certificateless public key cryptography (cl-pkc) is a useful method in order to solve the problems of traditional public key infrastructure (i. e. large amount of computation, storage and communication cost for managing certificates) and id-based public key cryptography (i. e. key escrow problem), simultaneously. a signcryption scheme is an important primitive in cryptographic protocols which p...

Certificateless public key cryptography (CL-PKC) is a useful method in order to solve the problems of traditional public key infrastructure (i.e., large amount of computation, storage and communication costs for managing certificates) and ID-based public key cryptography (i.e., key escrow problem), simultaneously. A signcryption scheme is an important primitive in cryptographic protocols which ...

Aggregate signature can combine n signatures on n messages from n users into single signature, and the verifier should be convinced by the aggregate signature that n users indeed sign n messages. Since aggregate signature can greatly reduce the length of total signature and the cost of verification, it is widely used in environments with low bandwidth communication, low storage and low computab...

Despite the large number of certificateless encryption schemes recently proposed, many of them have been found to be insecure under a practical attack called malicious-but-passive KGC attack, since they all follow the same key generation procedure as that of the one proposed by Al-Riyami and Paterson in ASIACRYPT 2003. The only scheme that remains secure against this attack is due to Libert and...

Certificateless public key cryptography is an attractive paradigm since it eliminates the use of certificates in traditional public key cryptography and alleviates the inherent key escrow problem in identity-based cryptography. Recently, Xiong et al. proposed a certificateless signature scheme and proved that their scheme is existentially unforgeable against adaptive chosen message attack under...

Most recently, Lee B. et al proposed a key issuing protocol for ID-based cryptography to solve the key escrow problem. However in this letter, we show that a malicious key generation center (KGC) can successfully attack the protocol to obtain users’ private keys. This means that in the protocol, the key escrow problem isn’t really removed.

In this paper, we show that the certificateless signature scheme proposed by Yap, Heng and Goi at SecUbiq 2006 is insecure against a key replacement attack and a malicious-but-passive KGC attack, respectively. The former implies that anyone who replaces a signer’s public key can forge valid signatures for that signer without knowledge of the signer’s private key. The latter supposes the malicio...

The multiparty key exchange introduced in Steiner et al. and presented in more general form by the authors is known to be secure against passive attacks. In this paper, an active attack is presented assuming malicious control of the communications of the last two users for the duration of only the key exchange.

In modern network computing, authenticated group key agreement (AGKA) is important for conferencing. After Shamir [2] proposed the ID-based cryptosystem in 1984, the various applications on the ID-based cryptosystem have been actively studied, due to the simple key management complexity. For the AGKA, Choi et al. [16] proposed an ID-based authenticated group key agreement with bilinear maps, wh...

Cognitive Radio (CR) networks enable dynamic spectrum access and can significantly improve spectral efficiency. Cooperative Spectrum Sensing (CSS) exploits the spatial diversity between CR users to increase sensing accuracy. However, in a realistic scenario, the trustworthy of CSS is vulnerable to Spectrum Sensing Data Falsification (SSDF) attack. In an SSDF attack, some malicious CR users deli...