http://scholars.ntou.edu.tw/handle/123456789/23100
標題: | Leakage-Resilient Anonymous Multi-Recipient Signcryption Under a Continual Leakage Model | 作者: | Tsai, Tung-Tso Tseng, Yuh-Min Huang, Sen-Shan Xie, Jia-Yi Hung, Ying-Hao |
關鍵字: | Anonymity;multi-recipient encryption;signature;side-channel attacks;leakage-resilience | 公開日期: | 1-一月-2022 | 出版社: | IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC | 卷: | 10 | 起(迄)頁: | 104636-104648 | 來源出版物: | IEEE ACCESS | 摘要: | A multi-recipient signcryption (MRSC) scheme possesses the functionalities of both multi-recipient public-key encryption and digital signature to ensure both integrity and confidentiality of transmitted messages. Moreover, an anonymous MRSC (AMRSC) scheme retains the functionalities of an MRSC scheme while offering privacy-preserving, namely, a recipient's identity or public key being hidden to other recipients. In the past, numerous MRSC and AMRSC schemes based on various public-key cryptographies (i.e., public key infrastructure (PKI)-based, identity (ID)-based and certificateless (CL)) were proposed. Recently, an attacker can realize side-channel attacks to acquire partial bits of private keys participated in cryptographic computations. However, up to date, no MRSC or AMRSC scheme can resist side-channel attacks so that these schemes might suffer from such attacks and could be broken. To resist such attacks under a continual leakage model, we propose the first PKI-based leakage-resilient AMRSC (PKI-LR-AMRSC) scheme in this paper. In the proposed scheme, an attacker is permitted to continually acquire partial bits of private keys partook in computations of the PKI-LR-AMRSC scheme, and formal security proofs are given to show that the proposed scheme still retains the original security of AMRSC schemes. As compared with the relevant AMRSC schemes, our PKI-LR-AMRSC scheme not only resists side-channel attacks but also reduces the cost of executing the multi-signcryption and unsigncryption algorithms. In particular, the point is that the computational complexities of our scheme respectively require only O(t) and O(1) in executing the Multi-signcryption algorithm and the Unsigncryption algorithm, where t is the number of recipients. |
URI: | http://scholars.ntou.edu.tw/handle/123456789/23100 | ISSN: | 2169-3536 | DOI: | 10.1109/ACCESS.2022.3210265 |
顯示於: | 資訊工程學系 |
在 IR 系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。