Publications-Theses
Article View/Open
Publication Export
-
Google ScholarTM
NCCU Library
Citation Infomation
Related Publications in TAIR
題名 ECQV 證書:整合秘密分享和批次驗證以提升隱私和效率
Improved ECQV Implicit Certificates Providing Privacy Enhancement and Batch Verification作者 陳羽暉
Chen, Yu-Hui貢獻者 左瑞麟
Tso, Ray-Lin
陳羽暉
Chen, Yu-Hui關鍵詞 ECQV 憑證
秘密分享
批量驗證
ECQV Certificate
Secret Sharing
Batch Verification日期 2024 上傳時間 4-Sep-2024 15:01:09 (UTC+8) 摘要 在物聯網(IoT)應用中,如智慧城市、智慧家庭,以及基於UTXO的區塊鏈如比特幣中,公開金鑰和相應的設備或地址是用戶的身份標識。利用證書授權機構(CA)頒發的證書,證明地址的所有權或身份。通常,如果有n個不同的地址,則需要n個不同的證書來綁定相同的身份,可能會花費過多的存儲空間和計算時間。劉等人通過擴展ECQV隱式憑證解決了這個問題。他們的方案使得ECQV憑證持有者能夠生成多個代理憑證和相應的公私鑰對,所有代理憑證都可供他人使用。此外,劉等人還提出了另一個方案,確保藉由ECQV憑證所生成的新憑證僅由ECQV憑證持有者使用。在本研究中,我們進一步改進了他們的方案,使用秘密分享技術解決第一個方案中的密鑰託管問題,並使第二個方案中的所有新憑證可進行批量驗證。這一增強可以顯著提高隱私性和性能。並且,我們進行了嚴格的安全性證明,以證明修改後方案的安全性。通過秘密分享技術解決密鑰託管問題和批量驗證的優勢,所提出的方案適合部署在物聯網和區塊鏈環境。
In IoT such as smart cities, smart homes and UTXO-based blockchains such as Bitcoin, a public key and the corresponding device or address serve as the sole identifiers for a user. To prove ownership or an ID of the address, a certificate issued by a Certificate Authority (CA) is required. Generally, if there are n different addresses, then n different certificates binding the same identity are needed, which can be costly in terms of storage and expenses. Liu et al. solve this problem by extending an ECQV implicit certificate. Their scheme enables an ECQV certificate holder to generate proxy multiple credentials and corresponding key pairs, these proxy credentials are available for others to use. Furthermore, there is another scheme that make sure to ensure that the credentials are exclusively utilized by the ECQV certificate holder by Liu et al. In this paper, we further improve their schemes to fix the key escrow problem in the first scheme using secret sharing and make all the extended credentials batch verifiable in the second scheme. This enhancement can significantly improve privacy and performance. And also conduct a rigorous security proof to demonstrate the security of the modified scheme. With the secret sharing that fix the key escrow problem and the advantage of batch verification, the proposed scheme is highly suitable for deployment in IoT and blockchain environments.參考文獻 [1] Abhay Kumar Agrahari and Shirshu Varma. A provably secure rfid authentication protocol based on ecqv for the medical internet of things. Peer-to-Peer Networking and Applications, 14(3):1277–1289, 2021. [2] Abdullah M Almuhaideb and Sammar S Algothami. Ecqv-based lightweight revocable authentication protocol for electric vehicle charging. Big Data and Cognitive Computing, 6(4):102, 2022. [3] Abdullah M Almuhaideb and Sammar S Algothami. Efficient privacy-preserving and secure authentication for electric-vehicle-to-electric-vehicle-charging system based on ecqv. Journal of Sensor and Actuator Networks, 11(2):28, 2022. [4] An Braeken. Pairing free certificate based signcryption schemes using ecqv implicit certificates. KSII Transactions on Internet and Information Systems (TIIS), 13(3):1546–1565, 2019. [5] An Braeken, Ji-Jian Chin, and Syh-Yuan Tan. Ecqv-ibi: Identity-based identification with implicit certification. Journal of Information Security and Applications, 63:103027, 2021. [6] Daniel RL