Presentation is loading. Please wait.

Presentation is loading. Please wait.

多媒體網路安全實驗室 Certificateless multi-proxy signature Date:2011/04/08 報告人:向峻霈 出處 : Zhengping Jin, Qiaoyan Wen: Computer Communications, pp. 344-352,2011.

Published byTamsin Carr Modified over 9 years ago

Similar presentations

Presentation on theme: "多媒體網路安全實驗室 Certificateless multi-proxy signature Date:2011/04/08 報告人:向峻霈 出處 : Zhengping Jin, Qiaoyan Wen: Computer Communications, pp. 344-352,2011."— Presentation transcript:

1 多媒體網路安全實驗室 Certificateless multi-proxy signature Date:2011/04/08 報告人:向峻霈 出處 : Zhengping Jin, Qiaoyan Wen: Computer Communications, pp. 344-352,2011

2 多媒體網路安全實驗室 Outline Introduction 1 Definition of certificateless multi-proxy signature schemes 2 Security model 33 A certificateless multi-proxy signature scheme 44 Conclusion 35 2

3 多媒體網路安全實驗室  The concept of proxy signature was first introduced by Mambo Introduction Original signerProxy signer Signature 3

4 多媒體網路安全實驗室  Hwang  Shi Introduction Original signer Proxy signer AProxy signer BProxy signer C Signature 4

5 多媒體網路安全實驗室  The concept of identity-based cryptography was first introduced by Shamir in 1984 Introduction User identify identities with a master key 5 Public key Private key

6 多媒體網路安全實驗室  IBC 內部問題  密鑰管理問題 Introduction Master key PKG S identities 6

7 多媒體網路安全實驗室  Certificateless public key cryptography (CLPKC)  one component is the partial private key generated by PKG with the master key  another component is the secret value chosen by the user himself.  public key derived from the user’s secret value should also be published, Introduction 7

8 多媒體網路安全實驗室  Definition of certificateless multi-proxy signature schemes  Security model Formal model of certificateless multi-proxy signature schemes 8

9 多媒體網路安全實驗室 Definition of certificateless multi-proxy signature schemes Setup k Master key s System parameters params Partial- Private-Key- Extract public secret +s(verify identity) User-Key- Generate X i (rand) User full private key sk i public key 9

10 多媒體網路安全實驗室 Definition of certificateless multi-proxy signature schemes Sign User Verify Proxy-Key- Generate (Each proxy signer) 10

11 多媒體網路安全實驗室 Definition of certificateless multi-proxy signature schemes Multi-Proxy- Sign 必須滿足 w Original signer with the multi- proxy signature secret keys PSK i behalf Multi-Proxy- Verify Reject 11

12 多媒體網路安全實驗室  For certificateless cryptosystems, the widely accepted notion of security was defined by Al-Riyami and Paterson  Type I Adversary  Type II Adversary Security model 12

13 多媒體網路安全實驗室  Type I Adversary 任意選擇實體 Security model Public key Master key replace 13

14 多媒體網路安全實驗室  Type II Adversary 無法更換公鑰 Security model Public key Master key cannot perform 有權限可以 存取 14

15 多媒體網路安全實驗室  Setup. Taken a security parameter k as input, C runs the Setup algorithm to obtain a master key s and the system parameters params  Then C sends params to, but keeps s secret.  Queries. makes a polynomially bounded number of the following queries in an adaptive manner. Security model-game1 15

16 多媒體網路安全實驗室  Public-Key-Inquiry  Public-Key-Replacement Security model-game1 submits a public key request with a user’s identity public key Public key Record 16

17 多媒體網路安全實驗室  Partial-Private-Key-Extraction:  Secret-Value-Extraction: Security model-game1 submits a partial private key request with a user’s identity partial private key 公鑰是否 取代 公鑰是否 取代 secret value yes no 17

18 多媒體網路安全實驗室  Delegation: This query can be divided into two cases. Security model-game1 18

