Time filter

Source Type

Chen J.,Shanghai JiaoTong University | Chen J.,Huaiyin Institute of Technology | Chen K.,Shanghai JiaoTong University | Chen K.,National Laboratory of Modern Communications | Long Y.,Shanghai JiaoTong University
High Technology Letters | Year: 2012

Due to the compromise of the security of the underlying system or machine storing the key, exposure of the private key can be a devastating attack on a cryptosystem. Key insulation is an important technique to protect private keys. To deal with the private (signing) key exposure problem in identity-based signature systems, we propose an identity-based threshold key-insulated signature (IBTKIS) scheme. It strengthens the security and flexibility of existing identity-based key-insulated signature schemes. Our scheme's security is proven in the random oracle model and rests on the hardness of the computational Diffie-Hellman problem in groups equipped with a pairing. To the best of our knowledge, it is the first IBTKIS scheme up to now. Copyright © by HIGH TECHNOLOGY LETTERS PRESS.

Wang J.,Shanghai JiaoTong University | Li X.,East China Normal University | Chen K.,Shanghai JiaoTong University | Zhang W.,National Laboratory of Modern Communications
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | Year: 2012

The nonlinear filter generator (NLFG) is a powerful building block commonly used in stream ciphers. In this paper, we present the direct sum decomposition of the NLFG output sequence that leads to a system of linear equations in the initial state of the NLFG and further to an efficient algebraic attack. The coefficients of the equation system rely only on the NLFG structure. The attack is operated in an online/offline manner, doing most of the work (determining the coefficients of the equation system) in the offline phase. Thus the online phase is very fast, requiring only four multiplications and one diagonalization of n x n matrices. Compared with related works, our attack has the advantages in both online computation cost and success probability. On the one hand, far fewer output bits and significantly less matrix computation are required in our attack, although the online computation complexity O(LC) (LC is the linear complexity of the output sequence) is the same as in the known Rønjom-Helleseth attack. On the other hand, the success probability of the attack is analyzed in this paper, different from most prior work. The success probability of this algebraic attack is 1- 2 -φ(2n - 1) (φ(·) is the Euler function), which is much greater than 1 - 2 -n , the success probability of the Rønjom-Helleseth attack. © 2012 Springer-Verlag.

Hong X.,Shanghai Normal University | Chen K.-F.,Shanghai JiaoTong University | Chen K.-F.,National Laboratory of Modern Communications | Wan Z.-M.,Shanghai JiaoTong University
Ruan Jian Xue Bao/Journal of Software | Year: 2010

The paper presents a simple proxy re-signature scheme and its two equivalent security model. One is based on the universal composability framework, another is game-based security model. The proposed scheme is bidirectional, multi-use, transitive and key optimal. It is very attractive for its simplicity. Its security can be reduced to the Computational Diffie-Hellman assumption in the Random Oracle Model. It is also secure under the universal composability framework. © by Institute of Software, the Chinese Academy of Sciences. All rights reserved.

Gong Z.,University of Twente | Long Y.,Shanghai JiaoTong University | Hong X.,Shanghai JiaoTong University | Chen K.,Shanghai JiaoTong University | Chen K.,National Laboratory of Modern Communications
Journal of Information Science and Engineering | Year: 2010

Aggregate signature is a digital signature with a striking property that anyone can aggregate n individual signatures on n different messages which are signed by n distinct signers, into a single compact signature to reduce computational and storage costs. In this work, two practical certificateless aggregate signature schemes are proposed from bilinear maps. The first scheme CAS-X reduces the costs of communication and signer-side computation but trades off the storage, while CAS-2 minimizes the storage but sacrifices the communication costs. One can choose either of the schemes by consideration of the application requirement. Compare with ID-based schemes, our schemes do not entail public key certificates as well and achieve the trust Level 3, which imply the frauds of the authority are detectable. Both of the schemes are proven secure in the random oracle model by assuming the intractability of the computational Diffie-Hellman problem over the groups with bilinear maps, where the forking lemma technique is avoided.

Long Y.,Shanghai JiaoTong University | Long Y.,National Laboratory of Modern Communications | Chen K.,Shanghai JiaoTong University | Chen K.,National Laboratory of Modern Communications
Information Sciences | Year: 2010

As a practical extension of our previous work on certificateless threshold cryptosystem, this paper proposes the first direct certificateless threshold key encapsulation mechanism that inherits the same trust level of the original scheme and removes the length limitation of a traditional public key encryption. Security against threshold chosen-ciphertext attacks are proved in a random oracle model under a new assumption. It tolerates the Type I adversary that can replace public keys and the Type II adversary that has access to the system's master key. The implied encapsulation scheme is very efficient when compared to the most efficient schemes in a traditional public key cryptosystem, and it is slightly more efficient in terms of key length and encapsulation speed when compared to the identity-based cryptosystems that have the same ciphertext overhead. Finally, we describe several potential modifications of our scheme. © 2009 Elsevier Inc. All rights reserved.

Discover hidden collaborations