The identity-based signature (IBS) scheme is one of the most promising secure and widely used cryptographic primitives for electronic commerce applications. For example, ID-based signing in a multi-party setting, without ever revealing any private and secret information, has received considerable interest in distributed applications such as a global manufacturer. However, there is no practical solution for such a group setting (e.g. more than two parties). Therefore, in this study, the authors present the first distributed identity-based signing protocol for the global electronic commerce system. Specifically, the authors’ designed protocol allows a group of parties to generate the signature in a decentralised and fair manner. They also prove that their proposed protocol is secure against a malicious adversary under the discrete logarithm and decisional Diffie–Hellman assumptions. Moreover, they implement the protocol using the MIRACL libraries on physical computing devices. Findings from the evaluations demonstrate the practical utility of their proposed protocol, in terms of achieving high level of security within a reasonable time framework (e.g. signing time (including communication latency and waiting delay) takes 311.86 ms for three parties, 558.2 ms for five parties, and 707.21 ms for seven parties, under a single-thread implementation).

References

1. 1)
  - 40. Barreto, P.S., Lynn, B., Scott, M.: ‘Constructing elliptic curves with prescribed embedding degrees’. Int. Conf. on Security in Communication Networks, Amalfi, Italy, 2002, pp. 257–267.
2. 2)
  - 16. Langford, S.K.: ‘Threshold DSS signatures without a trusted party’. Annual Int. Cryptology Conf., Santa Barbara, CA, USA, 1995, pp. 397–409.
3. 3)
  - 4. Firm linked to Alibaba opens China's biggest robot warehouse to help deal with singles day demand. https://www.cnbc.com/2018/10/30/alibaba-cainiao-chinas-biggest-robot-warehouse-for-singles-day.html. Accessed: 2020-01-29.
4. 4)
  - 23. Gennaro, R., Goldfeder, S.: ‘Fast multiparty threshold ECDSA with fast trustless setup’. Proc. of the 2018 ACM SIGSAC Conf. on Computer and Communications Security, Toronto, Canada, 2018, pp. 1179–1194.
5. 5)
  - 20. Hu, L., Huang, Y., Yang, D., et al: ‘SSe-Cloud ‘using secret sharing scheme to secure keys’. IOP Conf. Series: Earth and Environmental Science, Zhuhai, China, 2017, vol. 81, p. 012207.
6. 6)
  - 34. Keller, M., Orsini, E., Scholl, P.: ‘Actively secure OT extension with optimal overhead’. Annual Cryptology Conf., Santa Barbara, CA, USA, 2015, pp. 724–741.
7. 7)
  - 14. Schnorr, C.-P.: ‘Efficient identification and signatures for smart cards’. Conf. on the Theory and Application of Cryptology, Houthalen, Belgium, 1989, pp. 239–252.
8. 8)
  - 2. Allen, R.: Top e-commerce trends to inform your 2017 marketing strategy, 2017. https://www.smartinsights.com/ecommerce/ecommerce-strategy/top-ecommerce-trends-inform-2017-marketing-strategy.
9. 9)
  - 33. Chou, T., Orlandi, C.: ‘The simplest protocol for oblivious transfer’. Int. Conf. on Cryptology and Information Security in Latin America, Guadalajara, Mexico, 2015, pp. 40–58.
10. 10)
  - 13. Yao, A.C.: ‘Protocols for secure computations’. 23rd Annual Symp. on Foundations of Computer Science (SFCS 1982), Chicago, IL, USA, 1982, pp. 160–164.
11. 11)
  - 31. He, D., Zhang, Y., Wang, D., et al: ‘Secure and efficient two-party signing protocol for the identity-based signature scheme in the IEEE P1363 standard for public key cryptography’, IEEE Trans. Dependable Secur. Comput., DOI: 10.1109/TDSC.2018.2857775, 2018.
12. 12)
  - 19. Jarecki, S., Kiayias, A., Krawczyk, H., et al: ‘Highly-efficient and composable password-protected secret sharing (or: how to protect your Bitcoin wallet online)’. 2016 IEEE European Symp. on Security and Privacy (EuroS&P), Saarbrucken, Germany, 2016, pp. 276–291.
13. 13)
  - 32. Wu, L., Wang, J., Choo, K.-K.R., et al: ‘Secure key agreement and key protection for mobile device user authentication’, IEEE Trans. Inf. Forensics Secur., 2019, 14, (2), pp. 319–330.
14. 14)
  - 9. Jiang, Q., Kumar, N., Ma, J., et al: ‘A privacy-aware two-factor authentication protocol based on elliptic curve cryptography for wireless sensor networks’, Int. J. Netw. Manage., 2017, 27, (3), p. e1937.
15. 15)
  - 29. Lindell, Y., Nof, A.: ‘Fast secure multiparty ECDSA with practical distributed key generation and applications to cryptocurrency custody’. Proc. of the 2018 ACM SIGSAC Conf. on Computer and Communications Security, Toronto, Canada, 2018, pp. 1837–1854.
16. 16)
  - 10. Chaudhry, S.A., Farash, M.S., Naqvi, H., et al: ‘A secure and efficient authenticated encryption for electronic payment systems using elliptic curve cryptography’, Electron. Commer. Res., 2016, 16, (1), pp. 113–139.
