Visible to the public Digital Signature Security

SoS Newsletter- Advanced Book Block

Digital Signature Security

A digital signature is one of the most common ways to authenticate. Using a mathematical scheme, the signature assures the reader that the message was created and sent by a known sender. But not all signature schemes are secure. The research challenge is to find new and better ways to protect, transfer, and utilize digital signatures. The articles cited here, published in the first half of 2014, discuss both theory and practice.

  • Yueying Huang; Jingang Zhang; Houyan Chen, "On The Security Of A Certificateless Signcryption Scheme," Electronics, Computer and Applications, 2014 IEEE Workshop on, vol., no., pp.664,667, 8-9 May 2014. Signcryption is a cryptographic primitive that simultaneously realizes both the functions of public key encryption and digital signature in a logically single step, and with a cost significantly lower than that required by the traditional "signature and encryption" approach. Recently, an efficient certificateless signcryption scheme without using bilinear pairings was proposed by Zhu et al., which is claimed secure based on the assumptions that the compute Diffie-Hellman problem and the discrete logarithm problem are difficult. Although some security arguments were provided to show the scheme is secure, in this paper, we find that the signcryption construction due to Zhu et al. is not as secure as claimed. Specifically, we describe an adversary that can break the IND-CCA2 security of the scheme without any Unsigncryption query. Moreover, we demonstrate that the scheme is insecure against key replacement attack by describing a concrete attack approach.
    Keywords: digital signatures; group theory; public key cryptography; Diffie-Hellman problem; IND-CCA2 security; certificateless signcryption scheme; concrete attack approach; cryptographic primitive; digital signature; discrete logarithm problem; key replacement attack; public key encryption; Computers; Encryption; Games; Public key; Receivers; Cryptography; Digital Signcryption; Key replacement attack; Security analysis (ID#:14-2090)
  • Kishore, N.; Kapoor, B., "An Efficient Parallel Algorithm For Hash Computation In Security And Forensics Applications," Advance Computing Conference (IACC), 2014 IEEE International , vol., no., pp.873,877, 21-22 Feb. 2014. Hashing algorithms are used extensively in information security and digital forensics applications. This paper presents an efficient parallel algorithm hash computation. It's a modification of the SHA-1 algorithm for faster parallel implementation in applications such as the digital signature and data preservation in digital forensics. The algorithm implements recursive hash to break the chain dependencies of the standard hash function. We discuss the theoretical foundation for the work including the collision probability and the performance implications. The algorithm is implemented using the OpenMP API and experiments performed using machines with multicore processors. The results show a performance gain by more than a factor of 3 when running on the 8-core configuration of the machine.
    Keywords: application program interfaces; cryptography; digital forensics; digital signatures; file organization; parallel algorithms; probability; Open MP API;SHA-1 algorithm; collision probability; data preservation; digital forensics; digital signature; hash computation; hashing algorithms; information security; parallel algorithm; standard hash function; Algorithm design and analysis; Conferences; Cryptography; Multicore processing; Program processors; Standards; Cryptographic Hash Function; Digital Forensics; Digital Signature; MD5; Multicore Processors; OpenMP;SHA-1 (ID#:14-2091)
  • Deepak Singh Chouhan; Mahajan, R.P., "An Architectural Framework For Encryption & Generation Of Digital Signature Using DNA Cryptography," Computing for Sustainable Global Development (INDIACom), 2014 International Conference on , vol., no., pp.743,748, 5-7 March 2014. As most of the modern encryption algorithms are broken fully/partially, the world of information security looks in new directions to protect the data it transmits. The concept of using DNA computing in the fields of cryptography has been identified as a possible technology that may bring forward a new hope for hybrid and unbreakable algorithms. Currently, several DNA computing algorithms are proposed for cryptography, cryptanalysis and steganography problems, and they are proven to be very powerful in these areas. This paper gives an architectural framework for encryption & Generation of digital signature using DNA Cryptography. To analyze the performance; the original plaintext size and the key size; together with the encryption and decryption time are examined also the experiments on plaintext with different contents are performed to test the robustness of the program.
