http://chineseinput.net/에서 pinyin(병음)방식으로 중국어를 변환할 수 있습니다.
변환된 중국어를 복사하여 사용하시면 됩니다.
An Efficient and Provable Secure Certificateless Identification Scheme in the Standard Model
( Ji-jian Chin ),( Swee-huay Heng ),( Raphael C. -w. Phan ) 한국인터넷정보학회 2014 KSII Transactions on Internet and Information Syst Vol.8 No.7
In Asiacrypt 2003, Al-Riyami and Paterson proposed the notion of certificateless cryptography, a technique to remove key escrow from traditional identity-based cryptography as well as circumvent the certificate management problem of traditional public key cryptography. Subsequently much research has been done in the realm of certificateless encryption and signature schemes, but little to no work has been done for the identification primitive until 2013 when Chin et al. rigorously defined certificateless identification and proposed a concrete scheme. However Chin et al.`s scheme was proven in the random oracle model and Canetti et al. has shown that certain schemes provable secure in the random oracle model can be insecure when random oracles are replaced with actual hash functions. Therefore while having a proof in the random oracle model is better than having no proof at all, a scheme to be proven in the standard model would provide stronger security guarantees. In this paper, we propose the first certificateless identification scheme that is both efficient and show our proof of security in the standard model, that is without having to assume random oracles exist.
An Improved Efficient Provable Secure Identity-Based Identification Scheme in the Standard Model
( Syh-yuan Tan ),( Ji-jian Chin ),( Swee-huay Heng ),( Bok-min Goi ) 한국인터넷정보학회 2013 KSII Transactions on Internet and Information Syst Vol.7 No.4
In 2008, Chin et al. proposed an efficient and provable secure identity-based identification scheme in the standard model. However, we discovered a subtle flaw in the security proof which renders the proof of security useless. While no weakness has been found in the scheme itself, a scheme that is desired would be one with an accompanying proof of security. In this paper, we provide a fix to the scheme to overcome the problem without affecting the efficiency as well as a new proof of security. In particular, we show that only one extra pre-computable pairing operation should be added into the commitment phase of the identification protocol to fix the proof of security under the same hard problems.