17. 17)
  - 25. Goldreich, O.: ‘Foundations of cryptography: volume 2, basic applications' (Cambridge University Press, Cambridge, UK, 2009).
18. 18)
  - 3. The Amazon recommendations secret to selling more online. http://rejoiner.com/resources/amazon-recommendations-secret-selling-online. Accessed: 2020-01-29.
19. 19)
  - 17. Gennaro, R., Jarecki, S., Krawczyk, H., et al: ‘Robust threshold DSS signatures’. Int. Conf. on the Theory and Applications of Cryptographic Techniques, Saragossa, Spain, 1996, pp. 354–371.
20. 20)
  - 1. Statista. Retail e-commerce sales worldwide from 2014 to 2021 (in billion U.S. dollars), 2018. https://www.statista.com/statistics/379046/worldwide-retail-e-commerce-sales.
21. 21)
  - 12. IEEE standard for identity-based cryptographic techniques using pairings. IEEE Std 1363.3-2013, pages 1–151, Nov 2013.
22. 22)
  - 8. Rutherford, B., Dagher, A., Wiseman, M., et al: ‘Customer authentication in e-commerce transactions’. US Patent 9,514,458, December 6 2016.
23. 23)
  - 38. Miyaji, A., Nakabayashi, M., Takano, S.: ‘New explicit conditions of elliptic curve traces for FR-reduction’, IEICE Trans. Fund. Electron., Commun. Comput. Sci., 2001, 84, (5), pp. 1234–1243.
24. 24)
  - 15. Stinson, D.R., Strobl, R.: ‘Provably secure distributed Schnorr signatures and a (t, n) threshold scheme for implicit certificates’. Australasian Conf. on Information Security and Privacy, Sydney, Australia, 2001, pp. 417–434.
25. 25)
  - 30. Doerner, J., Kondi, Y., Lee, E., et al: ‘Threshold ECDSA from ECDSA assumptions: the multiparty case’. 2019 IEEE Symp. on Security and Privacy (SP), San Francisco, CA, USA, 2019, pp. 1051–1066.
26. 26)
  - 39. Kachisa, E.J., Schaefer, E.F., Scott, M.: ‘Constructing Brezing-Weng pairing-friendly elliptic curves using elements in the cyclotomic field’. Int. Conf. on Pairing-Based Cryptography, Egham, UK, 2008, pp. 126–135.
27. 27)
  - 35. Hazay, C., Lindell, Y.: ‘Efficient secure two-party protocols: techniques and constructions’ (Springer Science & Business Media, Berlin/Heidelberg, Germany, 2010).
28. 28)
  - 37. MIRACL UK Ltd. Multiprecision integer and rational arithmetic C/C++ library (MIRACL). https://github.com/miracl/MIRACL, 2016.
29. 29)
  - 24. Micali, S., Goldreich, O., Wigderson, A.: ‘How to play any mental game’. Proc. of the Nineteenth ACM Symp. on Theory of Computing (STOC), New York, USA, 1987, pp. 218–229.
30. 30)
  - 18. Chandramowliswaran, N., Srinivasan, S., Muralikrishna, P.: ‘Authenticated key distribution using given set of primes for secret sharing’, Syst. Sci. Control Eng., 2015, 3, (1), pp. 106–112.
31. 31)
  - 22. Boneh, D., Gennaro, R., Goldfeder, S.: ‘Using level-1 homomorphic encryption to improve threshold DSA signatures for Bitcoin wallet security’. Int. Conf. on Cryptology and Information Security in Latin America, Havana, Cuba, 2017, pp. 352–377.
32. 32)
  - 11. Feng, Q., He, D., Zeadally, S., et al: ‘Anonymous biometrics-based authentication scheme with key distribution for mobile multi-server environment’. Future Gener. Comput. Syst., 2018, 84, pp. 239–251.
33. 33)
  - 28. Doerner, J., Kondi, Y., Lee, E., et al: ‘Secure two-party threshold ECDSA from ECDSA assumptions’. 2018 IEEE Symp. on Security and Privacy (SP), San Francisco, CA, USA, 2018, pp. 980–997.
34. 34)
  - 21. Gennaro, R., Goldfeder, S., Narayanan, A.: ‘Threshold-optimal DSA/ECDSA signatures and an application to Bitcoin wallet security’. Int. Conf. on Applied Cryptography and Network Security, London, UK, 2016, pp. 156–174.
35. 35)
  - 7. He, D., Kumar, N., Shen, H., et al: ‘One-to-many authentication for access control in mobile pay-tv systems’, Sci. China Inf. Sci., 2016, 59, (5), p. 052108.
36. 36)
  - 36. Barreto, P.S., Naehrig, M.: ‘Pairing-friendly elliptic curves of prime order’. Int. Workshop on Selected Areas in Cryptography, Kingston, Canada, 2005, pp. 319–331.
37. 37)
  - 6. Song, Z., Sun, Y., Wan, J., et al: ‘Smart e-commerce systems: current status and research challenges’, Electron. Mark., 2019, 29, (2), pp. 221–238.
38. 38)
  - 26. MacKenzie, P., Reiter, M.K.: ‘Two-party generation of DSA signatures’. Annual Int. Cryptology Conf., Santa Barbara, CA, USA, 2001, pp. 137–154.
39. 39)
  - 27. Lindell, Y.: ‘Fast secure two-party ECDSA signing’. Annual Int. Cryptology Conf., Santa Barbara, CA, USA, 2017, pp. 613–644.
40. 40)
  - 5. Sennaar, K.: Artificial intelligence in eCommerce comparing the top 5 largest firms. https://emerj.com/ai-sector-overviews/artificial-intelligence-in-ecommerce-amazon-alibaba-jd-com. Updated: 2019-11.

Distributed signing protocol for IEEE P1363-compliant identity-based signature scheme

References

Related content