Showing papers on "Key escrow published in 2014"

Cost-Effective Scalable and Anonymous Certificateless Remote Authentication Protocol

Abstract: Existing anonymous remote authentication protocols to secure wireless body area networks (WBANs) raise challenges such as eliminating the need for distributing clients’ account information to the application providers and achieving forward security. This paper efficiently addresses these challenges by devising a scalable certificateless remote authentication protocol with anonymity and forward security for WBANs. Different from the previous protocols in this field, our protocol not only provides mutual authentication, session key establishment, anonymity, unlinkability, and nonrepudiation, but also achieves forward security, key escrow resilience, and scalability. Performance evaluation demonstrates that compared with the most efficient ID-based remote anonymous authentication protocol, our protocol reduces at least 52.6% and 17.6% of the overall running time and communication overhead, respectively, and the reduction in the computation cost and communication overhead achieves at least 73.8% and 55.8%, respectively, compared with up-to-date certificateless remote authentication protocol with anonymity.

An Efficient Certificateless Encryption for Secure Data Sharing in Public Clouds

Abstract: We propose a mediated certificateless encryption scheme without pairing operations for securely sharing sensitive information in public clouds. Mediated certificateless public key encryption (mCL-PKE) solves the key escrow problem in identity based encryption and certificate revocation problem in public key cryptography. However, existing mCL-PKE schemes are either inefficient because of the use of expensive pairing operations or vulnerable against partial decryption attacks. In order to address the performance and security issues, in this paper, we first propose a mCL-PKE scheme without using pairing operations. We apply our mCL-PKE scheme to construct a practical solution to the problem of sharing sensitive information in public clouds. The cloud is employed as a secure storage as well as a key generation center. In our system, the data owner encrypts the sensitive data using the cloud generated users' public keys based on its access control policies and uploads the encrypted data to the cloud. Upon successful authorization, the cloud partially decrypts the encrypted data for the users. The users subsequently fully decrypt the partially decrypted data using their private keys. The confidentiality of the content and the keys is preserved with respect to the cloud, because the cloud cannot fully decrypt the information. We also propose an extension to the above approach to improve the efficiency of encryption at the data owner. We implement our mCL-PKE scheme and the overall cloud based system, and evaluate its security and performance. Our results show that our schemes are efficient and practical.

Certificateless public key encryption with keyword search

Abstract: Public Key Encryption with Keyword Search (PEKS), an indispensable part of searchable encryption, is stock-in-trade for both protecting data and providing operability of encrypted data. So far most of PEKS schemes have been established on Identity-Based Cryptography (IBC) with key escrow problem inherently. Such problem severely restricts the promotion of IBC-based Public Key Infrastructure including PEKS component. Hence, Certifcateless Public Key Cryptography (CLPKC) is efficient to remove such problem. CLPKC is introduced into PEKS, and a general model of Certifcateless PEKS (CLPEKS) is formalized. In addition, a practical CLPEKS scheme is constructed with security and efficiency analyses. The proposal is secure channel free, and semantically secure against adaptive chosen keyword attack and keyword guessing attack. To illustrate the superiority, massive experiments are conducted on Enron Email dataset which is famous in information retrieval field. Compared with existed constructions, CLPEKS improves the efficiency in theory and removes the key escrow problem.

Secure Data Retrieval for Decentralized Disruption-Tolerant Military Networks

Abstract: Mobile nodes in military environments such as a battlefield or a hostile region are likely to suffer from intermittent network connectivity and frequent partitions. Disruption-tolerant network (DTN) technologies are becoming successful solutions that allow wireless devices carried by soldiers to communicate with each other and access the confidential information or command reliably by exploiting external storage nodes. Some of the most challenging issues in this scenario are the enforcement of authorization policies and the policies update for secure data retrieval. Ciphertext-policy attribute-based encryption (CP-ABE) is a promising cryptographic solution to the access control issues. However, the problem of applying CP-ABE in decentralized DTNs introduces several security and privacy challenges with regard to the attribute revocation, key escrow, and coordination of attributes issued from different authorities. In this paper, we propose a secure data retrieval scheme using CP-ABE for decentralized DTNs where multiple key authorities manage their attributes independently. We demonstrate how to apply the proposed mechanism to securely and efficiently manage the confidential data distributed in the disruption-tolerant military network.

