Abstract
Digital signatures guarantee practical security only if the corresponding verification keys are distributed authentically; however, arguably, satisfying solutions for the latter haven’t been found yet. This paper introduces a novel approach for cryptographic message authentication where this problem does not arise: A linkable message tagging scheme (LMT) identifies pairs of messages and accompanying authentication tags as related if and only if these tags were created using the same secret key. Importantly, our primitive fully avoids public keys, and hence elegantly sidesteps the key distribution problem of signature schemes.
As an application of LMT we envision an email authentication system with minimal user interaction. Email clients could routinely equip all outgoing messages with corresponding tags and verify for incoming messages whether they indeed originate from the same entity as previously or subsequently received messages with identical sender address.
As technical contributions we formalize the notions of LMT and its (more efficient) variant CMT (classifiable message tagging), including corresponding notions of unforgeability. For both variants we propose a range of provably secure constructions, basing on different hardness assumptions, with and without requiring random oracles.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Al-Riyami, S.S., Paterson, K.G.: Certificateless public key cryptography. In: Laih, C.-S. (ed.) ASIACRYPT 2003. LNCS, vol. 2894, pp. 452–473. Springer, Heidelberg (2003)
Balfanz, D., Smetters, D.K., Stewart, P., Wong, H.C.: Talking to strangers: authentication in ad-hoc wireless networks. In: NDSS 2002. The Internet Society, February 2002
Blake-Wilson, S., Menezes, A.: Unknown key-share attacks on the station-to-station (STS) protocol. In: Imai, H., Zheng, Y. (eds.) PKC 1999. LNCS, vol. 1560, pp. 154–170. Springer, Heidelberg (1999)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. In: Boyd, C. (ed.) ASIACRYPT 2001. LNCS, vol. 2248, pp. 514–532. Springer, Heidelberg (2001)
Callas, J., Donnerhacke, L., Finney, H., Shaw, D., Thayer, R.: OpenPGP Message Format. RFC 4880 (Proposed Standard), November 2007. http://www.ietf.org/rfc/rfc4880.txt. Updated by RFC 5581
Diffie, W., Hellman, M.E.: New directions in cryptography. IEEE Transactions on Information Theory 22(6), 644–654 (1976)
Fox-IT: Black Tulip – Report of the investigation into the DigiNotar Certificate Authority breach, August 2012. http://www.rijksoverheid.nl/bestanden/documenten-en-publicaties/rapporten/2012/08/13/black-tulip-update/black-tulip-update.pdf
Google Online Security Blog: Maintaining digital certificate security, July 2014. http://googleonlinesecurity.blogspot.de/2014/07/maintaining-digital-certificate-security.html
Günther, F., Poettering, B.: Linkable Message Tagging: Solving the key distribution problem of signature schemes. Cryptology ePrint Archive, Report 2014/014 (2014). http://eprint.iacr.org/2014/014
Kaliski, B.: PKCS #7: Cryptographic Message Syntax Version 1.5. RFC 2315 (Informational), March 1998. http://www.ietf.org/rfc/rfc2315.txt
Koblitz, N., Menezes, A.: Another look at security definitions. Advances in Mathematics of Communications 7(1), 1–38 (2013)
Mashatan, A., Vaudenay, S.: A message recognition protocol based on standard assumptions. In: Zhou, J., Yung, M. (eds.) ACNS 2010. LNCS, vol. 6123, pp. 384–401. Springer, Heidelberg (2010)
Menezes, A., Smart, N.P.: Security of signature schemes in a multi-user setting. Designs, Codes and Cryptography 33(3), 261–274 (2004)
Pointcheval, D., Stern, J.: Security arguments for digital signatures and blind signatures. Journal of Cryptology 13(3), 361–396 (2000)
Schnorr, C.P.: Efficient signature generation by smart cards. Journal of Cryptology 4(3), 161–174 (1991)
Shamir, A.: Identity-based cryptosystems and signature schemes. In: Blakely, G.R., Chaum, D. (eds.) CRYPTO 1984. LNCS, vol. 196, pp. 47–53. Springer, Heidelberg (1985)
TURKTRUST Information Security Services Inc.: Public Announcements, January 2013. http://www.turktrust.com.tr/en/about-us/news-detail/kamuoyu-aciklamalari
Weimerskirch, A., Westhoff, D.: Zero common-knowledge authentication for pervasive networks. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 73–87. Springer, Heidelberg (2004)
Whitten, A., Tygar, J.D.: Why Johnny can’t encrypt: a usability evaluation of PGP 5.0. In: Proceedings of the 8th Conference on USENIX Security Symposium, SSYM 1999, vol. 8, p. 14. USENIX Association, Berkeley (1999). http://dl.acm.org/citation.cfm?id=1251421.1251435
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Günther, F., Poettering, B. (2015). Linkable Message Tagging: Solving the Key Distribution Problem of Signature Schemes. In: Foo, E., Stebila, D. (eds) Information Security and Privacy. ACISP 2015. Lecture Notes in Computer Science(), vol 9144. Springer, Cham. https://doi.org/10.1007/978-3-319-19962-7_12
Download citation
DOI: https://doi.org/10.1007/978-3-319-19962-7_12
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19961-0
Online ISBN: 978-3-319-19962-7
eBook Packages: Computer ScienceComputer Science (R0)