Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.

A New ID-based Group Signature Scheme from Bilinear Pairings.

Abstract: We argue that traditional ID-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we propose new ID-based public key systems without trusted PKG (Private Key Generator) from bilinear pairings. In our new ID-based systems, if the dishonest PKG impersonates an honest user to communicate with others, the user can provide a proof of treachery of the PKG afterwards, which is similar to CA-based systems. Therefore, our systems reach the Girault’s trusted level 3. Furthermore, we propose a group signature scheme under the new systems, the security and performance of which rely on the new systems. The size of the group public key and the length of the signature are independent on the numbers of the group.

Cryptanalysis of Three Certificate-Based Authenticated Key Agreement Protocols and a Secure Construction.

Abstract: Certificate-based cryptography is a new public-key cryptographic paradigm that has very appealing features, namely it simplifies the certificate management problem in traditional public key cryptography while eliminating the key escrow problem in identity-based cryptography. So far, three authenticated key agreement (AKA) protocols in the setting of certificate-based cryptography have been proposed in the literature. Unfortunately, none of them are secure under the public key replacement (PKR) attack. In this paper, we first present a security model for certificate-based AKA protocols that covers the PKR attacks. We then explore the existing three certificate-based AKA protocols and show the concrete attacks against them respectively. To overcome the weaknesses in these protocols, we propose a new certificate-based AKA protocol and prove its security strictly in the random oracle model. Performance comparison shows that the proposed protocol outperforms all the previous certificate-based AKA protocols.

Mediated certificateless cryptosystem for the security of data in public cloud

Abstract: Security is a serious issue in cloud computing. Encryption is the solution for the security in cloud. There are many encryption techniques. Each one has its own merits and demerits. In the case of identity based encryption it is free from security mediator, predefined keys are there, and have the problem of key escrow and certificate revocation. Then the arrival of mediated certificateless scheme eliminates the key escrow problem, and certificate revocation problem. In certificateless encryption scheme, key generation process is divided in between the user and the cloud. In our system data owner encrypt the data using its secret key. Then the data owner encrypt the secret key twice. Hence formed intermediate keys. Then send this encrypted data and intermediate keys to cloud. The cloud partially decrypt the intermediate key and send partially decrypted data and encrypted data to required user. The user decrypt the partialy decrypted data. Then the user will get the required key for decryption. so the user can decrypt it completly.The main advantage of our system is, the data owner can send same data to multiple clients with minimum cost.

A Post-quantum Certificateless Ring Signature Scheme for Privacy-Preserving of Blockchain Sharing Economy

Abstract: Classical cryptography is no longer secure under quantum computing background. In traditional sharing economy, the centralized management mode leads to data tampering and privacy leakage problems. Targeting at these problems, in our paper, a novel privacy protection scheme is designed for sharing economy based on blockchain. Firstly, we propose a post-quantum certificateless ring signature algorithm over lattice, which can hide the signer’s identity information and resist quantum computing attacks. Moreover, our proposed scheme can effectively avoid certificate management problem and third-party central key escrow problem. Secondly, we use the principle of bimodal Gaussian rejection sampling to generate signature. It can reduce the sampling times in signature phase and greatly improves the signature efficiency. Notably, the signature distribution is independent of signer’s private key, which can better avoid the disclosure of signer’s private key information. Thirdly, we construct a blockchain sharing economy transaction scheme based on the proposed signature algorithm that can protect the privacy of user. Finally, security and efficiency of our scheme are analyzed that have lower storage cost and time cost than other related schemes under the random oracle model.

Efficient group key agreement & recovery in ad hoc networks

Abstract: Ad hoc networks are dynamic peer-to-peer wireless networks composed of a collection of nodes which employ wireless transmission methods in a self-organized way without relying on fixed infrastructure or predetermined connectivity. Such networks pose great challenges in group communication. In this paper, we propose an efficient group key agreement and recovery mechanism based on key escrow systems for ad hoc networks. Nodes randomly change their operation and perform authentication services for specific groups.