Weaknesses and improvements of an efficient certificateless signature scheme without using bilinear pairings

Abstract: The certificateless signature CLS scheme is a special signature scheme that solves the key escrow problem in identity-based signature schemes. In CLS schemes, the private key is generated cooperatively by the key generator center KGC and signer, such that a malicious KGC cannot masquerade as the signer and sign a message. He et al. in 2011 proposed an efficient CLS scheme without using bilinear pairings. However, we discovered that the CLS scheme by He et al. cannot resist a strong type 2 adversary if this adversary replaces the master public key of the KGC. This work proposes an improved scheme that overcomes this weakness. Copyright © 2012 John Wiley & Sons, Ltd.

Cloud key escrow system

Abstract: Embodiments are directed to allowing a user to store encrypted, third-party-accessible data in a data store and to providing third party data access to a user's encrypted data according to a predefined policy. A data storage system receives encrypted data from a user at a data storage system. The data is encrypted using the user's private key. The data storage system stores the received encrypted data according to a predefined policy. The encryption prevents the storage system from gaining access to the encrypted data, while the policy allows the encrypted data to be released upon receiving a threshold number of requests from verified third parties. The data storage system implements a verifiable secret sharing scheme to verify that the encrypted data can be reconstituted without the data storage system accessing the encrypted data. The data storage system synchronously acknowledges that the received encrypted data has been verified and successfully stored.

Interposer with Security Assistant Key Escrow

Abstract: An interposer is provided that is configured to interpose into an application security protocol exchange by obtaining application session security state. The interposer does this without holding any private keying material of client or server. An out-of-band Security Assistant Key Escrow service (SAS/SAKE) is also provided. The SAKE resides in the secure physical network perimeter and holds the private keying material required to derive session keys for interposing into application security protocol. During a security protocol handshake, the interposer sends SAKE security protocol handshake messages and in return receives from the SAKE session security state that allows it to participate in application security protocol.

Certificateless aggregate signcryption

Abstract: The concept of aggregate signcryption was first introduced in 2009 by Selvi et al. Identity based aggregate signcryption schemes, Lecture Notes in Computer Science 5922 LNCS, 2009, pp. 378-397. The aggregation process of these schemes reduces the amount of exchanged information and is particularly useful in low-bandwidth communication networks and computationally-restricted environments such as wireless sensor networks. Selvi et al.'s scheme is in the identity-based setting and suffers from the key escrow problem. The goal of this paper is to overcome this problem and propose a suitable security model for aggregate signcryption in the certificateless setting. We further propose a concrete certificateless aggregate signcryption scheme which is based on Barbosa and Farshim's certificateless signcryption scheme Certificateless signcryption. In: M. Abe, V. Gligor (Eds.), Proceedings of the 2008 ACM Symposium on Information, Computer and Communications Security (ASIACCS-08), ACM, New York. pp. 369-372. We then prove the security of the proposed scheme in the random oracle model under the gap Bilinear Diffie-Hellman and computational Diffie-Hellman intractability assumptions.

SEGR: A secure and efficient group roaming scheme for machine to machine communications between 3GPP and WiMAX networks

Abstract: With extensive promising applications, machine to machine (M2M) communications or machine-type communication (MTC) have attached a tremendous interest among mobile network operators and research groups. Supporting multiple MTC devices has been considered as an essential requirement in M2M communications. How to achieve a secure and efficient access authentication for a group of MTC devices during roaming is a challenging issue. In this paper, in order to simultaneously resolve the access security and efficiency in MTC, we propose a secure and efficient group roaming scheme for MTC between 3GPP and WiMAX networks, named SEGR, which is characterized by authenticating all MTC devices in a group simultaneously and speeding up the process of authentication through adopting a novel certificateless aggregate signature technique. Through security analysis, the proposed SEGR can provide robust security, especially overcome the drawback of key escrow in identity-based (ID-based) aggregate signature schemes. In addition, performance evaluations in terms of communication overhead and computation complexity demonstrate that SEGR is more efficient than those traditional schemes.

A light-weight certificate-less public key cryptography scheme based on ECC

Abstract: With the rapid development of mobile computing, more and more mobile devices, such as smart phones and tablets are able to access Internet. As these mobile devices are usually battery powered, energy efficiency is a very important issue. For most mobile applications, energy saving should be considered at the design stage. Of course, security application is no different. Public key cryptography plays an important role in network security, and it is still essential in mobile computing despite it needs high energy consumption. Considering Elliptic Curve Cryptography (ECC) is easy to perform in hardware and needs lower energy than other public key algorithms. We propose an ECC-based certificate-less public key cryptography scheme. The scheme is lightweight and can save energy for mobile devices. Firstly, it does not need certificate to prove the authenticity of a public key, which can save energy for certificate transmission. Secondly, it is constructed on the traditional ECC instead of bilinear pairing, which makes it lightweight and can save energy for computation. In addition, it avoids the key escrow issue, which makes it has higher security strength than traditional public key cryptography. These advantages make it very suitable for resources-constrained mobile devices.

