Server-aided signatures verification secure against collusion attack

Sherman S M Chow, Man Ho Allen Au, Willy Susilo

Research output: Journal article publicationJournal articleAcademic researchpeer-review

13 Citations (Scopus)

Abstract

Wireless handheld devices are increasingly popular. The authenticity of the information or a program to be downloaded is important, especially for business uses. In server-aided verification (SAV), a substantial part of the verification computation can be offloaded to an untrusted server. This allows resource-constrained devices to enjoy the security guarantees provided by cryptographic schemes, such as pairing-based signatures, which may be too heavyweight to verify otherwise. To gain unfair advantage, an adversary may bribe (or collude with) the server either to convince that an invalid signature is a valid one or to claim that a valid signature is invalid (say for providing repudiable information/commitment, or spoiling an opponent's offer). However, these concerns are not properly captured by existing models. In this paper, we infer the meaning behind and point out the subtleties in existing models; and propose a new model to capture the collusion attack. We also show that two existing schemes are insecure in their own model. Finally, we provide a generic pairing-based SAV protocol. Compared with the protocol of Girault-Lefranc in Asiacrypt '05, ours provides a higher level of security yet applicable to a much wider class of pairing-based cryptosystems. In particular, it suggests SAV protocols for short signatures in the standard model and aggregate signatures which have not been studied before.
Original languageEnglish
Pages (from-to)46-57
Number of pages12
JournalInformation Security Technical Report
Volume17
Issue number3
DOIs
Publication statusPublished - 1 Feb 2013
Externally publishedYes

Keywords

  • Collusion attack
  • Delegation
  • Pairings
  • Server-aided computation
  • Signatures
  • Weak computational device

ASJC Scopus subject areas

  • Software
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Cite this