Skip to main content
Log in

Forward-Secure Identity-Based Signature Scheme in Untrusted Update Environments

  • Published:
Wireless Personal Communications Aims and scope Submit manuscript

Abstract

Forward-secure signatures are proposed to diminish the damage of key exposure, in which the security of signatures prior to the period of key exposure can be kept. Identity-based signatures can reduce the complexity and the cost for managing the public key because the public key is replaced by any known information of a user’s identity. In this paper, we discuss a new issue related to integrating forward-secure and identity-based primitives into standard applications of personal network communication security such as pretty good privacy suite and secure/multipurpose internet mail extensions in which the secret key is additionally protected by an extra secret that is possibly derived from a password. One major contribution of this paper is to construct the first forward-secure identity-based signature scheme in untrusted update environments. In this scheme, the public key can be derived from some arbitrary identification value such as an email address or a phone number, and the signing key is additionally shielded by a second factor derived from a user’s password. Key update can be completed by the encrypted version of signing keys. The second factor is only needed when the signatures are produced. In addition, we give the definitions of forward security and update security in this kind of signature. At last, formal proofs of forward security and update security in the random oracle model are provided under the CDH assumption.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

Notes

  1. It notes that our definition does not contain an algorithm to check the format of encrypted secret key because the validity of encrypted secret key can be verified through verifying algorithm. Therefore an additional algorithm to check the format of encrypted secret key is not necessary in our signature scheme.

References

  1. Anderson, R. Two remarks on public key cryptology. Invited Lecture, ACM-CCS’97.

  2. Bellare, M., & Miner, S. (1999). A forward-secure digital signature scheme. In M. Wiener (Ed.), Proceedings of CRYPTO’99, LNCS (Vol. 1666, pp. 431–448). Springer-Verlag: Berlin.

    Google Scholar 

  3. Abdalla, M., & Reyzin, L. (2000). A new forward-secure digital signature scheme. In T. Okamoto (Ed.), Advances in cryptology Asiacrypt 2000, LNCS 1976 (pp. 116–129). Berlin: Springer.

    Chapter  Google Scholar 

  4. Krawczyk, H. (2000). Simple forward-secure signatures for any signature scheme. In Proceedings of the 7th ACM conference on computer and communications security (pp. 108–115). New York: ACM Press.

  5. Itkis, G., & Reyzin, L. (2001). Forward-secure signatures with optimal signing and verifying. In J. Kilian (Ed.), Proceedings of Crypto 2001, LNCS (Vol. 2139, pp. 499–514). Springer: Berlin.

    Google Scholar 

  6. Sunitha, N. R., & Amberker, B. B. (2008). Forward-secure multi-signatures. In Distributed computing and internet technology 2008. LNCS 5375 (pp. 89–99). Berlin: Springer.

  7. Chow, S. S. M., Lucas, C. K. H., Yiu, S. M., & Chow, K. P. (2005). Forward-secure multisignature and blind signature schemes. Applied Mathematics and Computation, 168, 895–908.

    Article  MathSciNet  MATH  Google Scholar 

  8. Hu, F., Wu, C.-H. & Irwin, J. D. (2003). A new forward-secure signature scheme using bilinear maps. Cryptology ePrint Archive, Report 2003/188.

  9. Kang, B. G., Park, J. H., & Hahn, S. G. (2004). A new forward secure signature scheme. Cryptology ePrint Archive, Report 2004/183.

  10. Yu, J., Kong, F. Y., Cheng, X. G., Hao, R., & Li, G. W. (2008). Construction of yet another forward secure signature scheme using bilinear maps. In Second international conference on provable security. LNCS 5324 (pp. 83–97). Berlin: Springer.

  11. Boyen, X., Shacham, H., Shen, E., & Waters, B. (2006). Forward-secure signatures with untrusted update. In The 13th ACM conference on Computer and communications security (pp. 191–200). London: ACM Press.

  12. Libert, B., Quisquater, J., & Yung, M. (2007). Forward-secure signatures in untrusted update environments: Efficient and generic constructions. In The 14th ACM conference on computer and communications security (pp. 266–275). London: ACM Press.

  13. Shamir, A. (1984). Identity-based cryptosystems and signature schemes. In Cryptology-Crypto 1984, LNCS 196 (pp. 47–53). Berlin: Springer

  14. Boneh, D., & Franklin, M. (2001). Identity based encryption from the Weil pairing. In Cryptology-Crypto 2001, LNCS 2139 (pp. 213–229). Berlin: Springer.

  15. Cocks, C. (2001). An identity based encryption scheme based on quadratic residues. In Cryptography and Coding 2001, LNCS 2260 (pp. 360–363). Berlin: Springer.

