Wang Shang-ping, Yang Chun-xia, Wang Xiao-feng, Zhang Ya-ling. New Signature-Masked Authentication Schemes from the Bilinear Pairings[J]. Journal of Electronics & Information Technology, 2008, 30(2): 486-489. doi: 10.3724/SP.J.1146.2006.00948
Citation:
Wang Shang-ping, Yang Chun-xia, Wang Xiao-feng, Zhang Ya-ling. New Signature-Masked Authentication Schemes from the Bilinear Pairings[J]. Journal of Electronics & Information Technology, 2008, 30(2): 486-489. doi: 10.3724/SP.J.1146.2006.00948
Wang Shang-ping, Yang Chun-xia, Wang Xiao-feng, Zhang Ya-ling. New Signature-Masked Authentication Schemes from the Bilinear Pairings[J]. Journal of Electronics & Information Technology, 2008, 30(2): 486-489. doi: 10.3724/SP.J.1146.2006.00948
Citation:
Wang Shang-ping, Yang Chun-xia, Wang Xiao-feng, Zhang Ya-ling. New Signature-Masked Authentication Schemes from the Bilinear Pairings[J]. Journal of Electronics & Information Technology, 2008, 30(2): 486-489. doi: 10.3724/SP.J.1146.2006.00948
Signature-masked authentication scheme means: when a user obtains a signature (certificate) from CA, in order to get service from a service provider and to prevent any adversary from intercepting the signature or colluding with the service provider to frame him (or her), the user is intent on proving that he (or she) really owns the signature but not transmits it to the service provider directly. Considering previous schemes can not prevent CA from impersonating legitimate users, two different CAs are introduced in this paper, and under the assumption that these two CAs do not collude, three signature-masked authentication schemes are given which guarantee that anyone including CA can not impersonate the legitimate user to get service from the provider. The first scheme is a simple scheme of unilateral authentication. Moreover, under the assumption that the user has enough computation power, mutual authentication between the user and the provider is realized in the last two schemes. Furthermore considering the first two schemes above are vulnerable to denial of service (DoS) attack, under the assumption that CA is of certain reliability, the third scheme which can also partially realize the resistance to DoS attack is proposed.
Guillou L and Quisquater J. A practical zero-knowledgeprotocol fitted to security microprocessors minimizing bothtransmission and memory[J].Advances in Cryptology-Eurocrypt1988, Springer-Verlag.1988, LNCS 330:123-128[2]Zhang F G and Kim K. Signature-masked authenticationusing the bilinear pairings. Cryptology InformationSecurity Laboratory (CAIS), Information andCommunications University, technical report, 2002.[3]Boneh D, Lynn B, and Shacham H. Short signatures from theWeil pairing[J].Advance in Cryptology-Asciacrypt2001,Springer-Verlag.2001, LNCS 2248:514-532[4]Freeman D. Pairing-based identification schemes. HPLaboratories Palo AltoHPL-2005-154, 2005, August 24.[5]Chen X F, Zhang F G, and Kim K. A new ID-based groupsignature scheme from bilinear pairings. Cryptology ePrintArchive, Report 2003/116.[6]Chen X F, Zhang F G, and Konidala D M, et al.. NewID-based threshold signature scheme from bilinear pairings.In INDOCRYPT 2004, Springer-Verlag, 2004, LNCS 3348:371-383.[7]Boneh D and Franklin M. Identity-based encryption from theWeil pairing[J].Advances in Cryptology-Crypto2001,Springer-Verlag.2001, LNCS 2139:213-229
DownLoad: