1 / 19

An Improved Efficient Secret Handshakes Scheme with Unlinkability

An Improved Efficient Secret Handshakes Scheme with Unlinkability. Author: Jie Gu and Zhi Xue Source : IEEE Comm. Letters 15 (2) (2011) Presenter: Yu-Chi Chen. Outline. Introduction Huang and Cao’s scheme The proposed scheme Conclusions. Introduction. A secret handshakes scheme

lynna
Download Presentation

An Improved Efficient Secret Handshakes Scheme with Unlinkability

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. An Improved Efficient Secret Handshakes Scheme with Unlinkability Author: JieGu and ZhiXue Source: IEEE Comm. Letters 15 (2) (2011) Presenter: Yu-Chi Chen

  2. Outline • Introduction • Huang and Cao’s scheme • The proposed scheme • Conclusions

  3. Introduction • A secret handshakes scheme • affiliation-hiding authentication • firstly introduced by Balfanz et al. • For example, two FBIagents, Alice and Bob, want to discover and communicates with other agents, but they don’t want to reveal their affiliations to non-agents.

  4. Introduction • An unlinkable secret handshakes scheme • provide unlinkability • an adversary cannot link any two different instances of same party. • Given C, to guess C is AB, A’B’, or other.(blind signature) • unlinkabilityhas been widely considered in many applications.

  5. Introduction • Jarecki et al.’s scheme • an unlinkable secret handshakes scheme • not efficient, but secure at present • Huang and Cao presented an unlinkable secret handshakes scheme • novel and efficient • Simple, so it can be published in IEEE-CL.

  6. Outline • Introduction • Huang and Cao’s scheme • The proposed scheme • Conclusions

  7. Bilinear pairing • Referred to as “bilinear maps” • e: G1× G2→G3 • G1, G2: (+, q) • G3: (×, q)

  8. Bilinear pairing • Properties: • Computation: given P1 (P2) in G1 (G2), we can obtain e(P1, P2) in G3 • Bilinear: given aP1 and bP2, where a, b in Zq, then e(aP1, bP2) = e(P1, P2)ab • Non-degenerate: P1 (P2) is a generator of G1(G2), then e(P1, P2) ≠ 1.(or e(P1, P2) is a generator of G3)

  9. Huang and Cao’s scheme This figure is copied from IEEE Comm. Letters 13 (9) (2009), page 731

  10. Comments • Su found the scheme cannot provide authenticated key exchange security. • Youn and Park also found the scheme cannot provide authenticated key exchange security and affiliation-hiding.

  11. Outline • Introduction • Huang and Cao’s scheme • The proposed scheme • Conclusions

  12. Gu and Xue’s idea • The main weakness is that the outsider can use the public key (sP) to • succeed handshakes or • find which affiliation is for the user. • Straight solution: no public key.

  13. Gu and Xue’s scheme This figure is copied from IEEE Comm. Letters 15 (2) (2011), page 260

  14. Huang and Cao’s scheme This figure is copied from IEEE Comm. Letters 13 (9) (2009), page 731

  15. Huang and Cao’s scheme This figure is copied from IEEE Comm. Letters 13 (9) (2009), page 731

  16. Gu and Xue’s scheme This figure is copied from IEEE Comm. Letters 15 (2) (2011), page 260

  17. Gu and Xue’s scheme • The scheme actually remedies the security loophole of Huang and Cao’s scheme. • However, it is very straightforward. • It does not violate the definition of USH. • Gu and Xue also attach the security analysis.

  18. Outline • Introduction • Huang and Cao’s scheme • The proposed scheme • Conclusions

  19. Conclusions • They propose an improved USH scheme. • They brief security analysis.

More Related