Improved Cryptanalysis of Provable Certificateless Generalized Signcryption

Waheed, Abdul; Iqbal, Jawaid; Din, Nizamud; Islam, Shahab Ul; Umar, Arif Iqbal; Amin, Noor Ul

doi:10.14569/ijacsa.2019.0100475

Cited by 8 publications

(10 citation statements)

References 15 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In 2019, Zhou [31] improved the scheme of Zhang et al [30] and proposed a new scheme for the mobile health system that can monitor the human body status in real time. Waheed et al in 2019 [32] analyzed the proposed scheme of Zhou et al [29] and proved that the scheme of Zhou et al [29] is insecure against ciphertext indistinguishability under adaptive chosen-ciphertext attacks (IND-CCA2). Further, the 3 Wireless Communications and Mobile Computing author proposed a new and improved scheme at the same cost which is secure against the aforementioned attacks.…”

Section: Certificateless Generalized Signcryption Schemesmentioning

confidence: 99%

“…However, the schemes [25][26][27][28][29][30][31][32][33] suffer from heavy computation and communication costs due to the use of bilinear pairing and an elliptic curve cryptosystem.…”

Section: Certificateless Generalized Signcryption Schemesmentioning

confidence: 99%

“…However, ζ cannot replay the old messages because he/she needs fresh FNs for every new session. Furthermore, we compare our scheme with the existing CGS and ID-BGS schemes in milliseconds (ms) by using the above major operation, according to the experiments performed in [50] with the following hardware and software specifications: [50], an SPBPM will take 4.32 ms, a single SBP will take 14.90 ms, SEXP will take 1.25 ms, and SEPM will take 0.97 ms. Based on the experiments performed in [51,52], we consider that a SHEDM will take 0.48 ms. On the bases of the above expansive mathematical operations, we conduct the computation cost comparison of our proposed scheme with existing CGS schemes which are Zhang et al [28], Zhou et al [29], Zhang et al [30], Zhou [31], Waheed et al [32], and Karati et al [33] as shown in Tables 2 and 3. Further, the computation cost comparison of our proposed scheme with existing ID-BGS schemes which are Wei et al [21] and Shen et al [23] is shown in Tables 4 and 5.…”

Section: Forward Secrecymentioning

confidence: 99%

See 2 more Smart Citations

A Lightweight Nature Heterogeneous Generalized Signcryption (HGSC) Scheme for Named Data Networking-Enabled Internet of Things

Rehman

Khattak

Alzahrani

et al. 2020

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

Internet of Things (IoT) is the collection of different types of smart objects like mobile phones, sensors, cars, smart cities, smart buildings, and healthcare, which can provide a quality life to humans around the globe. These smart objects sense and produce a huge amount of data for distribution. The current hostcentric networking paradigm is not that scalable to provide a suitable solution to the idea of IoT. For scalable connectivity and efficient distribution, Named Data Networking (NDN) has been envisioned as a promising solution for future internet architecture. On the other hand, the significant issues regarding the adaptation of NDN with IoT possess security concerns such as authentication, confidentiality, integrity, and forward secrecy. As IoT is a heterogeneous environment, it demands a different type of security, according to the environmental situation such as public key infrastructure (PKI), identity-based cryptosystem (IBC), and certificateless cryptosystem (CLC). This paper presents a new concept of CLC to IBC heterogeneous generalized signcryption for the first time to fulfil the prime security requirements of NDN-based IoT. The proposed scheme provides the security properties according to situational needs without disturbing the structural policy of NDN. Considering the resource-constrained nature of IoT, we used a lightweight type of elliptic curve called the hyperelliptic curve cryptosystem which offers the same level of security as that of bilinear pairing and an elliptic curve cryptosystem using a minimum key size. Further, we compare the proposed scheme with recently proposed identity-based as well as certificateless generalized signcryption schemes, and the results give satisfactory outputs in terms of computational and communication resources. Furthermore, we simulate the proposed scheme with Automated Validation of Internet Security Protocols and Applications (AVISPA), and the results show that our scheme is valid and safe. Additionally, we provide a practical scenario of the proposed on NDN with an IoT-based smart city.

show abstract

Section: Certificateless Generalized Signcryption Schemesmentioning

confidence: 99%

“…However, the schemes [25][26][27][28][29][30][31][32][33] suffer from heavy computation and communication costs due to the use of bilinear pairing and an elliptic curve cryptosystem.…”

Section: Certificateless Generalized Signcryption Schemesmentioning

confidence: 99%

Section: Forward Secrecymentioning

confidence: 99%

See 1 more Smart Citation

A Lightweight Nature Heterogeneous Generalized Signcryption (HGSC) Scheme for Named Data Networking-Enabled Internet of Things

Rehman

Khattak

Alzahrani

et al. 2020

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

show abstract

“…In 2011, Kushwah and Lal [19] also simplified same Yu et al [18] security model and proposed a new efficient IBGSC scheme. In 2019, Waheed et al [20] analyzed the Zhou et al [21] certificateless generalized scheme and proposed improved scheme comparatively more secure with the same cost.…”

