Passports are now equipped with RFID chips that contain private information, biometric data, and a digital signature by issuing authorities. We review most of applicable security and privacy issues. We argue that the main privacy issue is not unauthorized access through radio channel or data skimming as claimed before, but rather the leakage of a digital signature by government authorities for ...

In recent years, Cloud services have become an important part of people’s lives, providing them with a large amount of IT resources, available from anywhere and at any time. The access to the services offered is controlled basing on users’ identification credentials. As people acquire services from multiple cloud providers, in order to avoid the proliferation of identities associated to a singl...

Allowing a proxy signer to generate a signature on behalf of an original signer, a proxy signature should satisfy the property of strong unforgeability: anyone except the designated proxy signer cannot create a valid proxy signature on behalf of the original signer. Since proxy signatures, as well as their derivatives, can be used in many applications in reality, such as secure mobile agent, e-...

In 2009, Lin et al. proposed a digital multi-signature scheme based on the concepts of generalized conic curves over Zn. They claimed that the multi-signature scheme is well secured and the forgery attack is infeasible on it. Unfortunately, three weaknesses on their proposed multi-signature have been observed and it has been shown that an attacker can compute the secret pairs of all signers usi...

A (t,n) threshold authenticated encryption scheme allows more than t signers to generate an authenticated cipher-text for a message and only the designated verifier can verify the message. Recently, Chung et al. [1] proposed a (t, n) threshold authenticated encryption scheme by applying a division-of-labor signature technique. However, we showed that the scheme has a design flaw. Then, we propo...

In the past few years, many excellent studies on proxy signature schemes have been published. Yet, traditional proxy signature schemes are mainly aimed at dealing with one or two separate proxy conditions each. In this article, the authors shall present a generalized version of the (t1/n1 – t2/n2) proxy signature scheme based on the discrete logarithms that can be applied to every proxy situati...

Privacy-enhancing attribute-based credentials (PABCs) allow users to authenticate to verifiers in a data-minimizing way, in the sense that users are unlinkable between authentications and only disclose those attributes from their credentials that are relevant to the verifier. We propose a practical scheme to apply the same data minimization principle when the verifiers’ authentication logs are ...

Optimistic fair exchange (OFE) is a protocol for solving the problem of exchanging items or services in a fair manner between two parties, a signer and a verifier, with the help of an arbitrator which is called in only when a dispute happens between the two parties. In almost all the previous work on OFE, after obtaining a partial signature from the signer, the verifier can present it to others...