标准模型下基于身份的动态门限代理签名方案

目前对于基于身份的门限代理签名方案来说,方案的安全性大多是在随机预言模型下证明的,并且这些门限代理签名方案中的代理签名密钥固定。相对而言,设计标准模型下的动态门限代理签名方案更有实际意义。针对以上两个问题,根据Paterson提出的基于身份的签名方案,利用计算Diffi}Hellman问题的困难性在标准模型下设计了一个代理签名密钥可变的动态门限代理签名方案。最后,利用双线性对技术对方案的正确性进行了严格证明,并在CDH困难假设下给出了方案安全性的详细分析过程和证明,结果表明方案是可证安全的和可靠的。     

标准模型下的在线/离线多签名方案*

在线/离线多签名能够使多个用户对同一个消息快速地生成一个签名数据,此数据可以使验证者验证签名者的身份。签名生成过程中所需的大部分运算都在签名的消息给出之前进行,即进行预运算。在给出消息之后,再进行少量的运算得出签名。定义在线/离线多签名及其安全性,在Guo等人提出的在线/离线签名方案的基础上,运用Lu等人构造多签名的方法构造出一个具体方案。在标准模型下可证明它的安全性,并且阐述其高效性。     

一类可验证的门限签名方案

基于ELGamal体制提出了一类新的门限签名方案,该方案可防止秘密分发者和秘密分享者的欺诈行为,因而是一个可验证的门限签名方案,签名密钥可重复使用,签名的生成及验证过程均可离线完成,并且不需求逆运算,执行效率更高。     

可证明安全的可变门限代理重签名方案

已有的大部分门限代理重签名方案的门限值是固定的,而可变门限代理重签名方案更符合实际应用的需求,即根据消息的重要性可灵活地选择不同的门限值进行门限重签名。在Ateniese G等人提出的代理重签名方案Sbi的基础上,利用中国剩余定理提出了一个具有短公开参数和签名长度的可变门限代理重签名方案,并给出了该方案的安全性证明。根据可变的门限值,每个代理者都能非交互地生成相应的重签名子密钥和验证公钥。与现有方案相比, 新方案占用通信带宽低、计算效率高。     

基于门限签名的分布式预言机链下共识方案

为解决现有分布式预言机网络链上共识方案存在的区块链网络压力大、共识效率低等问题,提出一种基于门限签名的分布式预言机链下共识方案。基于(t,n)门限签名技术和Schnorr签名算法,设计包含密钥生成、签名生成、签名验证和预言机奖励4个阶段的共识流程。各预言机节点在链下达成共识后,由一个节点将聚合后的单一数据和可验证签名发送到区块链,在保证上链数据可信性的同时,减缓了区块链网络压力,提高了共识效率。给出方案实施的具体步骤并证明方案的正确性和安全性。实验结果表明,该方案具有较好的有效性和实用性。     

有效的基于身份的门限签名

门限签名是现代电子商务一种重要的数字签名。基于Hess签名的一个变体签名方案,提出了一个有效的基于身份的门限数字签名方案。为了提高方案的安全性,提出的方案利用Shamir秘密共享技术共享一个用户的私钥,而不是共享密钥生成中心的主密钥。利用Gennaro可模拟的思想,证明了提出的方案具有健壮性和不可伪造性,故提出的方案是安全的。与Cheng等人最近提出的方案相比,新方案具有更高的计算效率。     

具有可追查性的抗合谋攻击门限签名方案

好的门限签名方案应该具有很高的安全性,能够检测出任意不诚实成员的欺诈行为,同时能实现签名的匿名性和可追查性,并能抵抗合谋攻击和各种伪造性攻击。通过密码学分析和算法结构设计,首先讨论了实现门限签名匿名性和可追查性的一种有效方法,然后基于Waters基础签名方案,引入Gennaro分布式密钥生成协议、可验证秘密共享技术及部分签名验证协议,提出了一个具有匿名性和可追查性,抗合谋攻击及其他各种伪造性攻击,部分签名可验证的（t,n）门限签名方案,并在离散对数问题和双线性对逆运算问题两个困难问题假设下,给出了方案安全性的详细证明。     

具有特定合成者的门限代理签名方案

基于ElGamal签名体制,提出一个具有特定合成者的门限代理签名方案.当参与者加入或退出代理签名时,其他各参与者的子代理密钥无需更新,而且在签名参与者间不需要维护一条安全信道,指定的签名合成者可根据签名参与者发送的信息验证各部分签名并合成签名.分析结果表明,在离散对数困难性问题下,该方案是安全的,且与基于ElGamal签名体制的门限代理签名方案相比,在代理签名的生成与验证阶段计算量和通信量较小,具有较高的安全性和效率.     