HIKES: Hierarchical key establishment scheme for wireless sensor networks

Abstract: SUMMARY This paper presents a hierarchical key establishment scheme called HIKES. The base station in this scheme, acting as the central trust authority, empowers randomly selected sensors to act as local trust authorities authenticating, on its behalf, the cluster members and issuing private keys. HIKES uses a partial key escrow scheme that enables any sensor node selected as a cluster head to generate all the cryptographic keys needed to authenticate other sensors within its cluster. This scheme localizes secret key issuance and reduces the communication cost with the base station. HIKES provides an efficient broadcast authentication in which source authentication is achieved in a single transmission and a good defense for the routing mechanism. HIKES defends the routing mechanism against most known attacks and is robust against node compromise. HIKES also provides high addressing flexibility and network connectivity to all sensors in the network, allowing sensor addition and deletion. Simulation results have shown that HIKES provides an energy-efficient and scalable solution to the key management problem. Copyright © 2012 John Wiley & Sons, Ltd.

A security communication model based on certificateless online/offline signcryption for Internet of Things

Abstract: The communication model of Internet of Things IOT application has some shortcomings in user privacy protection and information security. To solve these shortcomings, we define the formal models of certificateless online/offline signcryption and propose a concrete certificateless online/offline signcryption scheme for IOT environment. Compared with the existing identity-based online/offline signcryption schemes that do not require the plaintext and the receiver's identity in the offline phase, our scheme has the great advantage of the offline computation cost, offline storage, ciphertext length, and receiver computation cost. Moreover, our scheme achieves known session-specific temporary information security, public verifiability with confidentiality and no key escrow problem. Copyright © 2013 John Wiley & Sons, Ltd.

Efficient and provably-secure certificateless proxy re-encryption scheme for secure cloud data sharing

Abstract: In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption (PRE) as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE (CL-PRE) scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Diffie-Hellman (CDH) problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.

Identity escrow management for minimal disclosure credentials

Abstract: The subject disclosure is directed towards identity escrow management where anonymous online users can be de-anonymized if certain conditions are met. An auditor is configured to control a user's anonymity using a prime-order cryptographic group based encryption scheme. Via an authentication component, the auditor verifies that a pseudonym corresponding to the user's identity was encrypted correctly. If valid, the auditor decrypts encrypted pseudonym data using a private cryptographic key based upon the prime-order cryptographic group.

Method and system for certificateless and pairing-free identity-based proxy signcryption

Abstract: The embodiment of the invention provides a method and a system for certificateless and pairing-free identity-based proxy signcryption. The method mainly comprises the following steps: a sender generates a private key and a public key thereof according to common parameters of the system and identity information parameters of the sender, generates proxy information based on the private key and the public key thereof, and sends the proxy information to a proxy; after the proxy information passes verification of the proxy, the proxy generates a proxy key, performs signcryption on a message needing to be sent based on the proxy key and the common parameters of the system to obtain a signcrypted message and an intermediate parameter, and sends the signcrypted message and the intermediate parameter to a receiver; and the receiver recovers the signcrypted message with the use of the intermediate parameter and the common parameters of the system to obtain a recovered message, and verifies the recovered message. The certificateless and pairing-free identity-based proxy signcryption scheme provided by the embodiment of the invention has both signature and encryption characteristics and has the feature of proxy. A key generation center only generates part of keys of a user, no certificate is needed, and the problem of key escrow is solved.

Secure Certificateless Signature with Revocation in the Standard Model

Abstract: Certificateless public key cryptography is very attractive in solving the key escrow problem which is inherent in identity- (ID-) based public key cryptography. In the past, a large number of certificateless cryptographic schemes and protocols were presented, but a secure certificateless signature in the standard model (without random oracles) is still not accessible until now. To the best of our knowledge, all the previously proposed certificateless signature schemes were insecure under a considerably strong security model in the sense that they suffered from outsiders’ key replacement attacks or the attacks from the key generation center (KGC). In this paper, we propose a certificateless signature scheme without random oracles. Moreover, our scheme is secure under the strong security model and provides a public revocation mechanism, called revocable certificateless signature (RCLS). Under the standard computational Diffie-Hellman assumption, we formally demonstrate that our scheme possesses existential unforgeability against adaptive chosen-message attacks.

