International Journal of Network Security, Vol.17, No.2, PP.224-228, Mar. 2015 224
Cryptanalysis of Attribute-based Ring
Signcryption Scheme
Hu Xiong, Ji Geng, Zhiguang Qin, and Guobin Zhu
(Corresponding author: Hu Xiong)
School of Computer Science and Engineering & University of Electronic Science and Technology of China
1
No. 4, North Jianshe Road, Chenghua District, Chengdu, Sichuan 610054, China
(Email: xionghu.uestc@gmail.com)
(Received Apr. 8, 2013; revised and accepted Nov. 3, 2014)
Abstract
Signcryption can offer authentication and confidential-
ity simultaneously with better efficiency than traditional
signature-then-encryption approach. Ring signature en-
ables a user to conscribe arbitrarily a group of ring mem-
bers and sign a message on behalf of the ring (which in-
cludes himself) without revealing his real identity. By
integrating the notion of signcryption and ring signature,
ring signcryption has been initialized to leak secrets in
an authenticated and confidential way anonymously. Re-
cently, Guo et al. (Guo Z, Li M, Fan X. Attribute-based
ring signcryption scheme. Security and Communication
Networks, vol. 6, no. 6, pp. 790-796, 2013) proposed a
ring signcryption scheme in attribute-based cryptography.
Furthermore, they claimed that their scheme can satisfy
confidentiality and unforgeability in the random oracle
model. Unfortunately, by giving concrete attacks, we in-
dicate that Guo et al.’s attribute-based ring signcryption
scheme doesn’t provide confidentiality and unforgeability.
Keywords: Attribute-based cryptography; cryptanalysis;
ring signcryption; provable security
1 Introduction
To offer authenticity and confidentiality simultane-
ously with better efficiency than traditional “sign-then-
encrypt” approach, Zheng [24] initially formalized the
notion of signcryption. Since Zheng’s pioneering work,
dozens of signcryption schemes have been proposed fol-
lowing various research lines. Firstly, the existing sign-
cryption scheme can be classified as RSA-based [10], IF-
based [20], elliptic curves-based [21, 25], pairing-based [4],
lattice-based [12] according to the underlying keys. Sec-
ondly, ID-based [3, 5, 6], certificateless [2, 7], self-
certified [13] and certificate-based [15] signcryption also
have b een proposed to simplify the public key certificates
in the traditional public key infrastructure. Thirdly, the
extensions of signcryption have been proposed by inte-
grating the pure signcryption with other cryptographic
primitives, such as ring signcryption [1, 22], group sign-
cryption [11], threshold unsigncryption [14, 23] and proxy
signcryption [17, 18]. The survey of signcryption and re-
lated applications can be found in [8].
As one of the extension of signcryption, ring signcryp-
tion was initially formalized by Huang et al. [1] and al-
lows a signer conscripts a group of ring members and
signcrypts one message on behalf of the ring without
revealing his real identity. Furthermore, the procedure
of signcryption does not need the cooperation of other
ring members. Thus, ring signcryption can be applied in
some concrete applications where authenticity, confiden-
tiality and anonymity receive concern simultaneously. On
the other hand, to use biometric-based identities in the
Identity-based cryptosystem, attribute-based cryptogra-
phy has been proposed in 2005 [19]. Recently, Guo et
al. [9] introduced ring signcryption in the attribute-based
cryptography by integrating the notion of attribute-based
ring signature [16] and attribute-based encryption [19]. In
an attribute-based signcryption, a signer can get its pri-
vate key for attributes set ω from a trusted private key
generator. Then, this signer can signcrypt message on
behalf of a subset ω
0
⊆ ω. Here, all users with this at-
tributes subset ω
0
can be considered as the ring. After
that, a concrete attribute-based ring signcryption based
on bilinear pairings has also been suggested in this paper.
They claimed that their scheme can achieve unforgeability
and confidentiality in the random oracle model. However,
in this paper, we show that their scheme cannot provide
confidentiality and unforgeability at all by giving concrete
attacks. Furthermore, the basic reason behind our attack
has also been analyzed.
The rest of this paper is organized as follows. In Sec-
tion 2, we review the Guo-Li-Fan attribute-based ring
signcryption scheme. After that, we explain why their
scheme can not provide unforgeability and confidentiality
in Sections 3 and 4 respectively. Finally, the conclusions
are given in Section 5.
下载后可阅读完整内容,剩余4页未读,立即下载
weixin_38661939
- 粉丝: 5
- 资源: 949
我的内容管理
展开
最新资源
- 李兴华Java基础教程:从入门到精通
- U盘与硬盘启动安装教程:从菜鸟到专家
- C++面试宝典:动态内存管理与继承解析
- C++ STL源码深度解析:专家级剖析与关键技术
- C/C++调用DOS命令实战指南
- 神经网络补偿的多传感器航迹融合技术
- GIS中的大地坐标系与椭球体解析
- 海思Hi3515 H.264编解码处理器用户手册
- Oracle基础练习题与解答
- 谷歌地球3D建筑筛选新流程详解
- CFO与CIO携手:数据管理与企业增值的战略
- Eclipse IDE基础教程:从入门到精通
- Shell脚本专家宝典:全面学习与资源指南
- Tomcat安装指南:附带JDK配置步骤
- NA3003A电子水准仪数据格式解析与转换研究
- 自动化专业英语词汇精华:必备术语集锦
资源上传下载、课程学习等过程中有任何疑问或建议,欢迎提出宝贵意见哦~我们会及时处理!
点击此处反馈
