A new certificateless signature scheme under enhanced security models

Kee Sung Kim, ik rae Jeong

Research output: Contribution to journalArticle

4 Citations (Scopus)

Abstract

In identity-based signatures, the key generation center (KGC) always knows user private key, and thus, it can always impersonate the user. Certificateless signatures were introduced by Al-Riyami and Paterson to solve this key escrow problem of identity-based signatures in 2003. In certificateless signatures, the private key is determined by neither the user nor the KGC. In 2007, Huang et al. revisited the security models of certificateless signatures. They divided potential adversaries according to their attack power into normal, strong and super adversaries. On the other hand, Au et al. introduced a new attack called malicious-but-passive KGC attack in the same year. In the new attack, KGC that holds the master secret key is assumed malicious at the very beginning of the setup phase of the system. The previous schemes that can be proven secure against malicious-but-passive KGC attack provided only the security against strong adversaries. In this paper, we construct the first certificateless signature scheme that can be proven secure against malicious-but-passive KGC attack of super adversaries. Moreover, our scheme is still secure when the adversary is allowed to obtain valid signatures on the target identity and message. Our construction is based on the hard lattice problems in the random oracle model.Copyright

Original languageEnglish
Pages (from-to)801-810
Number of pages10
JournalSecurity and Communication Networks
Volume8
Issue number5
DOIs
Publication statusPublished - 2015 Mar 25

Keywords

  • Certificateless signature
  • Lattice
  • Malicious-but-passive KGC attack
  • Random oracle

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems

Cite this

A new certificateless signature scheme under enhanced security models. / Kim, Kee Sung; Jeong, ik rae.

In: Security and Communication Networks, Vol. 8, No. 5, 25.03.2015, p. 801-810.

Research output: Contribution to journalArticle

@article{4e8f3d4fcb414ebc9576422bce3b5c66,
title = "A new certificateless signature scheme under enhanced security models",
abstract = "In identity-based signatures, the key generation center (KGC) always knows user private key, and thus, it can always impersonate the user. Certificateless signatures were introduced by Al-Riyami and Paterson to solve this key escrow problem of identity-based signatures in 2003. In certificateless signatures, the private key is determined by neither the user nor the KGC. In 2007, Huang et al. revisited the security models of certificateless signatures. They divided potential adversaries according to their attack power into normal, strong and super adversaries. On the other hand, Au et al. introduced a new attack called malicious-but-passive KGC attack in the same year. In the new attack, KGC that holds the master secret key is assumed malicious at the very beginning of the setup phase of the system. The previous schemes that can be proven secure against malicious-but-passive KGC attack provided only the security against strong adversaries. In this paper, we construct the first certificateless signature scheme that can be proven secure against malicious-but-passive KGC attack of super adversaries. Moreover, our scheme is still secure when the adversary is allowed to obtain valid signatures on the target identity and message. Our construction is based on the hard lattice problems in the random oracle model.Copyright",
keywords = "Certificateless signature, Lattice, Malicious-but-passive KGC attack, Random oracle",
author = "Kim, {Kee Sung} and Jeong, {ik rae}",
year = "2015",
month = "3",
day = "25",
doi = "10.1002/sec.1036",
language = "English",
volume = "8",
pages = "801--810",
journal = "Security and Communication Networks",
issn = "1939-0122",
publisher = "John Wiley and Sons Inc.",
number = "5",

}

TY - JOUR

T1 - A new certificateless signature scheme under enhanced security models

AU - Kim, Kee Sung

AU - Jeong, ik rae

PY - 2015/3/25

Y1 - 2015/3/25

N2 - In identity-based signatures, the key generation center (KGC) always knows user private key, and thus, it can always impersonate the user. Certificateless signatures were introduced by Al-Riyami and Paterson to solve this key escrow problem of identity-based signatures in 2003. In certificateless signatures, the private key is determined by neither the user nor the KGC. In 2007, Huang et al. revisited the security models of certificateless signatures. They divided potential adversaries according to their attack power into normal, strong and super adversaries. On the other hand, Au et al. introduced a new attack called malicious-but-passive KGC attack in the same year. In the new attack, KGC that holds the master secret key is assumed malicious at the very beginning of the setup phase of the system. The previous schemes that can be proven secure against malicious-but-passive KGC attack provided only the security against strong adversaries. In this paper, we construct the first certificateless signature scheme that can be proven secure against malicious-but-passive KGC attack of super adversaries. Moreover, our scheme is still secure when the adversary is allowed to obtain valid signatures on the target identity and message. Our construction is based on the hard lattice problems in the random oracle model.Copyright

AB - In identity-based signatures, the key generation center (KGC) always knows user private key, and thus, it can always impersonate the user. Certificateless signatures were introduced by Al-Riyami and Paterson to solve this key escrow problem of identity-based signatures in 2003. In certificateless signatures, the private key is determined by neither the user nor the KGC. In 2007, Huang et al. revisited the security models of certificateless signatures. They divided potential adversaries according to their attack power into normal, strong and super adversaries. On the other hand, Au et al. introduced a new attack called malicious-but-passive KGC attack in the same year. In the new attack, KGC that holds the master secret key is assumed malicious at the very beginning of the setup phase of the system. The previous schemes that can be proven secure against malicious-but-passive KGC attack provided only the security against strong adversaries. In this paper, we construct the first certificateless signature scheme that can be proven secure against malicious-but-passive KGC attack of super adversaries. Moreover, our scheme is still secure when the adversary is allowed to obtain valid signatures on the target identity and message. Our construction is based on the hard lattice problems in the random oracle model.Copyright

KW - Certificateless signature

KW - Lattice

KW - Malicious-but-passive KGC attack

KW - Random oracle

UR - http://www.scopus.com/inward/record.url?scp=84922998373&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84922998373&partnerID=8YFLogxK

U2 - 10.1002/sec.1036

DO - 10.1002/sec.1036

M3 - Article

VL - 8

SP - 801

EP - 810

JO - Security and Communication Networks

JF - Security and Communication Networks

SN - 1939-0122

IS - 5

ER -