• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제12권9호
• /
• pp.4527-4547
• /
• 2018

Signcryption is a cryptographic primitive that provides authentication (signing) and confidentiality (encrypting) simultaneously at a lower computational cost and communication overhead. With the proposition of certificateless public key cryptography (CLPKC), certificateless signcryption (CLSC) scheme has gradually become a research hotspot and attracted extensive attentions. However, many of previous CLSC schemes are constructed based on time-consuming pairing operation, which is impractical for mobile devices with limited computation ability and battery capacity. Although researchers have proposed pairing-free CLSC schemes to solve the issue of efficiency, many of them are in fact still insecure. Therefore, the challenging problem is to keep the balance between efficiency and security in CLSC schemes. In this paper, several existing CLSC schemes are cryptanalyzed and a new CLSC scheme without pairing based on elliptic curve cryptosystem (ECC) is presented. The proposed CLSC scheme is provably secure against indistinguishability under adaptive chosen-ciphertext attack (IND-CCA2) and existential unforgeability under adaptive chosen-message attack (EUF-CMA) resting on Gap Diffie-Hellman (GDH) assumption and discrete logarithm problem in the random oracle model. Furthermore, the proposed scheme resists the ephemeral secret leakage (ESL) attack, public key replacement (PKR) attack, malicious but passive KGC (MPK) attack, and presents efficient computational overhead compared with the existing related CLSC schemes.

• 정보보호학회논문지
• /
• 제14권5호
• /
• pp.165-176
• /
• 2004

Al-Riyami 와 Paterson$^{[1]}$ 은 Certificateless 공개키 시스템이라 부르는 새로운 공개키 패러다임을 제안하였다. 이 시스템은 공개키 암호기법과 ID-기반 암호기법 각각의 장점을 가지고 있다. 즉, 기존의 공개키 기반 구조상의 인증서를 필요로 하지 않으면서도 ID기반 암호 시스템의 본질적 성질인 키위탁(key escrow) 관련 파생문제를 가지지 않는다. 본 논문에서 우리는 양방향 사용자 인증을 만족하는 인증서를 사용하지 않는 효율적 암호 스킴을 제안한다. 제안하는 스킴의 안전성은 computational Diffie-Hellman 문제(CDHP)와 bilinear Diffie-Hellman 문제(BDHP)의 어려움에 기반한다. 기밀성과 위조 불가능성을 위한 안전성을 증명하기 위하여 모델을 설정하고 제안된 스킴이 랜덤한 오라클(random oracle) 모델에서 안전함을 증명한다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제5권3호
• /
• pp.607-625
• /
• 2011

Two-party key exchange protocol is a mechanism in which two parties communicate with each other over an insecure channel and output the same session key. A key exchange protocol that is secure against an active adversary who can control and modify the exchanged messages is called authenticated key exchange (AKE) protocol. LaMacchia, Lauter and Mityagin presented a strong security definition for public key infrastructure (PKI) based two-pass protocol, which we call the extended Canetti-Krawczyk (eCK) security model, and some researchers have provided eCK-secure AKE protocols in recent years. However, almost all protocols are provably secure in the random oracle model or rely on a special implementation technique so-called the NAXOS trick. In this paper, we present a PKI-based two-pass AKE protocol that is secure in the eCK security model. The security of the proposed protocol is proven without random oracles (under three assumptions), and does not rely on implementation techniques such as the NAXOS trick.

• 전자공학회논문지CI
• /
• 제46권1호
• /
• pp.46-55
• /
• 2009

본 논문에서는 공통의 키워드들을 포함하는 암호화 문서들을 검색하는 프로토콜에 대해서 연구한다. 공통의 키워드 검색 프로토콜은 자료 공급자 (data supplier), 자료 저장소 (database) 그리고 사용자 (user of database)로 이루어진다. 자료 공급자는 암호화된 문서를 자료 저장소에 저장하게 되고 정당한 사용자는 원하는 키워드들을 질의하여 해당 키워드들이 공통으로 포함된 암호화 문서들을 얻을 수 있다. 최근, 많은 공통의 키워드 검색 프로토콜들이 다양한 환경에서 제안되었다. 하지만, 제안된 프로토콜들은 자료 공급자 및 자료 저장소 관점에서 많은 계산적 비용을 필요로 한다. 더욱이 지금까지 제안된 프로토콜들의 안전성은 랜덤 오라클 (random oracle) 모델에서만 증명되었다. 본 논문에서는 암호화 문서상에서 효율적인 공통의 키워드 검색 프로토콜을 랜덤 오라클 가정 없이 설계한다. 또한 사용자의 자료 저장량 그리고 자료 저장소의 계산량, 통신량 비용이 상수양의 비용을 가진다 제안된 프로토콜의 안전성은 DBDH (Decisional Bilinear Diffie-Hellman) 문제의 어려움에 기반 한다.

