A Forward-Secure Certificate-based Signature Scheme

Author(s)

Jiguo Li
Huiyun Teng
Xinyu Huang, University of South Carolina - ColumbiaFollow
Yichen Zhang
Jianying Zhou

Document Type

Article

Subject Area(s)

Engineering, Computer Engineering, Computer Sciences, Digital Communications and Networking, Information Security

Abstract

Cryptographic computations are often carried out on insecure devices for which the threat of key exposure raises a serious concern. In an effort to address the key exposure problem, the notion of forward security was first presented by Günther in 1990. In a forward-secure scheme, secret keys are updated at regular periods of time; exposure of the secret key corresponding to a given time period does not enable an adversary to ‘break’ the scheme for any prior time period. In this paper, we first introduce forward security into certificate-based cryptography and define the security model of forward-secure certificate-based signatures (CBSs). Then we propose a forward-secure CBS scheme, which is shown to be secure against adaptive chosen message attacks under the computational Diffie–Hellman assumption in the random oracle model. Our result can be viewed as the first step toward solving the key exposure problem in CBSs and thus improving the security of the whole system.

Publication Info

Published in The Computer Journal, Volume 58, Issue 4, 2013, pages 853-866.

Rights

© The Computer Journal, 2013, The British Computer Society 2013.

Li, J., Teng, H., Huang, X., Zhang, Y., Zhou, J. (2015). A forward-secure certificate-based signature scheme. The Computer Journal, 58(4), 853-866.

http://dx.doi.org/10.1093/comjnl/bxt141