Informatica

Up to date, a large number of ID-based signature (IBS) schemes based on bilinear pairings have been proposed. Most of these IBS schemes possess existential unforgeability under adaptive chosen-message attacks, among which some offer strong unforgeability. An IBS scheme is said to be strongly unforgeable if it possesses existential unforgeability and an adversary who is given signatures of the IBS scheme on some message m is unable to generate a new signature on m. Strong unforgeable IBS schemes can be used to construct many important ID-based cryptographic schemes. However, the existing strongly unforgeable IBS schemes lack efficiency for the signature size and the computation cost of verification phase. In this paper, we propose an efficient strongly unforgeable IBS scheme without random oracles. Under the computational Diffie–Hellman and collision resistant hash assumptions, we demonstrate that the proposed IBS scheme possesses strong unforgeability against adaptive chosen-message attacks. When compared with previously proposed strongly unforgeable IBS schemes, our scheme has better performance in terms of signature size and computation cost.

An authenticated group key exchange (AGKE) protocol allows participants to construct a common key and provide secure group communications in cooperative and distributed applications. Recently, Choi et al. proposed an identity (ID)-based authenticated group key exchange (IDAGKE) protocol from bilinear pairings. However, their protocol suffered from an insider colluding attack because it didn't realize the security issue of withstanding insider attacks. Withstanding insider attacks mean that it can detect whether malicious participants exist in the group key exchange protocol. Nevertheless, an AGKE protocol resistant to insider attacks is still unable to find “who are malicious participants”. In this paper, we propose an ID-based AGKE protocol with identifying malicious participants. In our protocol, we use a confirmed computation property to achieve identifying malicious participants. Certainly, it is also secure against insider attacks. In the random oracle model and under related mathematical hard problems, we prove that the proposed protocol a secure AGKE protocol with identifying malicious participants.

In this paper, we propose a new ID-based threshold signature scheme from the bilinear pairings, which is provably secure in the random oracle model under the bilinear Diffie–Hellman assumption. Our scheme adopts the approach that the private key associated with an identity rather than the master key of PKG is shared. Comparing to the-state-of-art work by Baek and Zheng, our scheme has the following advantages. (1) The round-complexity of the threshold signing protocol is optimal. Namely, during the signing procedure, each party broadcasts only one message. (2) The communication channel is optimal. Namely, during the threshold signing procedure, the broadcast channel among signers is enough. No private channel between any two signing parties is needed. (3) Our scheme is much more efficient than the Baek and Zheng scheme in term of computation, since we try our best to avoid using bilinear pairings. Indeed, the private key of an identity is indirectly distributed by sharing a number xID∈ $\mathbb{Z}^{*}_{q}$, which is much more efficient than directly sharing the element in the bilinear group. And the major computationally expensive operation called distributed key generation protocol based on the bilinear map is avoided. (4) At last, the proactive security can be easily added to our scheme.

A key exchange (or agreement) protocol is designed to allow two entities establishing a session key to encrypt the communication data over an open network. In 1990, Gunther proposed an identity-based key exchange protocol based on the difficulty of computing a discrete logarithm problem. Afterwards, several improved protocols were proposed to reduce the number of communication steps and the communicational cost required by Gunther's protocol. This paper presents an efficient identity-based key exchange protocol based on the difficulty of computing a discrete logarithm problem. As compared with the previously proposed protocols, it has better performance in terms of the computational cost and the communication steps. The proposed key exchange protocol provides implicit key authentication as well as the desired security attributes of an authenticated key exchange protocol.

Smart card has been adopted to various applications. In 2000, Hwang and Li proposed a remote user authentication scheme, which is also using smart card. Nine months later, Chan and Cheng pointed out that there is a weakness in the remote authentication scheme proposed by Hwang and Li. In this paper, we show that Chan and Cheng's attack does not work well because they did not consider the format of user's identity. In addition, we propose several ways to solve the problem of Chan and Cheng's attack.