Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.

Research on Certificateless Public Key Cryptography

Abstract: Certificateless public key cryptography (CL-PKC for short) is a new type of public key cryptography, which is developed on the foundation of identity based cryptography (ID-PKC for short). CL-PKC elimilates the key escrow problem and the need for public key certificate. These two advantages are what makes it attractive to the research community and industrial world form the beginning of its birth. It has been a very active research hot topic in the field of cryptology and information security. In about seven years, the study of CL-PKC has advanced step by step, making its theories and techniques more and more enriching. This paper revisits, analyzes, compares, and briefly reviews some of the main results. Furthermore, this study discusses some existing problems in this research field that deserve further investigation.

A Provably-Secure Outsourced Revocable Certificateless Signature Scheme Without Bilinear Pairings

Abstract: Certificateless public key cryptosystem (CLPKC) is a desirable cryptographic system because it refrains from both certificate management and key escrow. In CLPKC, how to revoke a misbehaving or compromised user is an important issue. However, the existing revocable methods in CLPKC are impractical because of the use of either an expensive mediator or a burdensome key generation center (KGC). In order to overcome this drawback, we introduce outsourcing computation into CLPKC for the first time and design an outsourced revocable certificateless signature (ORCLS) scheme, and the revocation functionality is outsourced to a cloud server. The amount of computation needed to revoke a user is borne by the cloud server, which greatly reduces the burden on the KGC. In the rest of this paper, we formalize the definition and the security model for an ORCLS scheme and construct the first ORCLS scheme without bilinear pairings. It is proved that our scheme is existential unforgeable against adaptive chosen-message attacks from Type I, Type II, Type III, and Type IV adversaries under the elliptic curve discrete logarithm problem. Moreover, our scheme needs less computational cost and communication overhead and thus is more efficient than the other proposed revocable certificateless signature schemes so far.

An Efficient, Hybrid Authentication Using ECG and Lightweight Cryptographic Scheme for WBAN

Abstract: The Wireless Body Area Network (WBAN) plays a pivotal role in providing ubiquitous computing and has applications in different fields, especially in health monitoring. The advancement in wearable devices has revolutionized the concept of medical services and brought ease to our daily lives. However, the latent threat imposed by attackers has increased concerns related to the security and privacy of patient’s data due to the open nature of the wireless network. The authentication schemes are used to secure patient’s critical data from different types of cyber-attacks. In this paper, we extend our previous work by presenting an anonymous, hybrid authentication scheme that utilized physiological signals in combination with a lightweight cryptographic method to provide robust security against well-known attacks especially key escrow, base station compromise, and untraceability of sessions. The broadly accepted BAN logic is utilized to offer formal proof of mutual authentication and key agreement. The informal verification is performed by the Automated Validation of Internet Security Protocol and Applications (AVISPA) tool. Furthermore, the comparative analysis of the proposed scheme with peer work highlighted that it accomplished better security at low computational, communicational, energy consumption, and storage overheads.