高效的不可否认的门限代理签名新方案

基于Kim等人的门限代理签名方案,Sun提出了已知签名人的不可否认的门限代理签名方案。在Sun的方案中,代理签名人不能否认他们所进行的代理签名。随后,Hsu等人证明Sun方案不能抵抗共谋攻击,并提出了相应的改进方案。论文首先证明了Hsu等人的改进方案不能抵抗公钥替换的内部攻击,即任何恶意的内部攻击者,不需要其他代理签名人的密钥,对任意的消息能够伪造一个有效的门限代理签名。然后提出了一种不可否认的门限代理签名新方案,能同时抵抗内部的公钥替换攻击和共谋攻击。就计算复杂度和通信成本而言,该文的方案比Hsu等人的方案更有效、更实用。     

新的基于身份的门限签名方案

针对目前基于身份的门限签名方案只是基于密钥管理者身份的门限签名,而对参加签名的每个成员身份信息无法确定.论文在Paterson签名方案的基础上,给出一个新的基于身份的门限签名方案,新方案中参加签名的每个成员的公钥均由其成员身份产生,真正的符合了基于身份的签名体制的要求,并在CDH问题假设下,对该方案的安全性进行了证明,表明该方案对选择消息攻击是不可伪造的.     

一种无证书的在线/离线盲签名方案

无线通信终端处理能力和响应速度能力有限,普通的数字签名方案无法适用。为此,结合优化的在线/离线签名,构造一种无证书的在线/离线盲签名方案。在签名过程中,大部分运算在盲消息给出之前进行,在给出盲消息之后,再进行少量运算得出签名,签名人并不知道所签文件内容。性能分析结果表明,该方案可以应用在无线网络上,用于保护用户隐私。     

Efficient generic on-line/off-line (threshold) signatures without key exposure

The “hash–sign–switch” paradigm was firstly proposed by Shamir and Tauman with the aim to design an efficient on-line/off-line signature scheme. Nonetheless, all existing on-line/off-line signature schemes based on this paradigm suffer from the key exposure problem of chameleon hashing. To avoid this problem, the signer should pre-compute and store a plenty of different chameleon hash values and the corresponding signatures on the hash values in the off-line phase, and send the collision and the signature for a certain hash value in the on-line phase. Hence, the computation and storage cost for the off-line phase and the communication cost for the on-line phase in Shamir–Tauman’s signature scheme are still a little more overload. In this paper, we first introduce a special double-trapdoor hash family based on the discrete logarithm assumption and then incorporate it to construct a more efficient generic on-line/off-line signature scheme without key exposure. Furthermore, we also present the first key-exposure-free generic on-line/off-line threshold signature scheme without a trusted dealer. Additionally, we prove that the proposed schemes have achieved the desired security requirements.     

Off-line/on-line signatures revisited: a general unifying paradigm, efficient threshold variants and experimental results

The notion of off-line/on-line digital signature scheme was introduced by Even, Goldreich and Micali. Informally such signatures schemes are used to reduce the time required to compute a signature using some kind of preprocessing. Even, Goldreich and Micali show how to realize off-line/on-line digital signature schemes by combining regular digital signatures with efficient one-time signatures. Later, Shamir and Tauman presented an alternative construction (which produces shorter signatures) obtained by combining regular signatures with chameleon hash functions. In this paper, we study off-line/on-line digital signature schemes both from a theoretic and a practical perspective. More precisely, our contribution is threefold. First, we unify the Shamir–Tauman and Even et al. approaches by showing that they can be seen as different instantiations of the same paradigm. We do this by showing that the one-time signatures needed in the Even et al. approach only need to satisfy a weak notion of security. We then show that chameleon hashing is basically a one-time signature which satisfies such a weaker security notion. As a by-product of this result, we study the relationship between one-time signatures and chameleon hashing, and we prove that a special type of chameleon hashing (which we call double-trapdoor) is actually a fully secure one-time signature. Next, we consider the task of building, in a generic fashion, threshold variants of known schemes: Crutchfield et al. proposed a generic way to construct a threshold off-line/on-line signature scheme given a threshold regular one. They applied known threshold techniques to the Shamir–Tauman construction using a specific chameleon hash function. Their solution introduces additional computational assumptions which turn out to be implied by the so-called one-more discrete logarithm assumption. Here, we propose two generic constructions that can be based on any threshold signature scheme, combined with a specific (double-trapdoor) chameleon hash function. Our constructions are efficient and can be proven secure in the standard model using only the traditional discrete logarithm assumption. Finally, we ran experimental tests to measure the difference between the real efficiency of the two known constructions for non-threshold off-line/on-line signatures. Interestingly, we show that, using some optimizations, the two approaches are comparable in efficiency and signature length.     

