A Secure Extension of the Kwak-Moon Group Signcryption Scheme

A Secure Extension of the Kwak-Moon Group Signcryption Scheme

This paper presents the secure extension of the Kwak–Moon group signcryption scheme [Kwak D, Moon S. Efficient distributed signcryption scheme as group signcryption. In: First applied cryptography and network security – ACNS'03. Lecturer notes in computer science, vol. 2846. Springer Verlag-Ver...

Full description

Saved in:
Bibliographic Details
Main Authors: KWAK, D., Moon, S. J., WANG, Guilin, DENG, Robert H.
Format: text
Language:English
Published: Institutional Knowledge at Singapore Management University 2006
Subjects:
Signature
Group signature
Signcryption
Public-key cryptography
Key agreement
Information Security
Online Access:https://ink.library.smu.edu.sg/sis_research/1199
http://dx.doi.org/10.1016/j.cose.2006.05.006
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Singapore Management University
Language: English
Description
Summary:This paper presents the secure extension of the Kwak–Moon group signcryption scheme [Kwak D, Moon S. Efficient distributed signcryption scheme as group signcryption. In: First applied cryptography and network security – ACNS'03. Lecturer notes in computer science, vol. 2846. Springer Verlag-Verlag; 2003. p. 403–17] as a countermeasure against the cryptanalysis in [Wang G, Deng RH, Kwak D, Moon S. Security analysis of two signcryption scheme. In: Information security conference – ISC 2004. Lecturer notes in computer science, vol. 3225. Springer Verlag-Verlag; 2004. p. 123–33]. The cryptanalysis revealed that the Kwak–Moon scheme cannot satisfy the properties of unforgeability, coalition-resistance, and traceability. Therefore, to avoid these weaknesses, while providing the same functions, we add confidentiality to the original group signature by distributing a shared secret among group members through an efficient group key agreement. However, in case of just combining a group signature and a group key agreement, if an attacker who does not belong to the group acquires a valid group signature, it is still possible for him to impersonate a valid group member and delegate the group. Thus, to avoid this possibility, the proposed scheme confirms whether or not the sender is equal to the signer by including a session key encryption in the signed message. In addition, we analyze the security of the proposed scheme and apply it to an anonymous statistical survey of attributes.

Similar Items