Sharif Digital Repository

Proxy ring (anonymous proxy) signatures allow an entity to delegate its signing capability to a group of entities (proxy group) such that only one of the members in the proxy group can generate a proxy signature on behalf of the delegator, while privacy of the proxy signer is protected. Identity-based versions of proxy ring signatures employ identity strings in place of randomly generated public keys. Our contribution is twofold. First, we formalize a security model for identity-based proxy ring signatures. We note that there exists no formal security model for identity-based proxy ring signatures prior to our work. Second, we present the first provably secure identity-based proxy ring... 

Identity-based proxy ring signature concept was introduced by Cheng et al. in 2004. This primitive is useful where the privacy of proxy signers is required. In this paper, the first short provably secure identity-based proxy ring signature scheme from RSA assumption has been proposed. In addition, the security of the proposed scheme tightly reduces to the RSA assumption, and therefore, the proposed scheme has a proper advantage in security reduction compared to the ones from RSA. The proposed scheme not only outperforms the existing schemes in terms of efficiency and practicality, but also does not suffer from the proxy key exposure attack due to the use of the sequential aggregation... 

Proxy signatures allow an entity to delegate its signing capability to a proxy which can sign messages on behalf of the delegator. We examine identity-based versions of proxy signatures which employ identity strings in place of randomly generated public keys. First, we give a new generic construction of identity-based proxy signatures from identity-based standard signatures and show that our generic construction is secure if the underlying identity-based standard signature is secure. In addition, we present the first identity-based proxy signature from Rivest, Shamir and Adleman (RSA), secure under the one-wayness of RSA in the random oracle model. We should highlight that the proxy key... 

The notion of identity-based proxy signature with message recovery feature has been proposed to shorten identity-based proxy signatures and improve their communication overhead because signed messages are not transmitted with these kinds of signatures. There are a few schemes for this notion: the schemes of Singh and Verma and Yoon et al. Unfortunately, Tian et al., by presenting two forgery attacks, show that Singh and Verma scheme is not secure, and also, the scheme of Yoon et al. does not support provable security. The contributions of this paper are twofold. First, we review the scheme by Yoon et al. and discuss why it does not have message recovery property, and consequently, it is not... 

Lin, Hwang and Chang (2003) have proposed an electronic-voting scheme which can be utilised in large-scale elections, and claimed that it detects double voting. In this article, by presenting an attack, we show that voters can successfully vote more than once without being detected. Then, we propose a new modified scheme based on the Lin, Hwang and Chang's (2003) scheme with the same efficiency to solve this weakness and analyse its security. © 2008, Inderscience Publishers  

Signatures with partially message recovery in which some parts of messages are not transmitted with signatures to make them shorter are helpful where bandwidth is one of the critical concern. This primitive is especially used for signing short messages in applications such as time stamping, certified email services, and identity-based cryptosystems. In this paper, to have quantum-attack-resistant short signatures, the first signature scheme with partially message recovery based on coding theory is presented. Next, it is shown that the proposal is secure under Goppa Parametrized Bounded Decoding and the Goppa Code Distinguishing assumptions in the random oracle model. Relying on the partially... 

Vehicular ad-hoc networks (VANETs) are under active development, thanks in part to recent advances in wireless communication and networking technologies. The most fundamental part in VANETs is to enable message authentications between vehicles and roadside units. Message authentication using proxy vehicles has been proposed to reduce the computational overhead of roadside units significantly. In this message authentication scheme, proxy vehicles that verify multiple messages at the same time improve roadside units' efficiency. In this paper, first we show that the only proxy-based authentication scheme (PBAS) presented for this goal by Liu et al. cannot guarantee message authenticity, and... 

In a cloud storage service, public auditing mechanisms allow a third party to verify integrity of the outsourced data on behalf of data users without the need to retrieve data from the cloud server. Recently, Shen et al. proposed a new lightweight and privacy preserving cloud data auditing scheme which employs a third party medium to perform time-consuming operations on behalf of users. The authors have claimed that the scheme meets the security requirements of public auditing mechanisms. In this paper, we show that Shen et al.'s scheme is insecure by proposing two attacks on the scheme. In the first attack, an outside adversary can modify some messages in transmission to the cloud server... 

Concurrent signatures allow two entities to generate two signatures in such a way that both signatures are ambiguous till some information is revealed by one of the parties. This kind of signature is useful in auction protocols and in a wide range of scenarios in which involving participants are mutually distrustful. In this study, to have quantum-attack-resistant concurrent signatures as recommended by National Institute of Standards and Technology (NISTIR 8105), the first concurrent signature scheme based on coding theory is proposed. Then, its security is proved under Goppa Parameterized Bounded Decoding and the Goppa Code Distinguishing assumptions in the random oracle model. In... 