强不可伪造的在线/离线签名方案

针对标准模型下签名方案效率低的问题,利用目标抗碰撞杂凑函数和变色龙哈希函数,提出了一种在线/离线签名方案。在签名消息到来之前,离线阶段进行重签名的大部分计算,并将这些运算结果保存起来;在签名消息到来时,利用离线阶段保存的数据能在很短的时间内生成消息的在线重签名。在标准模型下,证明了新方案在适应性选择消息攻击下满足强不可伪造性。分析结果表明,新方案在效率上优于已有的标准模型下签名方案,在线签名算法仅需要1次模减法运算和1次模乘法运算,适合于计算能力较弱的低端计算设备。     

Wavelet-Based Off-Line Handwritten Signature Verification

In this paper, a wavelet-based off-line handwritten signature verification system is proposed. The proposed system can automatically identify useful and common features which consistently exist within different signatures of the same person and, based on these features, verify whether a signature is a forgery or not. The system starts with a closed-contour tracing algorithm. The curvature data of the traced closed contours are decomposed into multiresolutional signals using wavelet transforms. Then the zero-crossings corresponding to the curvature data are extracted as features for matching. Moreover, a statistical measurement is devised to decide systematically which closed contours and their associated frequency data of a writer are most stable and discriminating. Based on these data, the optimal threshold value which controls the accuracy of the feature extraction process is calculated. The proposed approach can be applied to both on-line and off-line signature verification systems. Experimental results show that the average success rates for English signatures and Chinese signatures are 92.57% and 93.68%, respectively.     

一种基于仲裁者的代理签名方案

目前已知的一些代理签名方案都是由原始签名者、代理签名者和签名验证者三方共同来完成,存在着原始签名者在线的问题。论文引入可信第三方,即仲裁者这一新的角色,并提出了一种由仲裁者、代理签名者和签名验证者参与的代理签名方案,有效地在代理签名方案中弥补了原始签名者在线的不足,并通过证书的“绑定”实现了通信双方的身份验证。     

基于群盲签名的离线的公平电子现金方案

电子支付具有传统支付方式(现金、支票、信用卡等)的优点,同时克服了传统货币的一些缺陷,成为电子商务的核心技术和关键环节。近年来,人们提出了许多不同的密码体制用于构造电子现金系统(在线的或离线的)但这些方案要么效率不高,要么安全性能不够好。为了克服这些缺陷,提出了一种有效的基于群(?)签名的离线电子现金系统。该方案能很好地满足效率和安全需求,同时能很好的解决电子现金中遇到的二次付费问题。     

Generic Transformation from Weakly to Strongly Unforgeable Signatures

Current techniques for transforming unforgeable signature schemes （the forged message has never been signed） to strongly unforgeable ones （the forged message could have been signed） require supplementary components to be added onto the original key pairs of the schemes. In addition, some of them can only be applied to a certain type of signature schemes. In this paper, we propose a new generic transformation technique which converts any unforgeable signature scheme into a strongly unforgeable one without modifying any component in the original key pair. This makes our technique especially compatible for practical use. Our technique is based on strong one-time signature schemes. We show that they can be constructed efficiently from any one-time signature scheme that is based on one-way functions. The performance of our technique also compares favorably with that of current ones. Besides, it is shown in this paper that our transformation can further be applied to schemes satisfying only a weak variant of unforgeability without any further modification. Furthermore, our technique can also be used for constructing strongly unforgeable signature schemes in other cryptographic settings which include certificateless signature, identity-based signature, and several others. To the best of our knowledge, similar extent of versatility is not known to be supported by any of those comparable techniques. Finally and of independent interest, we show that our generic transformation technique can be modified to an on-line/off-line signature scheme, which possesses a very efficient signing process.     

结合模糊理论的动态匹配脱机签名鉴定研究

为快速并准确地进行脱机签名鉴定,提出了一种结合模糊理论建立动态匹配目标函数用于鉴定的新方案。鉴于签名图像具有投影特征提取简单的特点,该方案通过选择合适的隶属度函数,归纳出动态匹配所必需的目标函数式,并给出了相应的求解方法。同时还根据实验结果讨论了新方案中参考样本的选择和判别阈值对鉴定结果的影响,并与其他方案的实验结果进行了比较,结果表明,该方案是有效的。     

一种基于椭圆曲线的有向门限群签名方案

有向门限群签名方案可以在同一个签名过程内完成有向签名和门限群签名,代价远小于对签名进行加密或进行交互式验证。提出了一种基于椭圆曲线的有向门限群签名方案,结合了改进的ECDSA方案、门限群签名思想和可验证秘密分享方案,只有指定接受者可以验证签名。并对方案的正确性和安全性进行了分析,指出该方案比基于大数分解和离散对数问题的门限群签名方案更安全更实用。