  16. Waters, B. (2005). Efficient identity-based encryption without random oracles. In Advances in Cryptology-EUROCRYPT 2005. LNCS 3494 (pp. 114–127). Berlin: Springer.

  17. Hess, F. (2002). Efficient identity based signature schemes based on pairings. In Selected areas in cryptography, LNCS 2595 (pp. 310–324). Berlin: Springer.

  18. Cha, J. C., & Cheon, J. H. (2003). An identity-based signature from gap Diffie–Hellman groups. In Public key cryptographyPKC 2003, LNCS 2567 (pp. 18–30). Berlin: Springer.

  19. Barreto, P. S. L. M., Libert, B., McCullagh, N., & Quisquater, J. J. (2005). Efficient and provably-secure identity-based signatures and signcryption from bilinear maps. In ASIACRYPT’2005, LNCS 3788 (pp. 515–532). Berlin: Springer.

  20. Paterson, K. G., & Schuldt, J. C. N. (2006). Efficient identity-based signatures secure in the standard model. In ACISP’2006, LNCS 4058 (pp. 207–222).

  21. Zhang, F., & Kim, K. (2002). ID-based blind signature and ring signature from pairings. In Advances in cryptology-Asiacrypt 2002, LNCS 2501 (pp. 533–554). Berlin: Springer.

  22. Chow, S. S. M., Yiu, S. M., & Hui, L. C. K. (2005). Efficient identity based ring signature. In Proceedings of ACNS’05, LNCS 3531 (pp. 499–512). Berlin: Springer.

  23. Ren, Y. J., Shen, J., Wang, J., Han, J., & Lee, S. (2015). Mutual verifiable provable data auditing in public cloud storage. Journal of Internet Technology, 16(2), 317–323.

    Google Scholar 

  24. Yu, J., Hao, R., Kong, F. Y., Cheng, X. G., Fan, J. X., & Chen, Y. K. (2011). Forward-secure identity-based signature: Security notions and construction. Information Sciences, 181, 648–660.

    Article  MathSciNet  MATH  Google Scholar 

  25. Guo, P., Wang, J., Li, B., & Lee, S. (2014). A variable threshold-value authentication architecture for wireless mesh networks. Journal of Internet Technology, 15(6), 929–936.

    Google Scholar 

  26. Shen, J., Tan, H. W., Wang, J., Wang, J. W., & Lee, S. (2015). A novel routing protocol providing good transmission reliability in underwater sensor networks. Journal of Internet Technology, 16(1), 171–178.

    Google Scholar 

  27. Xie, S. D., & Wang, Y. X. (2014). Construction of tree network with limited delivery latency in homogeneous wireless sensor networks. Wireless Personal Communications, 78(1), 231–246.

    Article  Google Scholar 

  28. Galbraith, S. (2005). Pairings. In Advances in elliptic curve cryptography, volume 317 of London Mathematical Society Lecture Notes, Chapter IX (pp. 183–213). Cambridge: Cambridge University Press.

  29. Goldwasser, S., Micali, S., & Rivest, R. (1988). A digital signature scheme secure against adaptive chosen-message attacks. SIAM Journal on Computing, 17(2), 281–308.

    Article  MathSciNet  MATH  Google Scholar 

  30. Canetti, R., Halevi, S., & Katz, J. (2003). A forward secure public-key encryption scheme. In E. Biham (Ed.), Advances in Cryptology EUROCRYPT 2003, LNCS 2656 (pp. 255–271). Berlin: Springer.

    Chapter  Google Scholar 

  31. Yu, J., Ren, K., Wang, C., & Varadharajan, V. (2015). Enabling cloud storage auditing with key-exposure resistance. IEEE Transactions on Information Forensics and Security, 10(6), 1167–1179.

    Article  Google Scholar 

  32. Yu, J., Kong, F. Y., Cheng, X. G., Hao, R., & Li, G. W. (2014). One forward-secure signature scheme using bilinear maps and its applications. Information Sciences, 279, 60–76.

    Article  Google Scholar 

Download references

Acknowledgments

This research is supported by National Natural Science Foundation of China (61272425, 60703089, 61402245), China Postdoctoral Science special Foundation (2015T80696), PAPD and CICAEET.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Jia Yu.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Yu, J., Xia, H., Zhao, H. et al. Forward-Secure Identity-Based Signature Scheme in Untrusted Update Environments. Wireless Pers Commun 86, 1467–1491 (2016). https://doi.org/10.1007/s11277-015-3001-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s11277-015-3001-2

Keywords

Navigation