<![CDATA[ IET Information Security - new TOC ]]>
http://ieeexplore.ieee.org
TOC Alert for Publication# 4149673 2018April 23<![CDATA[Guest Editorial: Selected Papers from the Public Key Cryptography (PKC 2016) Conference]]>123165165314<![CDATA[Efficient unlinkable sanitizable signatures from signatures with re-randomizable keys]]>et al. (ESORICS 2005) and Brzuska et al. (PKC 2009) formalized the initially suggested five security properties. In the subsequent year, Brzuska et al. (PKC 2010) introduced a notion called unlinkability where the basic idea is that linking message-signature pairs of the same document should be infeasible. Brzuska et al. formalized this notion and suggested a generic instantiation based on group signatures with a special structure. Unfortunately, the most efficient instantiations of group signatures do not have this property. In this work, we present the first efficient construction of unlinkable sanitizable signatures based on a novel type of signature schemes with re-randomizable keys. This property allows one to re-randomize both the signing and the verification key separately but consistently. Given a signature scheme with re-randomizable keys, we obtain a sanitizable signature scheme by signing the message with a re-randomized key and proving in zero-knowledge that the derived key originates from either the signer or the sanitizer. To obtain an efficient instantiation, we instantiate this generic idea with Schnorr signatures and efficient $Sigma $Σ-protocols that we turn into a non-interactive zero-knowledge proof via the Fiat-Shamir transformation. In this work, we present an optimized version that is more efficient than the construction we suggested in the extended abstract of this work at PKC 2016.]]>1231661833662<![CDATA[Practical attribute-based signature schemes for circuits from bilinear map]]>expressive (supports a wide class of predicates), is practically efficient, and is based on well-studied cryptographic assumptions. The authors construct attribute-based signature schemes that support any Boolean circuit of unbounded depth and number of gates, are practically efficient, from the symmetric bilinear Diffie-Hellman assumption. Toward this end, they combine the Groth-Sahai proof system, which serve as an efficient proof system for algebraic equations, and the Groth-Ostrovsky-Sahai proof system, which are still inefficient, but can prove any NP language via a Karp reduction to circuit satisfiability.]]>123184193862<![CDATA[Delegatable functional signatures]]>delegatable functional signatures (DFS) which support the delegation of signing capabilities to another party, called the evaluator, with respect to a functionality ℱ. In a DFS, the signer of a message can choose an evaluator, specify how the evaluator can modify the signature without voiding its validity, allow additional input, and decide how the evaluator can further delegate its capabilities. Technically, DFS unify several seemingly different signature primitives, including functional signatures and policy-based signatures, sanitisable signatures, identity-based signatures, and blind signatures. The authors characterise the instantiability of DFS with respect to the corresponding security notions of unforgeability and privacy. On the positive side, they show that privacy-free DFS can be constructed from one-way functions. Furthermore, they show that unforgeable and private DFS can be constructed from doubly-enhanced trapdoor permutations. On the negative side, they show that the previous result is optimal regarding its underlying assumptions. Their impossibility result shows that unforgeable private DFS cannot be constructed from one-way permutations.]]>1231942063159<![CDATA[Receiver- and sender-deniable functional encryption]]>et al. 1997, allows equivocation of encrypted communication. In this work, the authors generalise its study to functional encryption (FE). The authors' results are summarised as follows: They first put forward and motivate the concept of receiver-deniable FE, for which they consider two models. In the first model, as previously considered by O'Neill et al. 2011 in the case of identity-based encryption, a receiver gets assistance from the master authority to generate a fake secret key. In the second model, there are `normal' and `deniable' secret keys, and a receiver in possession of a deniable secret key can produce a fake but authentic-looking normal key on its own. In the first model, they show a compiler from any FE scheme for circuits to a FE scheme having receiver deniability. In addition, they show an efficient receiver-deniable FE scheme for Boolean formulae from bilinear maps. In the second (multi-distributional) model, they present a specific FE scheme for circuits having receiver deniability. To the authors' knowledge, a scheme in the multi-distributional model was not previously known even for the special case of identity-based encryption. Finally, they construct the first sender (non-multi-distributional) deniable FE scheme.]]>123207216885<![CDATA[Degenerate curve attacks: extending invalid curve attacks to Edwards curves and other models]]>et al., however, only affects elliptic curve implementations using addition and doubling formulas that are independent of at least one of the curve parameters. This property is satisfied for elliptic curves in Weierstrass form, but not newer, increasingly popular models such as (twisted) Edwards curves. It has, therefore, been suggested that invalid curve attacks would not be applicable against these alternate models. In this study, the authors demonstrate that this is not the case, and present the first attack of this nature against (twisted) Edwards curves, Jacobi quartics, Jacobi intersections, and more. They also extend the analysis to characteristic 2 models, namely binary Huff, Edwards, and Lambda coordinates. They also show that our result may be used constructively as a fault attack countermeasure inspired by Shamir's trick, particularly on curves over random base fields.]]>123217225915<![CDATA[Mimic defense: a designed-in cybersecurity defense framework]]>1232262373408<![CDATA[Information security collaboration formation in organisations]]>123238245971