By Jyh-haw Yeh Boise State University ICIKM 2013.

Slides:



Advertisements
Similar presentations
Boneh-Franklin Identity-based Encryption. 2 Symmetric bilinear groups G = ágñ, g p = 1 e: G G G t Bilinear i.e. e(u a, v b ) = e(u, v) ab Non-degenerate:
Advertisements

SeND Hash Threat Analysis CSI WG Ana Kukec, Suresh Krishnan, Sheng Jiang.
Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.
E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April Seo, Seung-Hyun Dept. of Computer Science and.
An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.
BY JYH-HAW YEH COMPUTER SCIENCE DEPT. BOISE STATE UNIVERSITY Proxy Credential Forgery Attack to Two Proxy Signcryption Schemes.
Hash Function. What are hash functions? Just a method of compressing strings – E.g., H : {0,1}*  {0,1} 160 – Input is called “message”, output is “digest”
Advanced Security Constructions and Key Management Class 16.
Digital Signatures and Hash Functions. Digital Signatures.
Cryptographic Security CS5204 – Operating Systems1.
Payment Systems 1. Electronic Payment Schemes Schemes for electronic payment are multi-party protocols Payment instrument modeled by electronic coin that.
RIKE Using Revocable Identities to Support Key Escrow in PKIs Nan Zhang, Jingqiang Lin, Jiwu Jing, Neng Gao State Key Laboratory of Information Security,
A PASS Scheme in Clouding Computing - Protecting Data Privacy by Authentication and Secret Sharing Jyh-haw Yeh Dept. of Computer Science Boise State University.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
1 Authenticated key agreement without using one-way hash functions Harn, L.; Lin, H.-Y. Electronics Letters, Volume: 37 Issue: 10, 10 May 2001 Presented.
1 Security analysis of an enhanced authentication key exchange protocol Authors : H.Y. Liu, G.B. Horng, F.Y. Hung Presented by F.Y. Hung Date : 2005/5/20.
1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date :
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
Chapter 7-1 Signature Schemes.
Identity-based authenticated key agreement protocol based on Weil pairing N.P.Smart ELECTRONICS LETTERS 20 th June 2002 vol.38 No13 p Present by.
Certificateless Authenticated Two-Party Key Agreement Protocols
Identity Base Threshold Proxy Signature Jing Xu, Zhenfeng Zhang, and Dengguo Feng Form eprint Presented by 魏聲尊.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
J. Wang. Computer Network Security Theory and Practice. Springer 2008 Chapter 4 Data Authentication Part II.
Digital Signature Xiaoyan Guo/ Xiaohang Luo/
Digital Signature Technologies & Applications Ed Jensen Fall 2013.
Cryptography and Network Security Chapter 11 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.
(Multimedia University) Ji-Jian Chin Swee-Huay Heng Bok-Min Goi
Presented by Mike Scott
An Efficient Identity-based Cryptosystem for
Hash Functions A hash function H accepts a variable-length block of data M as input and produces a fixed-size hash value h = H(M) Principal object is.
Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September
Cyrtographic Security Identity-based Encryption 1Dennis Kafura – CS5204 – Operating Systems.
02/22/2005 Joint Seminer Satoshi Koga Information Technology & Security Lab. Kyushu Univ. A Distributed Online Certificate Status Protocol with Low Communication.
Cryptography Encryption/Decryption Franci Tajnik CISA Franci Tajnik.
Lecture 11: Strong Passwords
Topic 22: Digital Schemes (2)
Computer Science CSC 774 Advanced Network Security Topic 2.6 ID Based Cryptography #2 Slides by An Liu.
Basic Cryptography 1. What is cryptography? Cryptography is a mathematical method of protecting information –Cryptography is part of, but not equal to,
Network Security7-1 CIS3360: Chapter 8: Cryptography Application of Public Cryptography Cliff Zou Spring 2012 TexPoint fonts used in EMF. Read the TexPoint.
Linkability of Some Blind Signature Schemes Swee-Huay Heng 1, Wun-She Yap 1 Khoongming Khoo 2 1 Multimedia University, 2 DSO National Laboratories.
Department of Computer Engineering, Kyungpook National University Author : Eun-Jun Yoon, Wan-Soo Lee, Kee-Young Yoo Speaker : Wan-Soo Lee
Cryptanalysis of Some Proxy Signature Schemes without Certificates Wun-She Yap, Swee-Huay Heng Bok-Min Goi Multimedia University.
Electronic signature Validity Model 1. Shell model Certificate 1 Certificate 2 Certificate 3 Signed document Generate valid signature validCheck invalidCheck.
多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity Date: Reporter :Chien-Wen Huang 出處: 2008 Second International Conference on Future.
Identity based signature schemes by using pairings Parshuram Budhathoki Department of Mathematical Science FAU 02/21/2013 Cyber Security Seminar, FAU.
Prepared by Dr. Lamiaa Elshenawy
Key Replacement Attack on a Certificateless Signature Scheme Zhenfeng Zhang and Dengguo Feng Presenter: Yu-Chi Chen.
A new provably secure certificateless short signature scheme Authors: K.Y. Choi, J.H. Park, D.H. Lee Source: Comput. Math. Appl. (IF:1.472) Vol. 61, 2011,
Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.
Hash Functions Ramki Thurimella. 2 What is a hash function? Also known as message digest or fingerprint Compression: A function that maps arbitrarily.
A New Provably Secure Certificateless Signature Scheme Date: Reporter:Chien-Wen Huang 出處 :2008 IEEE International Conference on Communications.
Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 11 September 23, 2004.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
1 An Ordered Multi-Proxy Multi-Signature Scheme Authors: Min-Shiang Hwang, Shiang-Feng Tzeng, Shu-Fen Chiou Speaker: Shu-Fen Chiou.
Cryptographic Security Aveek Chakraborty CS5204 – Operating Systems1.
Key Generation Protocol in IBC Author : Dhruti Sharma and Devesh Jinwala 論文報告 2015/12/24 董晏彰 1.
Cryptographic Hash Function. A hash function H accepts a variable-length block of data as input and produces a fixed-size hash value h = H(M). The principal.
Cryptography and Network Security Chapter 13
P2P encryption by an identity-based one-way group key agreement protocol By Jyh-haw Yeh Boise State University Proceedings of IEEE ICPADS 2014.
What is in a name? Identity-based cryptography. How public-key crypto works When you use public key cryptography, you can publish a value (public key)
Information Security message M one-way hash fingerprint f = H(M)
Digital signatures.
Information Security message M one-way hash fingerprint f = H(M)
Information Security message M one-way hash fingerprint f = H(M)
Pre-image Resistance: Given a, hard to find b such that ____
One Time Signature.
Cryptography Lecture 26.
Presentation transcript:

