• 제목/요약/키워드: Batch Verification

검색결과 53건 처리시간 0.019초

VANET를 위한 효율적인 서명 일괄 확인 시스템 (An Efficient Signature Batch Verification System for VANET)

  • 임지환;오희국;김상진
    • 정보보호학회논문지
    • /
    • 제20권1호
    • /
    • pp.17-31
    • /
    • 2010
  • VANET(Vehicular Ad hoc NETwork)에서 차량들은 일괄 확인(batch verification) 기법을 이용해 많은 수의 서명 메시지를 효율적으로 검증할 수 있다. 하지만 각 차량에서의 개별적인 일괄 확인은 네트워크 전체적으로 볼 때 불필요한 중복 검증을 발생시킨다. 이 문제를 해결하기 위해 RSU(Road Side Unit)가 노드를 대신해서 일괄 확인을 수행 할 수 있지만, 이 방법은 일괄 확인이 실패했을 경우 유효하지 않은 서명을 효율적으로 찾을 수 있는 방법이 추가적으로 필요하다. 본 논문에서는 분산 일괄 확인 시스템을 설계하기 위해 고려되어야하는 몇 가지 방법론에 대해서 분석하고 참여 차량이 작은 크기의 서명 집합을 분산해서 일괄 확인하는 효율적인 분산 일괄 확인 시스템을 제안한다. 제안하는 시스템에서 각 노드는 RSU에게 단순 일괄 확인 결과만을 보고하거나 식별한 유효하지 않은 서명들을 보고할 수 있으며 이를 수신한 RSU는 노드의 이 일괄 검증 결과 리포트를 이용하여 효율적으로 유효하지 않은 서명을 식별하여 배제할 수 있다.

Efficient Signature Scheme with Batch Verifications in Identity-Based Framework

  • Gopal, P.V.S.S.N.;Vasudeva Reddy, P.;Gowri, T.
    • ETRI Journal
    • /
    • 제38권2호
    • /
    • pp.397-404
    • /
    • 2016
  • In group-oriented applications, it is often required to verify a group of signatures/messages. The individual verification of signed messages in such applications comes at a high cost in terms of computations and time. To improve computational efficiency and to speed up the verification process, a batch verification technique is a good alternative to individual verification. Such a technique is useful in many real-world applications, such as mail servers, e-commerce, banking transactions, and so on. In this work, we propose a new, efficient identity-based signature (IDS) scheme supporting batch verifications. We prove that the proposed IDS scheme and its various types of batch verifications is tightly related to the Computational Diffie.Hellman problem under a random oracle paradigm. We compare the efficiency of the proposed scheme with related schemes that support batch verifications.

A Privacy-preserving Data Aggregation Scheme with Efficient Batch Verification in Smart Grid

  • Zhang, Yueyu;Chen, Jie;Zhou, Hua;Dang, Lanjun
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제15권2호
    • /
    • pp.617-636
    • /
    • 2021
  • This paper presents a privacy-preserving data aggregation scheme deals with the multidimensional data. It is essential that the multidimensional data is rarely mentioned in all researches on smart grid. We use the Paillier Cryptosystem and blinding factor technique to encrypt the multidimensional data as a whole and take advantage of the homomorphic property of the Paillier Cryptosystem to achieve data aggregation. Signature and efficient batch verification have also been applied into our scheme for data integrity and quick verification. And the efficient batch verification only requires 2 pairing operations. Our scheme also supports fault tolerance which means that even some smart meters don't work, our scheme can still work well. In addition, we give two extensions of our scheme. One is that our scheme can be used to compute a fixed user's time-of-use electricity bill. The other is that our scheme is able to effectively and quickly deal with the dynamic user situation. In security analysis, we prove the detailed unforgeability and security of batch verification, and briefly introduce other security features. Performance analysis shows that our scheme has lower computational complexity and communication overhead than existing schemes.

