Results 1  10
of
22
On broadcast authentication in wireless sensor networks
 In International Conference on Wireless Algorithms, Systems, and Applications (WASA 2006
, 2006
"... Abstract — Broadcast authentication is a critical security service in wireless sensor networks (WSNs), as it allows the mobile users of WSNs to broadcast messages to multiple sensor nodes in a secure way. Although symmetrickeybased solutions such as µTESLA and multilevel µTESLA have been proposed, ..."
Abstract

Cited by 39 (5 self)
 Add to MetaCart
(Show Context)
Abstract — Broadcast authentication is a critical security service in wireless sensor networks (WSNs), as it allows the mobile users of WSNs to broadcast messages to multiple sensor nodes in a secure way. Although symmetrickeybased solutions such as µTESLA and multilevel µTESLA have been proposed, they all suffer from severe energydepletion attacks resulting from the nature of delayed message authentication. This paper presents several efficient publickeybased schemes to achieve immediate broadcast authentication and thus avoid the security flaw inherent in the µTESLAlike schemes. Our schemes are built upon the unique integration of several cryptographic techniques, including the Bloom filter, the partial message recovery signature scheme and the Merkle hash tree. We prove the effectiveness and efficiency of the proposed schemes by a comprehensive quantitative analysis of their energy consumption in both computation and communication. I.
Batch verification of short signatures
 In Proceedings of Eurocrypt 2007
, 2007
"... With computer networks spreading into a variety of new environments, the need to authenticate and secure communication grows. Many of these new environments have particular requirements on the applicable cryptographic primitives. For instance, a frequent requirement is that the communication overhea ..."
Abstract

Cited by 23 (3 self)
 Add to MetaCart
(Show Context)
With computer networks spreading into a variety of new environments, the need to authenticate and secure communication grows. Many of these new environments have particular requirements on the applicable cryptographic primitives. For instance, a frequent requirement is that the communication overhead inflicted be small and that many messages be processable at the same time. In this paper, we consider the suitability of public key signatures in the latter scenario. That is, we consider signatures that are 1) short and 2) where many signatures from (possibly) different signers on (possibly) different messages can be verified quickly. Prior work focused almost exclusively on batching signatures from the same signer. We propose the first batch verifier for messages from many (certified) signers without random oracles and with a verification time where the dominant operation is independent of the number of signatures to verify. We further propose a new signature scheme with very short signatures, for which batch verification for many signers is also highly efficient. Combining our new signatures with the best known techniques for batching certificates from the same authority, we get a fast batch verifier for certificates and messages combined. Although our new signature scheme has some restrictions, it is very efficient and still practical for some communication applications. 1
An Efficient Identitybased Batch Verification Scheme for Vehicular Sensor Networks
"... Abstract—With the adoption of stateoftheart telecommunication technologies for sensing and collecting traffic related information, Vehicular Sensor Networks (VSNs) have emerged as a new application scenario that is envisioned to revolutionize the human driving experiences and traffic flow contro ..."
Abstract

Cited by 15 (2 self)
 Add to MetaCart
(Show Context)
Abstract—With the adoption of stateoftheart telecommunication technologies for sensing and collecting traffic related information, Vehicular Sensor Networks (VSNs) have emerged as a new application scenario that is envisioned to revolutionize the human driving experiences and traffic flow control systems. To avoid any possible malicious attack and resource abuse, employing a digital signature scheme is widely recognized as the most effective approach for VSNs to achieve authentication, integrity, and validity. However, when the number of signatures received by a Roadside Unit (RSU) becomes large, a scalability problem emerges immediately, where the RSU could be difficult to sequentially verify each received signature within 300 ms interval according to the current Dedicated Short Range Communications (DSRC) broadcast protocol. In this paper, we introduce an efficient batch signature verification scheme for communications between vehicles and RSUs (or termed vehicletoInfrastructure (V2I) communications), in which an RSU can verify multiple received signatures at the same time such that the total verification time can be dramatically reduced. We demonstrate that the proposed scheme can achieve conditional privacy preservation that is essential in VSNs, where each message launched by a vehicle is mapped to a distinct pseudo identity, while a trust authority can always retrieve the real identity of a vehicle from any pseudo identity. With the proposed scheme, since identitybased cryptography is employed in generating private keys for pseudo identities, certificates are not needed and thus transmission overhead can be significantly reduced. I.
Deterministic identitybased signatures for partial aggregation
 J. Comput
, 2006
"... Aggregate signatures are a useful primitive which allows aggregation into a single and constantlength signature many signatures on different messages computed by different users. Specific proposals of aggregate signature schemes exist only for PKIbased scenarios. For identitybased scenarios, wher ..."
Abstract

Cited by 11 (2 self)
 Add to MetaCart
(Show Context)
Aggregate signatures are a useful primitive which allows aggregation into a single and constantlength signature many signatures on different messages computed by different users. Specific proposals of aggregate signature schemes exist only for PKIbased scenarios. For identitybased scenarios, where public keys of the users are directly derived from their identities, the signature schemes proposed up to now do not seem to allow constantlength aggregation. We provide an intermediate solution to this problem, by designing a new identitybased signature scheme which allows aggregation when the signatures to be aggregated come all from the same signer. The new scheme is deterministic and enjoys some better properties than the previous proposals; for example, it allows detection of a possible corruption of the master entity. We formally prove that the scheme is unforgeable, in the random oracle model, assuming that the Computational Diffie–Hellman problem is hard to solve.
BAT: A Robust Signature Scheme for Vehicular Networks Using Binary Authentication Tree
"... Abstract—In this paper, we propose a robust and efficient signature scheme for VehicletoInfrastructure communications, called Binary Authentication Tree (BAT). The BAT scheme can effectively eliminate the performance bottleneck when verifying a mass of signatures within a rigorously required inter ..."
Abstract

