Electronic commerce, as exemplified by the popularity of the Internet, is becoming more important along with fast progress in communications and information technology. The SET (Secure Electronic Transaction) protocol is a scheme designed... more
Electronic commerce, as exemplified by the popularity of the Internet, is becoming more important along with fast progress in communications and information technology. The SET (Secure Electronic Transaction) protocol is a scheme designed to ensure that merchants and cardholders can conduct business over a public network. Although the SET protocol has some disadvantages, but still it is the most commonly used protocol in the Internet shopping. Signcryption is a cryptographic primitive which simultaneously provides both confidentiality and authenticity in a single logical step. Signcryption based on elliptic curves provides the same level of security using smaller keys compared to schemes based on the discrete logarithm problem over finite fields. This paper examines the benefits of using signcryption rather than signaturethen-encryption in the SET protocol. Using identity-based signcryption in the SET protocol reduces the number of encryption and decryption operations. Moreover, signcryption is less time consuming than signature-then-encryption.
a day's information technology is a part of day to day's life. Everybody wants to store data in soft format in a central place so that it can be accessed any point of time. When a remote user tries accessing it through an... more
a day's information technology is a part of day to day's life. Everybody wants to store data in soft format in a central place so that it can be accessed any point of time. When a remote user tries accessing it through an unreliable network then data may not be secure. There are many techniques to secure data or message. Signcryption is one of the booming issues in the field of security. In 1997 Zheng introduce signcryption scheme by combining the techniques of digital signature then encryption in one step which reduces the computational cost and communication overhead (1). Signcryption also verifies the sender without reading content of the message by third party (10). Many researchers have given their signcryption scheme to achieve security goals like forward secrecy, like confidentiality, unforgeability, integrity, forward secrecy and public verification non repudiation but many of them having their own limitations (2, 8, 16). In this paper a novel signcryption scheme pro...
This article presents a new signcryption scheme which is based on the Schnorr digital signature algorithm. The new scheme represents my personal contribution to signcryption area. I have been implemented the algorithm in a program and... more
This article presents a new signcryption scheme which is based on the Schnorr digital signature algorithm. The new scheme represents my personal contribution to signcryption area. I have been implemented the algorithm in a program and here are provided the steps of the algorithm, the results and some examples. The paper also contains the presentation of the original Signcryption scheme, based on ElGamal digital signature and discusses the practical applications of Signcryption in real life.
Signcryption is a cryptographic primitive that provides authentication and confidentiality simultaneously in a single logical step. It is often required that multiple senders have to signcrypt a single message to a certain receiver.... more
Signcryption is a cryptographic primitive that provides authentication and confidentiality simultaneously in a single logical step. It is often required that multiple senders have to signcrypt a single message to a certain receiver. Obviously, it is inefficient to signcrypt the messages separately. An efficient alternative is to go for multi-signcryption. The concept of multi-signcryption is similar to that of multi-signatures with the added property - confidentiality. Recently, Jianhong et al. proposed an identity based multi-signcryption scheme. They claimed that their scheme is secure against adaptive chosen ciphertext attack and it is existentially unforgeable. In this paper, we show that their scheme is not secure against chosen plaintext attack and is existentially forgeable, we also provide a fix for the scheme and prove formally that the improved scheme is secure against both adaptive chosen ciphertext attack and existential forgery.
Electronic commerce, as exemplified by the popularity of the Internet, is becoming more important along with fast progress in communications and information technology. The SET (Secure Electronic Transaction) protocol is a scheme designed... more
Electronic commerce, as exemplified by the popularity of the Internet, is becoming more important along with fast progress in communications and information technology. The SET (Secure Electronic Transaction) protocol is a scheme designed to ensure that merchants and cardholders can conduct business over a public network. Although the SET protocol has some disadvantages, but still it is the most commonly used protocol in the Internet shopping. Signcryption is a cryptographic primitive which simultaneously provides both confidentiality and authenticity in a single logical step. Signcryption based on elliptic curves provides the same level of security using smaller keys compared to schemes based on the discrete logarithm problem over finite fields. This paper examines the benefits of using signcryption rather than signaturethen-encryption in the SET protocol. Using identity-based signcryption in the SET protocol reduces the number of encryption and decryption operations. Moreover, signcryption is less time consuming than signature-then-encryption.
