Because the modified remote user authentication scheme proposed by Shen, Lin and Hwang is insecure, the Shen-Lin-Hwang' s scheme is improved and a new secure remote user authentication scheme based on the bi- linear ...Because the modified remote user authentication scheme proposed by Shen, Lin and Hwang is insecure, the Shen-Lin-Hwang' s scheme is improved and a new secure remote user authentication scheme based on the bi- linear parings is proposed. Moreover, the effectiveness of the new scheme is analyzed, and it is proved that the new scheme can prevent from all kinds of known attack. The one-way hash function is effective in the new scheme. The new scheme is proved that it has high effectiveness and fast convergence speed. Moreover, the ap- plication of the new scheme is easy and operational.展开更多
To reduce the size of certificate chains and the ciphertext size in secure routing protocols, a General Aggregate Signcryption Scheme (GASC) is presented. In GASC, an identity-based signcryption algorithm and an aggre...To reduce the size of certificate chains and the ciphertext size in secure routing protocols, a General Aggregate Signcryption Scheme (GASC) is presented. In GASC, an identity-based signcryption algorithm and an aggregate signature algorithm are combined in a practical and secure manner to form the general aggregate signcryption scheme's schema and concept, and a new secure, efficiently general aggregate signcryption scheme, which allows the aggregation of n distinct signcryptions by n distinct users on n distinct messages, is proposed. First, the correction of the GASC scheme is analyzed. Then, we formally prove the security of GASC in the random oracle models IND-CCA2 and EUF-CMA under the DBDHP assumption and the DLP assumption, respectively. The results show that the GASC scheme is not only secure against any probabilistic polynomial-time IND-GASC-CCA2 and EUF-GASC-CMA adversary in the random oracle models but also efficient in pairing ê computations. In addition, the GASC scheme gives an effective remedy to the key escrow problem, which is an inherent issue in IBC by splitting the private key into two parts, and reduces the communication complexity by eliminating the interaction among the senders (signers) before the signcryption generation.展开更多
Ring signcryption enables a user to send a message confidentially and authentically to a specific receiver in an anonymous way.One of the main reasons for the slow adoption of identity-based cryptography is the inhere...Ring signcryption enables a user to send a message confidentially and authentically to a specific receiver in an anonymous way.One of the main reasons for the slow adoption of identity-based cryptography is the inherent key escrow problem.In this paper a new certificateless ring signcryption scheme from pairings is presented.It is escrow free in that no KGC is able to decrypt ciphertexts itself.We then formally prove the security of the new scheme in the random oracle model IND-CCA2 and EUF-CMA.展开更多
In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc...In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.展开更多
The deniable authentication protocol is an important notion that allows a receiver to identify the source of a given message, but not to prove the identity of the sender to a third party. Such property is very useful ...The deniable authentication protocol is an important notion that allows a receiver to identify the source of a given message, but not to prove the identity of the sender to a third party. Such property is very useful for providing secure negotiation over the Internet. The ID-based deniable authentication protocol based on elliptic Diffie-Hellman key agreement protocol cannot defend the sender spoofing attack and message modification attack. In this paper, we present an improved protocol based on double elliptic Diffie- Hellman scheme. According to the comparison result, the proposed protocol performs better.展开更多
How to build a secure architecture for network function virtualization(NFV)is an important issue.Trusted computing has the ability to provide security for NFV and it is called trusted NFV system.In this paper,we propo...How to build a secure architecture for network function virtualization(NFV)is an important issue.Trusted computing has the ability to provide security for NFV and it is called trusted NFV system.In this paper,we propose a new NFV direct anonymous attestation(NFV-DAA)scheme based on trusted NFV architecture.It is based on the Elliptic curve cryptography and transfers the computation of variable D from the trusted platform module(TPM)to the issuer.With the mutual authentication mechanism that those existing DAA schemes do not have and an efficient batch proof and verification scheme,the performance of trusted NFV system is optimized.The proposed NFV-DAA scheme was proved to have a higher security level and higher efficiency than those existing DAA schemes.We have reduced the computation load in Join protocol from 3G_1to 2G_1 exponential operation,while the time of NFV-DAA scheme's Sign protocol is reduced up to 49%.展开更多
基金Supported by the National Science Foundation for Young Scholars of China(61001091)~~
文摘Because the modified remote user authentication scheme proposed by Shen, Lin and Hwang is insecure, the Shen-Lin-Hwang' s scheme is improved and a new secure remote user authentication scheme based on the bi- linear parings is proposed. Moreover, the effectiveness of the new scheme is analyzed, and it is proved that the new scheme can prevent from all kinds of known attack. The one-way hash function is effective in the new scheme. The new scheme is proved that it has high effectiveness and fast convergence speed. Moreover, the ap- plication of the new scheme is easy and operational.