    Keywords: Ciphers; DNA; DNA computing; Digital signatures; Encoding; Encryption; DNA; DNA computing; DNA cryptography; DNA digital coding (ID#:14-2092)
  • Skarmeta, AF.; Hernandez-Ramos, J.L.; Moreno, M.V., "A Decentralized Approach For Security And Privacy Challenges In The Internet Of Things," Internet of Things (WF-IoT), 2014 IEEE World Forum on , vol., no., pp.67,72, 6-8 March 2014. The strong development of the Internet of Things (IoT) is dramatically changing traditional perceptions of the current Internet towards an integrated vision of smart objects interacting with each other. While in recent years many technological challenges have already been solved through the extension and adaptation of wireless technologies, security and privacy still remain as the main barriers for the IoT deployment on a broad scale. In this emerging paradigm, typical scenarios manage particularly sensitive data, and any leakage of information could severely damage the privacy of users. This paper provides a concise description of some of the major challenges related to these areas that still need to be overcome in the coming years for a full acceptance of all IoT stakeholders involved. In addition, we propose a distributed capability-based access control mechanism which is built on public key cryptography in order to cope with some of these challenges. Specifically, our solution is based on the design of a lightweight token used for access to CoAP Resources, and an optimized implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) inside the smart object. The results obtained from our experiments demonstrate the feasibility of the proposal and show promising in order to cover more complex scenarios in the future, as well as its application in specific IoT use cases.
    Keywords: Internet of Things; authorization; computer network security; data privacy; digital signatures; personal area networks; public key cryptography; 6LoWPAN; CoAP resources; ECDSA; Internet of Things; IoT deployment; IoT stakeholders; distributed capability-based access control mechanism; elliptic curve digital signature algorithm; information leakage; lightweight token; public key cryptography; security challenges; sensitive data management; user privacy; wireless technologies;Authentication;Authorization;Cryptography;Internet;Privacy;6LoWPAN;Internet of Things; Privacy; Security; cryptographic primitives; distributed access control (ID#:14-2093)
  • Trabelsi, Wiem; Selmi, Mohamed Heny, "Multi-signature Robust Video Watermarking," Advanced Technologies for Signal and Image Processing (ATSIP), 2014 1st International Conference on , vol., no., pp.158,163, 17-19 March 2014. Watermarking is a recently developed technique which is currently dominating the world of security and digital processing in order to ensure the protection of digitized trade. The purpose of this work is twofold. It is firstly to establish a state of the art that goes through the existing watermarking methods and their performances. And secondly to design, implement and evaluate a new watermarking solution that aims to optimize the compromise robustness-invisibility-capacity. The proposed approach consists on applying a frequency watermarking based on singular value decomposition (SVD) and exploiting the mosaic made from all video frames as well as inserting a double signature in order to increase watermarking algorithm capacity.
    Keywords: Image coding; PSNR; Robustness; Singular value decomposition; Streaming media; Watermarking; Singular Value Decomposition; invisibility; mosaic; robustness; video watermarking (ID#:14-2094)
  • Vollala, S.; Varadhan, V.V.; Geetha, K.; Ramasubramanian, N., "Efficient Modular Multiplication Algorithms For Public Key Cryptography," Advance Computing Conference (IACC), 2014 IEEE International, vol., no., pp.74,78, 21-22 Feb. 2014. The modular exponentiation is an important operation for cryptographic transformations in public key cryptosystems like the Rivest, Shamir and Adleman, the Difie and Hellman and the ElGamal schemes. computing ax mod n and axby mod n for very large x,y and n are fundamental to the efficiency of almost all pubic key cryptosystems and digital signature schemes. To achieve high level of security, the word length in the modular exponentiations should be significantly large. The performance of public key cryptography is primarily determined by the implementation efficiency of the modular multiplication and exponentiation. As the words are usually large, and in order to optimize the time taken by these operations, it is essential to minimize the number of modular multiplications. In this paper we are presenting efficient algorithms for computing ax mod n and axby mod n. In this work we propose four algorithms to evaluate modular exponentiation. Bit forwarding (BFW) algorithms to compute ax mod n, and to compute axby mod n two algorithms namely Substitute and reward (SRW), Store and forward(SFW) are proposed. All the proposed algorithms are efficient in terms of time and at the same time demands only minimal additional space to store the pre-computed values. These algorithms are suitable for devices with low computational power and limited storage.
