## On the Security of a Digital Signature with Message Recovery Using Self-certified Public Key (2005)

Venue: | SOFT COMPUTING IN MULTIMEDIA PROCESSING SPECIAL ISSUE OF THE INFORMATICA JOURNAL |

Citations: | 3 - 0 self |

### BibTeX

@INPROCEEDINGS{Zhang05onthe,

author = {Jianhong Zhang and Wei Zou and Dan Chen and Yumin Wang},

title = {On the Security of a Digital Signature with Message Recovery Using Self-certified Public Key},

booktitle = {SOFT COMPUTING IN MULTIMEDIA PROCESSING SPECIAL ISSUE OF THE INFORMATICA JOURNAL},

year = {2005},

pages = {343--346},

publisher = {}

}

### OpenURL

### Abstract

Self-certified public keys are proposed to eliminate the burden of verifying the public key before using. To alleviate reliance on system authority and strengthen the security of system, Chang et al propose a new digital signature schemes, no redundancy is needed to be embedded in the signed messages in this scheme. Moreover, Chang et al claimed that the schemes are still secure even without the trustworthy system authority, and only the specified recipient can recover the message in his authentication encryption schemes. Unfortunately, In this work, we analyze the security of Chang et al scheme and show that if the system authority is trustless, the scheme is insecure, namely, the system authority can recover the message without the private key of the recipient in Chang ’ authentication encryption schemes. Finally, we propose an improved scheme to overcome the weakness of Chang et al scheme.

### Citations

499 | Principles of Distributed Database Systems
- Özsu, Valduriez
- 1999
(Show Context)
Citation Context ...ed Work The problem of replica placement in communication networks have been extensively studied in the area of file allocation problem (FAP) [14,15] and distributed database allocation problem (DAP) =-=[16,17]-=-. Both FAP and DAP are modeled as a 0-1 optimization problem and solved using various heuristics, such as knapsack solution [18], branch-and-bound [19], and network flow algorithms [20]. An outdated b... |

298 | On the placement of web server replicas
- Qiu, Padmanabhan, et al.
- 2001
(Show Context)
Citation Context ...sts in Content Delivery Networks (CDN). Unlike FAP and DAP, in a CDN, a unit of replication/allocation is the set of documents in a website that has registered for some global web hosting service. In =-=[26]-=-, the replica placement problem in CDN is formulated as an uncapacitated minimum K-median problem. In [27], different heuristics were proposed based on this K-median formulation to reduce network band... |

162 |
Comparative models of the file assignment problem
- Dowdy, Foster
- 1982
(Show Context)
Citation Context ...ulation results and section 7 concludes the paper. 2 Related Work The problem of replica placement in communication networks have been extensively studied in the area of file allocation problem (FAP) =-=[14,15]-=- and distributed database allocation problem (DAP) [16,17]. Both FAP and DAP are modeled as a 0-1 optimization problem and solved using various heuristics, such as knapsack solution [18], branch-and-b... |

157 | An adaptive data replication algorithm
- Wolfson, Jajodia, et al.
- 1997
(Show Context)
Citation Context ...objects themselves but to determine the locations of multiple servers within a network such that the product of distance between nodes and the traffic traversing the path is minimized. Wolfson et al. =-=[29]-=- proposed an adaptive data replication algorithm which can dynamically replicate objects to minimize the network traffic due to “read” and “write” operations. The proposed algorithm works on a logical... |

134 | Object replication strategies in content distribution networks
- Kangasharju, Roberts, et al.
(Show Context)
Citation Context ... CDN is formulated as an uncapacitated minimum K-median problem. In [27], different heuristics were proposed based on this K-median formulation to reduce network bandwidth consumption. The authors of =-=[28]-=- take storage constraint into consideration and reduce the knapsack problem to replica placement problem in CDNs. Li [11] proposed a suit of algorithms for determining the location of replica servers ... |

132 | Adaptive web sites: Automatically synthesizing web pages
- Perkowitz, Etzioni
- 1998
(Show Context)
Citation Context ...BJECT GROUPING AND REPLICATION... Informatica 29 (2005) 347–356 351 probability of being accessed by a client in a single session. The proposed algorithm is an adaptation of the algorithm proposed in =-=[38]-=-. The major difference is that the algorithm in [38] produces non-overlapping groups, that is, each document is placed in a single group but the proposed algorithm may include an object in more than o... |