An Efficient Broadcast Authentication Scheme with Batch Verification for ADS-B Messages

  • Yang, Haomiao;Kim, Hyunsung;Li, Hongwei;Yoon, Eunjun;Wang, Xiaofen;Ding, Xuefeng
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제7권10호
    • /
    • pp.2544-2560
    • /
    • 2013
  • As a cornerstone of the next generation air traffic management (ATM), automatic dependent surveillance-broadcast (ADS-B) system can provide continual broadcast of aircraft position, identity, velocity and other messages over unencrypted data links to generate a common situational awareness picture for ATM. However, since ADS-B messages are unauthenticated, it is easy to insert fake aircrafts into the system via spoofing or insertion of false messages. Unfortunately, the authentication for ADS-B messages has not yet been well studied. In this paper, we propose an efficient broadcast authentication scheme with batch verification for ADS-B messages which employs an identity-based signature (IBS). Security analysis indicates that our scheme can achieve integrity and authenticity of ADS-B messages, batch verification, and resilience to key leakage. Performance evaluation demonstrates that our scheme is computationally efficient for the typical avionics devices with limited resources, and it has low communication overhead well suitable for low-bandwidth ADS-B data link.

Secure and Efficient Identity-based Batch Verification Signature Scheme for ADS-B System

  • Zhou, Jing-xian;Yan, Jian-hua
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제13권12호
    • /
    • pp.6243-6259
    • /
    • 2019
  • As a foundation of next-generation air transportation systems, automatic dependent surveillance-broadcast (ADS-B) helps pilots and air traffic controllers create a safer and more efficient national airspace system. Owing to the open communication environment, it is easy to insert fake aircraft into the system via spoofing or the insertion of false messages. Efforts have thus been made in academic research and practice in the aviation industry to ensure the security of transmission of messages of the ADS-B system. An identity-based batch verification (IBV) scheme was recently proposed to enhance the security and efficiency of the ADS-B system, but current IBV schemes are often too resource intensive because of the application of complex hash-to-point operations or bilinear pairing operations. In this paper, we propose a lightweight IBV signature scheme for the ADS-B system that is robust against adaptive chosen message attacks in the random oracle model, and ensures the security of batch message verification and against the replaying attack. The proposed IBV scheme needs only a small and constant number of point multiplication and point addition computations instead of hash-to-point or pairing operations. Detailed performance analyses were conducted to show that the proposed IBV scheme has clear advantages over prevalent schemes in terms of computational cost and transmission overhead.

Verification Algorithm for the Duplicate Verification Data with Multiple Verifiers and Multiple Verification Challenges

  • Xu, Guangwei;Lai, Miaolin;Feng, Xiangyang;Huang, Qiubo;Luo, Xin;Li, Li;Li, Shan
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제15권2호
    • /
    • pp.558-579
    • /
    • 2021
  • The cloud storage provides flexible data storage services for data owners to remotely outsource their data, and reduces data storage operations and management costs for data owners. These outsourced data bring data security concerns to the data owner due to malicious deletion or corruption by the cloud service provider. Data integrity verification is an important way to check outsourced data integrity. However, the existing data verification schemes only consider the case that a verifier launches multiple data verification challenges, and neglect the verification overhead of multiple data verification challenges launched by multiple verifiers at a similar time. In this case, the duplicate data in multiple challenges are verified repeatedly so that verification resources are consumed in vain. We propose a duplicate data verification algorithm based on multiple verifiers and multiple challenges to reduce the verification overhead. The algorithm dynamically schedules the multiple verifiers' challenges based on verification time and the frequent itemsets of duplicate verification data in challenge sets by applying FP-Growth algorithm, and computes the batch proofs of frequent itemsets. Then the challenges are split into two parts, i.e., duplicate data and unique data according to the results of data extraction. Finally, the proofs of duplicate data and unique data are computed and combined to generate a complete proof of every original challenge. Theoretical analysis and experiment evaluation show that the algorithm reduces the verification cost and ensures the correctness of the data integrity verification by flexible batch data verification.

Input Certification protocol for Secure Computation

  • Myoungin Jeong
    • 한국컴퓨터정보학회논문지
    • /
    • 제29권8호
    • /
    • pp.103-112
    • /
    • 2024
  • 본 연구는 계산에 참여하는 참가자가 다수의 입력값을 동일한 키를 사용하여 입력하는 계산의 경우 입력값을 공개하지 않으면서 입력값이 변형되지 않았다는 인증을 목적으로 시작하였다. 일반적으로 인증 단계에서는 입력값을 공개 후 인증을 실시하나 입력값을 끝까지 공개하지 않고자 하는 것이다. 이는 암호학에서 악의적인 참가자가 존재하는 전통적인 보안 모델을 벗어나는 경우이지만, 실제로 충분히 일어날 수 있는 악의적인 공격 방법이다. 악의적인 의도를 가진 입력값 조작으로 프라이버시 침해, 또는 계산 결과의 왜곡이 일어날 수 있다. 본 연구에서는 이를 방지하기 위해 서명 체계, 영지식증명, commitment scheme을 이용하여 메시지를 공개하지 않고 해당 메시지가 변조되지 않은 메시지임을 인증(input certification)하는 방법에 대해 연구하였다. 특히, ElGamal 서명 체계를 수정하여 commitment scheme과 영지식 증명과 결합하여 입력된 데이터가 변조되지 않은 데이터라는 인증이 가능한 프로토콜을 설계하여 증명하였고, 인증 간에 batch verification을 적용하여 효율성을 향상시켰다.

