• Title/Summary/Keyword: CDH assumption

Search Result 10, Processing Time 0.019 seconds

Provably Secure Length-Saving Public-Key Encryption Scheme under the Computational Diffie-Hellman Assumption

  • Baek, Joon-Sang;Lee, Byoung-Cheon;Kim, Kwang-Jo
    • ETRI Journal
    • /
    • v.22 no.4
    • /
    • pp.25-31
    • /
    • 2000
  • Design of secure and efficient public-key encryption schemes under weaker computational assumptions has been regarded as an important and challenging task. As far as ElGamal-type encryption schemes are concerned, some variants of the original ElGamal encryption scheme based on weaker computational assumption have been proposed: Although security of the ElGamal variant of Fujisaki-Okamoto public -key encryption scheme and Cramer and Shoup's encryption scheme is based on the Decisional Diffie-Hellman Assumption (DDH-A), security of the recent Pointcheval's ElGamal encryption variant is based on the Computational Diffie-Hellman Assumption (CDH-A), which is known to be weaker than DDH-A. In this paper, we propose new ElGamal encryption variants whose security is based on CDH-A and the Elliptic Curve Computational Diffie-Hellman Assumption (EC-CDH-A). Also, we show that the proposed variants are secure against the adaptive chosen-ciphertext attack in the random oracle model. An important feature of the proposed variants is length-efficiency which provides shorter ciphertexts than those of other schemes.

  • PDF

An Interactive Diffie-Hellman Problem and Its Application to Identification Scheme (Diffie-Hellman 가정에 기초한 새로운 대화식 DH 문제와 이를 이용한 Identification 기법)

  • Nyang, Dae-Hun;Lee, Kyung-Hee
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.19 no.6
    • /
    • pp.195-199
    • /
    • 2009
  • This paper defines a new variation of CDH problem where an adversary interacts with a challenger and proves its security is equivalent to the CDH problem. This new problem is useful in designing a cryptographic protocol. To show the versatility of this problem, we present a new identification scheme. Finally, we show a decisional version of this protocol.

Two-round ID-based Group Key Agreement Fitted for Pay-TV System (유료 방송 시스템에 적합한 ID기반의 2 라운드 그룹키 동의 프로토콜)

  • Kim Hyunjue;Nam Junghyun;Kim Seungjoo;Won Dongho
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.15 no.1
    • /
    • pp.41-55
    • /
    • 2005
  • A group key agreement protocol allows a group of user to share a key which may later be used to achieve certain cryptographic goals. In this paper, we propose a new scalable two-round ID-based group key agreement protocol which would be well fit to a Pay-TV system, additionally. to the fields of internet stock quotes, audio and music deliveries, software updates and the like. Our protocol improves the three round poop key agreement protocol of Nam et al., resulting in upgrading the computational efficiency by using the batch verification technique in pairing-based cryptography. Also our protocol simplifies the key agreement procedures by utilizing ID-based system. We prove the security of our protocol under the Computational Diffie-Hellman assumption and the Bilinear Decisional Diffie-Hellman assumption. Also we analyze its efficiency.

An Efficient Group Key Agreement Using Hierarchical Key Tree in Mobile Environment

  • Cho, Seokhyang
    • Journal of the Korea Society of Computer and Information
    • /
    • v.23 no.2
    • /
    • pp.53-61
    • /
    • 2018
  • In this paper, the author proposes an efficient group key agreement scheme in a mobile environment where group members frequently join and leave. This protocol consists of basic protocols and general ones and is expected to be suitable for communications between a mobile device with limited computing capability and a key distributing center (or base station) with sufficient computing capability. Compared with other schemes, the performance of the proposed protocol is a bit more efficient in the aspects of the overall cost for both communication and computation where the computational efficiency of the scheme is achieved by using exclusive or operations and a one-way hash function. Also, in the aspect of security, it guarantees both forward and backward secrecy based on the computational Diffie-Hellman (CDH) assumption so that secure group communication can be made possible. Furthermore, the author proves its security against a passive adversary in the random oracle model.

