• Journal of Information Processing Systems
• /
• v.7 no.1
• /
• pp.159-172
• /
• 2011

A designated verifier signature is a special type of digital signature, which convinces a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party. A strong designated verifier signature scheme enhances the privacy of the signer such that no one but the designated verifier can verify the signer's signatures. In this paper we present two generic frame works for constructing strong designated verifier signature schemes from any secure ring signature scheme and any deniable one-pass authenticated key exchange protocol, respectively. Compared with similar protocols, the instantiations of our construction achieve improved efficiency.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.1
• /
• pp.45-56
• /
• 2013

When a signer signs a message, strong designated verifier signature allows the signer to designate a verifier. Only the designated verifier can make sure that the signature is generated by the signer. In addition, no one except the designated verifier can know the signature generated by some signer. In this paper, we propose an identity-based strong designated verifier signature scheme where users' public keys are identities. Our proposed scheme is the first identity-based strong designated verifier scheme from lattices. Naturally, our proposed scheme is secure against quantum computing attacks and has low computational complexity.

• ETRI Journal
• /
• v.34 no.2
• /
• pp.235-244
• /
• 2012

An identity-based strong designated verifier signature scheme provides restricted verifiability only for a verifier designated by a signer and proper privacy for the signer. In this paper, we show that strong designated verifier signature schemes do not satisfy the self-unverifiability requirement in the sense that not only exposure of the verifier's secret key but also of the signer's secret key enables an attacker to verify signatures, which should have been the exclusive right of the verifier. We also present a generic method to construct a strong identity-based designated verifier signature scheme with self-unverifiability from identity-based key encapsulation and identity-based key sharing schemes. We prove that a scheme constructed from our method achieves unforgeability, non-transferability, and self-unverifiability if the two underlying components are secure. To show the advantage of our method, we present an example that outputs short signatures and we analyze its performance.

• The Journal of the Korea Contents Association
• /
• v.9 no.10
• /
• pp.59-66
• /
• 2009

A strong designated verifier signature scheme is a special type of signature scheme which provides signer anonymity by enabling the specified recipient, called a designated verifier, to simulate a signature which is indistinguishable from the signer's signature. It has many applications such as software distribution or electronic voting. In this paper, we consider two important security properties of strong designated verifier signature scheme - source hiding and security against key-compromise attack. We show that the two properties cannot be achieved at the same time. Finally, we present a new ID-based strong designated verifier signature scheme which is secure against key-compromise attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.20 no.5
• /
• pp.37-48
• /
• 2010

Designated verifier signatures allow a signer to prove the validity of a signature to a specifically designated verifier. The designated verifier can be convinced but unable to prove the source of the message to a third party. Unlike conventional digital signatures, designated verifier signatures make it possible for a signer to repudiate his/her signature against anyone except the designated verifier. Recently, two designated verifier signature schemes, Zhang et al.'s scheme and Kang et al.'s scheme, have been shown to be insecure by concrete attacks. In this paper, we find the essential reason that the schemes open attacks while those were given with its security proofs, and show that Huang-Chou scheme and Du-Wen scheme have the same problem. Indeed, the security proofs of all the schemes reflect no message attackers only. Next, we show that Huang-Chou scheme is insecure by presenting universal forgery attack. Finally, we show that Du-Wen scheme is, indeed, secure by completing its defective security proof.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.11
• /
• pp.5625-5641
• /
• 2017

Certificateless public key cryptography resolves the certificate management problem in traditional public key cryptography and the key escrow problem in identity-based cryptography. In recent years, some good results have been achieved in speeding up the computation of bilinear pairing. However, the computation cost of the pairing is much higher than that of the scalar multiplication over the elliptic curve group. Therefore, it is still significant to design cryptosystem without pairing operations. A multi-signer universal designated multi-verifier signature scheme allows a set of signers to cooperatively generate a public verifiable signature, the signature holder then can propose a new signature such that only the designated set of verifiers can verify it. Multi-signer universal designated multi-verifier signatures are suitable in many different practical applications such as electronic tenders, electronic voting and electronic auctions. In this paper, we propose a certificateless multi-signer universal designated multi-verifier signature scheme and prove the security in the random oracle model. Our scheme does not use pairing operation. To the best of our knowledge, our scheme is the first certificateless multi-signer universal designated multi-verifier signature scheme.

• The KIPS Transactions:PartC
• /
• v.11C no.4
• /
• pp.439-446
• /
• 2004

In the Internet, user authentication is the most important service in secure communications. Although password-based mechanism is the most widely used method of the user authentication in the network, people are used to choose easy-to-remember passwords, and thus suffers from some Innate weaknesses. Therefore, using a memorable password it vulnerable to the dictionary attacks. The techniques used to prevent dictionary attacks bring about a heavy computational workload. In this paper, we describe a recent solution, the Optimal Strong-Password Authentication (OSPA) protocol, and that it is vulnerable to the stolen-verifier attack and an impersonation attack. Then, we propose an Improved Optimal Strong-Password Authentication (I-OSPA) protocol, which is secure against stolen-verifier attack and impersonation attack. Also, since the cryptographic operations are computed by the processor in the smart card, the proposed I-OSPA needs relatively low computational workload and communicational workload for user.

• Journal of Internet Computing and Services
• /
• v.14 no.4
• /
• pp.43-51
• /
• 2013

User authentication and access control are two important components in high security applications. Recently, Chen and Yeh proposed a method to integrate both of them seamlessly. However, Chen-Yeh's scheme is vulnerable to a stolen verifier attack, since it maintains a smart card identifier table in a remote server. Therefore, this paper modifies Chen-Yeh's scheme and propose a new integrated authentication and access control scheme that is resilient to the stolen verifier attack while inheriting all the merits of Chen-Yeh's scheme. Security analysis shows that the proposed scheme withstands well-known security attacks and exhibits many good features.

• Phonetics and Speech Sciences
• /
• v.4 no.3
• /
• pp.95-101
• /
• 2012

In this paper, we introduce the automatic speaker identification system 'SPO(Supreme Prosecutors Office) Verifier'. SPO Verifier is a GMM(Gaussian mixture model)-UBM(universal background model) based automatic speaker recognition system and has been developed using Korean speakers' utterances. This system uses a channel compensation algorithm to compensate recording device characteristics. The system can give the users the ability to manage reference models with utterances from various environments to get more accurate recognition results. To evaluate the performance of SPO Verifier on Korean speakers, we compared this system with one of the most widely used commercial systems in the forensic field. The results showed that SPO Verifier shows lower EER(equal error rate) than that of the commercial system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.33 no.11A
• /
• pp.1063-1071
• /
• 2008

This paper proposes a prior maximum likelihood (ML) detection verifier which has an ability to verify if the zero forcing (ZF) detection results are identical to the ML detection results. Since more than 90% of ZF detection results are identical to ML detection results, the proposed verifier makes it possible to omit the computationally complex ML detection in 90% cases of MIMO signal detections. The proposed verifier is designed by using the diversity gain obtained from converting MIMO signal into single input multiple output (SIMO) signals. In the proposed method, single input multiple output (SIMO) signals for each transmit antenna are separated from MIMO signals after the MIMO signals are detected by ZF method. Computer simulations show that the true alarm probability of the proposed verifier is more than 80% and the false alarm probability is less than $10^{-4}$.