Cloud storage auditing is considered as a significant service used to verify the integrity of data stored in public cloud. However, most existing auditing protocols suffer form complex certificate management/verification since they rely on expensive Public Key Infrastructure (PKI). On the other hand, most cloud users have constrained computational resources. The few existing ID-based storage auditing protocols in the literature, require resource-constrained users to perform costly operations for generating metadata on file blocks. In this paper, we propose a storage auditing protocol which benefits from ID-based structure and lightweight user computations, simultaneously. Our construction... 

The notion of identity-based proxy signature with message recovery feature has been proposed to shorten identity-based proxy signatures and improve their communication overhead because signed messages are not transmitted with these kinds of signatures. There are a few schemes for this notion: the schemes of Singh and Verma and Yoon et al. Unfortunately, Tian et al., by presenting two forgery attacks, show that Singh and Verma scheme is not secure, and also, the scheme of Yoon et al. does not support provable security. The contributions of this paper are twofold. First, we review the scheme by Yoon et al. and discuss why it does not have message recovery property, and consequently, it is not... 

Strong designated verifier signature (SDVS) is characterized by two properties; namely the nontransferability and the privacy of the signer's identity (PSI). Non-transferability prevents anyone else other than the designated verifier to verify the signature, while PSI prevents a third party to distinguish between two different signers. In this paper, we propose a non-delegatable SDVS which uses a trusted third party for the key generation. Our signature scheme does not use bilinear pairings which makes it suitable for the resource constraint applications. Using one-way homomorphic functions, our scheme is presented at an abstract level, the unification of which was noticed by Maurer in the... 

The notions of identity-based multi-proxy signature, proxy multi-signature and multi-proxy multi-signature have been proposed to facilitate public key certificate management of these kinds of signatures by merely employing signer's identities in place of the public keys and their certificates. In the literature, most identity-based multi-proxy signature, proxy multi-signature and multi-proxy multi-signature schemes are based on bilinear pairings. Without incorporating bilinear pairings, Tiwari and Padhye proposed an identity-based proxy multi-signature scheme in 2011. Subsequently, an identity-based multi-proxy multi-signature scheme was proposed by Tiwari et al. in 2012. First, we review... 

Hwang-Wen-Hwang have proposed an anonymous secure electronic voting scheme to be applied over a network, and claimed that their scheme satisfies the requirement of perceptibility of double voting. But in this paper, by presenting an attack which shows imperceptible of double voting, we show that their scheme has a weakness in security and improve it. Finally, we show that this new scheme preserves the properties of the old one and also is resistant against the proposed attack  

Cloud storage has significantly reduced data management costs for data owners. However, loss of physical control over the data after outsourcing, triggers some security concerns such as data integrity. Provable Data Possession (PDP) protocols, enable data owners to audit the integrity of their outsourced data without the need to retrieve the file from cloud server. However, most existing PDP schemes require resource-constrained users to perform costly operations for generating metadata on file blocks. In online/offline PDP mechanisms introduced most recently, the user’s computation is divided into online/offline phases, where the costly operations are allowed to be carried out in the offline... 

In cloud storage services, public auditing mechanisms allow a third party to verify integrity of the outsourced data on behalf of data owners without the need to retrieve data from the cloud server. In some applications, the identity of data users should be kept private from the third party auditor. Oruta is a privacy preserving public auditing scheme for shared data in the cloud which exploits ring signatures to protect the identity privacy. In this paper, we propose two attacks and demonstrate that the scheme is insecure and a dishonest server can arbitrarily tamper the outsourced data without being detected by the auditor. We also propose a solution to remedy this weakness with the... 

As data sharing has become one of the most popular services offered by cloud storage, designing public auditing mechanisms for integrity of shared data becomes more important. Two problems which arise in shared data auditing include preserving users identity and collusion resistant revocation of users. When data stored at the cloud is shared among a group of users, different users may modify and sign different data blocks which leaks signer identities to the public verifier. Also, when a user is revoked from the group, signatures generated by this user should be re-signed by the cloud server using re-signature keys. In addition, collusion of cloud server and the revoked user should leak no... 

Increasing use of commercial off-the-shelf (COTS) superscalar processors in industrial, embedded, and real-time systems necessitates the development of error detection mechanisms for such systems. This paper presents an error detection scheme called Committed Instructions Counting (CIC) to increase error detection in such systems. The scheme uses internal Performance Monitoring features and an external watchdog processor (WDP). The Performance Monitoring features enable counting the number of committed instructions in a program. The scheme is experimentally evaluated on a 32-bit Pentium® processor using software implemented fault injection (SWIFI). A total of 8181 errors were injected into... 

This paper presents an experimental evaluation of the effectiveness of the Master/Checker (M/C) architecture in a 32-bit Pentium® processor system using both power-supply disturbance (PSD) fault injection and software-implemented fault injection (SWIFI) methods. A total of 6000 faults were injected in the Master processor to measure the error detection coverage of the Checker processor. The results of the experiments with PSD fault injection show that the error detection coverage of the M/C architecture is about 66.13%, which is not quite effective. This low coverage depends on the high rate of Master processor hangs because of voltage fluctuation. The coverage increased to about 99.73% when...