The certificate-based cryptosystems is traditional way in providing the system parameters. Identity-based cryptography is more efficient than certificate-based cryptosystems. Each user in identity-based cryptography uses any arbitrary... more
The certificate-based cryptosystems is traditional way in providing the system parameters. Identity-based cryptography is more efficient than certificate-based cryptosystems. Each user in identity-based cryptography uses any arbitrary string that uniquely identifies him as his public key. This paper proposes a new identity-based tripartite signcryption scheme based on the elliptic curve discrete logarithm problem. The proposed id-based tripartite signcryption scheme does not use the bilinear pairings in both the Signcryption and unsigncryption phases. The proposed scheme used to reduce the communication over head when three entities wants to communicate securely as in authentication protocol in GSM and in ecommerce. The proposed scheme satisfies various desirable security properties. Also, the performance of the proposed scheme is tested.
Hyper elliptical curve cryptography is the prominent public key encrypto systems with practical approach to high level of security and shorter bit size of encryption. Public key encryption is a reliable cryptographic method for mobile... more
Hyper elliptical curve cryptography is the prominent public key encrypto systems with practical approach to high level of security and shorter bit size of encryption. Public key encryption is a reliable cryptographic method for mobile adhoc networks. Still, some shortcomings of key management deter the reputation of its utilization in the real-time environment. One major disadvantage in the crucial necessity of elucidation is the key escrow problem. For secure group-based data transmission in the distributed environment, a secret key has to be shared among the users for the secured data transmission. For establishing efficient key distribution and management, a novel dynamic group secret key management is introduced. In this paper, we propose a signcryption based hyper elliptic curve cryptography framework for key escrow. Here the model of scheme is to divide a large group into several subgroups, each maintaining its subgroup secret keys to control the subgroup and managing many subgroups using Key Escrow Based Hyper Elliptic Curve Cryptography management algorithm. In the paper, a new methodology for collaborative key management using signcryption is implemented. The environment for mobile networks with the proposed algorithm named signcryption based Key Escrow HECC for Signcryption (KEHECCS) with a comparison of the conventional algorithms prevailing for MANETs is simulated. Compared to the existing approaches, KEHECCS demonstrates advanced key distribution features with better throughput efficiency without compromising on communication overhead and storage cost
A key encapsulation mechanism (KEM) that takes as input an arbitrary string, i.e., a tag, is known as tag-KEM, while a scheme that combines signature and encryption is called signcryption. In this paper, we present a code-based... more
A key encapsulation mechanism (KEM) that takes as input an arbitrary string, i.e., a tag, is known as tag-KEM, while a scheme that combines signature and encryption is called signcryption. In this paper, we present a code-based signcryption tag-KEM scheme. We utilize a code-based signature and a CCA2 (adaptive chosen ciphertext attack) secure version of McEliece's {encryption} scheme. The proposed scheme uses an equivalent subcode as a public code for the receiver, making the NP-completeness of the equivalent subcode problem be one of our main security assumptions. We then base the signcryption tag-KEM to design a code-based hybrid signcryption scheme. A hybrid scheme deploys an asymmetric- as well as a symmetric-key encryption. We give security analyses of both our schemes in the standard model and prove that they are secure against IND-CCA2 (indistinguishability under adaptive chosen ciphertext attack) and SUF-CMA (strong existential unforgeability under chosen message attack).
a day's information technology is a part of day to day's life. Everybody wants to store data in soft format in a central place so that it can be accessed any point of time. When a remote user tries accessing it through an... more
a day's information technology is a part of day to day's life. Everybody wants to store data in soft format in a central place so that it can be accessed any point of time. When a remote user tries accessing it through an unreliable network then data may not be secure. There are many techniques to secure data or message. Signcryption is one of the booming issues in the field of security. In 1997 Zheng introduce signcryption scheme by combining the techniques of digital signature then encryption in one step which reduces the computational cost and communication overhead (1). Signcryption also verifies the sender without reading content of the message by third party (10). Many researchers have given their signcryption scheme to achieve security goals like forward secrecy, like confidentiality, unforgeability, integrity, forward secrecy and public verification non repudiation but many of them having their own limitations (2, 8, 16). In this paper a novel signcryption scheme pro...