19 多媒體網路安全實驗室  Case 1 Security model-game1 delegator’s request with a warrant w 當他選擇 original signer Proxy-Key- Generate Warrp run access 視為 proxy signers 19

20 多媒體網路安全實驗室  Case 2 Security model-game1 當他選擇 proxy signers Proxy-Key- Generate Warro run send 視為 original signer 20

21 多媒體網路安全實驗室  Multi-Proxy-Signing-Query Security model-game1 warrant w and a message m of his choice check 1. checks if it exists 2. m satisfies w 3. public keys of all proxy users original signer 是否取代 yes no 21

22 多媒體網路安全實驗室  Forgery. Eventually, outputs a forgery and wins the game if any of the following events occurs: Security model-game1 22

23 多媒體網路安全實驗室 Security model-game1 forged Signing- Query Where Partial- Private-Key- Extract Secret-Value- Extraction query or Public-Key- Replacement query Public-Key- Replacement query has not been submitted 23

24 多媒體網路安全實驗室 Security model-game1 forged proxy signers under the warrant Multi-Proxy- Signing- Query To work against one of the proxy signers 24

25 多媒體網路安全實驗室 Security model-game1 To work against the original signer forged Multi-proxy signature under the warrant Warro defined to be the probability that succeeds in the above Game 1. 25

26 多媒體網路安全實驗室  Setup. Taken a security parameter k as input runs the Setup algorithm to obtain a master key s and the system parameters params. Then sends both params and s to C. It is noted that the system parameters are chosen by Security model-game2 s params 26

27 多媒體網路安全實驗室  Forgery Eventually, outputs a forgery and wins the game if any of the following events occurs Security model-game2 27

28 多媒體網路安全實驗室 Security model-game2 forged Signing- Query Where Secret-Value- Extraction query has not been submitted 28

29 多媒體網路安全實驗室 Security model-game2 forged proxy signers under the warrant Multi-Proxy- Signing- Query To work against one of the proxy signers 29

30 多媒體網路安全實驗室 Security model-game2 To work against the original signer forged Multi-proxy signature under the warrant Warro defined to be the probability that succeeds in the above Game 2. 30

31 多媒體網路安全實驗室  Definition 1.  An adversary A is said to be an -forger of a CLMPS scheme if A has advantage or in above games running in time t A CLMPS scheme is said to be existentially unforgeable or -secure against adaptively chosen warrant attacks and chosen message and identity attacks if no such a -forger exists, where is non-negligible and t is a polynomially bounded number. Security model 31

32 多媒體網路安全實驗室  CLMPS scheme is based upon Zhang and Zhang’s certificateless aggregate signature scheme  Setup  Partial-Private-Key-Extract  User-Key-Generate  Sign  Verify  Proxy-Key-Generate  Multi-Proxy-Sign  Multi-Proxy-Verify A certificateless multi-proxy signature scheme 32

33 多媒體網路安全實驗室  Setup :  Given a security parameter k, the PKG does as follows:  Choose groups and of prime order q such that an admissible bilinear pairing e: can be constructed and pick an arbitrary generator P of  Choose a random number s as the master key msk and set Q=sP as the master public key  Choose six different cryptographic hash functions H 1 ~ H 3 : {0,1} * ->G and H 4 ~ H 6 : {0,1} * ->  Publish the system parameters params =(G,G T,e,P,Q,H 1~6 ) while keeping the master key msk = s secret A certificateless multi-proxy signature scheme 33

34 多媒體網路安全實驗室  Partial-Private-Key-Extract  User-Key-Generate Partial- Private-Key- Extract corresponding user through a safe channel sends User-Key- Generate selects a random number x i P i = x i P public key as his secret key sk i 34

35 多媒體網路安全實驗室  Sign  To sign a message m {0,1} * with sk i = (x i, D i ), the signer, whose identity is ID i and public key is P i, performs the following steps  1. Choose a random number r and compute R = rP  2. Compute W = H 2 (params), T = H 3 (Q), h = H 4 (params||m||ID i ||P i ||R).  3. Compute V = h D i + x i W+ rT  4. Output = (R, V) as the signature on m A certificateless multi-proxy signature scheme 35

