• Journal of Communications and Networks
• /
• v.15 no.1
• /
• pp.1-7
• /
• 2013

Most of the provably-secure proxy signature schemes rely on the average-case hardness problems such as the integer factorization problems and the discrete logarithm problems. Therefore, those schemes are insecure to quantum analysis algorithms, since there exist quantum algorithms efficiently solving the factorization and logarithm problems. To make secure proxy signature schemes against quantum analysis, some lattice-based proxy signature schemes are suggested. However, none of the suggested lattice-based proxy signature schemes is proxy-protected in the adaptive security model. In the paper, we propose a provably-secure ID-based proxy signature scheme based on the lattice problems. Our scheme is proxy-protected in the adaptive security model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.13 no.2
• /
• pp.3-11
• /
• 2003

Proxy signatures are signature schemes in which an original signer delegates her signing capability to a proxy entity, who signs a message on behalf of the original signer. In this paper we propose the ID-based proxy signature schemes using a bilinear map. In the previous R-based proxy signature scheme, the proxy signer can misuse the right of the signing capacity and the public key directory is required. However, by inserting the warrant information such as the identity of the proxy signer and the limit of the signing capacity to the proxy signature, our scheme can prevent the misuse of the proxy key pair by the proxy signer and does not require a public key certificate. Furthermore, our scheme dose not need a secure channel to deliver the warrant. Consequently, the proposed scheme is more efficient and useful than the previous proxy signature schemes.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.6
• /
• pp.167-172
• /
• 2013

In a paper recently published in the International Journal of Parallel, Emergent and Distributed Systems, Biswas et al. proposed a VANET message authentication scheme which uses an identity-based proxy signature mechanism as an underlying primitive. The authors claimed that their scheme supports various security features including the security of proxy-key, the security against message forgery and the security against replay attack, with non-repudiation and resistance to proxy-key compromise. Here, we show how an active attacker, who has no knowledge of an original message sender's private key, can compute the proxy-signature key of the corresponding message sender, meaning that the scheme is completely insecure. We also suggest an enhanced version of the protocol capable of solving such serious security holes.

• The KIPS Transactions:PartC
• /
• v.10C no.5
• /
• pp.533-540
• /
• 2003

According to the development of mobile communications, many people have been offered high qualify of the application services using portable terminals. But those works nay have many vulnerabilities and have the limit of excutaions. Because the application services are provided in mobile network and the performance of portable terminals is lower than that of base stations. To improve these problems, in this paper, we propose one-time proxy signature scheme that can reduce the computational ctsost on a user and prevent a proxy agent's dishonesty. The proposed scheme is based on the KBLK scheme [2] which applied the fail-stop signature scheme [1]. It is constructed that a proxy signer can sign only one message with a proxy key and we add anonimity to it for the user's identity protection in mobile communication like a M-commerce.

• Journal of the Institute of Electronics Engineers of Korea CI
• /
• v.46 no.1
• /
• pp.64-77
• /
• 2009

A proxy re-encryption scheme allows Alice to temporarily delegate the decryption rights to Bob via a proxy. Alice gives the proxy a re-encryption key so that the proxy can convert a ciphertext for Alice into the ciphertext for Bob. Recently, ID-based proxy re-encryption schemes are receiving considerable attention for a variety of applications such as distributed storage, DRM, and email-forwarding system. And a non-interactive identity-based proxy re-encryption scheme was proposed for achieving CCA-security by Green and Ateniese. In the paper, we show that the identity-based proxy re-encryption scheme is unfortunately vulnerable to a collusion attack. The collusion of a proxy and a malicious user enables two parties to derive other honest users' private keys and thereby decrypt ciphertexts intended for only the honest user. To solve this problem, we propose two ID-based proxy re-encryption scheme schemes, which are proved secure under CPA and CCA in the random oracle model. For achieving CCA-security, we present self-authentication tag based on short signature. Important features of proposed scheme is that ciphertext structure is preserved after the ciphertext is re-encrypted. Therefore it does not lead to ciphertext expansion. And there is no limitation on the number of re-encryption.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.14 no.1
• /
• pp.455-472
• /
• 2020

As a user in modern societies with the rapid growth of Internet environment and more complicated business flow processes in order to be effective at work and accomplish things on time when the manager of the company went for a business trip, he/she need to delegate his/her signing authorities to someone such that, the delegatee can act as a manager and sign a message on his/her behalf. In order to make the delegation process more secure and authentic, we proposed a secure and efficient identity-based proxy signcryption in cloud data sharing (SE-IDPSC-CS), which provides a secure privilege delegation mechanism for a person to delegate his/her signcryption privilege to his/her proxy agent. Our scheme allows the manager of the company to delegate his/her signcryption privilege to his/her proxy agent and the proxy agent can act as a manager and generate signcrypted messages on his/her behalf using special information called "proxy key". Then, the proxy agent uploads the signcrypted ciphertext to a cloud service provider (CSP) which can only be downloaded, decrypted and verified by an authorized user at any time from any place through the Internet. Finally, the security analysis and experiment result determine that the proposed scheme outperforms previous works in terms of functionalities and computational time.

• Journal of Digital Convergence
• /
• v.11 no.9
• /
• pp.173-179
• /
• 2013

In a biometric authentication scheme, a user's biometric data that is unique to the user is used to prove the user's identity to the third party. Since the user should have to participate in every authentication sessions, it's not possible to delegate other users to authenticate instead of himself/herself. In a biometric signature scheme, contrary to authentication scheme, a user's biometric data is used to prove that "this message is signed by the signer who claims to be" to the third party. However, once the biometric key is created, it can be accessed by the signer. Thus, it's possible to lend the biometric key to other users. In this study, the server based biometric realtime signature scheme is proposed. The proposed scheme can be applied to sign the vote in electronic voting or to authenticate the copyright owner in DRM enabled mobile commerce where the proxy signatures are not allowed.

• Proceedings of the Korean Information Science Society Conference
• /
• 2005.11a
• /
• pp.949-951
• /
• 2005

ID기반의 암호 시스템은 사용자의 ID를 공개키처럼 활용하는 시스템[1]이다. ID 기반 threshold 대리 서명(IDTPS)은 이러한 환경에서 사용 가능한 threshold 대리 서명 기법이며, Xu 등[2]에 의해 SOK-IBS[3]를 기반으로 처음 만들어졌다. 본 논문에서는 Cha-Cheon[4]의 서명 기법을 기반으로 하는 효율적인 ID 기반의 threshold 대리 서명을 제안한다. 여기서는 pairing 연산을 적게 사용하고 pairing에 사용되는 군으로 사상되는 해쉬 함수를 적게 사용하기 때문에 이전 기법보다 효율적이면서도 충분한 안전성을 보장하게 된다.