquitous services. Mutual authentication and key agreement between mobile users and roaming servers is the primary security issue of many commercial mobile networks. For personal privacy, it becomes an important issue to develop a mutual authentication and key agreement scheme with anonymity for roaming services in global mobility networks to protect user’s identity. Recently, many schemes concerned with this issue have been proposed. However, most of those schemes have been demonstrated that may have several security weaknesses and do not achieve user anonymity. In this paper, we propose a novel and efficient mutual authentication and key agreement scheme with user anonymity for roaming services in the global mobility network. Under the random oracle model, we show that our scheme can withstand known a...
partially blind signature is a variant of the blind signature. The partially blind signature sche... more partially blind signature is a variant of the blind signature. The partially blind signature scheme allows a signer to sign a partially blind message that explicitly includes the pre-agreed information. In 2005, Chow et al. first proposed an ID-based partially blind signature scheme with bilinear pairings. ID-based public key systems with bilinear pairings defined on elliptic curves offer a flexible approach to achieve both simplifying the certificate management and reducing the computational cost. However, their scheme is time-consuming for requesters (or clients) with mobile devices. In 2007, Hu and Huang proposed an efficient ID-based partially blind signature scheme based on bilinear pairings. They claimed that the proposed scheme is provably secure under the random oracle model. However, this paper shows that the Hu-Huang scheme suffers from forgery attacks.
In a smart city, there are different types of entities, such as nature persons, IoT devices, and ... more In a smart city, there are different types of entities, such as nature persons, IoT devices, and service providers, which have different computational limitations and storage limitations. Unfortunately, all of the existing authentication and key exchange (AKE) protocols are designed for either client–server or client–client authentication, including the ones designed for smart cities. In this paper, we present the idea of a compatible authentication and key exchange (CAKE) protocol which provides cross-species authentication. We propose the first CAKE protocol for a smart city that any two valid entities can authenticate with each other and create a secure session key without the help of any third party, while there is also no password table and no public key issuing problem. The entity can be a natural person having biometrics, an IoT device embedded with a physical unclonable function (PUF), or a service provider. Moreover, we extend the CAKE protocol to an anonymous CAKE (ACAKE) ...
International Journal of Innovative Computing Information and Control, 2012
For a digital signature scheme, loss of private keys will cause a devastating effect on e-commerc... more For a digital signature scheme, loss of private keys will cause a devastating effect on e-commerce and Internet-based transaction applications in the present network environment. Key-insulated public-key system is introduced to reduce damage caused by private key exposure. Over the last few years, identity (ID)-based key-insulated cryptography using bilinear pairings has received much attention from cryptographic researchers. In this paper, we propose a new and efficient ID-based key-insulated signature scheme with batch verifications. As compared with the recently proposed ID-based key-insulated signature schemes, our scheme has the best performance for batch verifications. For security analysis, we demonstrate that the proposed scheme is a provably secure IDbased key-insulated signature in the random oracle model and under the computational Diffie-Hellman assumption. Meanwhile, to demonstrate the additional advantage of our ID-based key-insulated signature scheme, we present a nov...
2017 International Conference on Applied System Innovation (ICASI), 2017
Recently, numerous leakage-resilient cryptographic schemes have been proposed to resist side-chan... more Recently, numerous leakage-resilient cryptographic schemes have been proposed to resist side-channel attacks which adopt several properties resulting from practical implementations of cryptographic protocols/schemes to leak partial information of secret (or private) keys. Certificateless public key cryptography solves both certificate management problem in conventional public key cryptography and the key escrow problem in ID-based public key cryptography. However, there is little work on studying the design of certificateless cryptographic schemes resisting to side-channel attacks. In the article, the first leakage-resilient certificateless signature (LR-CLS) scheme is proposed. In the generic bilinear group model, the proposed scheme is demonstrated to possess existential unforgeability against adaptive chosen-message attacks under the continual leakage model for both Type I and Type II adversaries.
Wireless sensor networks (WSNs) have gained much attention due to large number of applications. T... more Wireless sensor networks (WSNs) have gained much attention due to large number of applications. The WSN systems are usually deployed in hostile environments where they encountered a wide variety of malicious attacks. In order to protect the transmitted messages between any two adjacent sensor nodes, a mutual authentication and key exchange protocol is required for wireless sensor networks. Because some nature restrictions of sensor nodes which include low power, less storage space, low computation ability and short communication range, most existing protocols attempt to establish a pairwise key between any two adjacent sensor nodes by adopting a key pre-distribution approach. However, this approach has some inherent drawbacks. With rapid growth of cryptographic techniques, recent results show that Elliptic Curve Cryptography (ECC) is suitable for resource-limited WSNs. In this paper, we propose a scalable ID-based pairwise key establishment protocol that allows a sensor node can est...