An Efficient and Provable Secure Certificateless Identification Scheme in the Standard Model

Abstract: In Asiacrypt 2003, Al-Riyami and Paterson proposed the notion of certificateless cryptography, a technique to remove key escrow from traditional identity-based cryptography as well as circumvent the certificate management problem of traditional public key cryptography. Subsequently much research has been done in the realm of certificateless encryption and signature schemes, but little to no work has been done for the identification primitive until 2013 when Chin et al. rigorously defined certificateless identification and proposed a concrete scheme. However Chin et al.’s scheme was proven in the random oracle model and Canetti et al. has shown that certain schemes provable secure in the random oracle model can be insecure when random oracles are replaced with actual hash functions. Therefore while having a proof in the random oracle model is better than having no proof at all, a scheme to be proven in the standard model would provide stronger security guarantees. In this paper, we propose the first certificateless identification scheme that is both efficient and show our proof of security in the tandard model, that is without having to assume random oracles exist.

Cryptanalysis and improvement of a certificateless encryption scheme in the standard model

Abstract: Certificateless public key cryptography eliminates inherent key escrow problem in identity-based cryptography, and does not yet requires certificates as in the traditional public key infrastructure. In this paper, we give crypt-analysis to Hwang et al.'s certificateless encryption scheme which is the first concrete certificateless encryption scheme that can be proved to be secure against "malicious-but-passive" key generation center (KGC) attack in the standard model. Their scheme is proved to be insecure even in a weaker security model called "honest-but-curious" KGC attack model. We then propose an improved scheme which is really secure against "malicious-but-passive" KGC attack in the standard model.

Balancing Societal Security and Individual Privacy: Accountable Escrow System

Abstract: Privacy is a core human need, but society sometimes has the requirement to do targeted, proportionate investigations in order to provide security. To reconcile individual privacy and societal security, we explore whether we can have surveillance in a form that is verifiably accountable to citizens. This means that citizens get verifiable proofs of the quantity and nature of the surveillance that actually takes place. In our scheme, governments are held accountable for the extent to which they exercise their surveillance power, and political parties can pledge in election campaigns their intention about reducing (or increasing) this figure. We propose a general idea of accountable escrow to reconciling and balancing the requirements of individual privacy and societal security. We design a balanced crypto system for asynchronous communication (e.g., email). We propose a novel method for escrowing the decryption capability in public-key cryptography. A government can decrypt it in order to conduct targeted surveillance, but doing so necessarily puts records in a public log against which the government is held accountable.

POSTER: a pairing-free certificateless hybrid sign-cryption scheme for advanced metering infrastructures

Abstract: CertificateLess Hybrid SignCryption (CL-HSC) scheme is useful for efficiently encapsulating symmetric keys for secure communications. It solves the key escrow problem and the certificate management problem. However, the existing scheme is not suitable for Advanced Metering Infrastructure (AMI) networks because of the utilization of expensive pairing operations. As smart meter devices have limited computing power, we need efficient algorithms for AMI networks. In this poster, we propose a novel CL-HSC scheme without pairing operations. In order to evaluate its performance, we implemented our CL-HSC scheme and conventional hybrid encryption approaches. The experimental results show that our CL-HSC scheme is efficient and suitable for secure communications in AMI networks.

Secure Escrow Transaction System

Abstract: A method and device for conducting a secure transaction, where a buyer and seller have account information on an escrow server including assigned buyer and seller account identification numbers, the buyer and seller authenticate their identities using respective devices, the seller constructs an offer template using their seller device where the offer template includes the seller account number combined with information sufficient to identify the item(s) being sold, the item(s) price and the total amount of the transaction, the buyer communicates their buyer account number to the seller device, the seller combines the buyer account number with the offer template to create a digitally signed offer which is sent to the escrow server, the escrow server then generates and communicates an escrow code to the parties, whereupon payment authorization of the escrow transaction may be completed.

Certificateless identification protocols from super singular elliptic curve

Abstract: To transmit information through very limited secure channels, we can use public key cryptosystems. A new kind of public key system, called identity-based public key system, sets the users' public identity, for example, their email addresses, as their public key. This characteristic of identity-based public key systems decreases expense and increases speed in executing many important protocols in data security such as cryptography, identification, key agreement, and digital signatures. But, the major shortcoming of these systems is Key Escrow legal key retrieval and also the key generation center's ability to impersonate users. In this paper, two certificateless identity-based identification schemes devoid of the aforementioned shortcomings are represented. These are Challenge-response Identification protocols. Also, the second scheme introduced in this paper has the batch verification quality. The security analysis of the introduced schemes will come at the end. Copyright © 2013 John Wiley & Sons, Ltd.