107 | Dynamic Load Balancing on Web-Server Systems
- Cardellini, Colajanni, et al.
- 1999
(Show Context)
Citation Context ...tics and Computation, Vol 161, in 2005, pp 211-227 [4] P. Horster, M. Michels, H. Petersen, Authenticated encryption schemes with low communication costs, IEE Electronics Letters 30 (15) (1985) 1212. =-=[5]-=- K. Nyberg, R.A. Ruppel, Message recovery for signature schemes based on the discrete logarithm, in: Proceedings of EUROCRYPT_94, 1994, pp. 175–190. [6] R.L. Rivest, A. Shamir, L. Adelman, A method fo... |

107 | Competitive distributed file allocation - Awerbuch, Bartal, et al. - 1993 |

89 | NCSA's World Wide Web Server: Design and Performance
- Kwan, McGrath, et al.
- 1995
(Show Context)
Citation Context ...ceedings of EUROCRYPT_94, 1994, pp. 175–190. [6] R.L. Rivest, A. Shamir, L. Adelman, A method for obtaining digital signature and public key cryptosystem, Communications of ACM 21 (2) (1978) 120–126. =-=[7]-=- A. Shamir, Identity-based cryptosystem based on the discrete logarithm problem, in Proceedings of CRYPTO_84, 1985, pp. 47–53. [8] Y.M. Tseng, J.K. Jan, H.Y. Chien, Digital signature with message reco... |

72 | Data allocation in distributed database systems
- Apers
- 1988
(Show Context)
Citation Context ...ed Work The problem of replica placement in communication networks have been extensively studied in the area of file allocation problem (FAP) [14,15] and distributed database allocation problem (DAP) =-=[16,17]-=-. Both FAP and DAP are modeled as a 0-1 optimization problem and solved using various heuristics, such as knapsack solution [18], branch-and-bound [19], and network flow algorithms [20]. An outdated b... |

68 | Analysis of task assignment policies in scalable distributed Web-server systems
- Colajanni, Yu, et al.
- 1998
(Show Context)
Citation Context ...s, IEE Electronics Letters 30 (15) (1985) 1212. [5] K. Nyberg, R.A. Ruppel, Message recovery for signature schemes based on the discrete logarithm, in: Proceedings of EUROCRYPT_94, 1994, pp. 175–190. =-=[6]-=- R.L. Rivest, A. Shamir, L. Adelman, A method for obtaining digital signature and public key cryptosystem, Communications of ACM 21 (2) (1978) 120–126. [7] A. Shamir, Identity-based cryptosystem based... |

65 | Optimal file allocation in a multiple computer system
- Chu
- 1969
(Show Context)
Citation Context ...ulation results and section 7 concludes the paper. 2 Related Work The problem of replica placement in communication networks have been extensively studied in the area of file allocation problem (FAP) =-=[14,15]-=- and distributed database allocation problem (DAP) [16,17]. Both FAP and DAP are modeled as a 0-1 optimization problem and solved using various heuristics, such as knapsack solution [18], branch-and-b... |

64 | Demand-Based Document Dissemination to Reduce Traffic and Balance Load in Distributed Information Systems
- Bestavros
- 1995
(Show Context)
Citation Context ...ions. Further, given that most objects in the Internet do not require “write” operation, the cost function based on “read” and “write” operations might not be ideal for such an environment. Bestavros =-=[30]-=- considered the problem of replicating contents of multiple web sites at a given location. The problem was formulated as a constraint-maximization problem and the solution was obtained using Lagrange ... |

46 | S.: WebWave: globally load balanced fully distributed caching of hot published documents
- Heddaya, Mirdad
- 1997
(Show Context)
Citation Context ...the installed proxies to minimize the total data transfer cost in the network. Karlsson et al. [34] developed a common framework for the evaluation of replica placement algorithms. Heddaya and Mirdad =-=[35]-=- have presented a dynamic replication protocol for the web, referred to as the Web Wave. It is a distributed protocol that places cache copies of immutable documents on the routing tree that connects ... |

41 | Choosing replica placement heuristics for wide-area systems
- Karlsson, Karamanolis
- 2004
(Show Context)
Citation Context ...as and their location is a non-trivial and non-intuitive exercise. It has been shown that deciding how many replicas to create and where to place them to meat a performance goal is an NP-hard problem =-=[12,13]-=-. Therefore, all the replica placement approaches proposed in the literature are heuristics that are designed for certain systems and work loads. This paper proposes a suit of algorithms for replica p... |