    Keywords: digital signatures; public key cryptography; BFW algorithms; bit forwarding algorithms; cryptographic transformations; digital signature schemes; modular exponentiation; modular multiplication algorithms; public key cryptography; public key cryptosystems; store and forward algorithms; substitute and reward algorithms; word length; Algorithm design and analysis; Ciphers; Conferences; Encryption; Public key cryptography; Modular Multiplication; Public key cryptography(PKC); RSA; binary exponentiation (ID#:14-2095)
  • Miyoung Jang; Min Yoon; Jae-Woo Chang, "A Privacy-Aware Query Authentication Index For Database Outsourcing," Big Data and Smart Computing (BIGCOMP), 2014 International Conference on , vol., no., pp.72,76, 15-17 Jan. 2014. Recently, cloud computing has been spotlighted as a new paradigm of database management system. In this environment, databases are outsourced and deployed on a service provider in order to reduce cost for data storage and maintenance. However, the service provider might be untrusted so that the two issues of data security, including data confidentiality and query result integrity, become major concerns for users. Existing bucket-based data authentication methods have problem that the original spatial data distribution can be disclosed from data authentication index due to the unsophisticated data grouping strategies. In addition, the transmission overhead of verification object is high. In this paper, we propose a privacy-aware query authentication which guarantees data confidentiality and query result integrity for users. A periodic function-based data grouping scheme is designed to privately partition a spatial database into small groups for generating a signature of each group. The group signature is used to check the correctness and completeness of outsourced data when answering a range query to users. Through performance evaluation, it is shown that proposed method outperforms the existing method in terms of range query processing time up to 3 times.
    Keywords: cloud computing; data integrity; data privacy; database indexing; digital signatures; outsourcing; query processing; visual databases; bucket-based data authentication methods; cloud computing; cost reduction; data confidentiality; data maintenance; data security; data storage; database management system; database outsourcing; group signature; periodic function-based data grouping scheme; privacy-aware query authentication index; query result integrity; range query answering; service provider ;spatial data distribution; spatial database; unsophisticated data grouping strategy; verification object transmission overhead; Authentication; Encryption; Indexes ;Query processing; Spatial databases; Data authentication index; Database outsourcing; Encrypted database; Query result integrity (ID#:14-2096)
  • Zhenlong Yuan; Cuilan Du; Xiaoxian Chen; Dawei Wang; Yibo Xue, "SkyTracer: Towards Fine-Grained Identification For Skype Traffic Via Sequence Signatures," Computing, Networking and Communications (ICNC), 2014 International Conference on , vol., no., pp.1,5, 3-6 Feb. 2014. Skype has been a typical choice for providing VoIP service nowadays and is well-known for its broad range of features, including voice-calls, instant messaging, file transfer and video conferencing, etc. Considering its wide application, from the viewpoint of ISPs, it is essential to identify Skype flows and thus optimize network performance and forecast future needs. However, in general, a host is likely to run multiple network applications simultaneously, which makes it much harder to classify each and every Skype flow from mixed traffic exactly. Especially, current techniques usually focus on host-level identification and do not have the ability to identify Skype traffic at the flow-level. In this paper, we first reveal the unique sequence signatures of Skype UDP flows and then implement a practical online system named SkyTracer for precise Skype traffic identification. To the best of our knowledge, this is the first time to utilize the strong sequence signatures to carry out early identification of Skype traffic. The experimental results show that SkyTracer can achieve very high accuracy at fine-grained level in identifying Skype traffic.
    keywords: IP networks; Internet; Internet telephony; computer network performance evaluation; digital signatures ;optimisation; telecommunication traffic; transport protocols; ISP; SkyTracer; Skype UDP flow; VoIP service; fine grained Skype traffic identification accuracy; host level identification; network performance optimization; unique sequence signatures; Accuracy; Complexity theory; Educational institutions; IP networks; Information security; Payloads; Protocols; Correlation-based Approach; Flow-level Identification; Sequence Signature; Skype (ID#:14-2097)
  • Kuzhalvaimozhi, S.; Rao, G.Raghavendra, "Privacy Protection In Cloud Using Identity Based Group Signature," Applications of Digital Information and Web Technologies (ICADIWT), 2014 Fifth International Conference on the, vol., no., pp.75,80, 17-19 Feb. 2014. Cloud computing is one of the emerging computing technology where costs are directly proportional to usage and demand. The advantages of this technology are the reasons of security and privacy problems. The data belongs to the users are stored in some cloud servers which is not under their own control. So the cloud services are required to authenticate the user. In general, most of the cloud authentication algorithms do not provide anonymity of the users. The cloud provider can track the users easily. The privacy and authenticity are two critical issues of cloud security. In this paper, we propose a secure anonymous authentication method for cloud services using identity based group signature which allows the cloud users to prove that they have privilege to access the data without revealing their identities.
