Efficient and secure multiple digital signature to prevent forgery based on ECC

Adversary can be able to perform selective forgery where valid signature on message are created by someone else, with a significant probability and existential forgery, in which a pair of message and valid signature is created by him. For a signature scheme to be perfectly secured, it should be secured computationally. We present an ID based multiple signatures scheme secure against selective forgery attack based on ECC. The objective of the work carried out is to design and implement multi digital signature based on ECC against selective forgery attack.


INTRODUCTION
The foremost and ancient cryptographic primitive is digital signature. Digital signature serves to verify that signer of the document has created and signed that document and that record is tamperproof (David et al., 1999). It is used for non-repudiation, authentication and data integrity. It is generated using public key cryptography.
It is important to protect information when two parties exchanging it, so that the ultimate recipient have knowledge about the information being created by sender and it remains unaltered. According to the IT act, 2000, digital signatures on a document ensure the authenticity and security. To obtain a digital signature, first computing a hash of the biological information provided by the entities, encipher the hash values with the private key of the sender, and affixing the encipher hash to the digital records. Signed records usually carries a duplicate copy of signer's certificate. Digital signature paves the way to verify that signer of the record has created and signed that document and that record is not modified and trustworthy (David et al., 1999). It is generated using public key cryptography to ensure the authentication non-repudiation, credibility, integrity, nonreusable and unalterable (badotra, et al., 2019).
Digital signature can be implemented using RSA, ECC (Elgamal and Elliptic Curve Cryptography). ECC has the advantage of shorter key and higher efficiency over RSA.
If A want to send a signed message to B, then the digital signature would be as follows:-A generates a unique fingerprint using one way hash function then encrypts message dist with his secret key. A message or document alongwith obtained signature is transmitted to the receiving party and that receiving party calculates the message digest using the same hashing algorithm that of sender. The signature is then decrypted with signer's public key and computed message digest is compared with the decrypted signature. If the condition is satisfy, receiver validates the signature and accept the message or document otherwise reject the same. Fig. 1 depicted the working of digital The remaining paper comprises the following sectionsliterature review presented in Section 2. Section 3 present the proposed scheme supported by performance and evaluating security parameters in section 4 and section 5 and finally section 6 is the conclusion of the paper. Bi et al. (2018) proposed an algorithm for MECCDSA (Multiple Elliptic Curves Digital Signature) which allows crating elliptic curves depending on security requirement along with updating parameters of each elliptic curves. Performance analysis is based on three factors-validity, efficiency and security. It is difficult to manage the algebraic logarithm problem in elliptic curve digital signature. MECDSA have a positive result in solving ECDLP ( Elliptic Curve Discrete Logarithm Problem). The processing cost is identified by inverse function in finite prime series and multiplication and division function in elliptic curve. Saritha (2020) discussed about using Digital Signature Algorithm (DSA) that is an asymmetric key cryptography where public and secret keys are applied for enciphering and deciphering sensitive information. The two-factor authentication that takes password and other credentials such as face recognition is less secure than ECC (Elliptic Curve Cryptography). ECC is a public key cryptography that uses less key size for enhanced security. ECC coupled with DSA will be more beneficial for authentication in Blockchain technology. Algorithms for signature generation and verification are used. Bitcoin is a digital cryptocurrency that has implemented ECCDSA for maintaining integrity of records and secured transactions. Tsai and Su (2017) proposed a scheme for blind signature in digital information based on elliptic curve cryptography. ECC has higher computational speed. Focused on ECDLP, this scheme integrates signcryption for verification of multiple digital records. Small key values in ECC and complex ECDLP has resulted in high security and low communication overhead. Various features such as blindness, confidentiality, integrity, forgery-proof, untrace ability, authentication is embedded in the system. The scheme involves less multiplication operations as compared to previous work. Large number of digital messages can be carried out with efficient and greater security. Mehibel and Hamadouche (2021) discussed about the challenges of Elliptic curve Diffie-Hellman (ECDH) which doesn't validate secret session key thus prone to man-in middle attack. ECC is widely used for limited memory devices because computational time is low with high security. Authors developed a low cost authenticated secret session key scheme using ECCDSA where two arbitrary values are taken. Performance is evaluated based on computational difficulty and security where the system have better results than other two works mentioned. Security of the proposed scheme is higher than of A-ECDH. There is similarity in security features of Biswas scheme and the proposed scheme.

LITERATURE REVIEW
Singh et al. (2020) designed a protocol for smart cards using Elliptic Curve Signcryption. Protocol is divided into different phases and three actors are smart card user, registration center and service provider. User and service provider have to get registered in register center respectively. No third party can interrupt the communication. Mutual authentication based on signcryption takes places where user and service provider mutually authenticate each other. The security protocol is effective with brute force attack, man in the middle attack, masquerade attack, replay attack. Protocol utilizes low communication bandwidth and less computing cost.
In 1983 Itakura and Nakamura first proposed the concept of multiple signatures (Gangishetti et al., 2006). In multiple signature a group of members need to sign the message for approval using a single compact signature (Tanwar, et al., 2019). In multiple signature n random secret keys k1, k2, kn and public key t is generated such that: (k_1+k_2+..k_n)*t = 1 mod ∅(n) In 1984, Shamir proposed identity (ID) based cryptosystem. In ID based signature public key is derived from the user's identity and private key generated by PKG. There is no need to transmit public key as it is efficiently derived from the receiver's identity information such as name, email address, IP address and mobile number (Sharma, et al., 2014).  has proposed an efficient digital multiple signature schemes that is vulnerable to inside and forgery attack. As receiver can verify signer's identity by comparing the received one with the actual identities.
Authors proposed an efficient multiple signature based on discrete logarithm problem. Signature verification time and length are fixed but suffers modulus clashing problem (Harn and Ren, 2008). Miller (1985); Koblitz (1987) proposed Elliptic Curve Discrete Logarithm Problem (ECDLP) which plays significant role in cryptographic techniques. In 1998 ECC digital signature was accepted as an ISO standard. Negi et al. (2015) proposed scheme to improve the security by using multiple integers (e_1, e_2, e_n) to primary integer number and increase difficulty of decryption key. But they do not allow storing digital signature. Nia et. al. (2016) explained different type of digital signature such as batch scheme, forward secure scheme, blind scheme and proxy scheme. Tianhuang and Xiaoguang (2010) proposed algorithm for the improvement of DSA to solve ecommerce security issues. Shamir et al. (1984) explained two basic categories of digital signature-direct and arbitrated. Direct signature involved two parties-sender and the receiver whereas in arbitrated signature scheme every signed message go through arbiter.
In this paper, we proposed an efficient and secure ID based digital multiple signatures based on ECC which has a setup phase, key generation phase multi-signature generation and verification phase.

