Catálogo de publicaciones - libros

Using three previously studied subgroup membership problems, we obtain new concrete encryption schemes secure against adaptive chosen-ciphertext attack in the standard model, from the Cramer-Shoup and Kurosawa-Desmedt constructions. The schemes obtained are quite efficient. In fact, the Cramer-Shoup derived schemes are more efficient than the previous schemes from this construction, including the Cramer-Shoup cryptosystem, when long messages are considered. The hybrid variants are even more efficient, with a smaller number of exponentiations and a shorter ciphertext than the Kurosawa-Desmedt Decisional Diffie-Hellman based scheme.

In a famous paper at , Boneh and Franklin proposed the first fully functional identity-based encryption scheme (IBE), around fifteen years after the concept was introduced by Shamir. Their scheme achieves chosen-ciphertext security ( secure in the sense of IND-ID-CCA); however, the security reduction is far from being tight.

In this paper, we present an efficient variant of the Boneh-Franklin scheme that achieves a tight security reduction. Our scheme is basically an IBE scheme under two keys, one of which is randomly chosen and given to the user. It can be viewed as a continuation of an idea introduced by Katz and Wang; however, unlike the Katz-Wang variant, our scheme is quite efficient, as its ciphertext size is roughly comparable to that of the original full Boneh-Franklin scheme. The security of our scheme can be based on either the gap bilinear Diffie-Hellman (GBDH) or the decisional bilinear Diffie-Hellman (DBDH) assumptions.

The MQV protocol of Law, Menezes, Qu, Slinas and Vanstone has been regarded as the most efficient authenticated Diffie-Hellman key exchange protocol, and standardized by many organizations including the US NSA. In Crypto 2005, Hugo Krawczyk showed vulnerabilities of MQV to several attacks and suggested a hashed variant of MQV, called HMQV, which provides the same superb performance of MQV and provable security in the random oracle model. In this paper we suggest an efficient authenticated Diffie-Hellman key exchange protocol providing the same functionalities and security of HMQV random oracles. There exist some provably secure key exchange schemes using signatures in the standard model, but all of the schemes do not provide the same level of security of HMQV. So far there are no authenticated Diffie-Hellman protocols which are proven secure in the standard model and achieve the same level of security goals of HMQV efficiently yet. Dispensing of random oracles in our protocol does not require any expensive signature and encryption schemes.

Secure multicast communication provides an efficient way to deliver data to a large group of recipients. Scalability, efficiency and authenticity are the key challenges for secure multicast. In this paper, we propose a novel group key agreement scheme called logical identity hierarchy(LIH) for multicast to support secure communications for large and dynamic groups, which is based on bilinear pairing. Compared with the previous tree-based schemes, LIH provides dual authentication between group controller(GC) and group members and hierarchical authentication among group members. GC and all the users do not need to execute any encryption/decryption process during the rekeying operation. Moreover, in LIH, the group members can be stateless receivers, who do not need to update their state during the protocol execution. Using a public board, GC does not need to multicast any rekeying message when a user joins/leaves the communication group. Security analysis shows that LIH satisfies both backward secrecy and forward secrecy.

Common group key agreement protocols are not applicable in ad hoc networks because the dynamic and multi-hop nature. Clustering is a method by which nodes are hierarchically organized based on their relative proximity to one another. Driven by this insight, a hierarchical key agreement protocol is proposed to weaken the 1-hop assumption in common group key agreement protocols. We employ Joux’s tripartite protocol and a generalized Diffie-Hellman protocol as the basic building block for group key agreement. The protocol can handle efficiently the dynamic events in ad hoc networks. Moreover, in order to authenticate the messages, a provable ID-based signature scheme is presented. The analysis results indicate that the proposed protocol is secure in withstanding many common attacks and is extremely efficient and feasible to ad hoc networks with large size.

Solutions for an easy and secure setup of a wireless connection between two devices are urgently needed for WLAN, Wireless USB, Bluetooth and similar standards for short range wireless communication. All such key exchange protocols employ data authentication as an unavoidable subtask. As a solution, we propose an asymptotically optimal protocol family for data authentication that uses short manually authenticated out-of-band messages. Compared to previous articles by Vaudenay and Pasini the results of this paper are more general and based on weaker security assumptions. In addition to providing security proofs for our protocols, we focus also on implementation details and propose practically secure and efficient sub-primitives for applications.

We address the multicast stream authentication problem when the communication channel is under the control of an opponent who can drop, reorder or inject data. In such a network model, packet overhead and computing efficiency are important parameters to be taken into account when designing a multicast authentication protocol. Our construction will exhibit three main advantages. First, our packet overhead will only be a few hashes long. Second, we will exhibit a number of signature verifications to be performed by the receivers which will turn to be (1). Third, every receiver will still be able to recover all the data packets emitted by the sender despite losses and injections occurred during the transmission of information.

We propose a new computational complexity assumption from bilinear map, based on which we construct Verifier-Local Revocation group signatures with shorter lengths than previous ones.

In a proxy multi-signature scheme, a designated proxy signer can generate the signature on behalf of a group of original signers. Although some work has been done in proxy-multi signature schemes, until now there is no formalized definition and security model for them. In this paper, we will give the formal definition and a security model of proxy-multi signature scheme. We also constructed a proxy-multi signature scheme based on the BLS short signature scheme and proved its security in our security model.

To put restrictions on signing capability of the proxy signer, the notion of one-time proxy signature was put forth by Kim et al. in 2001. Today, to our best knowledge, although plenty of one-time proxy signature schemes have been proposed, no ID-based one-time proxy signature (IBOTPS) has yet been presented. Therefore, in this paper, to fill this void, we first formalize the security notions for IBOTPS, and propose the first efficient IBOTPS scheme based on the bilinear pairings and provide the formal security proofs in the random oracle model. Also, we consider an application of the proposed scheme in E-cheque scenarios.