Catálogo de publicaciones - libros

In this paper, we first propose an efficient provably secure identity-based signature (IBS) scheme based on bilinear pairings, then propose an efficient identity-based blind signature (IBBS) scheme based on our IBS scheme. Assuming the intractability of the Computational Diffie-Hellman Problem, our IBS scheme is unforgeable under adaptive chosen-message and ID attack. Efficiency analyses show that our schemes can offer advantages in runtime over the schemes available. Furthermore, we show that, contrary to the authors claimed, Zhang and Kim’s scheme in ACISP 2003 is one-more forgeable, if the ROS-problem is solvable.

Providing authentication protocols for real time streams is a challenging task. This is because the authentication rate is very important for real time streams, whereas it is usually a bottleneck. Using improved online/offline signatures and hash chain techniques as tools, our proposed protocol greatly reduces the online computational and communicational cost and thus is more applicable to authenticate real time streams.

In 2004, Wu-Chieu proposed improvements to their original authentication scheme in order to strengthen it to withstand impersonation attacks. In 2005, Lee-Lin-Chang proposed improvements on Wu-Chieu’s original scheme so that not only could it withstand a forgery attack, but it required less computational costs and it was suitable for mobile communication. The current paper, however, demonstrates that Wu-Chieu’s improved scheme is vulnerable to an off-line password guessing attack and an impersonation attack by the use of a stolen smart card. Also, we demonstrates that Lee-Lin-Chang’s scheme is vulnerable to a forgery attack. Furthermore, we present a new authentication scheme based on a one-way hash function and Diffie-Hellman key exchange in order to isolate such problems and to provide mutual authentication between the user and the remote system.

Proxy signcryption is a cryptographic primitive which combines the functionalities of a proxy signature scheme and a signcryption scheme. In this paper, based on bilinear pairings, we would like to propose two efficient proxy singcryption schemes. One is certificate based and the other is identity based. Also we analyze the two proposed schemes from efficiency point of view. We show that the certificate based scheme achieves great efficiency in terms of communication cost and computation overhead. And the identity based scheme is much more efficient than the scheme proposed by Li and Chen. What’s more, we also argument that the two proposed schemes are secure in the random oracle model without a secure channel.

Proxy signcryption, proposed by Gamage et al. [1], is a cryptographic primitive, which combines the functionality of a proxy signature scheme with that of an encryption. But to date, no formal definitions of security have been provided. In this paper, we first propose the syntax of warrant-based proxy signcryption scheme, then formalize notions of security for it. After that, we present a warrant-based proxy signcryption scheme based on integer factorization assumption.

Nowadays, e-mail has become one of the most widely used communication medium. Because of its characteristics of inexpensivity and rapidity in the delivery of messages, e-mail is increasingly used in place of ordinary mail. However, the e-mail service exposes users to several risks related to the lack of security during the message exchange. Furthermore, regular mail offers services which are usually not provided by e-mail, and which are of crucial importance for “official” events.

Certified e-mail tries to provide users with additional guarantees on the content and the delivery of the messages, making e-mail equivalent and in some cases more convenient than the ordinary paper-based mail service. In literature, several distributed protocols for certified e-mail have been proposed, relying on an inline trusted third party to ensure the fairness of the protocol. In such protocols, the is actively involved in each message exchange. In this paper we provide a novel inline certified e-mail protocol which satisfies all the most important requirements which have been discussed for certified e-mail. Furthermore, we discuss a prototype implementation of our protocol targeted to the Windows platform.

Certified e-mail delivery has become one of the basic requirement in performing business transactions over the Internet securely. How to construct efficient fair protocols for certified e-mail delivery is of great interest. The notion of identity based cryptosystem has attracted much interest since its introduction by Shamir in 1984, as it eliminates the need of certificates and simplifies the key management. In this paper, we propose a fair protocol for certified e-mail delivery based on identity-based signatures. A semi-trust third party (TTP) is involved in our protocol to ensure fairness, who does not need to store anything except its own private-key. There is no need for an additional registration between users and TTP. The proposed scheme is the first identity-based protocol with such a concise frame and is computation- and communication-efficient.

Most multivariate schemes have potentially much higher performance than other public key cryptosystems[15] [4] [1] [2]. Wolf and Preneel [16] show multivariate quadratic public key schemes have many equivalent keys and provide some transformations to identify the keys. In this paper, we propose the idea of similar keys of MQ-based public key cryptosystems(PKCs) and provide a method to reduce the size of private key in MQ-based PKCs to 50% ~ 70% of its original size. And our method is generic for most MQ-based PKCs except for UOV-like and STS-like schemes. Moreover, our method remains the equivalent security and efficiency with original MQ-based PKCs.

The window algorithms for various signed binary representations have been used to speed up point multiplication on elliptic curves. While there’s been extensive research on the non-adjacent form, little attention has been devoted to non-sparse optimal signed binary representations. In the paper, we prove some properties of non-sparse optimal signed binary representations and present a precise analysis of the non-sparse signed window algorithm. The main contributions are described as follows. Firstly, we attain the lower bound +1/3 of the expected length of non-sparse optimal signed binary representations of -bit positive integers. Secondly, we propose a new non-sparse signed window partitioning algorithm. Finally, we analyze Koyama-Tsuruoka’s non-sparse signed window algorithm and the proposed algorithm and compare them with other methods. The upper bound of the number of precomputed windows of the non-sparse signed window algorithms is attained.

The relation between almost resilient function and its component functions is investigated in this paper. We prove that if each nonzero linear combination of ,,⋯, is an -almost(,1,)-resilient function, then =(,,⋯,) is a -almost(,,)-resilient function. In the case equals 0, the theorem gives another proof of Linear Combination Lemma for resilient functions. As applications of this theorem, we introduce a method to construct a balanced -almost (3,2,2+1)-resilient function from a balanced -almost (,1,)-resilient function and present a method of improving the degree of the constructed functions with a small trade-off in the nonlinearity and resiliency. At the end of this paper, the relation between balanced almost CI function and its component functions are also concluded.