Efficient and short certificateless signatures secure against realistic adversaries

The notion of certificateless cryptography is aimed to eliminate the use of certificates in traditional public key cryptography and also to solve the key-escrow problem in identity-based cryptography. Many kinds of security models have been designed for certificateless cryptography and many new schemes have been introduced based on the correspondence of the security models. In generally speaking, a stronger security model can ensure a certificateless cryptosystem with a higher security level, but a realistic model can lead to a more efficient scheme. In this paper, we focus on the efficiency of a certificateless signature (CLS) scheme and introduce an efficient CLS scheme with short signature size. On one hand, the security of the scheme is based on a realistic model. In this model, an adversary is not allowed to get any valid signature under false public keys. On the other hand, our scheme is as efficient as BLS short signature scheme in both communication and computation and, therefore, turns out to be more efficient than other CLS schemes proposed so far. We provide a rigorous security proof of our scheme in the random oracle model. The security of our scheme is based on the k-CAA hard problem and a new discovered hard problem, namely the modified k-CAA problem. Our scheme can be applied to systems where signatures are typed in by human or systems with low-bandwidth channels and/or low-computation power.

Certificate-based signatures revisited

Certificate-based encryption was introduced in Eurocrypt '03 to solve the certificate management problem in public key encryption. Recently, this idea was extended to certificate-based signatures. Several new schemes and security models of certificate-based signature by comparing it with digital signatures in other popular public key systems. We introduce a new security model of certificate-based signature, which defines several new types of adversaries against certificate-based signature, which defines several new types of adversaries against certificate-based signatures, along with the security model of certificate-based signatures against them. The new model is clearer and more elaborated compared with other existing ones. We then investigate the relationship between certificate-based signatures and certificate-less signatures, and propose a generic construction of certificate-based signatures and certificate less signatures, and propose a generic construction of certificate-based signatures. We prove that the generic construction is secure (in the random oracle model) against all types of adversaries defined in this paper, assuming the underlying certificateless signatures satisfying certain security notions. Based on our generic construction, we are able to construct new certificate-based signatures schemes, which are more effiecient in comparison with other schemes with similar security levels

Certificateless ignatures: New schemes and security models

We present a study of security in certificateless signatures. We divide potential adversaries according to their attack power, and for the first time, three new kinds of adversaries are introduced into certificateless signatures. They are Normal Adversary, Strong Adversary and Super Adversary (ordered by their attack power). Combined with the known Type I Adversary and Type II Adversary in certificateless cryptography, we then define the security of certificateless signatures in different attack scenarios. Our new security models, together with others in the literature, provide a clear definition of the security in certificateless signatures. Two concrete schemes with different security levels are also proposed in this paper. The first scheme, which is proven secure (in the random oracle model) against Normal Type I and Super Type II adversaries, has the shortest signature length among all known certificateless signature schemes. The second scheme is secure (in the random oracle model) against Super Type I and Type II adversaries. Compared with another scheme that has a similar security level, our second scheme requires less operational cost but a little longer signature length. Two server-aided verification protocols are also proposed to reduce the verification cost on the verifier.

Cryptanalysis and improvement of an efficient certificateless signature scheme

In traditional digital signature schemes, certificates signed by a trusted party are required to ensure the authenticity of the public key. In Asiacrypt 2003, the concept of certificateless signature scheme was introduced. The advantage of certificate-less public key cryptography successfully eliminates the necessity of certificates in the traditional public key cryptography and simultaneously solves the inherent key escrow problem suffered in identity-based cryptography. Recently, Yap et al. proposed an efficient certificateless signature scheme and claimed that their scheme is existentially unforgeable in the random oracle model. In this paper, we show that the certificateless signature scheme proposed by Yap et al. is insecure against public key replacement attacks. Furthermore, we propose an improved certificateless signature scheme, which is existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model and provide the security proof of the proposed scheme.

