Efficient Certificate-Based Signature and Its Aggregation

Ma, Xinxin; Shao, Jun; Zuo, Cong; Meng, Ru

doi:10.1007/978-3-319-72359-4_23

Cited by 9 publications

(5 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Signature technology referred to a technology that confirmed the signee and showed that the signee signed the data. A variety of signature technologies have been studied and used to increase the reliability of the data sent by the data owner (data sender) [53][54][55]. Blockchain technology referred to unchanging shared ledgers used for the efficient process of recording transactions and tracking assets in a business network.…”

Section: Security Requirements Needed When Collecting and Storing Osi...mentioning

confidence: 99%

Current Status and Security Trend of OSINT

Hwang

Lee

Kim

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Recently, users have used open-source intelligence (OSINT) to gather and obtain information regarding the data of interest. The advantage of using data gathered by OSINT is that security threats arising in cyberspace can be addressed. However, if a user uses data collected by OSINT for malicious purposes, information regarding the target of an attack can be gathered, which may lead to various cybercrimes, such as hacking, malware, and a denial-of-service attack. Therefore, from a cybersecurity point of view, it is important to positively use the data gathered by OSINT in a positive manner. If exploited in a negative manner, it is important to prepare countermeasures that can minimize the damage caused by cybercrimes. In this paper, the current status and security trends of OSINT will be explained. Specifically, we present security threats and cybercrimes that may occur if data gathered by OSINT are exploited by malicious users. Furthermore, to solve this problem, we propose security requirements that can be applied to the OSINT environment. The proposed security requirements are necessary for securely gathering and storing data in the OSINT environment and for securely accessing and using the data collected by OSINT. The goal of the proposed security requirements is to minimize the damage when cybercrimes occur in the OSINT environment.

show abstract

Section: Security Requirements Needed When Collecting and Storing Osi...mentioning

confidence: 99%

Current Status and Security Trend of OSINT

Hwang

Lee

Kim

et al. 2022

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…Additionally, public key verification overload is eliminated. There are CBS and CB-AS techniques using CBC [19][20][21][22][23][24][25][26].…”

Section: Digital Signaturesmentioning

confidence: 99%

“…This reduces verification and memory overheads, computing cost, and bandwidth. Many pairing-free-based CB-AS methods have been applied in IIoT environments such as smart factories [23][24][25][26].…”

Section: Certificate-based Aggregate Signatures (Cb-as)mentioning

confidence: 99%

See 1 more Smart Citation

A Lightweight Certificate-Based Aggregate Signature Scheme Providing Key Insulation

Hwang¹,

Lee²

2021

Computers, Materials &Amp; Continua

View full text Add to dashboard Cite

Recently, with the advancement of Information and Communications Technology (ICT), Internet of Things (IoT) has been connected to the cloud and used in industrial sectors, medical environments, and smart grids. However, if data is transmitted in plain text when collecting data in an IoTcloud environment, it can be exposed to various security threats such as replay attacks and data forgery. Thus, digital signatures are required. Data integrity is ensured when a user (or a device) transmits data using a signature. In addition, the concept of data aggregation is important to efficiently collect data transmitted from multiple users (or a devices) in an industrial IoT environment. However, signatures based on pairing during aggregation compromise efficiency as the number of signatories increases. Aggregate signature methods (e.g., identity-based and certificateless cryptography) have been studied. Both methods pose key escrow and key distribution problems. In order to solve these problems, the use of aggregate signatures in certificate-based cryptography is being studied, and studies to satisfy the prevention of forgery of signatures and other security problems are being conducted. In this paper, we propose a new lightweight signature scheme that uses a certificate-based aggregate signature and can generate and verify signed messages from IoT devices in an IoT-cloud environment. In this proposed method, by providing key insulation, security threats that occur when keys are exposed due to physical attacks such as side channels can be solved. This can be applied to create an environment in which data is collected safely and efficiently in IoT-cloud is environments.

show abstract

“…In 2016, Chen et al [33] introduced the first pairing free CB-AS (PFCBAS) scheme to improve the efficiency. Recently, Ma et al [34] presented a new and efficient CB-AS scheme over pairings. However, their scheme uses aggregation of different signatures on the same document by different signers.…”

Section: Related Workmentioning

confidence: 99%

PFCBAS: Pairing Free and Provable Certificate-Based Aggregate Signature Scheme for the e-Healthcare Monitoring System

Verma

Singh

Kumar

et al. 2020

IEEE Systems Journal

View full text Add to dashboard Cite

Recently, one of the most popular technologies of the modern era, the Internet of Things (IoT) allows the deployment and usage of various real-time test beds for various smart applications. One such application is the e-healthcare in which patients healthcare related data is transmitted to the nearest base station and then to local or remote server as per the requirements. The data related to patients health is sensitive and needs special protection. Therefore, the integrity and authentication of sources of data generation are vital issues. However, several authentication or signature schemes which have been introduced in the past for this purpose are ID-based or having certificate-less settings. Thus, these proposed schemes suffer from key escrow and key distribution problems. To mitigate these issues, this article presents a certificate-based pairing free aggregate signature scheme. The proposed scheme uses the merits of public key cryptography (PKC) and identity based public key cryptography (IDBPKC). The scheme is proven to be unforgeable, assuming the hardness of ECDLP. The performance analysis shows that proposed CBPFAS scheme executes in 0.78(n + 1) m in comparison to 9.63 + 1.17n m in [1], 9.63 + 0.78n m in [2], 9.63 + 3.39n m in [3] and 9.63 + 1.17n m in [4].

show abstract

Efficient Certificate-Based Signature and Its Aggregation

Cited by 9 publications

References 37 publications

Current Status and Security Trend of OSINT

Current Status and Security Trend of OSINT

A Lightweight Certificate-Based Aggregate Signature Scheme Providing Key Insulation

PFCBAS: Pairing Free and Provable Certificate-Based Aggregate Signature Scheme for the e-Healthcare Monitoring System

Contact Info

Product

Resources

About