To tackle the key-exposure problem in signature settings,this paper introduces a new cryptographic primitive named threshold key-insulated signature(TKIS) and proposes a concrete TKIS scheme.For a TKIS system,at least k out of n helpers are needed to update a user's temporary private key.On the one hand,even if up to k 1 helpers are compromised in addition to the exposure of any of temporary private keys,security of the non-exposed periods is still assured.On the other hand,even if all the n helpers are compromised,we can still ensure the security of all periods as long as none of temporary private keys is exposed.Compared with traditional key-insulated signature(KIS) schemes,the proposed TKIS scheme not only greatly enhances the security of the system,but also provides flexibility and efficiency.
Attribute-based signature is a versatile class of digital signatures. In attribute-based signature, a signer obtains his private key corresponding to the set of his attributes from a trusted authority, and then he can sign a message with any predicate that is satisfied by his attributes set. Unfortunately, there does not exist an attributebased signature which is resistance to the quantum attacks. This means we do not have secure attribute-based signature schemes in a post-quantum world. Based on this consideration, an attribute-based signature on lattices,which could resist quantum attacks, is proposed. This scheme employs "bonsai tree" techniques, and could be proved secure under the hardness assumption of small integer solution problem.
This study deals with the dynamic property of threshold cryptosystem. A dynamic threshold cryptosystem allows the sender to choose the authorized decryption group and the threshold value for each message dynamically. We first introduce an identity based dynamic threshold cryptosystem, and then use the CanettiHalevi-Katz(CHK) transformation to transform it into a fully secure system in the traditional public key setting.Finally, the elegant dual system encryption technique is applied to constructing a fully secure dynamic threshold cryptosystem with adaptive security.
In an identity based proxy signature (IBPS) scheme, a designated proxy signer can generate the signature on behalf of an original signer. Traditional IBPS schemes normally rely on the assumption that private keys are kept perfectly secure. However, due to viruses, worms or other break-ins allowed by operating-system holes, key exposure seems inevitable. To minimize the damage caused by key exposure in IBPS, we propose an identity-based key-insulated proxy signature (IBKIPS) scheme in the standard model, i.e. without random oracles.
An accountable authority attribute-based encryption(A-ABE)scheme is presented in this paper.The notion of accountable authority identity-based encryption(A-IBE)was first introduced by Goyal at Crypto'07.It is a novel approach to mitigate the(inherent)key escrow problem in identity-based cryptosystems.In this work,the concept of accountable authority to attribute-based encryption(ABE)setting is generalized for the first time,and then a construction is given.The scheme non-trivially integrates an A-IBE scheme proposed by Libert et al.with an ABE scheme.In our construction,a user will be identified by a pair(id,ω),where id denotes the user's identity andωdenotes the set of attributes associated to the user.In addition,our construction is shown to be secure under some reasonable assumptions.