1 / 14

Source: Applied Mathematics and Computation Vol.159, Issue 2, 2004, pp. 391-399

Improvement of digital signature with message recovery using self-certified public keys and its variants. Source: Applied Mathematics and Computation Vol.159, Issue 2, 2004, pp. 391-399 Author: Zuhua Shao Speaker: Yi-Fang Cheng Date: 2005/03/31. Outline. Introduction

willem
Download Presentation

Source: Applied Mathematics and Computation Vol.159, Issue 2, 2004, pp. 391-399

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Improvement of digital signature with message recovery using self-certified public keys and its variants Source: Applied Mathematics and Computation Vol.159, Issue 2, 2004, pp. 391-399 Author: Zuhua Shao Speaker: Yi-Fang Cheng Date: 2005/03/31

  2. Outline • Introduction • Tseng et al.’s scheme • Security analysis • Improvement • Conclusion

  3. Introduction (1/3) • self-certified public keys • [1] M. Girault, Self-certified public keys, in Advances in Cryptology-EUROCRYPT’91 Springer, Berlin, 1991, pp.491-497 • [2] Hoger Peterson, Patrick Horster, Self-certified keys-Concepts and Applications, Communications and Multimedia Security, Athens, September 22-23,1997

  4. Bob’s Public key valid Trusted CA’s public key valid valid Verify certificate X.509 Bob’s certificate Verify signature invalid invalid Bob’s Public key Trusted CA’s public key Bob’s ID Verify signature invalid Introduction (2/3) • Certificate-certified & self-certified • Diagram: Alice wants to verify Bob’s signature Certificate-certified : Self-certified :

  5. Introduction (3/3) • Tseng et al.’s scheme • 2 variants • Authenticated encryption scheme • Authenticated encryption scheme with message linkages • Security analysis • Insider forgery attack • Forward security • Arbitration security

  6. Tseng et al’s scheme(1/2) • Initialization phase • Trust authority generates system parameters • N: N=p.q, p=2p’+1,q=2q’+1, p,p’,q,q’ are large primes. • h(): hash function with fix-length outputs • g: generator of order p’ . q’ • Join phase • Ui joins the system Ui Trust Authority

  7. Tseng et al’s scheme(2/2) • Signature generation & message recovery phases Signer Ui Verifier

  8. UA UB Variants-Authenticated encryption scheme • Signature generation & message recovery phases

  9. UA UB Variants-Authenticated encryption scheme with message linkages • Signature generation & message recovery phases

  10. Security analysis (1/3) • Insider forgery attack • UB cooperates with trusted authority and forgery a signature {r’,s’} with message M’, where UA signs M’ to Uc

  11. Security analysis (2/3) • Forward security – If third party Eve gets the reveal message M, he can derive other message M’ if h(r)|h(r’)

  12. Security analysis (3/3) • Arbitration security- dispute the signed message will cause weakness.

  13. UA UB Improvement • Solving the arbitration problem

  14. Conclusion • 3 problems in Tseng et al.’s scheme • Solving the third problem

More Related