Brown, Robert Gallant, and Scott A Vanstone. Provably secure implicit certificate schemes. In Financial Cryptography: 5th International Conference, FC 2001 Grand Cayman, British West Indies, February 19–22, 2001 Proceedings 5, pages 156–165. Springer, 2002. [7] Miguel Castro, Barbara Liskov, et al. Practical byzantine fault tolerance. In OsDI, volume 99, pages 173–186, 1999. [8] Chun-I Fan, Pei-Hsiu Ho, and Yi-Feng Tseng. Strongly secure certificateless signature scheme supporting batch verification. Mathematical Problems in Engineering, 2014(1):854135, 2014. [9] Duy An Ha, Kha Tho Nguyen, and John K Zao. Efficient authentication of resourceconstrained iot devices based on ecqv implicit certificates and datagram transport layer security protocol. In Proceedings of the 7th Symposium on Information and Communication Technology, pages 173–179, 2016. [10] Wanling Huang, Jingqiang Lin, Qiongxiao Wang, Yajun Teng, Huiqing Wan, and Wei Wang. Certificate transparency for ecqv implicit certificates. In ICC 2021-IEEE International Conference on Communications, pages 1–6. IEEE, 2021. [11] Apurva S Kittur and Alwyn Roshan Pais. Batch verification of digital signatures: approaches and challenges. Journal of information security and applications, 37:15– 27, 2017. [12] Hee-Yong Kwon and Mun-Kyu Lee. Fast verification of signatures with shared ecqv implicit certificates. IEEE Transactions on Vehicular Technology, 68(5):4680–4694, 2019. [13] Zi-Yuan Liu, Yi-Fan Tseng, Raylin Tso, Peter Shaojui Wang, and Qin-Wen Su. Extension of elliptic curve qu–vanstone certificates and their applications. Journal of Information Security and Applications, 67:103176, 2022. [14] Manisha Malik, Maitreyee Dutta, Jorge Granjal, et al. L-ecqv: Lightweight ecqv implicit certificates for authentication in the internet of things. IEEE Access, 11:35517– 35540, 2023. [15] Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. 2008. [16] Chang-Seop Park. A secure and efficient ecqv implicit certificate issuance protocol for the internet of things applications. IEEE Sensors Journal, 17(7):2215–2223, 2016. [17] Douglas R Stinson. Cryptography: theory and practice. Chapman and Hall/CRC, 2005. [18] Maarten Van Steen. Distributed systems principles and paradigms. Network, 4:20, 2004. 描述 碩士
國立政治大學
資訊科學系
111753156資料來源 http://thesis.lib.nccu.edu.tw/record/#G0111753156 資料類型 thesis dc.contributor.advisor 左瑞麟 zh_TW dc.contributor.advisor Tso, Ray-Lin en_US dc.contributor.author (Authors) 陳羽暉 zh_TW dc.contributor.author (Authors) Chen, Yu-Hui en_US dc.creator (作者) 陳羽暉 zh_TW dc.creator (作者) Chen, Yu-Hui en_US dc.date (日期) 2024 en_US dc.date.accessioned 4-Sep-2024 15:01:09 (UTC+8) - dc.date.available 4-Sep-2024 15:01:09 (UTC+8) - dc.date.issued (上傳時間) 4-Sep-2024 15:01:09 (UTC+8) - dc.identifier (Other Identifiers) G0111753156 en_US dc.identifier.uri (URI) https://nccur.lib.nccu.edu.tw/handle/140.119/153386 - dc.description (描述) 碩士 zh_TW dc.description (描述) 國立政治大學 zh_TW dc.description (描述) 資訊科學系 zh_TW dc.description (描述) 111753156 zh_TW dc.description.abstract (摘要) 在物聯網(IoT)應用中,如智慧城市、智慧家庭,以及基於UTXO的區塊鏈如比特幣中,公開金鑰和相應的設備或地址是用戶的身份標識。利用證書授權機構(CA)頒發的證書,證明地址的所有權或身份。通常,如果有n個不同的地址,則需要n個不同的證書來綁定相同的身份,可能會花費過多的存儲空間和計算時間。劉等人通過擴展ECQV隱式憑證解決了這個問題。他們的方案使得ECQV憑證持有者能夠生成多個代理憑證和相應的公私鑰對,所有代理憑證都可供他人使用。