36 多媒體網路安全實驗室  Verify  To verify a signature signed on m by the user whose identity and public key are ID i and P i respectively, the verifier checks whether  e(V, P) = e(hH 1 (ID i ), Q)e(W, P i )e(T, R)  W=H 2 (params),T=H 3 (Q),h=H 4 (params||m||ID i ||P i ||R) A certificateless multi-proxy signature scheme 36

37 多媒體網路安全實驗室  Proxy-Key-Generate(1/2)  Delegation generation A certificateless multi-proxy signature scheme original signer warrant w 必須要遵守 2.the original signer 1.proxy signers 3. 委託的類型訊息 4. 何時授權 proxy signer 37

38 多媒體網路安全實驗室  Proxy-Key-Generate(2/2)  Delegation generation  1.Choose a random number r o  compute R 0 = r 0 P  2.Compute  h 0 = H 5 (params||w||ID OS ||P OS ||R 0 ),  W = H 2 (params)  T = H 3 (Q) and V 0 = h 0 D OS + x OS W+ r 0 T  Send (w, R 0, V 0 ) to each proxy signer PS i  i=1,2,...,n. A certificateless multi-proxy signature scheme 38

39 多媒體網路安全實驗室  Proxy-Key-Generate  Delegation verification  checking e(V 0, P) = e(h 0 H 1 (ID OS ), Q)e(W, P OS )e(T, R 0 )  h 0 = H 5 (params||w||ID OS ||P OS ||R 0 )  W= H 2 (params)  T = H 3 (Q). A certificateless multi-proxy signature scheme proxy signer (w, R 0, V 0 ) original signer 1.requests a valid one from OS, 2. 終止協議 39 3. 成功

40 多媒體網路安全實驗室  Proxy-Key-Generate  Proxy secret key generation  If all proxy signers PS i confirm the delegation  sets PSK i =(sk ps i,r 0,v 0 )  as his multiproxy signature secret key respectively A certificateless multi-proxy signature scheme 40

41 多媒體網路安全實驗室  Multi-Proxy-Sign A certificateless multi-proxy signature scheme 41

42 多媒體網路安全實驗室  Multi-Proxy-Sign A certificateless multi-proxy signature scheme 42

43 多媒體網路安全實驗室  Multi-Proxy-Verify A certificateless multi-proxy signature scheme 43

44 多媒體網路安全實驗室  we have defined  the generic construction  the formal security model for CLMPS  concrete CLMPS scheme which is proven to be secure under the computational Diffie–Hellman assumption in the random oracle model  our proposal outperforms most of the existing multi-proxy signature schemes that constructed in public key infrastructure or identity-based setting Conclusions 44

45 多媒體網路安全實驗室

Download ppt "多媒體網路安全實驗室 Certificateless multi-proxy signature Date:2011/04/08 報告人:向峻霈 出處 : Zhengping Jin, Qiaoyan Wen: Computer Communications, pp. 344-352,2011."

Similar presentations

1 9 4 5 1 8 8 6 E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April. 30. 2003 Seo, Seung-Hyun Dept. of Computer Science and.

E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April Seo, Seung-Hyun Dept. of Computer Science and.
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
Efficient Group Signatures from Bilinear Pairing Author: Xiangguo Cheng, Huafei Zhu, Ying Qiu, and Xinmei Wang Presenter: 紀汶承.

Efficient Group Signatures from Bilinear Pairing Author: Xiangguo Cheng, Huafei Zhu, Ying Qiu, and Xinmei Wang Presenter: 紀汶承.
多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : 2012.10.24 Reporter : Hong Ji Wei Authors.

多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : Reporter : Hong Ji Wei Authors.
1 ID-Based Proxy Signature Using Bilinear Pairings Author: Jing Xu, Zhenfeng Zhang, and Dengguo Feng Presenter: 林志鴻.