A Highly Secure Identity-Based Authenticated Key-Exchange Protocol for Satellite Communication

  • Yantao, Zhong;Jianfeng, Ma
    • Journal of Communications and Networks
    • /
    • v.12 no.6
    • /
    • pp.592-599
    • /
    • 2010
  • In recent years, significant improvements have been made to the techniques used for analyzing satellite communication and attacking satellite systems. In 2003, a research team at Los Alamos National Laboratory, USA, demonstrated the ease with which civilian global positioning system (GPS) spoofing attacks can be implemented. They fed fake signals to the GPS receiver so that it operates as though it were located at a position different from its actual location. Moreover, Galileo in-orbit validation element A and Compass-M1 civilian codes in all available frequency bands were decoded in 2007 and 2009. These events indicate that cryptography should be used in addition to the coding technique for secure and authenticated satellite communication. In this study, we address this issue by using an authenticated key-exchange protocol to build a secure and authenticated communication channel for satellite communication. Our protocol uses identity-based cryptography. We also prove the security of our protocol in the extended Canetti-Krawczyk model, which is the strongest security model for authenticated key-exchange protocols, under the random oracle assumption and computational Diffie-Hellman assumption. In addition, our protocol helps achieve high efficiency in both communication and computation and thus improve security in satellite communication.

An Efficient Biometric Identity Based Signature Scheme

  • Yang, Yang;Hu, Yupu;Zhang, Leyou
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.7 no.8
    • /
    • pp.2010-2026
    • /
    • 2013
  • The combination of biometrics and cryptography gains a lot of attention from both academic and industry community. The noisy biometric measurement makes traditional identity based cryptosystems unusable. Also the extraction of key from biometric information is difficult. In this paper, we propose an efficient biometric identity based signature scheme (Bio-IBS) that makes use of fuzzy extractor to generate the key from a biometric data of user. The component fuzzy extraction is based on error correction code. We also prove that the security of suggested scheme is reduced to computational Diffie-Hellman (CDH) assumption instead of other strong assumptions. Meanwhile, the comparison with existing schemes shows that efficiency of the system is enhanced.

AN EFFICIENT AND SECURE STRONG DESIGNATED VERIFIER SIGNATURE SCHEME WITHOUT BILINEAR PAIRINGS

  • Islam, Sk Hafizul;Biswas, G.P.
    • Journal of applied mathematics & informatics
    • /
    • v.31 no.3_4
    • /
    • pp.425-441
    • /
    • 2013
  • In literature, several strong designated verifier signature (SDVS) schemes have been devised using elliptic curve bilinear pairing and map-topoint (MTP) hash function. The bilinear pairing requires a super-singular elliptic curve group having large number of elements and the relative computation cost of it is approximately two to three times higher than that of elliptic curve point multiplication, which indicates that bilinear pairing is an expensive operation. Moreover, the MTP function, which maps a user identity into an elliptic curve point, is more expensive than an elliptic curve scalar point multiplication. Hence, the SDVS schemes from bilinear pairing and MTP hash function are not efficient in real environments. Thus, a cost-efficient SDVS scheme using elliptic curve cryptography with pairingfree operation is proposed in this paper that instead of MTP hash function uses a general cryptographic hash function. The security analysis shows that our scheme is secure in the random oracle model with the hardness assumption of CDH problem. In addition, the formal security validation of the proposed scheme is done using AVISPA tool (Automated Validation of Internet Security Protocols and Applications) that demonstrated that our scheme is unforgeable against passive and active attacks. Our scheme also satisfies the different properties of an SDVS scheme including strongness, source hiding, non-transferability and unforgeability. The comparison of our scheme with others are given, which shows that it outperforms in terms of security, computation cost and bandwidth requirement.