Section: Introductionmentioning

confidence: 99%

Cryptanalysis of an Authentication Scheme Using an Identity Based Generalized Signcryption

Waheed

Umar

Din³

et al. 2019

Mathematics

Self Cite

View full text Add to dashboard Cite

Secure data transmission is a challenging issue in modern data communication. ID based generalized signcryption is a cost effective security primitive which provides authentication or confidentiality, or jointly confidentiality and authentication. Wei's proposed an ID based generalized signcryption scheme for authentication and confidentiality of big data in a standard model, claiming that their scheme holds the security of indistinguishability against adaptive chosen-ciphertext attacks and existential unforgeability against adaptive chosen message attacks. In this paper, we analyzed Wei's scheme by launching security attacks on the scheme to check its validity. As a result, it became clear and proved that the master secret key generated in the scheme is compromisable. Similarly, the mentioned scheme does not hold the security of indistinguishability against adaptive chosen-ciphertext attacks and existential unforgeability against adaptive chosen message attacks. Consequently, Wei's schemes is prone to attacks and is insecure.

show abstract

“…In 1997, Zheng was the pioneer to merge these two processes in one algorithm, called signcryption [7]. This scheme is based on the concept of old public key cryptography (PKC), which is suffering from certificate overheads, renewing, and revocation problems [8]. Shamir was the first to propose an alternate concept of PKC, called identity-based cryptography (IBC) [9].…”

mentioning

confidence: 99%

An Energy Efficient and Formally Secured Certificate-Based Signcryption for Wireless Body Area Networks with the Internet of Things

et al. 2019

View full text Add to dashboard Cite

Recently, the spectacular innovations in the fields of wireless body area networks (WBAN) and the Internet of Things (IoT) have made e-Care services rise as a promising application domain, which significantly advances the quality of the medical system, however, due to the openness of the wireless environment and privacy of people's physiological data, WBAN and IoT are prone to various cyber-a acks. There is a significant need for an efficient and highly secured cryptographic scheme that can meet the requirements of resource-constrained devices. Therefore, in this paper, we propose a certificate-based signcryption (CB-SN) scheme for the IoT-enabled WBAN. The proposed scheme is based on the concept of hyper-elliptic curve cryptography (HECC) that offers the same level of security as the elliptic curve and bilinear pairing with lower-key size. The formal security verification using the Automated Validation of the Internet Security Protocols and Applications (AVISPA) tool along with informal security analysis demonstrate that the proposed scheme is not just reducing the complexity of resource-constrained IoT devices, but proves to be secure against several well-known cryptographic a acks. Moreover, performance comparison with relevant existing schemes authenticates that the proposed scheme is far more secure and energy efficient. different algorithms separately, i.e., signature and then encryption at the same time. In 1997, Zheng was the pioneer to merge these two processes in one algorithm, called signcryption [7]. This scheme is based on the concept of old public key cryptography (PKC), which is suffering from certificate overheads, renewing, and revocation problems [8]. Shamir was the first to propose an alternate concept of PKC, called identity-based cryptography (IBC) [9]. This technique removed the limitations of PKC and used the identity in place of a certificate. Later, in 2002, Malone-Lee [10], for the first time merged the concept of IBC with the signcryption technique, namely, identity-based signcryption (IBS). The IBS includes three entities, for example, a sender (signcrypter), a receiver (unsigncrypter), and the private key generation center (PKGC), respectively. In this setup, the users (signcrypter and unsigncrypter) generate their identities and after that, send it to the PKGC. Then, the PKGC produces and delivers the private keys for all the participating users, by using the secured networks. Unfortunately, IBS suffers from the key escrow issue (KEI), because the private key is generated by the PKGC and one can easily use this key for forging the digital signature and decrypting the ciphertext [11].To eliminate the above problem in IBS, in 2008, Barbosa and Farshim [12], put forward the concept of a certificateless signcryption (CL-SC) scheme. The CL-SC mechanism almost works the same as IBS, but the main difference is that the private key is generated by the users themselves. The central authority known as a key generation center (KGC) only provides the partial private key to the users by using an ...

show abstract

Improved Cryptanalysis of Provable Certificateless Generalized Signcryption

Cited by 8 publications

References 15 publications

A Lightweight Nature Heterogeneous Generalized Signcryption (HGSC) Scheme for Named Data Networking-Enabled Internet of Things

A Lightweight Nature Heterogeneous Generalized Signcryption (HGSC) Scheme for Named Data Networking-Enabled Internet of Things

Cryptanalysis of an Authentication Scheme Using an Identity Based Generalized Signcryption

An Energy Efficient and Formally Secured Certificate-Based Signcryption for Wireless Body Area Networks with the Internet of Things

Contact Info

Product

Resources

About