Most of the existing hierarchical secret-sharing schemes are unconditionally (non-cryptographically) secured, and they cannot survive from various types of attacks especially when the participants use resource-constrained wireless mobile... more
Most of the existing hierarchical secret-sharing schemes are unconditionally (non-cryptographically) secured, and they cannot survive from various types of attacks especially when the participants use resource-constrained wireless mobile devices. In our proposed ...
In this paper, we propose an elliptic curve-based signcryption scheme derived from the standardized signature KCDSA (Korean Certificate-based Digital Signature Algorithm) in the context of the Internet of Things. Our solution has... more
In this paper, we propose an elliptic curve-based
signcryption scheme derived from the standardized signature
KCDSA (Korean Certificate-based Digital Signature Algorithm)
in the context of the Internet of Things. Our solution has
several advantages. First, the scheme is provably secure in the
random oracle model. Second, it provides the following security
properties: outsider/insider confidentiality and unforgeability;
non-repudiation and public verifiability, while being efficient
in terms of communication and computation costs. Third, the
scheme offers the certificateless feature, so certificates are not
needed to verify the user’s public keys. For illustration, we
conducted experimental evaluation based on a sensor Wismote
platform and compared the performance of the proposed scheme
to concurrent schemes.
This article proposes a hybrid certificateless signcryption scheme that is secure against adaptive chosen ciphertext adversary in the random oracle model. The scheme combines an asymmetric encryption which is one way against chosen... more
This article proposes a hybrid certificateless signcryption scheme that is secure against adaptive chosen ciphertext adversary in the random oracle model. The scheme combines an asymmetric encryption which is one way against chosen plaintext attack and any One-Time secure symmetric encryption scheme, combined using Fujisaki–Okamoto transformation. Uncommon to many Fujisaki–Okamoto based constructions which ensure message integrity alone, this scheme provides entity authentication in addition. By the choice of a hash function that utilizes the advantage of sponge based construction, the scheme enables the user to incorporate any One-Time secure symmetric encryption by re-configuring the input/output parameters. Fujisaki–Okamoto transformation, which is currently a standard in hybrid constructions, guarantees the indistinguishability against adaptive chosen ciphertext attack. The provision for choosing symmetric encryption in the scheme enables it to be implemented in all sort of cryptographic requirements including those in wireless communication.
An Identity-based cryptosystem is a Public Key cryptosystem in which the public keys of the entities are their identities, or strings derived from their identities. Signcryption combines digital signatures and encryption with a cost... more
An Identity-based cryptosystem is a Public Key cryptosystem in which the public keys of the entities are their identities, or strings derived from their identities. Signcryption combines digital signatures and encryption with a cost significantly smaller than that required for signature-thenencryption. This paper proposes an ID-based signcryption scheme based on bilinear pairings on elliptic curves. It is shown that the new scheme is an improved version of the existing signcryption scheme [10] by comparing the computations in both the schemes.
Mobile communication and Mobile Commerce is most famous nowadays as a result of the administration offered amid the portability. In any case, notwithstanding of its new headways, versatile correspondence has been confronting numerous... more
Mobile communication and Mobile Commerce is most famous nowadays as a result of the administration offered amid the portability. In any case, notwithstanding of its new headways, versatile correspondence has been confronting numerous security issues. This paper looked into different security systems dependent on the cryptographic methods. This paper mostly centers the Signcryption based cryptographic strategy, since Signcryption has been appeared to be valuable in different applications, for example, electronic trade, versatile correspondences, and smart cards. At last this paper gives the proposed research philosophy configuration to be executed in the future.
... Dr Faisal Bashir Computer Science Dept College of Telecommunication Engineering (MCS) Rawalpindi, Pakistan faisalbashir@mcs.edu.pk Dr Asif Masood Computer Science Dept College of Telecommunication Engineering (MCS) Rawalpindi,... more
... Dr Faisal Bashir Computer Science Dept College of Telecommunication Engineering (MCS) Rawalpindi, Pakistan faisalbashir@mcs.edu.pk Dr Asif Masood Computer Science Dept College of Telecommunication Engineering (MCS) Rawalpindi, Pakistan amasood@mcs.edu.pk ...