Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.

A practical identity-based signature scheme

Abstract: Many identity-based signature (IBS) schemes solving key escrow were proposed. But the updating of the private keys wasn’t discussed in these literatures. For the problem of key update, an identity-based key-insulated signature scheme with secure key-updates has been proposed. But their scheme inherited the key escrow property. In this paper, we propose a new identity-based strong key-insulated signature scheme without key escrow. It makes the IBS scheme more applicable to the real world. After analyzing the security and the performance, an application example in E-passport passive authentication scenario is described.

A Certificateless One-Way Group Key Agreement Protocol for End-to-End Email Encryption

Abstract: Over the years, email has evolved into one of the most widely used communication channels for both individuals and organizations. However, despite near ubiquitous use in much of the world, current information technology standards do not place emphasis on email security. Not until recently, webmail services such as Yahoo's mail and Google's gmail started to encrypt emails for privacy protection. However, the encrypted emails will be decrypted and stored in the service provider's servers. If the servers are malicious or compromised, all the stored emails can be read, copied and altered. Thus, there is a strong need for end-to-end (E2E) email encryption to protect email user's privacy. In this paper, we present a certificateless one-way group key agreement protocol with the following features, which are suitable to implement E2E email encryption: (1) certificateless and thus there is no key escrow problem and no public key certificate infrastructure is required; (2) one-way group key agreement and thus no back-and-forth message exchange is required; and (3) n-party group key agreement (not just 2- or 3-party). This paper also provides a security proof for the proposed protocol using "proof by simulation". Finally, efficiency analysis of the protocol is presented at the end of the paper.

An Edge‐Cloud Collaborative Cross‐Domain Identity‐Based Authentication Protocol with Privacy Protection

Abstract: Edge-cloud collaborative application scenario is more complex, it involves collaborative operations among different security domains, frequently accessing and exiting application system of mobile terminals. A cross-domain identity authentication protocol based on privacy protection is proposed. The main advantages of the protocol are as follows. 1) Self-certified key generation algorithm: the public/private key pair of the mobile terminal is generated by the terminal members themselves. It avoids security risks caused by third-party key distribution and key escrow; 2) Cross-domain identity authentication: the alliance keys are calculated among edge servers through blockchain technology. Cross-domain identity authentication is realized through the signature authentication of the alliance domain. The cross-domain authentication process is simple and efficient; 3) Revocability of identity authentication: When the mobile terminal has logged off or exited the system, the legal identity of the terminal in the system will also become invalid immediately, so as to ensure the forward and backward security of accessing system resources. Under the hardness assumption of discrete logarithm problem and computational Diffie-Hellman problem, the security of the protocol is proven, and the efficiency of the protocol is verified.

A Certificateless-Based Authentication and Key Agreement Scheme for IIoT Cross-Domain

Abstract: The Industrial Internet of Things (IIoT) improves productivity and intelligent manufacturing process through revolutionary technology. Due to the complexity of the manufacturing process, cross-domain access is inevitable. Recently, Meng et al. proposed a secure and efficient blockchain-assisted entity authentication mechanism BASA for IIoT cross-domain. In the BASA scheme, the authors utilized identity-based signature (IBS) to realize mutual authentication and the Ephemeral Elliptic Curve Diffie-Hellman (ECDHE) exchange mechanism to negotiate the session key. Due to the inherent key escrow problem of identity-based cryptography (IBC), the key generation center (KGC) can obtain the session key negotiated between two entities distributed in different domains. When KGC is threatened, the security of the session key is worrying. Considering this security concern, based on the BASA scheme, in this article, we first show a secure and efficient certificateless public-key signature (CL-PKS) scheme with anonymity. Then, combined with the ECDHE key exchange mechanism, we give an efficient cross-domain authentication and key agreement scheme CL-BASA with the aid of consortium blockchain. After that, we make security verification by the formal analysis tool, Tamarin, which shows that our CL-BASA is secure. The evaluation demonstrates that our CL-BASA may have a slight disadvantage in storage overhead, but it has obvious advantages than competitor schemes in terms of communication overhead and computational overhead.

Multiple and Unlinkable Public Key Encryption without Certificates

Abstract: We newly propose a multiple and unlinkable identity-based public key encryption scheme which allows the use of a various number of identity-based public keys in different groups or applications while keeping a single decryption key so that the decryption key can decrypt every ciphertexts encrypted with those public keys. Also our scheme removes the use of certificates as well as the key escrow problem so it is functional and practical. Since our public keys are unlinkable, the user's privacy can be protected from attackers who collect and trace the user information and behavior using the known public keys. Furthermore, we suggest a decryption key renewal protocol to strengthen the security of the single decryption key. Finally, we prove the security of our scheme against the adaptive chosen-ciphertext attack under the random oracle model.