38 | A framework for evaluating replica placement algorithms
- Karlsson, Karamanolis, et al.
- 2002
(Show Context)
Citation Context ...osed algorithms to find number of proxies needed, where to install them and the placement of replicas on the installed proxies to minimize the total data transfer cost in the network. Karlsson et al. =-=[34]-=- developed a common framework for the evaluation of replica placement algorithms. Heddaya and Mirdad [35] have presented a dynamic replication protocol for the web, referred to as the Web Wave. It is ... |

37 |
Optimal placement of replicas in trees with read, write, and storage costs
- Kalpakis, Dasgupta, et al.
(Show Context)
Citation Context ...ed on the self-certified public system above. There exists a trusted system authority in Tseng et al schemes; however, the trusted authority is not existent in real world. Thereby, Ya-Fen Chang et al =-=[3]-=- propose a new digital signature schemes with message recovery, which provide the same function as Tseng et al ‘s scheme without the assumption that TA is not necessary to be reliable. To demonstrate ... |

30 | Dynamic file migration in distributed computer systems - Gavish, Sheng - 1990 |

29 | Placement problems for transparent data replication proxy services
- Xu, Li, et al.
- 2002
(Show Context)
Citation Context ...eplication unit. They also presented an algorithm to determine the group of documents that have high cohesion, that is, they are generally accessed together by a client in a single session. Xu el al. =-=[33]-=- discussed the problems of replication proxy placement in a tree and data replication placement on the installed proxies given that maximum M proxies are allowed. The authors proposed algorithms to fi... |

28 | On page migration and other relaxed task systems
- Bartal, Charikar, et al.
- 1997
(Show Context)
Citation Context ...ion problem and the solution was obtained using Lagrange multiplier theorem. However, the solution does not address the issue of selecting multiple locations through the network to do replication. In =-=[31]-=-, the authors have studied the page migration problem and presented a deterministic algorithm for deciding on where to migrate pages in order to minimize its access and migration costs. This study, ho... |

25 | Design and evaluation of data allocation algorithms for distributed multimedia database systems
- Kwok, Karlapalem, et al.
- 1996
(Show Context)
Citation Context ...he previous work on FAP and DAP is based on the assumption that access patterns are known a priori and remain unchanged. Some solutions for dynamic environment were also proposed [21-23]. Kwok et al. =-=[24]-=- and Bisdikian Patel [25] studied the data allocation problem in multimedia database systems and video server systems, respectively. Many proposed algorithms in this area try to reduce the volume of d... |

20 | Distributed cooperative apache web server
- Li, Moon
- 2001
(Show Context)
Citation Context ...85, pp. 47–53. [8] Y.M. Tseng, J.K. Jan, H.Y. Chien, Digital signature with message recovery using self-certified public keys and its variants, Applied Mathematics and Computation 136 (2003) 203–214. =-=[9]-=- W. Di.e, M.E. Hellman, New directions in cryptography, IEEE Transactions on Information Theory IT-22 (6) (1976) 644–654. [10] M. Girault, Self-certified public keys, in: Proceedings of EUROCRYPT_91, ... |

20 |
Database location in a computer network
- Fisher, Hochbaum
- 1980
(Show Context)
Citation Context ...distributed database allocation problem (DAP) [16,17]. Both FAP and DAP are modeled as a 0-1 optimization problem and solved using various heuristics, such as knapsack solution [18], branch-and-bound =-=[19]-=-, and network flow algorithms [20]. An outdated but useful survey of work related to FAP can be found in [14]. Most of the previous work on FAP and DAP is based on the assumption that access patterns ... |

18 |
Cost-based program allocation for distributed multimedia-on-demand systems
- Bisdikian, Patel
- 1996
(Show Context)
Citation Context ...nd DAP is based on the assumption that access patterns are known a priori and remain unchanged. Some solutions for dynamic environment were also proposed [21-23]. Kwok et al. [24] and Bisdikian Patel =-=[25]-=- studied the data allocation problem in multimedia database systems and video server systems, respectively. Many proposed algorithms in this area try to reduce the volume of data transferred in proces... |