By Jyh-haw Yeh Boise State University ICIKM 2013

Identity-based Public Key Cryptosystems (IDPKC) How do you know the other party’s public key is a valid one? Traditional PKC requires a certificate authority (CA) to issue a public key certificate. With the certificate, the key can be verified. IDPKC: all public keys are generated based on the owner’s identity. Thus, no CA required.

IDPKC from Pairings Setup: A PKG (public key generator) Additive group, order, a generator Multiplicative group, order A bilinear map System private key s, system public key

Bilinear Pairings Background Bilinearity: Non-degeneracy: Computability: it’s efficient to compute

IDPKC from Pairings Key Generation: for each user Public key, private key Both keys are points in

IDPKC from Pairings Signature Generation: to sign a message Pick a random number Compute, where is the x-coordinate of the point The signature is

IDPKC from Pairings Signature Verification: Verify signature on a message Use the following equation

Potential Security Vulnerability Traditionally cryptographic hash function is defined as Easy forwarding computation Pre-image resistance: given a, it’s hard to compute the pre-image Second pre-image resistance: given, it’s hard to find another such that Collision resistance: it’s hard to find any pair of and such that

Potential Security Vulnerability The hash function used to generate the public key in IDPKC,, might be implemented incorrectly if only based on the traditional definition.

Potential Security Vulnerability For example, the implementer can construct as follows: Use a traditional hash function Let It can be proven that since satisfies the four hash function properties, also satisfies the four hash properties. Using such in IDPKC to generate public keys is not secure.

Potential Security Vulnerability Adversary can derive private key by first computing Since can derive private key by computing

Contribution of the Paper Points out the potential security vulnerability of common IDPKC using pairings. To avoid the vulnerability, the paper defines another property for the hash function used in IDPKC to generate the public key. Ratio resistance: Given any two public keys, it’s hard to find the ratio such that

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.