A provably secure construction of certificate-based encryption from certificateless encryption

Certificate-based encryption (CBE) and certificateless encryption (CLE) are proposed to lessen the certificate management problem in a traditional public-key encryption setting. Although they are two different notions, CBE and CLE are closely related and possess several common features. The encryption in CBE and CLE does not require authenticity verification of the recipient's public key. The decryption in both notions requires two secrets that are generated by the third party and the public key owner, respectively. Recently a generic conversion from CLE to CBE was given, but unfortunately its security proof is flawed. This paper provides an elaborate security model of CBE, based on which a provably secure generic construction of CBE from CLE is proposed. A concrete instantiation is also presented to demonstrate the application of our generic construction.

A strong provably secure IBE scheme without bilinear map

Identity-based encryption (IBE) allows one party to send ciphered messages to another using an arbitrary identity string as an encryption key. Since IBE does not require prior generation and distribution of keys, it greatly simplifies key management in public-key cryptography. According to the Menezes-Okamoto-Vanstone (MOV) reduction theory, the IBE scheme based on bilinear map loses the high efficiency of elliptic curve because of the requirement of large security parameters. Therefore, it is important to build a provably secure IBE scheme without bilinear map. To this end, this paper proposes an improved IBE scheme that is different from the previous schemes because this new scheme does not use symmetric encryption algorithm. Furthermore, it can be proven to be secure against adaptively chosen identity and chosen plaintext attacks in the standard model. Elaborated security and performance analysis demonstrate that this new scheme outperforms the previous ones in terms of the time complexity for encryption and decryption.

Self adjusted security architecture for mobile ad hoc networks (MANETs)

In this work we present a novel security architecture for MANETs that merges the clustering and the threshold key management techniques. The proposed distributed authentication architecture reacts with the frequently changing topology of the network and enhances the process of assigning the node's public key. In the proposed architecture, the overall network is divided into clusters where the clusterheads (CH) are connected by virtual networks and share the private key of the Central Authority (CA) using Lagrange interpolation. Experimental results show that the proposed architecture reaches to almost 95.5% of all nodes within an ad-hoc network that are able to communicate securely, 9 times faster than other architectures, to attain the same results. Moreover, the solution is fully decentralized to operate in a large-scale mobile network.

Further observations on optimistic fair exchange protocols in the multi-user setting

Recent research has shown that the single-user security of optimistic fair exchange cannot guarantee the multi-user security. This paper investigates the conditions under which the security of optimistic fair exchange in the single-user setting is preserved in the multi-user setting. We first introduce and define a property called “Strong Resolution-Ambiguity”. Then we prove that in the certified-key model, an optimistic fair exchange protocol is secure in the multi-user setting if it is secure in the single-user setting and has the property of strong resolution-ambiguity. Finally we provide a new construction of optimistic fair exchange with strong resolution-ambiguity. The new protocol is setup-free, stand-alone and multi-user secure without random oracles.

Design of secure watermarking scheme for watermarking protocol

Watermarking technique enables to hide an imperceptible watermark into a multimedia content for copyright protection. However, in most conventional watermarking schemes, the watermark is embedded solely by the seller, and both the seller and the buyer know the watermarked copy, which causes unsettled dispute at the phase of arbitration. To solve this problem, many watermarking protocols have been proposed using watermarking scheme in the encrypted domain. In this paper, we firstly discuss many security aspects in the encrypted domain, and then propose a new method of homomorphism conversion for probabilistic public key cryptosystem with homomorphic property. Based on our previous work, a new secure watermarking scheme for watermarking protocol is presented using a new embedding strategy in the encrypted domain. We employ an El Gamal variant cryptosystem with additive homomorphic property to reduce the computing overload of watermark embedding in the encrypted domain, and RA code to improve the robustness of the watermarked image against many moderate attacks after decryption. Security analysis and experiment demonstrate that the secure watermarking scheme is more suitable for implementing the existing watermarking protocols.