14 |
Optimal File Allocation in a Computer Network: A Solution based on Knapsack Problem
- Ceri, Pelagatti, et al.
- 1982
(Show Context)
Citation Context ...blem (FAP) [14,15] and distributed database allocation problem (DAP) [16,17]. Both FAP and DAP are modeled as a 0-1 optimization problem and solved using various heuristics, such as knapsack solution =-=[18]-=-, branch-and-bound [19], and network flow algorithms [20]. An outdated but useful survey of work related to FAP can be found in [14]. Most of the previous work on FAP and DAP is based on the assumptio... |

8 | Scalable web server design for distributed data management
- Baker, Moon
- 1999
(Show Context)
Citation Context ...icity of public keys is implicitly verified without the certificate. That is, the verification of the public keys can be carried out in the signature verification phase simultaneously. Recently, Tseng=-=[8]-=- et al proposed a new digital signature scheme with message recovery and two variants based on the self-certified public system above. There exists a trusted system authority in Tseng et al schemes; h... |

6 |
File allocation in a distributed database
- Chang, Liu
- 1982
(Show Context)
Citation Context ...oblem (DAP) [16,17]. Both FAP and DAP are modeled as a 0-1 optimization problem and solved using various heuristics, such as knapsack solution [18], branch-and-bound [19], and network flow algorithms =-=[20]-=-. An outdated but useful survey of work related to FAP can be found in [14]. Most of the previous work on FAP and DAP is based on the assumption that access patterns are known a priori and remain unch... |

4 |
Topology informed Internet replica placement
- Radoslav, Govindan, et al.
- 2002
(Show Context)
Citation Context ...the set of documents in a website that has registered for some global web hosting service. In [26], the replica placement problem in CDN is formulated as an uncapacitated minimum K-median problem. In =-=[27]-=-, different heuristics were proposed based on this K-median formulation to reduce network bandwidth consumption. The authors of [28] take storage constraint into consideration and reduce the knapsack ... |

3 | Document Replication and Distribution in Extensible Geographically Distributed Web Servers
- ZHUO, WANG, et al.
- 2003
(Show Context)
Citation Context ...ate authority (CA) to issue a certificate for every public key. Then every user relies on CA to validate public keys in the system. Shamir introduced in 1984 the concept of identity-based cryptography=-=[1]-=-. The idea is that the public key of a user be publicly computed from his identity (for example, from a complete name, an email address or an IP address). Then, the secret key is derived from the publ... |

2 | Faster Web Page Allocation with Neural - PHOHA, IYENGAR, et al. |

2 |
ADATPTLOAD: Effective Load Balancing in Clustered Web Servers Under Transient Load Conditions
- RISKA, SMIMI, et al.
- 2002
(Show Context)
Citation Context ...hosen by a trusted authority (TA). This approach makes user reliance on TA. Based on the above ID-based cryptography’s problem, the concept of self-certified public key was first introduced by Girault=-=[10]-=- in 1999. In the self-certified public key cryptosystem, each user’ public key is generated by the CA, while the corresponding private key in only known to the user. The authenticity of public keys is... |

2 |
Content Replication in a Distributed and Controlled Environment
- LI
(Show Context)
Citation Context ...ay be critical during peak time. Many popular web sites have already employeds348 Informatica 29 (2005) 347–356 A. Mahmood replicated server approach which reflects upon the popularity of this method =-=[11]-=-. Choosing the right number of replicas and their location is a non-trivial and non-intuitive exercise. It has been shown that deciding how many replicas to create and where to place them to meat a pe... |

2 |
Replication Algorithms for the Word-Wide Web
- TENZAKHTI, DAY, et al.
(Show Context)
Citation Context ...as and their location is a non-trivial and non-intuitive exercise. It has been shown that deciding how many replicas to create and where to place them to meat a performance goal is an NP-hard problem =-=[12,13]-=-. Therefore, all the replica placement approaches proposed in the literature are heuristics that are designed for certain systems and work loads. This paper proposes a suit of algorithms for replica p... |

2 | Static and Dynamic Data Replication Algorithms for Fast Information Access - LOIKOPOULOS, AHMED - 2000 |

2 |
Selection of Algorithms for Replicated Web Sites
- SAYAL, BREITBART, et al.
- 1998
(Show Context)
Citation Context ... stumble on cache copies en route to the home site. This algorithm, however, burdens the routers with the task of maintaining replica locations and interpreting requests for Web objects. Sayal el al. =-=[36]-=- have proposed selection algorithms for replicated Web sites, which allow clients to select one of the replicated sites which is close to them. However, they do not address the replica placement probl... |