Signcryption scheme can efficiently perform encryption and signing procedures in a single step to... more Signcryption scheme can efficiently perform encryption and signing procedures in a single step to obtain message confidentiality and non-reputation properties. As compared to the traditional public key system, identity (ID)-based public key system (IDPKS) can simplify the management of required certificates. However, how to revoke these compromised or misbehaving identities in the IDPKS becomes a critical problem. Recently, Tseng and Tsai proposed a novel construction in the IDPKS with revocation mechanism called revocable ID-based public key system (R-IDPKS). In this paper, we follow their R-IDPKS to propose an important cryptographic primitive ”signcryption”. Security analysis is made to demonstrate that the proposed scheme is provably secure and provides confidentiality and unforgeability.
Abstract. Recently, Park and Lim (1998) proposed two key distribution systems for secure VSAT sat... more Abstract. Recently, Park and Lim (1998) proposed two key distribution systems for secure VSAT satellite communications. One provides indirect authentication, and another scheme enables that two parties can directly authenticate each other. However, this article will show that the proposed schemes are insecure enough by presenting two impersonation attacks on them. Besides, an im-proved scheme will be proposed, which is secure against the impersonation attack and provides direct mutual authentication between two parties. Key words: satellite communication, key distribution, cryptanalysis. 1.
Abstract—A partially blind signature is a variant of the blind signature. The partially blind sig... more Abstract—A partially blind signature is a variant of the blind signature. The partially blind signature scheme allows a signer to sign a partially blind message that explicitly includes the pre-agreed information. In 2005, Chow et al. first proposed an ID-based partially blind signature scheme with bilinear pairings. ID-based public key systems with bilinear pairings defined on elliptic curves offer a flexible approach to achieve both simplifying the certificate management and reducing the computational cost. However, their scheme is time-consuming for requesters (or clients) with mobile devices. In 2007, Hu and Huang proposed an efficient ID-based partially blind signature scheme based on bilinear pairings. They claimed that the proposed scheme is provably secure under the random oracle model. However, this paper shows that the Hu-Huang scheme suffers from forgery attacks. Index Terms—Security, Partially blind signature, Bilinear pairings, Identity-based.
By its very nature, a non-authenticated multi-party key agreement protocol cannot provide partici... more By its very nature, a non-authenticated multi-party key agreement protocol cannot provide participant and message authentication, so it must rely on an authenticated network channel. This paper presents the inability of two famous multi-party key agreement protocols to withstand malicious participant attacks, even though their protocols are based on the authenticated network channel. This attack involves a malicious participant disrupting the multi-party key agreement among honest participants. In this case, other honest participants do not correctly agree on a common key. Obviously, the malicious participant cannot obtain the common key either, and the communication confidentiality among participants is not breached. However, in some emergency situations or applications, a multi-party key agreement protocol design that is resistant to malicious participants is useful. Therefore, in this paper, a non-authenticated multi-party key agreement protocol resistant to malicious participant...
International Journal of Innovative Computing Information and Control, 2012
Global mobility networks provide effective global roaming services for personal communication use... more Global mobility networks provide effective global roaming services for personal communication users. Through the universal roaming technology, legitimate mobile users can enjoy the ubiquitous services. Mutual authentication and key agreement between mobile users and roaming servers is the primary security issue of many commercial mobile networks. For personal privacy, it becomes an important issue to develop a mutual authentication and key agreement scheme with anonymity for roaming services in global mobility networks to protect user’s identity. Recently, many schemes concerned with this issue have been proposed. However, most of those schemes have been demonstrated that may have several security weaknesses and do not achieve user anonymity. In this paper, we propose a novel and efficient mutual authentication and key agreement scheme with user anonymity for roaming services in the global mobility network. Under the random oracle model, we show that our scheme can withstand known a...
partially blind signature is a variant of the blind signature. The partially blind signature sche... more partially blind signature is a variant of the blind signature. The partially blind signature scheme allows a signer to sign a partially blind message that explicitly includes the pre-agreed information. In 2005, Chow et al. first proposed an ID-based partially blind signature scheme with bilinear pairings. ID-based public key systems with bilinear pairings defined on elliptic curves offer a flexible approach to achieve both simplifying the certificate management and reducing the computational cost. However, their scheme is time-consuming for requesters (or clients) with mobile devices. In 2007, Hu and Huang proposed an efficient ID-based partially blind signature scheme based on bilinear pairings. They claimed that the proposed scheme is provably secure under the random oracle model. However, this paper shows that the Hu-Huang scheme suffers from forgery attacks.
