Research On Anonymous Password Based Authenticated Key Exchange Protocols And Sanitizable Signatures

In today's Internet, (identity and content) authentication is a fundamental security require-ment. In this paper, we focus on two special authentication techniques, they are anonymous pass-word based authenticated key exchange protocols and sanitizable signatures.Password based authenticated key exchange protocols allow the participants to authenticate each other and establish a secure session key using their pre-shared password. Anonymous pass-word based authenticated key exchange protocols are password based authenticated key exchange protocols with client anonymity, where even server can not extract the identity information of the client from protocol executions. In order to solve the issue that existing protocols are not prac-tical enough, we first construct a generic-device-aided protocol using homomorphic encryptions. This protocol finds a good balance point between (computation and communication) resource consumption and user-friendlienss, and thus more practical than prior ones. Based on this basic protocol, we also give an extended protocol, which do not need any auxiliary devices at all, and therefore achieves better user-friendliness. Although the improvement is at the cost of increasing the number of public parameters, the extended protocol is still feasible in the applications where clients have enough memory space or the password space is relatively smaller.Sanitizable signatures are a special kind of digital signatures, which allow the original signer to designate a sanitizer at the signing stage. Then the designated sanitizer can modified the signed message in a pre-determined fashion. We first cryptanalyze Brzuska et al.'s and Canard et al.'s constructions. Especially, we point out that they are not signer-accountable by showing concrete attacks respectively. Then we improve their constructions aiming at fixing the security flaws and gaining higher computation efficiency and shorter signatures. Our improved scheme still follows the paradigm due to Brzuska et al. and Canard et al., that is our scheme is still constructed using chameleon hash. In Brzuska et al.'s and Canard et al.'s constructions, both fundamental algo-rithms'computation costs and the signature size are proportional to the number of modifiable or modified blocks. By contrast, in our improved scheme, both of them are not only smaller but also constant. This advantage makes our scheme be able to provide higher efficiency and response speed, and be helpful in saving memory space as well.