Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 9 4 5 1 8 8 6 E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April. 30. 2003 Seo, Seung-Hyun Dept. of Computer Science and.

Published byJohana Hammock Modified over 10 years ago

Similar presentations

Presentation on theme: "1 9 4 5 1 8 8 6 E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April. 30. 2003 Seo, Seung-Hyun Dept. of Computer Science and."— Presentation transcript:

1 1 9 4 5 1 8 8 6 E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April. 30. 2003 Seo, Seung-Hyun Dept. of Computer Science and Engineering EWHA Womans University, Seoul, Korea happyday@ewha.ac.kr

2 EWHA WOMANS UNIVERSITY 2 Contents Introduction Notations Brief Description of Park-Lees Scheme Proposed Nominative Proxy Signature Scheme Security Analysis Conclusions

3 EWHA WOMANS UNIVERSITY 3 It is a useful method for secure mobile communication Introduction(1/3) Definition of Nominative Proxy Signatures – The nominative proxy signature scheme : the designated proxy signer generates the nominative signature and transmits it to a verifier – It provides mobile users anonymity and decreases the mobile users computational cost.

4 EWHA WOMANS UNIVERSITY 4 Introduction(2/3) To construct a nominative proxy signature scheme: 1. The original signer can delegate his signing operation to the proxy signer. 2. Only the delegated proxy signer can nominate the verifier, and create the nominative proxy signature. 3. Only the nominee(verifier) can verify the nominator(proxy signer)s signature. 4. If necessary, only the nominee can prove to the third party that the signature was issued to him by the nominator and it is valid.

5 EWHA WOMANS UNIVERSITY 5 Introduction(3/3) Our objectives – Point out the weaknesses of Park-Lees scheme ICICS 2001, Park and Lees scheme doesnt provide the non-repudiation – Design the new nominative proxy signature scheme To satisfy the four requirements for the nominative proxy signature To solve the weaknesses of Park-Lees scheme

6 EWHA WOMANS UNIVERSITY 6 Notations A : an original signer, mobile user G : a proxy agent (a nominator) B : a verifier ( a nominee) : a large prime : a prime factor of : a generator for : a strong one-way hash function : a message : a warrant which contains the original signers ID, the proxy agents ID, and the delegation period : a private key / a public key of A : a private key / a public key of G : a private key / a public key of B

7 EWHA WOMANS UNIVERSITY 7 Brief Description of Park-Lee s Scheme(1/2) 2001, Park & Lee A G B chooses computes verifies ? chooses computes ? checks [secure channel] <Proxy verification & Nominative proxy signing step > <Nominative proxy signature verification step>

8 EWHA WOMANS UNIVERSITY 8 Cryptanalysis of Park-Lees Scheme – It doesnt provide non-repudiation – [ The Attack Scenario(in case of dishonest original signer) ] Brief Description of Park-Lee s Scheme(2/2) chooses AB computes chooses computes ? verifies (dishonest original signer) (Verifier )

9 EWHA WOMANS UNIVERSITY 9 Proposed Nominative Proxy Signature Scheme(1/2) A (original signer) G (proxy agent) chooses computes ? checks computes [ Proxy signature key generation phase ]

10 EWHA WOMANS UNIVERSITY 10 Proposed Nominative Proxy Signature Scheme(2/2) B (verifier) G (proxy agent) chooses computes [ Nominative proxy signature generation phase ] [ Nominative proxy signature verification phase ] ? < Verification of the nominative proxy signature > computes checks

11 EWHA WOMANS UNIVERSITY 11 Security Analysis(1/3) Our scheme satisfies the four conditions for the nominative proxy signature scheme. 1.The original signer can delegate his signing operation to the proxy signer. Because the original signer generates the proxy with his private key and transmits it to the proxy agent. 2.Only the delegated proxy signer can nominate the verifier, and create the nominative proxy signature. Because the proxy signature key includes the proxy agents private key. 3.Only the nominee(verifier) can verify the nominator(proxy signer)s signature. Because the verifiers private key is required to verify the nominative proxy signature.

12 EWHA WOMANS UNIVERSITY 12 Security Analysis(2/3) 4.If necessary, only the nominee can prove to the third party that the signature was issued to him by the nominator and it is valid. By confirmation protocol, only nominee(verifier B) can prove to the third party without revealing Nominee B The third party chooses computes chooses computes ? verifies ? ?