Preliminary Notes
In this section we will summarizes some fundamental concepts on bilinear pairing and necessary hard problems. In cryptography, bilinear pairing is an important primitive. Let 1 be a cyclic additive group and 2 be a cyclic multiplicative group with same order q (prime). A map ̂= 1 × 1 → 2 be a bilinear if satisfies the following properties:- Bilinear: for all , ∈ , it holds that ( , ) = ( , ) .  Non-degeneracy: There exists a ∈ 1 and ∈ 2 such that ( , ) ≠ 1.  Computable: if , ∈ 1 , ( , ) ∈ 2 can be computable in polynomial time using an efficient algorithm.

Mathematical Hard Problem and Assumptions
The security of ECC depends on the difficulty of solving the elliptic curve logarithm problem.

Proposed Scheme for Multi Digital Signature Based on ECC Against Selective Forgery Attack
Adversary can be able to perform selective forgery where valid signature on message are created by someone else, with a significant probability and existential forgery, in which a pair of message and valid signature is created by him. A signature scheme can be perfectly secure if it is computationally secure. Now a day's ECC has become hotspot in the field of information security (Miller, 1985;Chen et al., 2004). ECC has the advantage of shorter key and higher efficiency over RSA. The author  has proposed an efficient and secure digital multiple signature protocol based on ECC that is vulnerable to inside and forgery attack. As the receiver can verify signer's identity by comparing the received one with the actual identities.

Implementation of ECC Based Digital Signature
Along with a Timestamp We presented an ID based multiple signatures scheme secure against selective forgery attack based on ECC. It has a setup phase, key generation phase multi-signature generation and verification phase. We implemented ECC based digital signature along with a timestamp. Fig. 6

PERFORMANCE ANALYSIS
The proposed scheme is compared with Yadav et al. (2013); Chen et al. (2004). Table 1 and Table 2 show the computational time of different operations and depicts the notations. Table 3 describes the comparison between Chen et al., 2004) and proposed scheme.
The proposed scheme is more efficient and secure than in Chen et al., 2004) terms of authentication and security.   Chen et al. (2004)

SECURITY ANALYSIS
We proposed scheme that comes up with a wide range of security features such as:-1. Confidentiality: For making sensitive information more secure, it must be hidden from the unauthorized access. An attacker Eve wants to derive from which is infeasible to solve ECDLP. Suppose he is able to get ℎ( ) and knows the seed value of curve, which is public to all still it is quiet infeasible to solve it. 2. Authentication: Authentication ensures that message received by user is the exact same sent by the sender and verifies the participants are who really claim to be. With regards to message authentication, the proposed scheme can prove the authenticity that is able to protect from malicious or unauthorized modification through a checksum at the receiver side. In this identities of the both the participating parties are verified by verifying the checksum ℎ = ( || ). 3. Integrity: In the proposed scheme, the receiver can very whether the message is sent by the sender or not. If the attacker change the cipher text ′ . It is infeasible to obtain same digest for the two messages. 4. Unforgeability: It is difficult to forge the signature ( , ) for a message. In ECC, attacker selects random number and prove multiple signature ( + ) = + . 5. Non-repudiation: The target of non-repudiation is to prevent the sender from denying the signature, he has done. Unforgeability implies non-repudiation.
6. Secure against forgery: The proposed scheme is secure against forgery attack as (David, 1999) scheme does not. For the attacker it is not possible to derive the private key = ( | . Because two different messages have different message digest. Due to ECDLP it is not possible to derive public key = . When message signed by multiple signers, is received along with hash of senders and receiver identities prevent modification in the message. 7. Public verifiability: Multi signatures are valid only if 1 == 2. To forge the signature with equation 1 = ℎ , attacker has to solve the ECDLP, which is not possible.
// = ℎ = + = v2 8. Forward Secrecy: Forward secrecy implies that regardless of the possibility that a private key of the sender gets compromised, still it won't be conceivable for someone to unsigncrypt the message that were signcrypted beforehand by the user. If the adversary is able to possess private key , still he is not able to retrieve previously send signed messages. For accessing those messages, he needs value of and its very difficult to retrieve value of due to the ECDLP.

CONCLUSION
Digital signature refers to an electronic signature that have its usage to authenticate identity for online transaction like e-commerce (badotra, et al., , Shobha et al.,2021 . In this paper we have proposed ECC based ID with multiple signature, which is more secure than Chen et al., 2004). Forgery can be detected in the proposed scheme as secret key is derived from the hash of identity and a random number〖d〗_i=H(〖ID〗_i |r). This can be extended by applying blind signature on message and signcryption. And it can be designed for multiple receivers.