Pairing-Free Certificateless Signature with Security Proof

Abstract: Since certificateless public key cryptosystem can solve the complex certificate management problem in the traditional public key cryptosystem and the key escrow problem in identity-based cryptosystem and the pairing computation is slower than scalar multiplication over the elliptic curve, how to design certificateless signature (CLS) scheme without bilinear pairings is a challenge. In this paper, we first propose a new pairing-free CLS scheme, and then the security proof is presented in the random oracle model (ROM) under the discrete logarithm assumption. The proposed scheme is more efficient than the previous CLS schemes in terms of computation and communication costs and is more suitable for the applications of low-bandwidth environments.

A Revocable Certificateless Signature Scheme

Abstract: Certificateless public key cryptography (CLPKC), with properties of no key escrow and no certificate, has received a lot of attention since its invention. However, how to revoke a user in certificateless cryptosystem still remains a problem: the existing solutions are not practical for use due to either a costly mediator or enormous computation (secret channel). In this paper, we present a new approach to solve the revocation problem in CLPKC, by giving a concrete revocable certificateless signature scheme. The new scheme is more efficient than the existing solutions and is provably secure under the Computational Diffie-Hellman assumption.

Lattice-based certificateless public-key encryption in the standard model

Abstract: The notion of certificateless public-key encryption (CL-PKE) was introduced by Al-Riyami and Paterson in 2003 that avoids the drawbacks of both traditional PKI-based public-key encryption (i.e., establishing public-key infrastructure) and identity-based encryption (i.e., key escrow). So CL-PKE like identity-based encryption is certificate-free, and unlike identity-based encryption is key escrow-free. In this paper, we introduce simple and efficient CCA-secure CL-PKE based on (hierarchical) identity-based encryption. Our construction has both theoretical and practical interests. First, our generic transformation gives a new way of constructing CCA-secure CL-PKE. Second, instantiating our transformation using lattice-based primitives results in a more efficient CCA-secure CL-PKE than its counterpart introduced by Dent in 2008.

An efficient certificateless blind signature scheme without bilinear pairing

Abstract: Recently, the certificateless public key cryptography (CLPKC) has been studied widely since it could solve both of the certificate management problem in traditional public key cryptography (TPKC) and the key escrow problem in the identity-based public key cryptography (ID-based PKC). To satisfy requirements of different applications, many certificateless blind signature (CLBS) schemes using bilinear pairing for the CLPKC setting have been proposed. However, the bilinear pairing operation is very complicated. Therefore, the performance of those CLBS schemes is not very satisfactory. To solve the problem, we propose an efficient CLBS scheme without bilinear pairing. Performance analysis shows that the proposed scheme could reduce costs of computation and storage. Security analysis shows the proposed scheme is provably secure against both of two types of adversaries.

Certificateless key agreement method on basis of mobile Ad Hoc network

Abstract: The invention relates to a certificateless key agreement method on the basis of a mobile Ad Hoc network, which comprises the following steps of: 1, initializing a system network; 2, constructing a network main private key, i.e. selecting a (t-1)th-degree polynomial to exchange necessary information at each node, enabling random t nodes or more than t nodes to mutually cooperate to obtain the network main private key and simultaneously obtaining a network public key; 3, generating key pairs for the nodes by utilizing the main private key in the network; 4, carrying out secrete communication among the nodes by utilizing the generated keys so as to implement the encrypting and decrypting process. The certificateless key agreement method has no problems of certificate verification and key escrow when implementing key agreement; meanwhile, dangerous nodes can be detected; moreover, a recommended encrypting scheme can have fewer encrypting items on the premise of ensuring security and the calculated amount and the communication traffic are reduced, and thus, the certificateless key agreement method has good practicality and security.

Cryptanalysis and Improvement of a Certificateless Multi-proxy Signature Scheme

Abstract: Certificateless cryptography is a new type of public key cryptography, which removes the certificate management problem in traditional public key cryptography and the key escrow problem in identity-based public key cryptography Multi-proxy signature is an extension of proxy signature, which allows an original signer authorizing a group of proxy signers and only the cooperation of all proxy signers in the group can create valid proxy signatures on behalf of the original signer Recently, Jin and Wen combined certificateless cryptography with multi-proxy signature, and proposed a model as well as a concrete scheme of certificateless multi-proxy signature They claimed that their scheme is provably secure in their security model Unfortunately, in this paper by giving two attacks, we will show that their certificateless multi-proxy signature scheme can be broken The first attack indicates their security model is flawed and the second attack indicates their certificateless multi-proxy signature scheme is insecure Possible improvements are also suggested to prevent these attacks