## CryptoDB

### S. Sharmila Deva Selvi

#### Publications

Year
Venue
Title
2010
EPRINT
Recently, a certificateless signcryption scheme in the standard model was proposed by Liu et al. in \cite{LiuHZM10}. Another certificateless signcryption scheme in the standard model was proposed by Xie et al. in \cite{WZ09}. Here, we show that the scheme in \cite{LiuHZM10} and \cite{WZ09} are not secure against Type-I adversary.
2010
EPRINT
Signcryption as a single cryptographic primitive offers both confidentiality and authentication simultaneously. Generally in signcryption schemes, the message is hidden and thus the validity of the ciphertext can be verified only after unsigncrypting the ciphertext. Thus, a third party will not be able to verify whether the ciphertext is valid or not. Signcryption schemes that allow any user to verify the validity of the ciphertext without the knowledge of the message are called public verifiable signcryption schemes. Third Party verifiable signcryption schemes allow the receiver to convince a third party, by providing some additional information along with the signcryption other than his private key with/without exposing the message. In this paper, we show the security weaknesses in three existing schemes \cite{BaoD98}, \cite{TsoOO08} and \cite{ChowYHC03}. The schemes in \cite{BaoD98} and \cite{TsoOO08} are in the Public Key Infrastructure (PKI) setting and the scheme in \cite{ChowYHC03} is in the identity based setting. More specifically, \cite{TsoOO08} is based on elliptic curve digital signature algorithm (ECDSA). We also, provide a new identity based signcryption scheme that provides public verifiability and third party verification. We formally prove the security of the newly proposed scheme in the random oracle model.
2010
EPRINT
A proxy signature scheme is a variant of digital signature scheme in which a signer delegates his signing rights to another person called proxy signer, so that the proxy signer can generate the signature of the actual signer in his absence. Self Proxy Signature (SPS) is a type of proxy signature wherein, the original signer delegates the signing rights to himself (Self Delegation), there by generating temporary public and private key pairs for himself. Thus, in SPS the user can prevent the exposure of his private key from repeated use. In this paper, we propose the first identity based self proxy signature scheme. We give a generic scheme and a concrete instantiation in the identity based setting. We have defined the appropriate security model for the same and proved both the generic and identity based schemes in the defined security model.
2010
EPRINT
Signcryption is a cryptographic primitive that provides confidentiality and authenticity simultaneously at a cost significantly lower than that of the naive combination of encrypting and signing the message. Threshold signcryption is used when a message to be sent needs the authentication of a certain number of members in an organisation, and until and unless a given number of members (known as the threshold) join the signcyption process, a particular message cannot be signcrypted. Threshold unsigncryption is used when this constraint is applicable during the unsigncryption process. In this work, we cryptanalyze two threshold unsigncryption schemes. We show that both these schemes do not meet the stringent requirements of insider security and propose attacks on both confidentiality and unforgeability. We also propose an improved identity based threshold unsigncryption scheme and give the formal proof of security in a new stronger security model.
2010
EPRINT
Online/Offline signcryption is a cryptographic primitive where the signcryption process is divided into two phases - online and offline phase. Most of the computations are carried out offline (where the message and the receiver identity are unavailable). The online phase does not require any heavy computations like pairing, multiplication on elliptic curves and is very efficient. To the best of our knowledge there exists three online/offline signcryption schemes in the literature : we propose various attacks on all the existing schemes. Then, we give the first efficient and provably secure identity based online/offline signcryption scheme. We formally prove the security of the new scheme in the random oracle model \cite{BellareR93}. The main advantage of the new scheme is, it does not require the knowledge of message or receiver during the offline phase. This property is very useful since it is not required to pre-compute offline signcryption for different receivers based on the anticipated receivers during the offline phase. Hence, any value generated during the offline phase can be used during the online phase to signcrypt the message to a receiver during the online phase. This helps in reducing the number of values stored during the offline phase. To the best of our knowledge, the scheme in this paper is the first provably secure scheme with this property.
2010
EPRINT
Certificateless cryptography, introduced by Al-Riyami and Paterson eliminates the key escrow problem inherent in identity based cryptosystem. In this paper, we present two novel and completely different RSA based adaptive chosen ciphertext secure (CCA2) certificateless encryption schemes. The new schemes are efficient when compared to other existing certificatless encryption schemes that are based on the costly bilinear pairing operation and are quite comparable with the certificateless encryption scheme based on multiplicative groups (without bilinear pairing) by Sun et al. \cite{SZB07} and the RSA based CPA secure certificateless encryption scheme by Lai et al. \cite{LDLK09}. We consider a slightly stronger security model than the ones considered in \cite{LDLK09} and \cite{SZB07} to prove the security of our schemes.
2010
EPRINT
An identity based signature allows users to sign their documents using their private keys and the signature can be verified by any user by using the identity of the signer and public parameters of the system. This allows secure communication between the users without any exchange of certificates. An aggregate signature scheme is a digital signature scheme which allows aggregation of different signatures by different users on different messages. An aggregate signature on $n$ messages $m_{i}$ by $n$ users $U_{i}$ convinces the verifier that each user $U_{i}$ has signed the corresponding message $m_{i}$. The primary objective of the aggregate signature scheme is to achieve both computational and communication efficiency. Here we discuss two identity based aggregate signature schemes. The first aggregate scheme IBAS-1 uses a variation of light weight Schnorr based signature. IBAS-1 does not involve any pairing operations in signature verification. IBAS-1 is computationally efficient since it avoids the costlier operation in elliptic curve groups(pairings). Also because of the light weight property of IBAS-1, it is much suitable for practice. The second aggregate signature scheme IBAS-2, which also has Schnorr type key construct, achieves full aggregation of signatures without agreeing on common randomness and without having any kind of interaction among all the signers. IBAS-2 achieves communication efficiency. But the computational complexity of IBAS-2 is higher than the IBAS-1 because it involves bilinear pairing.
2008
EPRINT
Recently Debasis et al[1] proposed an improvement to prevent offline attack in Fang et als[2] scheme, where [2] was an improvement of Das et als[3] scheme. However the improved scheme is insecure against side channel attack. In this paper we propose an enhancement for [1]. The enhanced scheme is secure against substitution, impersonation, spoofing, replay, side-channel and password guessing attacks.
2008
EPRINT