Cited by 9 (4 self)
 Add to MetaCart
(Show Context)
Abstract—In this paper, we propose a robust and efficient signature scheme for VehicletoInfrastructure communications, called Binary Authentication Tree (BAT). The BAT scheme can effectively eliminate the performance bottleneck when verifying a mass of signatures within a rigorously required interval, even under adverse scenarios with bogus messages. Given any n received messages with k ≥ 1 bogus ones, the computation cost to verify all these messages only requires approximately (k +1) · log(n/k) +4k − 2 timeconsuming pairing operations. The BAT scheme can also be gracefully transplanted to other similar batch signature schemes. In addition, it offers the other conventional security for vehicular networks, such as identity privacy and traceability. Theoretical analysis and simulation results demonstrate the validity and practicality of the BAT scheme. Index Terms—Binary authentication tree, identitybased cryptography, robust, signature, vehicular communication. I.
An efficient identitybased signature scheme with batch verifications
 In InfoScale ’06
, 2006
"... Mapping messages or user’s identity into a point on elliptic curves is required in many pairingbased cryptographic schemes. In most of these pairingbased schemes, this requirement is realized by a special hash function called MapToPoint function. However, the efficiency of the MapToPoint function ..."
Abstract

Cited by 5 (0 self)
 Add to MetaCart
(Show Context)
Mapping messages or user’s identity into a point on elliptic curves is required in many pairingbased cryptographic schemes. In most of these pairingbased schemes, this requirement is realized by a special hash function called MapToPoint function. However, the efficiency of the MapToPoint function is much lower than the general hash functions. In this paper, we propose a new identitybased signature (IBS) scheme without MapToPoint function, which speeds up extracting the secret key and verifying the signatures. The security of the proposed scheme depends on a complex assumption similar to kCAA. Another benefit of the proposed scheme is that it supports batch verifications such that multiple signatures of distinct messages for distinct users are verified simultaneously. The results show that batch verifications on the proposed IBS scheme is much faster than other IBS schemes. Furthermore, the proposed scheme is used to construct an efficient chameleon signature scheme by cooperating with an identitybased chameleon hash function. Keywords: IDbased signature, IDbased chameleon signature, batch verification 1
A Survey on Cryptography Applied to Secure Mobile Ad Hoc Networks and Wireless Sensor Networks
"... Some security research in Mobile Ad Hoc Networks (MANETs) and Wireless Sensor Networks (WSNs) is very closely related to cryptography. There are numerous security routing protocols and key management schemes that have been designed based on cryptographic techniques, such as public key infrastructure ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
(Show Context)
Some security research in Mobile Ad Hoc Networks (MANETs) and Wireless Sensor Networks (WSNs) is very closely related to cryptography. There are numerous security routing protocols and key management schemes that have been designed based on cryptographic techniques, such as public key infrastructures and identitybased cryptography. In fact, some of them are fully adapted to fit the network requirements on limited resources such as storage, CPU, and power limitations. For example, one way hash functions are used to construct disposable secret keys instead of choosing private key in public key infrastructure. To gain a quick understanding of security design, we provide a survey on cryptography applications to secure MANETs and WSNs. Through this survey, we present network security schemes and protocols according to cryptographic techniques, give a few case studies on popular techniques of cryptography application, and dissect one of the designs using cryptographic techniques.
MachineGenerated Algorithms, Proofs and Software for the Batch Verification of Digital Signature Schemes
, 2013
"... As devices everywhere increasingly communicate with each other, many security applications will require lowbandwidth signatures that can be processed quickly. Pairingbased signatures can be very short, but are often costly to verify. Fortunately, they also tend to have efficient batch verification ..."
Abstract

Cited by 1 (1 self)
 Add to MetaCart
(Show Context)
As devices everywhere increasingly communicate with each other, many security applications will require lowbandwidth signatures that can be processed quickly. Pairingbased signatures can be very short, but are often costly to verify. Fortunately, they also tend to have efficient batch verification algorithms. Finding these batching algorithms by hand, however, can be tedious and error prone. We address this by presenting AutoBatch, an automated tool for generating batch verification code in either Python or C++ from a high level representation of a signature scheme. AutoBatch outputs both software and, for transparency, a LaTeX file describing the batching algorithm and arguing that it preserves the unforgeability of the original scheme. We tested AutoBatch on over a dozen pairingbased schemes to demonstrate that a computer could find competitive batching solutions in a reasonable amount of time. Indeed, it proved highly competitive. In particular, it found an algorithm that is significantly faster than a batching algorithm from Eurocrypt 2010. Another novel contribution is that it handles crossscheme batching, where it searches for a common algebraic structure between two distinct schemes and attempts to batch them together. In this work, we expand upon an extended abstract on AutoBatch appearing in ACM CCS 2012 in a number of ways. We add a new loopunrolling technique and show that it helps cut the batch verification cost of one scheme by roughly half. We describe our pruning and search algorithms in greater detail, including pseudocode and diagrams. All experiments were also rerun using the RELIC pairing library. We compare those results to our earlier results using the MIRACL library, and discuss why RELIC outperforms MIRACL in all but two cases. Automated proofs of several new batching algorithms are also included. AutoBatch is a useful tool for cryptographic designers and implementors, and to our knowledge, it is the first attempt to outsource to machines the design, proof writing and implementation of signature batch verification schemes. 1