Optimistic fair exchange with strong resolution-ambiguity

Optimistic fair exchange (OFE) allows two parties to exchange their digital items in a fair way. As one of the fundamental problems in secure electronic business and digital rights management, OFE has been studied intensively since its introduction. This paper introduces and defines a new property for OFE: Strong Resolution-Ambiguity. We show that many existing OFE protocols have the new property, but its formal investigation has been missing in those protocols. We prove that in the certified-key model, an OFE protocol is secure in the multi-user setting if it is secure in the single-user setting and has the property of strong resolution-ambiguity. Our result not only simplifies the security analysis of OFE protocols in the multi-user setting but also provides a new approach for the design of multi-user secure OFE protocols. Following this approach, a new OFE protocol with strong resolution-ambiguity is proposed. Our analysis shows that the protocol is setup-free, stand-alone and multi-user secure without random oracles.

Cryptanalysis on two certificates signature schemes

Certificateless cryptography has attracted a lot of attention from the research community, due to its applicability in information security. In this paper, we analyze two recently proposed certificateless signature schemes and point out their security flaws. In particular, we demonstrate universal forgeries against these schemes with known message attacks

Secure universal designated verifier signature without random oracles

In Asiacrypt 2003, the concept of universal designated verifier signature (UDVS) was introduced by Steinfeld, Bull, Wang and Pieprzyk. In the new paradigm, any signature holder (not necessarily the signer) can designate the publicly verifiable signature to any desired designated verifier (using the verifier’s public key), such that only the designated verifier can believe that the signature holder does have a valid publicly verifiable signature, and hence, believes that the signer has signed the message. Any other third party cannot believe this fact because this verifier can use his secret key to create a valid UDVS which is designated to himself. In ACNS 2005, Zhang, Furukawa and Imai proposed the first UDVS scheme without random oracles. In this paper, we give a security analysis to the scheme of Zhang et al. and propose a novel UDVS scheme without random oracles based on Waters’ signature scheme, and prove that our scheme is secure under the Gap Bilinear Diffie Hellman assumption

Australia's response to sexualised or sexually abusive behaviours in children and young people.

Responding to children and young people with sexualised or sexual offending behaviours presents significant challenges across the allied health, child protection, education and juvenile justice sectors. This report maps the specialised therapeutic services designed to effect positive behavioural change and thus divert young people with sexualised behaviours from the juvenile justice system. Accurate numbers on children with sexualised or sexual offending behaviours are difficult to determine. There are several factors contributing to this gap in understanding. These include entrenched ideals about children as inherently innocent, widespread ignorance about developmental sexuality, and the tendency of both young people and parents to deny or minimise incidents when they do occur.

In Australia, data on children with sexualised behaviours are not collected uniformly and nondisclosure contributes to what might be large numbers of offences going undetected. Mandatory reporting requirements apply where children display sexualised behaviours and are thought to be at risk of harm. Yet a general lack of knowledge as to what constitutes appropriate behaviour means that many may respond inappropriately to incidents of sexualised behaviours. This context of confusion, denial and non-disclosure creates a hidden population of children that continues to be at risk. Attention to redressing the contexts for non-disclosure is urgently required to ensure that children in need are provided with specialised therapeutic care.

This report presents qualitative data from interviews with specialised clinicians as well as submissions from service providers in both community and youth justice settings. In mapping the availability of therapeutic services, this report highlights a number of geographic and demographic gaps in service provision, including difficulties with eligibility criteria, referral pathways, funding arrangements and specialised workforce development. There are multiple challenges facing the tertiary services sector, yet the comprehensive provision of specialised services is just one part of the response required. This study emphasises the need for effective primary and secondary prevention to effect a reduction in the numbers of young people requiring counselling in the future. Consistent with the public health model, this report prioritises professional and community education strategies that would ultimately necessitate fewer tertiary services for young people and fewer places in juvenile detention centres.