The ISC International Journal of Information Security

Abstract Digital signatures are used to ensure legitimate access through identity authentication. They are also used in blockchains and to authenticate transactions. Code-based digital signatures are not widely used due to their complexity. This paper presents a new code-based signature algorithm with
lower complexity than existing methods and a high success rate. The key generation algorithm constructs three-tuple public keys using a dual inverse matrix. The proposed signing scheme is based on the McEliece cryptosystem. It includes an integrity check to mitigate forgery before verification.

Abstract This paper analyses the security and efficiency of some notable privacy preserving data aggregation schemes, SP2DAS, 3PDA, and EPPA. For SP2DAS and 3PDA schemes, We show that despite the designers’ claims, there are efficient forgery attacks on the signature scheme used. We present a
selective forgery attack on the signature scheme of SP2DAS in the key-only attack model and a selective forgery attack on the 3PDA’s signature scheme in the known-message attack model,
requiring only two pairs of message-signature. These attacks enable the attacker to inject any arbitrary faulty data into the data aggregated by the network, without being detected, which is a serious threat to the performance of the whole network.
We also present an improved version of the broadcast encryption scheme used in EPPA scheme, in which the decryption key is half, the decryption complexity is half, and the ciphertext size is 3=4 of the original one. The semantic security of the proposed scheme is proved under the same assumption as the original scheme.