A Security-Enhanced Identity-Based Batch Provable Data Possession Scheme for Big Data Storage

  • Zhao, Jining;Xu, Chunxiang;Chen, Kefei
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.12 no.9
    • /
    • pp.4576-4598
    • /
    • 2018
  • In big data age, flexible and affordable cloud storage service greatly enhances productivity for enterprises and individuals, but spontaneously has their outsourced data susceptible to integrity breaches. Provable Data Possession (PDP) as a critical technology, could enable data owners to efficiently verify cloud data integrity, without downloading entire copy. To address challenging integrity problem on multiple clouds for multiple owners, an identity-based batch PDP scheme was presented in ProvSec 2016, which attempted to eliminate public key certificate management issue and reduce computation overheads in a secure and batch method. In this paper, we firstly demonstrate this scheme is insecure so that any clouds who have outsourced data deleted or modified, could efficiently pass integrity verification, simply by utilizing two arbitrary block-tag pairs of one data owner. Specifically, malicious clouds are able to fabricate integrity proofs by 1) universally forging valid tags and 2) recovering data owners' private keys. Secondly, to enhance the security, we propose an improved scheme to withstand these attacks, and prove its security with CDH assumption under random oracle model. Finally, based on simulations and overheads analysis, our batch scheme demonstrates better efficiency compared to an identity based multi-cloud PDP with single owner effort.

Identity-based Provable Data Possession for Multicloud Storage with Parallel Key-Insulation

  • Nithya, S. Mary V.;Rhymend Uthariaraj, V.
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.15 no.9
    • /
    • pp.3322-3347
    • /
    • 2021
  • Cloud Storage is the primary component of many businesses on cloud. Majority of the enterprises today are adopting a multicloud strategy to keep away from vendor lock-in and to optimize cost. Auditing schemes are used to ascertain the integrity of cloud data. Of these schemes, only the Provable Data Possession schemes (PDP) are resilient to key-exposure. These PDP schemes are devised using Public Key Infrastructure (PKI-) based cryptography, Identity-based cryptography, etc. PKI-based systems suffer from certificate-related communication/computational complexities. The Identity-based schemes deal with the exposure of only the auditing secret key (audit key). But with the exposure of both the audit key and the secret key used to update the audit key, the auditing process itself becomes a complete failure. So, an Identity-based PDP scheme with Parallel Key-Insulation is proposed for multiple cloud storage. It reduces the risk of exposure of both the audit key and the secret key used to update the audit key. It preserves the data privacy from the Third Party Auditor, secure against malicious Cloud Service Providers and facilitates batch auditing. The resilience to key-exposure is proved using the CDH assumption. Compared to the existing Identity-based multicloud schemes, it is efficient in integrity verification.

Secure Group Communications Considering Computational Efficiency of Mobile Devices in Integrated Wired and Wireless Networks (무선 단말기의 계산 효율성을 고려한 유.무선 통합 네트워크 환경에서의 안전한 그룹 통신)

  • Chang Woo-Suk;Kim Hyun-Jue;Nam Jung-Hyun;Cho Seok-Hyang;Won Dong-Ho;Kim Seung-Joo
    • Journal of the Institute of Electronics Engineers of Korea TC
    • /
    • v.43 no.7 s.349
    • /
    • pp.60-71
    • /
    • 2006
  • Group key agreement protocols are designed to allow a group of parties communicating over a public network to securely and efficiently establish a common secret key, Over the years, a number of solutions to the group key agreement protocol have been proposed with varying degrees of complexity, and the research relating to group key agreement to securely communicate among a group of members in integrated wired and wireless networks has been recently proceeded. Both features of wired computing machines with the high-performance and those of wireless devices with the low-power are considered to design a group key agreement protocol suited for integrated wired and wireless networks. Especially, it is important to reduce computational costs of mobile devices which have the limited system resources. In this paper, we present an efficient group key agreement scheme which minimizes the computational costs of mobile devices and is well suited for this network environment and prove its security.