Key escrow

About: Key escrow is a research topic. Over the lifetime, 1162 publications have been published within this topic receiving 19616 citations.

Improved Identity Based Encryption System (IIBES): A Mechanism for Eliminating the Key-Escrow Problem

Abstract: A revolutionary change to public-key cryptography can be considered as an Identity Based Cryptography (IBC) in which identity of the receiver is being used as a public key for encrypting a message and Key Generation Centre (KGC). IBC will generate and distribute the private key to each user to decrypt a message. The thought behind presenting the scheme was to improve and reduce the complexity of certificate and key management, but it also gives rise to key escrow problem, access to encrypted information to unauthorized users. The paper represents Improved Identity-Based Encryption Scheme (IIBES) for Domain Name System (DNS) security which provides confidentiality and authentication through modified identity based encryption and identity based digital signatures. The IIBES comprises key revocation mechanism for non-revoked users and also eliminates key escrow problem. Thus, the IIBES aids to implement the identity-based cryptography more safely in reality and protects DNS against cache poisoning, spoofing attack and masquerade attack. Doi: 10.28991/esj-2021-01259 Full Text: PDF

Certificateless Provable Group Shared Data Possession with Comprehensive Privacy Preservation for Cloud Storage

Abstract: Provable Data Possession (PDP) protocol makes it possible for cloud users to check whether the cloud servers possess their original data without downloading all the data. However, most of the existing PDP schemes are based on either public key infrastructure (PKI) or identity-based cryptography, which will suffer from issues of expensive certificate management or key escrow. In this paper, we propose a new construction of certificateless provable group shared data possession (CL-PGSDP) protocol by making use of certificateless cryptography, which will eliminate the above issues. Meanwhile, by taking advantage of zero-knowledge protocol and randomization method, the proposed CL-PGSDP protocol leaks no information of the stored data and the group user’s identity to the verifiers during the verifying process, which is of the property of comprehensive privacy preservation. In addition, our protocol also supports efficient user revocation from the group. Security analysis and experimental evaluation indicate that our CL-PGSDP protocol provides strong security with desirable efficiency.

Efficient Deduplicated Reporting in Fog-Assisted Vehicular Crowdsensing

Abstract: In this paper, we propose an efficient deduplicated reporting scheme in fog-assisted vehicular crowdsensing. Based on a certificateless aggregate signcryption scheme (CLASC), the proposed scheme provides a promising approach for improving storage and communication overhead while maintaining content privacy. Specifically, roadside units (RSUs) as fog nodes are able to detect and remove any replicate crowdsensing reports without accessing information about their contents. Furthermore, the proposed scheme achieves fairness between vehicles whose reports are reduplicated and deleted. The scheme is designed with security properties, including report confidentiality, integrity, mutual authenticity, privacy, anonymity, secure data deduplication and key escrow resilience. To conclude, we elaborate on the achievement of secure data deduplication property and demonstrate the efficiency of the low computational and communication overhead of the proposed scheme.

A certificateless proxy re-signature scheme

Abstract: Proxy re-signature is greatly concerned by researchers recently. It is a very useful tool for sharing web certificates, forming weak group signatures, and authenticating a network path. In this paper, we propose the first certificateless proxy re-signature scheme. Based on certificateless public cryptosystem, the scheme solves the using of certificate in certificate-based scheme and removes key escrow in ID-based scheme. Analysis shows that the proposed scheme can satisfy the required properties of proxy re-signature, and it can avoid public key replacement attack and malicious KGC attack.

McCLS: Certificateless Signature Scheme for Emergency Mobile Wireless Cyber-Physical Systems

Abstract: Mobile Ad Hoc Network is a self-configurable and self-organizing wireless network of mobile devices without fixed infrastructure support, which makes it a good candidate as underlying communication network for the Cyber-Physical Systems in emergency conditions such as earthquake, flood, and battlefields. In these scenarios, efficient communication schemes with security support are especially desired. Two cryptography approaches, the public key cryptography and the identitybased cryptography, face the costly and complex key management problem and the “key escrow" problem in the real-life deployment. Recently, the certificateless public key cryptography (CL-PKC) was introduced to address these problems in previous approaches. However, the efficiency of the schemes based on CL-PKC is not high and can be improved further. In this paper, we present an improved certificateless signature scheme (McCLS) based on bilinear pairings. First, we theoretically compare the efficiency of McCLS with that of existing certificateless signature schemes (CLS). Second, an empirical study is conducted to compare the traditional AODV with the McCLS scheme based on AODV (McDV) in their efficiency and effectiveness against two most common attacks (i.e. redirection attack and rushing attack). Results from theoretical analysis show that the new McCLS scheme is more efficient than existing CLS solutions, and results from empirical studies show that the McDV is able to resist the two common attacks without causing substantial degradation of the network performance.