此外,劉等人還提出了另一個方案,確保藉由ECQV憑證所生成的新憑證僅由ECQV憑證持有者使用。在本研究中,我們進一步改進了他們的方案,使用秘密分享技術解決第一個方案中的密鑰託管問題,並使第二個方案中的所有新憑證可進行批量驗證。這一增強可以顯著提高隱私性和性能。並且,我們進行了嚴格的安全性證明,以證明修改後方案的安全性。通過秘密分享技術解決密鑰託管問題和批量驗證的優勢,所提出的方案適合部署在物聯網和區塊鏈環境。 zh_TW dc.description.abstract (摘要) In IoT such as smart cities, smart homes and UTXO-based blockchains such as Bitcoin, a public key and the corresponding device or address serve as the sole identifiers for a user. To prove ownership or an ID of the address, a certificate issued by a Certificate Authority (CA) is required. Generally, if there are n different addresses, then n different certificates binding the same identity are needed, which can be costly in terms of storage and expenses. Liu et al. solve this problem by extending an ECQV implicit certificate. Their scheme enables an ECQV certificate holder to generate proxy multiple credentials and corresponding key pairs, these proxy credentials are available for others to use. Furthermore, there is another scheme that make sure to ensure that the credentials are exclusively utilized by the ECQV certificate holder by Liu et al. In this paper, we further improve their schemes to fix the key escrow problem in the first scheme using secret sharing and make all the extended credentials batch verifiable in the second scheme. This enhancement can significantly improve privacy and performance. And also conduct a rigorous security proof to demonstrate the security of the modified scheme. With the secret sharing that fix the key escrow problem and the advantage of batch verification, the proposed scheme is highly suitable for deployment in IoT and blockchain environments. en_US dc.description.tableofcontents 誌謝 i 摘要 ii Abstract iii Contents v List of Figures vii List of Tables viii 1 Introduction 1 1.1 Motivations 3 1.2 Contributions 4 2 Related Work 6 3 Preliminaries 9 3.1 Elliptic Curve 9 3.2 ECQV Scheme 10 3.3 Secret Sharing 12 3.4 Batch Verification 13 4 M-ECQV Protocols Revisit 14 4.1 M-ECQV I 14 4.2 M-ECQV II 15 5 Proposed Scheme 18 5.1 M-ECQV I with Secret Sharing 18 5.1.1 ECQV Scheme with Secret Sharing 18 5.1.2 New M-ECQV I 21 5.1.3 Correctness 23 5.2 M-ECQV II with Batch Verfication 23 5.2.1 Batch Verification 24 5.2.2 New M-ECQV II 25 5.2.3 Correctness 27 6 Security Analysis 28 6.1 Security Models Revisit 28 6.1.1 Secrecy of Private Keys for M-ECQV I 29 6.1.2 Secrecy of Private Keys for M-ECQV II 29 6.1.3 Unforgeability for M-ECQV II 29 6.1.4 Non-delegatability for M-ECQV II 30 6.2 Security Proof of the Proposed New M-ECQV II 30 7 Experiments 34 7.1 M-ECQV I with Secret Sharing 34 7.2 M-ECQV II with Batch Verification 36 8 Applications 38 9 Conclusions 40 Reference 42 zh_TW dc.format.extent 813194 bytes - dc.format.mimetype application/pdf - dc.source.uri (資料來源) http://thesis.lib.nccu.edu.tw/record/#G0111753156 en_US dc.subject (關鍵詞) ECQV 憑證 zh_TW dc.subject (關鍵詞) 秘密分享 zh_TW dc.subject (關鍵詞) 批量驗證 zh_TW dc.subject (關鍵詞) ECQV Certificate en_US dc.subject (關鍵詞) Secret Sharing en_US dc.subject (關鍵詞) Batch Verification en_US dc.title (題名) ECQV 證書:整合秘密分享和批次驗證以提升隱私和效率 zh_TW dc.title (題名) Improved ECQV Implicit Certificates Providing Privacy Enhancement and Batch Verification en_US dc.type (資料類型) thesis en_US dc.relation.reference (參考文獻) [1] Abhay Kumar Agrahari