An Efficient and Secure Certificateless Aggregate Signature From Bilinear Maps

An Efficient and Secure Certificateless Aggregate Signature From Bilinear Maps

Pankaj Kumar (School of Computing Science and Engineering, Galgotias University, Delhi, India), Vishnu Sharma (Amity School of Engineering, Amity University, Noida, India), Gaurav Sharma (Département d'Informatique, Université Libre de Bruxelles, Bruxelles, Belgium) and Tarunpreet Bhatia (Department of Computer Science and Engineering, Thapar Institute of Engineering and Technology, Punjab, India)
Copyright: © 2019 |Pages: 20
DOI: 10.4018/IJISP.2019100106

Abstract

Certificateless signature schemes are a very intriguing aspect in information security because of its capability of removing the well-known key escrow problem predominately in ID-based cryptography. He et al. proposed an efficient certificateless aggregate signature scheme and proved that their scheme is secure against all possible types of security attacks. However, the authors still managed to find loopholes in the form of insecurities against ‘honest but curious' and ‘malicious but passive' attacks during cryptanalysis of He et al.'s scheme. The authors propose an efficient certificateless aggregate signature scheme which fills the security gaps in He et al.'s scheme and demonstrate the security in their scheme via a mathematical proof, and reinforce the fact that their scheme is much more efficient in a thorough performance comparison of their scheme against the previous schemes.
Article Preview
Top

1. Introduction

Digital signature is an imperative and an indispensable constituent in public key cryptography which covers authenticity, integrity and non-repudiation. In a public key infrastructure, a user uses a pair of keys namely, private/public key pair for communication. Public key is widely spread across the participants of the communication process whereas private key is kept secret by the user. A certificate is needed in order to bind the public key and private key to avoid the authentication problem. A third entity is also required in the system for binding the public key with the corresponding private key, that leads to the certification management problem. In order to overpower the certificate management problem Shamir (1984) introduced an ID-based public key cryptography which does not need certification. In the ID-based cryptography, public key is chosen by user such as an address, phone number, driving license or any other identity and the private key is generated by the third party called private key generator (PKG). Since private key is generated by the PKG, hence in case the PKG itself becomes malicious then security is inherently compromised, and it is this issue that has been termed as key escrow problem. ID-based public key cryptography falls prey to the key escrow problem. Al Riyami (2003) provided the solution to key escrow problem for the first time where certificateless signature scheme was enumerated in which the interested third party say key generation center (KGC) generates the partial private key of user instead of private key and the private key is in turn generated by the user with the help of partial private key. KGC does not know the private key directly. Aggregate signature scheme was incentivized by Boneh (2003). Aggregation is very efficient technique that collects all the n individual signatures of n different users corresponding to n different messages and aggregates them into short single signature. Aggregate signatures can significantly reduce computational and communication overhead. The single aggregate signature can easily convince verifier that n different users have really signed n messages individually.

Wireless Sensor Networks, Vehicular networks, Internet of Things (IoT) have been utilized for target tracking, remote location monitoring, environment monitoring, patient monitoring etc. in the real-world but data can be easily compromised by various attacks such as fabrication, tampering etc. Certificateless aggregate signatures can be used to ensure data integrity and to reduce computational and communication overhead.

Complete Article List

Search this Journal:
Reset
Open Access Articles
Volume 14: 4 Issues (2020): 1 Released, 3 Forthcoming
Volume 13: 4 Issues (2019)
Volume 12: 4 Issues (2018)
Volume 11: 4 Issues (2017)
Volume 10: 4 Issues (2016)
Volume 9: 4 Issues (2015)
Volume 8: 4 Issues (2014)
Volume 7: 4 Issues (2013)
Volume 6: 4 Issues (2012)
Volume 5: 4 Issues (2011)
Volume 4: 4 Issues (2010)
Volume 3: 4 Issues (2009)
Volume 2: 4 Issues (2008)
Volume 1: 4 Issues (2007)
View Complete Journal Contents Listing