1 ID-Based Proxy Signature Using Bilinear Pairings Author: Jing Xu, Zhenfeng Zhang, and Dengguo Feng Presenter: 林志鴻.
Self proxy signature scheme IJCSNS International Journal of Computer Science and Network Security,VOL.7 No.2,Februry 2007 Author:Young-seol Kim,Jik Hyun.

Self proxy signature scheme IJCSNS International Journal of Computer Science and Network Security,VOL.7 No.2,Februry 2007 Author:Young-seol Kim,Jik Hyun.
CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 7 Jonathan Katz.
1 A new identity based proxy signature scheme Source: Lecture Notes In Computer Science Author: Chunxiang Gu and Yuefei Zhu Presenter: 林志鴻.

1 A new identity based proxy signature scheme Source: Lecture Notes In Computer Science Author: Chunxiang Gu and Yuefei Zhu Presenter: 林志鴻.
Identity Based Encryption

Identity Based Encryption
1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date : 2008-06-03.

1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date :
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
1 Identity-Based Proxy Signature from Pairings Source: Autonomic and Trusted Computing Author: Wei Wu, Yi Mu, Willy Susilo, Jennifer Seberry, and Xinyi.

1 Identity-Based Proxy Signature from Pairings Source: Autonomic and Trusted Computing Author: Wei Wu, Yi Mu, Willy Susilo, Jennifer Seberry, and Xinyi.
1 Provably secure randomized blind signature scheme based on bilinear pairing Source: Computers and Mathematics with Applications Author: Chun-I Fan, Wei-Zhe.

1 Provably secure randomized blind signature scheme based on bilinear pairing Source: Computers and Mathematics with Applications Author: Chun-I Fan, Wei-Zhe.
A New Multi-Proxy Multi- Signature Scheme Source: National Computer Symposium, vol. F, Taiwan, pp. 19-26, 2001 Author: Shin-Jia Hwang and Chiu-Chin Chen.

A New Multi-Proxy Multi- Signature Scheme Source: National Computer Symposium, vol. F, Taiwan, pp , 2001 Author: Shin-Jia Hwang and Chiu-Chin Chen.
Strongly Secure Certificateless Encryption Alexander W. Dent Information Security Group

Strongly Secure Certificateless Encryption Alexander W. Dent Information Security Group
1 A new identity based proxy signature scheme Source: E print Author: Bin Wang Presenter: 林志鴻.

1 A new identity based proxy signature scheme Source: E print Author: Bin Wang Presenter: 林志鴻.
Security Arguments for Digital Signatures and Blind Signatures Journal of Cryptology, (2000) 13: 361-396 Authors: D. Pointcheval and J. Stern Presented.

Security Arguments for Digital Signatures and Blind Signatures Journal of Cryptology, (2000) 13: Authors: D. Pointcheval and J. Stern Presented.
Certificateless Threshold Ring Signature Source: Information Sciences 179(2009) 3685-3696 Author: Shuang Chang, Duncan S. Wong, Yi Mu, Zhenfeng Zhang Presenter:

Certificateless Threshold Ring Signature Source: Information Sciences 179(2009) Author: Shuang Chang, Duncan S. Wong, Yi Mu, Zhenfeng Zhang Presenter:
Identity Base Threshold Proxy Signature Jing Xu, Zhenfeng Zhang, and Dengguo Feng Form eprint Presented by 魏聲尊.

Identity Base Threshold Proxy Signature Jing Xu, Zhenfeng Zhang, and Dengguo Feng Form eprint Presented by 魏聲尊.
Security Arguments for Digital Signatures and Blind Signatures Journal of Cryptology, (2000) 13: 361-396 Authors: D. Pointcheval and J. Stern Presented.

Security Arguments for Digital Signatures and Blind Signatures Journal of Cryptology, (2000) 13: Authors: D. Pointcheval and J. Stern Presented.

Similar presentations

Ads by Google