Attack and Correction: How to Design a Secure and Efficient Mix Network

  • Peng, Kun
    • Journal of Information Processing Systems
    • /
    • 제8권1호
    • /
    • pp.175-190
    • /
    • 2012
  • Shuffling is an effective method to build a publicly verifiable mix network to implement verifiable anonymous channels that can be used for important cryptographic applications like electronic voting and electronic cash. One shuffling scheme by Groth is claimed to be secure and efficient. However, its soundness has not been formally proven. An attack against the soundness of this shuffling scheme is presented in this paper. Such an attack compromises the soundness of the mix network based on it. Two new shuffling protocols are designed on the basis of Groth's shuffling and batch verification techniques. The first new protocol is not completely sound, but is formally analyzed in regards to soundness, so it can be applied to build a mix network with formally proven soundness. The second new protocol is completely sound, so is more convenient to apply. Formal analysis in this paper guarantees that both new shuffling protocols can be employed to build mix networks with formally provable soundness. Both protocols prevent the attack against soundness in Groth's scheme. Both new shuffling protocols are very efficient as batch-verification-based efficiency-improving mechanisms have been adopted. The second protocol is even simpler and more elegant than the first one as it is based on a novel batch cryptographic technique.

Enabling Efficient Verification of Dynamic Data Possession and Batch Updating in Cloud Storage

  • Qi, Yining;Tang, Xin;Huang, Yongfeng
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • 제12권6호
    • /
    • pp.2429-2449
    • /
    • 2018
  • Dynamic data possession verification is a common requirement in cloud storage systems. After the client outsources its data to the cloud, it needs to not only check the integrity of its data but also verify whether the update is executed correctly. Previous researches have proposed various schemes based on Merkle Hash Tree (MHT) and implemented some initial improvements to prevent the tree imbalance. This paper tries to take one step further: Is there still any problems remained for optimization? In this paper, we study how to raise the efficiency of data dynamics by improving the parts of query and rebalancing, using a new data structure called Rank-Based Merkle AVL Tree (RB-MAT). Furthermore, we fill the gap of verifying multiple update operations at the same time, which is the novel batch updating scheme. The experimental results show that our efficient scheme has better efficiency than those of existing methods.

VANET를 위한 차량자체생성 조건부익명 인증시스템 (Self Generable Conditionally Anonymous Authentication System for VANET)

  • 김상진;임지환;오희국
    • 정보보호학회논문지
    • /
    • 제19권4호
    • /
    • pp.105-114
    • /
    • 2009
  • 충돌회피, 협력운전과 같은 서비스를 차량 애드혹 네트워크(VANET. Vehicular Ad hoc NETwork)에서 제공하기 위해서는 차량 간 교환되는 메시지의 인증이 매우 중요하다. 하지만 일반 전자서명 기법을 사용할 경우에는 프라이버시 침해 문제가 발생할 수 있어, 조건부 익명성을 제공하는 인증시스템이 필요하다. 최근에 Zhang 등은 조작불가능한 하드웨어를 활용하는 VANET를 위한 조건부 익명 인증시스템을 제안하였다. 이 시스템은 차량에서 조건부익명성이 보장되는 신원기반의 공개키 쌍을 생성하여 메시지를 서명하여 교환한다. 또한 많은 메시지를 효과적으로 검증하기 위해 일괄 확인 기법을 사용한다. 이 논문에서는 Zhang 등의 시스템을 다음 측면에서 개선한다. 첫째, 보다 효율적인 확률 서명기법을 사용한다. 둘째, Zhang 등과 달리 안전성이 증명된 일괄확인 기법을 사용한다. 이 밖에 키 철회 문제, 익명 철회 문제 등에 대한 효과적인 해결방안도 제시한다.