Secure and Efficient Two-Party Signing Protocol for the Identity-Based Signature Scheme in the IEEE P1363 Standard for Public Key Cryptography

Mobile device and application (app) security are increasingly important, partly due to the constant and fast-paced cyberthreat evolution. To ensure the security of communication (e.g., data-in-transit), a number of identity-based signature schemes have been designed to facilitate authorization identification and validation of messages. However, in many of these schemes, a user's private key may leak when a new signature is generated since the private keys are stored on the device. Seeking to improve the security of the private key, we propose the first two-party distributed signing protocol for the identity-based signature scheme in the IEEE P1363 standard. This protocol requires that two devices separately store one part of the user's private key, and allows these two devices to generate a valid signature without revealing the entire private key of the user. We formally prove that the security of the protocol in the random oracle model. Then, we implement the protocol using the MIRACL library and evaluate the protocol on two mobile devices. Compared with the protocol of Lindell (CRYPTO'17) that uses the zero-knowledge proof for its security, our protocol is more suitable for deployment in the mobile environment.

[1]  Markus Stadler,et al.  Publicly Verifiable Secret Sharing , 1996, EUROCRYPT.

[2]  Yehuda Lindell,et al.  Fast Secure Two-Party ECDSA Signing , 2017, Journal of Cryptology.

[3]  Lein Harn Comments on 'fair (t, n) threshold secret sharing scheme' , 2014, IET Inf. Secur..

[4]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[5]  Réjean Plamondon,et al.  Online Signature Verification , 2014, Handbook of Document Image Processing and Recognition.

[6]  Paulo S. L. M. Barreto,et al.  Efficient and Provably-Secure Identity-Based Signatures and Signcryption from Bilinear Maps , 2005, ASIACRYPT.

[7]  Tamir Tassa,et al.  Hierarchical Threshold Secret Sharing , 2004, Journal of Cryptology.

[8]  Chin-Chen Chang,et al.  Enhancing the efficiency of (v, r, n)-fairness secret sharing scheme , 2004, 18th International Conference on Advanced Information Networking and Applications, 2004. AINA 2004..

[9]  Victor Shoup,et al.  Practical Threshold Signatures , 2000, EUROCRYPT.

[10]  Kim-Kwang Raymond Choo,et al.  A technique to circumvent SSL/TLS validations on iOS devices , 2017, Future Gener. Comput. Syst..

[11]  Kim-Kwang Raymond Choo,et al.  Cyber-physical systems information gathering: A smart home case study , 2018, Comput. Networks.

[12]  Lein Harn,et al.  Detection and identification of cheaters in (t, n) secret sharing scheme , 2009, Des. Codes Cryptogr..

[13]  Yasushi Yamazaki,et al.  INVITED PAPER Special Section on Advanced Log Processing and Office Information Systems Toward More Secure and Convenient User Authentication in Smart Device Era , 2017 .

[14]  Juan José Vinagre-Díaz,et al.  Bluetooth Traffic Monitoring Systems for Travel Time Estimation on Freeways , 2016, IEEE Transactions on Intelligent Transportation Systems.

[15]  Yvo Desmedt,et al.  Threshold Cryptosystems , 1989, CRYPTO.

[16]  Martin Tompa,et al.  How to share a secret with cheaters , 1988, Journal of Cryptology.

[17]  Nathan L. Clarke,et al.  The application of signature recognition to transparent handwriting verification for mobile devices , 2007, Inf. Manag. Comput. Secur..

[18]  Wenmin Li,et al.  A Fair (t,n) Threshold Secret Sharing Scheme , 2015 .

[19]  C.-S. Laih,et al.  V-fairness (t, n) secret sharing scheme , 1997 .

[20]  G. R. Blakley,et al.  Safeguarding cryptographic keys , 1899, 1979 International Workshop on Managing Requirements Knowledge (MARK).

[21]  Lein Harn,et al.  Multilevel threshold secret sharing based on the Chinese Remainder Theorem , 2014, Inf. Process. Lett..

[22]  N. Jones,et al.  Top 10 Strategic Technology Trends for 2019: A Gartner Trend Insight Report , 2018 .

[23]  Nicola Bui,et al.  A Survey of Anticipatory Mobile Networking: Context-Based Classification, Prediction Methodologies, and Optimization Techniques , 2016, IEEE Communications Surveys & Tutorials.

[24]  Kim-Kwang Raymond Choo,et al.  Circumventing iOS security mechanisms for APT forensic investigations: A security taxonomy for cloud apps , 2018, Future Gener. Comput. Syst..

[25]  Toshiaki Tanaka,et al.  A New (k, n)-Threshold Secret Sharing Scheme and Its Extension , 2008, ISC.

[26]  Hugo Krawczyk,et al.  Robust Threshold DSS Signatures , 1996, Inf. Comput..