Presentation is loading. Please wait.

Presentation is loading. Please wait.

29/Jul/2009 Young Hoon Park.  M.Bellare, D.Micciancio, B.Warinschi, Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and.

Published byClaire Wilkins Modified over 7 years ago

Similar presentations

Presentation on theme: "29/Jul/2009 Young Hoon Park.  M.Bellare, D.Micciancio, B.Warinschi, Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and."— Presentation transcript:

1 29/Jul/2009 Young Hoon Park

2  M.Bellare, D.Micciancio, B.Warinschi, Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction based on General Assumptions (Eurocrypt ’03)  B.K.Chaurasia, S.Verma, S.M.Bhasker, Message broadcast in VANETs using Group Signature (IEEE WCSN ’08)  X.Sun, X.Lin, P.H.Ho, Secure Vehicular Communications Based on Group Signature and ID-based Signature Scheme (IEEE, ICC ’07)

3  Simple solution: give all users same private key …  … but, extra requirements: ◦ Ability to revoke signers when needed. ◦ Tracing Authority Key Issuer User 1 User 2 Is sig from user 1 or 2? msg sig

4  D. Chaum and E. van Heyst. [EC ’91]  N. Baric and B. Pfitzman [EC ’97]  G. Ateniese, J. Camenisch, M. Joye, G. Tsudik [EC ’00]  J. Camenisch and A. Lysyanskaya. [Cr ’02]  G. Ateniese, D. Song, and G. Tsudik [FC ’02]  M. Bellare, D. Micciancio, and B. Warinschi [EC ’03]

5 Basic: tracing, but no revocation (static groups). Group sig system consists of four algorithms: ◦ Setup(, n) : = sec param. n = #users. output: group-pub-key ( GPK ), ( GSK 1, …, GSK n ), group-tracing key ( GTK ) ◦ Sign(M, GSK i ) : outputs group signature  on M. ◦ Verify(M, , GPK) : outputs yes or no. ◦ Trace(M, , GTK) : outputs i  {1,…,n} or fail.

6  Applications ◦ Trusted Computing ◦ Vehicle Safety Communication  Issues ◦ Revocation Mechanism ◦ Traceability

7  Type 0 ◦ For each revocation event, generate new GPK. ◦ Give each unrevoked user its new private key.  Type 1 ◦ For each revocation event, send a short broadcast message RL to all signers and all verifiers.  (GPK old, RL)  GPK new  (GSK i, old, RL)  GSK i, new  Type 2 ◦ For each revocation, send RL to verifiers only.  Verify(GPK, (m,  ), RL)

8  Type 0 ◦ No tracing possible  Type 1 ◦ Given a black box signing device, can identify at least one number of coalition that created device.  Type 2 ◦ Given a signature, can identify at least one number of coalition that created signature.

9  Vehicular Ad-hoc NETwork  The main goal is providing safety and comfort for passengers  Major components ◦ Road Side Units(RSUs)  are located in the critical points of the road.  communicates with vehicles. ◦ On Board Units(OBUs)  The communication devices on the vehicles

10  Message spoofing  Message replay attack  Integrity attack  Impersonation attack  Denial of service  Movement tracking

11  Integrity and source authentication  Vehicle anonymity  RSU ID Exposure  Vehicle ID Traceability  Efficiency  Robustness

12

13  RSU does not need anonymity  Hence, the public key based digital signatures are used.  Message format for RSU

14  The main challenge of communications is contradiction between anonymity and traceability.  The straightforward solutions ◦ Anonymous certificate ◦ Signatures should be saved in the central manager.  Problems ◦ It is difficult to maintain. ◦ It is inefficient to trace back to the real identities.  Proposed solution ◦ Using group signature (RSA based)

15  Key setup ◦ Group manager’s private key : only GM knows. ◦ Group public key : shared to all members.  Membership registration ◦ Make individual private key  Shared to each member and GM ◦ Generate and send the user public key. private key Individual, Group public key

16  Signing ◦ Message is signed with not only user’s private key, but also public key and group public key  Verification ◦ Signed message can be verified with group public key. ◦ Only group member can verify ◦ Only group member’s signature can be verified.  Recover ◦ Performed by the group manager. ◦ After the operation, the sender’s public key is revealed.

17  Membership revocation ◦ The examples of the case  The vehicle is compromised  ID and private keys are identified by the law authority. ◦ The group manager have to change the public key. ◦ Two ways of changing public key  GM makes all unrevoked users update the new public key.  Verifier Local Revocation

18  Average Delay ◦  Average Loss Ratio ◦

19

20

21  Group signature should provide not only the integrity of message and the anonymity, but also the traceability and member’s revocation.  VANET is one of the applications of group signature to support vehicles’ security and privacy.  However, algorithm of revocation should be developed for the efficiency.

Download ppt "29/Jul/2009 Young Hoon Park.  M.Bellare, D.Micciancio, B.Warinschi, Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and."

Similar presentations

A Crash Course in Modern Crypto Tools Dan Boneh Stanford University.

A Crash Course in Modern Crypto Tools Dan Boneh Stanford University.
Wenmao Liu Harbin Institute of Technology China. Outline ITS & VANETs Security Issues and Solutions An autonomous architecture Conclusion.

Wenmao Liu Harbin Institute of Technology China. Outline ITS & VANETs Security Issues and Solutions An autonomous architecture Conclusion.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13
DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.

DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 DIGITAL SIGNATURES and AUTHENTICATION PROTOCOLS - Chapter 13 Digital Signatures Authentication.
Rennes, 24/10/2014 Cristina Onete CIDRE/ INRIA Privacy in signatures. Hiding in rings, hiding in groups.

Rennes, 24/10/2014 Cristina Onete CIDRE/ INRIA Privacy in signatures. Hiding in rings, hiding in groups.
This document and the information therein are the property of Morpho, They must not be copied or communicated to a third party without the prior written.

This document and the information therein are the property of Morpho, They must not be copied or communicated to a third party without the prior written.
Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.

Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.

Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.

1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
IAW 2006 Cascaded Authorization with Anonymous- Signer Aggregate Signatures Danfeng Yao Department of Computer Science Brown University Joint work with.

IAW 2006 Cascaded Authorization with Anonymous- Signer Aggregate Signatures Danfeng Yao Department of Computer Science Brown University Joint work with.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
2015-6-1 1 Secure Vehicular Communications Speaker: Xiaodong Lin University of Waterloo

Secure Vehicular Communications Speaker: Xiaodong Lin University of Waterloo
Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.

Exchange Network Key Management Services A Security Component February 28, 2005 The Exchange Network Node Mentoring Workshop.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
Information Security of Embedded Systems 9.1.2010: Public Key Cryptosystems, Communication Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.

Information Security of Embedded Systems : Public Key Cryptosystems, Communication Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer.
A New Life for Group Signatures Dan Boneh Stanford University.

A New Life for Group Signatures Dan Boneh Stanford University.

Similar presentations

Ads by Google