With computer networks spreading into a variety of new environments, the need to authenticate and secure communication grows. Many of these new environments have particular requirements on the applicable cryptographic primitives. For instance, several applications require that communication overhead be small and that many messages be processed at the same time. In this paper we consider the suitability of public key signatures in the latter scenario. That is, we consider signatures that are 1) short and 2) where many signatures from (possibly) different signers on (possibly) different messages can be verified quickly. Prior work focused almost exclusively on batching signatures from the same signer. We propose the first batch verifier for messages from many (certified) signers without random oracles and with a verification time where the dominant operation is independent of the number of signatures to verify. We further propose a new signature scheme with very short signatures, for which batch verification for many signers is also highly efficient. Combining our new signatures with the best known techniques for batching certificates from the same authority, we get a fast batch verifier for certificates and messages combined. Although our new signature scheme has some restrictions, it is very efficient and still practical for some communication applications. 1

Aggregate signatures are a useful primitive which allows aggregation into a single and constant-length signature many signatures on different messages computed by different users. Specific proposals of aggregate signature schemes exist only for PKI-based scenarios. For identity-based scenarios, where public keys of the users are directly derived from their identities, the signature schemes proposed up to now do not seem to allow constant-length aggregation. We provide an intermediate solution to this problem, by designing a new identity-based signature scheme which allows aggregation when the signatures to be aggregated come all from the same signer. The new scheme is deterministic and enjoys some better properties than the previous proposals; for example, it allows detection of a possible corruption of the master entity. We formally prove that the scheme is unforgeable, in the random oracle model, assuming that the Computational Diffie–Hellman problem is hard to solve.

Abstract—In this paper, we propose a robust and efficient signature scheme for Vehicle-to-Infrastructure communications, called Binary Authentication Tree (BAT). The BAT scheme can effectively eliminate the performance bottleneck when verifying a mass of signatures within a rigorously required interval, even under adverse scenarios with bogus messages. Given any n received messages with k ≥ 1 bogus ones, the computation cost to verify all these messages only requires approximately (k +1) · log(n/k) +4k − 2 time-consuming pairing operations. The BAT scheme can also be gracefully transplanted to other similar batch signature schemes. In addition, it offers the other conventional security for vehicular networks, such as identity privacy and traceability. Theoretical analysis and simulation results demonstrate the validity and practicality of the BAT scheme. Index Terms—Binary authentication tree, identity-based cryptography, robust, signature, vehicular communication. I.

Abstract. For two parties to communicate securely over an insecure channel, they must be able to authenticate one another and establish a common session key. We propose a new secure one-pass authenticated key establishment protocol which is well suited to one-way communication channels. The protocol is examined using an extension of the Bellare-Rogaway model proposed by Blake-Wilson et. al., and is shown to be provably secure, in the sense that defeating the protocol is equivalent to solving a CDH problem. We compare our protocol to existing approaches, in terms of security and efficiency. To the best of our knowledge, ours is the only one-pass protocol that resists general key-compromise impersonation attacks, and avoids certain vulnerabilities to loss of information attacks found in other protocols of its class. Key words: One-pass protocols, two-party key agreement, key-compromise impersonation, loss of information 1

Abstract—A partially blind signature is a variant of the blind signature. The partially blind signature scheme allows a signer to sign a partially blind message that explicitly includes the pre-agreed information. In 2005, Chow et al. first proposed an ID-based partially blind signature scheme with bilinear pairings. ID-based public key systems with bilinear pairings defined on elliptic curves offer a flexible approach to achieve both simplifying the certificate management and reducing the computational cost. However, their scheme is time-consuming for requesters (or clients) with mobile devices. In 2007, Hu and Huang proposed an efficient ID-based partially blind signature scheme based on bilinear pairings. They claimed that the proposed scheme is provably secure under the random oracle model. However, this paper shows that the Hu-Huang scheme suffers from forgery attacks. Index Terms—Security, Partially blind signature, Bilinear pairings, Identity-based.

Abstract—A partially blind signature is a variant of the blind signature. The partially blind signature scheme allows a signer to sign a partially blind message that explicitly includes the pre-agreed information. In 2005, Chow et al. first proposed an ID-based partially blind signature scheme with bilinear pairings. ID-based public key systems with bilinear pairings defined on elliptic curves offer a flexible approach to achieve both simplifying the certificate management and reducing the computational cost. However, their scheme is time-consuming for requesters (or clients) with mobile devices. In 2007, Hu and Huang proposed an efficient ID-based partially blind signature scheme based on bilinear pairings. They claimed that the proposed scheme is provably secure under the random oracle model. However, this paper shows that the Hu-Huang scheme suffers from forgery attacks. Index Terms—Security, Partially blind signature, Bilinear pairings, Identity-based.

Some security research in Mobile Ad Hoc Networks (MANETs) and Wireless Sensor Networks (WSNs) is very closely related to cryptography. There are numerous security routing protocols and key management schemes that have been designed based on cryptographic techniques, such as public key infrastructures and identity-based cryptography. In fact, some of them are fully adapted to fit the network requirements on limited resources such as storage, CPU, and power limitations. For example, one way hash functions are used to construct disposable secret keys instead of choosing private key in public key infrastructure. To gain a quick understanding of security design, we provide a survey on cryptography applications to secure MANETs and WSNs. Through this survey, we present network security schemes and protocols according to cryptographic techniques, give a few case studies on popular techniques of cryptography application, and dissect one of the designs using cryptographic techniques.

journal homepage: www.elsevier.com/locate/comnet An efficient dynamic-identity based signature scheme

identification using correcting codes