• 정보보호학회논문지
• /
• 제18권5호
• /
• pp.17-30
• /
• 2008

본 논문에서는 두 사용자들 사이에 패스워드를 공유하고 있지 않은 환경에서 세션 키(session key)를 공유할 수 있는 패스워드 기반 키 교환 프로토콜을 제안한다. 제안 프로토콜에서 두 사용자들은 서버에 자신의 패스워드를 등록한 후, 서버의 도움을 밭아 동일한 세션 키를 공유하게 된다. 제안 프로토콜은 랜덤오라클(random oracle)을 사용하지 않고 전방향 안전성(forward secrecy)을 만족하는 프로토콜로써, 기존 랜덤오라클을 사용하는 프로토콜과 비교했을 때 효율성 면에서 큰 차이가 없다. 제안 프로토콜에서는 인간이 기억하기 쉬운 패스워드만을 사용하고 프로토콜을 수행하는데 필요한 다른 모든 정보는 공개된 정보이다.

• Journal of Communications and Networks
• /
• 제15권3호
• /
• pp.252-257
• /
• 2013

To alleviate the damage caused by key exposures, Dodis et al. introduced the notion of key-insulated security where secret keys are periodically updated by using a physically insulated helper key. To decrease the risk of helper key exposures, Hanaoka et al. advocated parallel key-insulated mechanism where distinct helpers are independently used in key updates. In this paper, we propose the first parallel key-insulated signature scheme which is provably secure without resorting to the random oracle methodology. Our scheme not only allows frequent key updating, but also does not increase the risk of helper key exposures.

• 한국정보통신설비학회:학술대회논문집
• /
• 한국정보통신설비학회 2008년도 정보통신설비 학술대회
• /
• pp.563-565
• /
• 2008

In this paper, we construct an efficient fuzzy identity-based encryption scheme in the random oracle model. The fuzzy identity-based encryption is an extension of identity-based encryption schemes where a user's public key is represented as his identity. Our construction requires constant number of bilinear map operations for decryption and the size of private key is small compared with the previous fuzzy identity-based encryption of Sahai-Waters. We also presents that our fuzzy identity-based encryption can be converted to attribute-based encryption schemes.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제7권11호
• /
• pp.2928-2940
• /
• 2013

Key exposure is a major threat to secure cryptosystems. To mitigate the impact caused by key-compromise attacks, a key-insulated cryptographic mechanism is a better alternative. For securing the large message communication in peer-to-peer networks, in this paper, we propose the first novel identity-based key-insulated encryption (IB-KIE) scheme with message linkages. Our scheme has the properties of unbounded time periods and random-access key-updates. In the proposed scheme, each client can periodically update his private key while the corresponding public one remains unchanged. The essential security assumption of our proposed scheme is based on the well-known bilinear Diffie-Hellman problem (BDHP). To ensure the practical feasibility, we also formally prove that the proposed scheme achieves the security requirement of confidentiality against indistinguishability under adaptive chosen-ciphertext attacks (IND-CCA2) in the random oracle model.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• 제11권4호
• /
• pp.2254-2275
• /
• 2017

In this paper, we present an IND-CCA2 secure certificateless proxy re-encryption scheme in the random oracle model. A certificateless public key cryptography simplifies the certificate management in a traditional public key infrastructure and the built-in key escrow feature in an identity-based public key cryptography. Our scheme shares the merits of certificateless public key encryption cryptosystems and proxy re-encryption cryptosystems. Our certificateless proxy re-encryption scheme has several practical and useful properties - namely, multi-use, unidirectionality, non-interactivity, non-transitivity and so on. The security of our scheme bases on the standard bilinear Diffie-Hellman and the decisional Bilinear Diffie-Hellman assumptions.

• Journal of Communications and Networks
• /
• 제16권3호
• /
• pp.258-263
• /
• 2014

A hierarchical identity-based broadcast encryption (H-IBBE) scheme is an identity-based broadcast encryption (IBBE) scheme in a hierarchical environment. In order to obtain secure H-IBBE schemes in the quantum era, we propose an H-IBBE scheme based on the learning with errors problemassumption.Our scheme achieves indistinguishability from random under adaptive chosen-plaintext and chosen-identity attacks in the random oracle model.