13 EWHA WOMANS UNIVERSITY 13 Security Analysis(3/3) Unlike Park-Lees scheme, our scheme has two additional properties 1.It provides the non-repudiation. : Because only the proxy agent can compute a proxy signature key, only he can create the nominative proxy signature. And, because his public key are used in the nominative proxy signature verification phase, the verifier can check the proxy agents private key was included or not. 2. It doesnt need the secure channel between the original signer and the proxy agent.

14 EWHA WOMANS UNIVERSITY 14 Conclusions In this paper, – We show that Park-Lees scheme doesnt provide the non- repudiation. – We propose the new nominative proxy signature scheme Solves the weakness of Park-Lees scheme(i.e., Our scheme provides the non-repudiation property.) Satisfies four conditions for the nominative proxy signature scheme Decreases the users computational cost by using the proxy agent Doesnt need the secure channel

Download ppt "1 9 4 5 1 8 8 6 E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April. 30. 2003 Seo, Seung-Hyun Dept. of Computer Science and."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.

1 Key Exchange Solutions Diffie-Hellman Protocol Needham Schroeder Protocol X.509 Certification.
Atomic Transactions CS523 - Spring 2006 - Brian Schmidt.

Atomic Transactions CS523 - Spring Brian Schmidt.
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.
Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *

Anonymity without Sacrificing Performance Enhanced Nymble System with Distributed Architecture CS 858 Project Presentation Omid Ardakanian * Nam Pham *
A New Approach of Signing Documents with Symmetric Cryptosystems and an Arbitrator Nol Premasathian Faculty of Science King Mongkut’s.

A New Approach of Signing Documents with Symmetric Cryptosystems and an Arbitrator Nol Premasathian Faculty of Science King Mongkut’s.
Rennes, 24/10/2014 Cristina Onete CIDRE/ INRIA Privacy in signatures. Hiding in rings, hiding in groups.

Rennes, 24/10/2014 Cristina Onete CIDRE/ INRIA Privacy in signatures. Hiding in rings, hiding in groups.
Cryptanalysis of a Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol Source: Information Sciences in review Presenter: Tsuei-Hung.

Cryptanalysis of a Communication-Efficient Three-Party Password Authenticated Key Exchange Protocol Source: Information Sciences in review Presenter: Tsuei-Hung.
Off-the-Record Communication, or, Why Not To Use PGP

Off-the-Record Communication, or, Why Not To Use PGP
Efficient Signature Generation by Smart Cards 20103112 Suk Ki Kim 20103114 Sunyeong Kim.

Efficient Signature Generation by Smart Cards Suk Ki Kim Sunyeong Kim.
This document and the information therein are the property of Morpho, They must not be copied or communicated to a third party without the prior written.

This document and the information therein are the property of Morpho, They must not be copied or communicated to a third party without the prior written.
BY JYH-HAW YEH COMPUTER SCIENCE DEPT. BOISE STATE UNIVERSITY Proxy Credential Forgery Attack to Two Proxy Signcryption Schemes.

BY JYH-HAW YEH COMPUTER SCIENCE DEPT. BOISE STATE UNIVERSITY Proxy Credential Forgery Attack to Two Proxy Signcryption Schemes.
A Pairing-Based Blind Signature

A Pairing-Based Blind Signature
Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,

Further improvement on the modified authenticated key agreement scheme Authors: N.Y. Lee and M.F. Lee Source: Applied Mathematics and Computation, Vol.157,
Tamper-Evident Digital Signatures: Protecting Certification Authorities Against Malware Jong Youl Choi Computer Science Dept. Indiana University at Bloomington.

Tamper-Evident Digital Signatures: Protecting Certification Authorities Against Malware Jong Youl Choi Computer Science Dept. Indiana University at Bloomington.
1 Secure Credit Card Transactions on an Untrusted Channel Source: Information Sciences in review Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/24.

1 Secure Credit Card Transactions on an Untrusted Channel Source: Information Sciences in review Presenter: Tsuei-Hung Sun ( 孫翠鴻 ) Date: 2010/9/24.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC513-01 Instructor:Professor Anvari Student ID:106845 Name:Xin Wen Date:11/25/00.

6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :11.23 1.

A Secure Remote User Authentication Scheme with Smart Cards Manoj Kumar 報告者 : 許睿中 日期 :

Similar presentations

Ads by Google