In a smart city, there are different types of entities, such as nature persons, IoT devices, and ... more In a smart city, there are different types of entities, such as nature persons, IoT devices, and service providers, which have different computational limitations and storage limitations. Unfortunately, all of the existing authentication and key exchange (AKE) protocols are designed for either client–server or client–client authentication, including the ones designed for smart cities. In this paper, we present the idea of a compatible authentication and key exchange (CAKE) protocol which provides cross-species authentication. We propose the first CAKE protocol for a smart city that any two valid entities can authenticate with each other and create a secure session key without the help of any third party, while there is also no password table and no public key issuing problem. The entity can be a natural person having biometrics, an IoT device embedded with a physical unclonable function (PUF), or a service provider. Moreover, we extend the CAKE protocol to an anonymous CAKE (ACAKE) ...
International Journal of Innovative Computing Information and Control, 2012
For a digital signature scheme, loss of private keys will cause a devastating effect on e-commerc... more For a digital signature scheme, loss of private keys will cause a devastating effect on e-commerce and Internet-based transaction applications in the present network environment. Key-insulated public-key system is introduced to reduce damage caused by private key exposure. Over the last few years, identity (ID)-based key-insulated cryptography using bilinear pairings has received much attention from cryptographic researchers. In this paper, we propose a new and efficient ID-based key-insulated signature scheme with batch verifications. As compared with the recently proposed ID-based key-insulated signature schemes, our scheme has the best performance for batch verifications. For security analysis, we demonstrate that the proposed scheme is a provably secure IDbased key-insulated signature in the random oracle model and under the computational Diffie-Hellman assumption. Meanwhile, to demonstrate the additional advantage of our ID-based key-insulated signature scheme, we present a nov...
2017 International Conference on Applied System Innovation (ICASI), 2017
Recently, numerous leakage-resilient cryptographic schemes have been proposed to resist side-chan... more Recently, numerous leakage-resilient cryptographic schemes have been proposed to resist side-channel attacks which adopt several properties resulting from practical implementations of cryptographic protocols/schemes to leak partial information of secret (or private) keys. Certificateless public key cryptography solves both certificate management problem in conventional public key cryptography and the key escrow problem in ID-based public key cryptography. However, there is little work on studying the design of certificateless cryptographic schemes resisting to side-channel attacks. In the article, the first leakage-resilient certificateless signature (LR-CLS) scheme is proposed. In the generic bilinear group model, the proposed scheme is demonstrated to possess existential unforgeability against adaptive chosen-message attacks under the continual leakage model for both Type I and Type II adversaries.
Wireless sensor networks (WSNs) have gained much attention due to large number of applications. T... more Wireless sensor networks (WSNs) have gained much attention due to large number of applications. The WSN systems are usually deployed in hostile environments where they encountered a wide variety of malicious attacks. In order to protect the transmitted messages between any two adjacent sensor nodes, a mutual authentication and key exchange protocol is required for wireless sensor networks. Because some nature restrictions of sensor nodes which include low power, less storage space, low computation ability and short communication range, most existing protocols attempt to establish a pairwise key between any two adjacent sensor nodes by adopting a key pre-distribution approach. However, this approach has some inherent drawbacks. With rapid growth of cryptographic techniques, recent results show that Elliptic Curve Cryptography (ECC) is suitable for resource-limited WSNs. In this paper, we propose a scalable ID-based pairwise key establishment protocol that allows a sensor node can est...
Signcryption scheme can efficiently perform encryption and signing procedures in a single step to... more Signcryption scheme can efficiently perform encryption and signing procedures in a single step to obtain message confidentiality and non-reputation properties. As compared to the traditional public key system, identity (ID)-based public key system (IDPKS) can simplify the management of required certificates. However, how to revoke these compromised or misbehaving identities in the IDPKS becomes a critical problem. Recently, Tseng and Tsai proposed a novel construction in the IDPKS with revocation mechanism called revocable ID-based public key system (R-IDPKS). In this paper, we follow their R-IDPKS to propose an important cryptographic primitive ”signcryption”. Security analysis is made to demonstrate that the proposed scheme is provably secure and provides confidentiality and unforgeability.
Uploads
Papers by Yuh-Min Tseng