    Keywords: Authentication; Cloud computing; Elliptic curve cryptography ; Privacy; Cloud; Group Signature; Identity based cryptosystem; Privacy Protection (ID#:14-2098)
  • Premnath, Amritha Puliadi; Jo, Ju-Yeon; Kim, Yoohwan, "Application of NTRU Cryptographic Algorithm for SCADA Security," Information Technology: New Generations (ITNG), 2014 11th International Conference on , vol., no., pp.341,346, 7-9 April 2014. Critical Infrastructure represents the basic facilities, services and installations necessary for functioning of a community, such as water, power lines, transportation, or communication systems. Any act or practice that causes a real-time Critical Infrastructure System to impair its normal function and performance will have debilitating impact on security and economy, with direct implication on the society. SCADA (Supervisory Control and Data Acquisition) system is a control system which is widely used in Critical Infrastructure System to monitor and control industrial processes autonomously. As SCADA architecture relies on computers, networks, applications and programmable controllers, it is more vulnerable to security threats/attacks. Traditional SCADA communication protocols such as IEC 60870, DNP3, IEC 61850, or Modbus did not provide any security services. Newer standards such as IEC 62351 and AGA-12 offer security features to handle the attacks on SCADA system. However there are performance issues with the cryptographic solutions of these specifications when applied to SCADA systems. This research is aimed at improving the performance of SCADA security standards by employing NTRU, a faster and light-weight NTRU public key algorithm for providing end-to-end security.
    Keywords: Authentication; Digital signatures; Encryption; IEC standards; SCADA systems; AGA-12; Critical Infrastructure System; IEC 62351; NTRU cryptographic algorithm; SCADA communication protocols over TCP/IP (ID#:14-2099)
  • Ramya, T.; Malathi, S.; Pratheeksha, G.R.; Kumar, V.D.Ambeth, "Personalized Authentication Procedure For Restricted Web Service Access In Mobile Phones," Applications of Digital Information and Web Technologies (ICADIWT), 2014 Fifth International Conference on the , vol., no., pp.69,74, 17-19 Feb. 2014. Security as a condition is the degree of resistance to, or protection from harm. Securing gadgets in a way that is simple for the user to deploy yet, stringent enough to deny any malware intrusions onto the protected circle is investigated to find a balance between the extremes. Basically, the dominant approach on current control access is via password or PIN, but its flaw is being clearly documented. An application (to be incorporated in a mobile phone) that allows the user's gadget to be used as a Biometric Capture device in addition to serve as a Biometric Signature acquisition device for processing a multi-level authentication procedure to allow access to any specific Web Service of exclusive confidentiality is proposed. To evaluate the lucidness of the proposed procedure, a specific set of domain specifications to work on are chosen and the accuracy of the Biometric face Recognition carried out is evaluated along with the compatibility of the Application developed with different sample inputs. The results obtained are exemplary compared to the existing other devices to suit a larger section of the society through the Internet for improving the security.
    Keywords: Authentication; Face recognition; Mobile communication; Performance evaluation; Servers; Smart phones; Biometric Recognition; Face Recognition; Internet; Mobile Phones; Multi-Level Authentication; Security; Web Services (ID#:14-2100)
  • Alshammari, H.; Elleithy, K.; Almgren, K.; Albelwi, S., "Group Signature Entanglement In E-Voting System," Systems, Applications and Technology Conference (LISAT), 2014 IEEE Long Island , vol., no., pp.1,4, 2-2 May 2014. In any security system, there are many security issues that are related to either the sender or the receiver of the message. Quantum computing has proven to be a plausible approach to solving many security issues such as eavesdropping, replay attack and man-in-the-middle attack. In the e-voting system, one of these issues has been solved, namely, the integrity of the data (ballot). In this paper, we propose a scheme that solves the problem of repudiation that could occur when the voter denies the value of the ballot either for cheating purposes or for a real change in the value by a third party. By using an entanglement concept between two parties randomly, the person who is going to verify the ballots will create the entangled state and keep it in a database to use it in the future for the purpose of the non-repudiation of any of these two voters.
    Keywords: digital signatures; politics; quantum computing; security of data; ballots; cheating purposes; database; e-voting system; eavesdropping; entangled state; group signature entanglement; man-in-the-middle attack; quantum computing; replay attack; security system; Authentication; Electronic voting; Protocols; Quantum computing; Quantum entanglement; Receivers; E-voting System; Entangled State; Entanglement; Quantum Computing; Qubit (ID#:14-2101)


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.