and Shirshu Varma. A provably secure rfid authentication protocol based on ecqv for the medical internet of things. Peer-to-Peer Networking and Applications, 14(3):1277–1289, 2021. [2] Abdullah M Almuhaideb and Sammar S Algothami. Ecqv-based lightweight revocable authentication protocol for electric vehicle charging. Big Data and Cognitive Computing, 6(4):102, 2022. [3] Abdullah M Almuhaideb and Sammar S Algothami. Efficient privacy-preserving and secure authentication for electric-vehicle-to-electric-vehicle-charging system based on ecqv. Journal of Sensor and Actuator Networks, 11(2):28, 2022. [4] An Braeken. Pairing free certificate based signcryption schemes using ecqv implicit certificates. KSII Transactions on Internet and Information Systems (TIIS), 13(3):1546–1565, 2019. [5] An Braeken, Ji-Jian Chin, and Syh-Yuan Tan. Ecqv-ibi: Identity-based identification with implicit certification. Journal of Information Security and Applications, 63:103027, 2021. [6] Daniel RL Brown, Robert Gallant, and Scott A Vanstone. Provably secure implicit certificate schemes. In Financial Cryptography: 5th International Conference, FC 2001 Grand Cayman, British West Indies, February 19–22, 2001 Proceedings 5, pages 156–165. Springer, 2002. [7] Miguel Castro, Barbara Liskov, et al. Practical byzantine fault tolerance. In OsDI, volume 99, pages 173–186, 1999. [8] Chun-I Fan, Pei-Hsiu Ho, and Yi-Feng Tseng. Strongly secure certificateless signature scheme supporting batch verification. Mathematical Problems in Engineering, 2014(1):854135, 2014. [9] Duy An Ha, Kha Tho Nguyen, and John K Zao. Efficient authentication of resourceconstrained iot devices based on ecqv implicit certificates and datagram transport layer security protocol. In Proceedings of the 7th Symposium on Information and Communication Technology, pages 173–179, 2016. [10] Wanling Huang, Jingqiang Lin, Qiongxiao Wang, Yajun Teng, Huiqing Wan, and Wei Wang. Certificate transparency for ecqv implicit certificates. In ICC 2021-IEEE International Conference on Communications, pages 1–6. IEEE, 2021. [11] Apurva S Kittur and Alwyn Roshan Pais. Batch verification of digital signatures: approaches and challenges. Journal of information security and applications, 37:15– 27, 2017. [12] Hee-Yong Kwon and Mun-Kyu Lee. Fast verification of signatures with shared ecqv implicit certificates. IEEE Transactions on Vehicular Technology, 68(5):4680–4694, 2019. [13] Zi-Yuan Liu, Yi-Fan Tseng, Raylin Tso, Peter Shaojui Wang, and Qin-Wen Su. Extension of elliptic curve qu–vanstone certificates and their applications. Journal of Information Security and Applications, 67:103176, 2022. [14] Manisha Malik, Maitreyee Dutta, Jorge Granjal, et al. L-ecqv: Lightweight ecqv implicit certificates for authentication in the internet of things. IEEE Access, 11:35517– 35540, 2023. [15] Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system. 2008. [16] Chang-Seop Park. A secure and efficient ecqv implicit certificate issuance protocol for the internet of things applications. IEEE Sensors Journal, 17(7):2215–2223, 2016. [17] Douglas R Stinson. Cryptography: theory and practice. Chapman and Hall/CRC, 2005. [18] Maarten Van Steen. Distributed systems principles and paradigms. Network, 4:20, 2004. zh_TW