基金supported by the National Grand Fundamental Research 973 Program of China under Grant No.2011CB302903 the National Natural Science Foundation of China under Grants No.61073188,No.61073115+1 种基金 the Key University Science Research Project of Jiangsu Province under Grant No.11KJA520002 the Priority Academic Program Development of Jiangsu Higher Education Institutions under Grant No.yx002001
文摘To reduce the size of certificate chains and the ciphertext size in secure routing protocols, a General Aggregate Signcryption Scheme (GASC) is presented. In GASC, an identity-based signcryption algorithm and an aggregate signature algorithm are combined in a practical and secure manner to form the general aggregate signcryption scheme's schema and concept, and a new secure, efficiently general aggregate signcryption scheme, which allows the aggregation of n distinct signcryptions by n distinct users on n distinct messages, is proposed. First, the correction of the GASC scheme is analyzed. Then, we formally prove the security of GASC in the random oracle models IND-CCA2 and EUF-CMA under the DBDHP assumption and the DLP assumption, respectively. The results show that the GASC scheme is not only secure against any probabilistic polynomial-time IND-GASC-CCA2 and EUF-GASC-CMA adversary in the random oracle models but also efficient in pairing ê computations. In addition, the GASC scheme gives an effective remedy to the key escrow problem, which is an inherent issue in IBC by splitting the private key into two parts, and reduces the communication complexity by eliminating the interaction among the senders (signers) before the signcryption generation.
基金supported by National Key Basic Research Program of China(973 program) under Grant No. 2011CB302903National Natural Science Foundation of China under Grant No.60873231,No.61073188+1 种基金China Postdoctoral Science Foundation under Grant No.20100471355Natural Science Foundation of Jiangsu Province under Grant No. BK2009426
文摘Ring signcryption enables a user to send a message confidentially and authentically to a specific receiver in an anonymous way.One of the main reasons for the slow adoption of identity-based cryptography is the inherent key escrow problem.In this paper a new certificateless ring signcryption scheme from pairings is presented.It is escrow free in that no KGC is able to decrypt ciphertexts itself.We then formally prove the security of the new scheme in the random oracle model IND-CCA2 and EUF-CMA.
文摘In this paper, the security technology of ad hoc networks is studied.To improve the previous multi-receiver signcryption schemes, an ID-based multi-message and multi-receiver signcryption scheme for rekeying in ad hoc networks is proposed.In this scheme, a sender can simultaneously signcrypt n messeges for n receivers, and a receiver can unsigncrypt the ciphertext to get his message with his own private key.An analysis of this scheme indicates that it achieves authenticity and confidentiality in the random oracle model while being of lower computation and communication overhead.Finally, for the application of our scheme in ad hoc, a threshold key updating protocol for ad hoc networks is given.
文摘The deniable authentication protocol is an important notion that allows a receiver to identify the source of a given message, but not to prove the identity of the sender to a third party. Such property is very useful for providing secure negotiation over the Internet. The ID-based deniable authentication protocol based on elliptic Diffie-Hellman key agreement protocol cannot defend the sender spoofing attack and message modification attack. In this paper, we present an improved protocol based on double elliptic Diffie- Hellman scheme. According to the comparison result, the proposed protocol performs better.
基金Natural Science Foundation of China(NSFC)under grant No.61372103the ZTE Industry-Academia-Research Cooperation Funds.
文摘How to build a secure architecture for network function virtualization(NFV)is an important issue.Trusted computing has the ability to provide security for NFV and it is called trusted NFV system.In this paper,we propose a new NFV direct anonymous attestation(NFV-DAA)scheme based on trusted NFV architecture.It is based on the Elliptic curve cryptography and transfers the computation of variable D from the trusted platform module(TPM)to the issuer.With the mutual authentication mechanism that those existing DAA schemes do not have and an efficient batch proof and verification scheme,the performance of trusted NFV system is optimized.The proposed NFV-DAA scheme was proved to have a higher security level and higher efficiency than those existing DAA schemes.We have reduced the computation load in Join protocol from 3G_1to 2G_1 exponential operation,while the time of NFV-DAA scheme's Sign protocol is reduced up to 49%.
