一种安全的门限群签名方案*

门限签名是一类重要的数字签名,到目前为止,已有许多门限方案相继被提出,但它们都是不安全的,几乎都有弱点：当恶意成员大于或等于门限时,能以高概率获取系统秘密,并由此伪造群签名。在现有门限方案的基础上提出了一种比较安全的门限群签名方案,新方案较已有的方案性能更好,尤其是克服了已有方案的缺点。最后对新方案的安全性进行了讨论。     

基于无证书签名的抗DNS中间人攻击方案

为应对域名系统协议中存在的中间人攻击问题,提出一种轻量化的解决方案。该方案在 DNSSEC的基础上引入无证书签名技术构建新的签名算法,去除难以部署的信任链以提高消息认证的效率和安全性;同时通过使用对称加密技术确保消息的机密性,加大敌手的攻击难度。理论分析证明了所提方案能够抵抗常见的中间人攻击类型,实验对比结果显示所提方案较同类方案具有更好的性能表现。     

紧安全的环签名构造

对于一个密码方案而言,如何在安全证明中降低归约损失、实现紧归约是一个重要的问题。因为一般来说归约损失越大,就需要更大的参数来保证方案的理论安全强度,而在部署一个紧安全的密码方案的时候,则不需要牺牲效率来弥补归约损失。在这篇文章中,我们关注紧安全的环签名构造。环签名在2001年由Rivest等人首次提出,它允许用户在隐藏自己身份的同时进行签名,任何人都不能破坏环签名的匿名性,同时敌手不能冒充任意一个环成员生成相应的有效签名。虽然目前已有多种环签名的构造方案,但证明过程中的归约损失是高效实现的一大阻碍。在本文中,我们基于DDH假设在随机预言机模型下提出了一种环签名方案,其中安全证明的归约损失仅为常数,因此称为紧安全的环签名构造。在构造中,我们令每个用户的公钥由两个子公钥构成,用户私钥为其中一个子公钥对应的子私钥,再基于Goh与Jarecki提出的紧安全的EDL签名方案,我们利用标准的CDS变换构造了一个1/N-DDH非交互零知识证明系统,从而证明用户拥有有效的私钥,得到相应的环签名方案。得益于这种特殊的构造,在安全证明中我们不必使用分叉引理,也不必猜测敌手的目标公钥,从而实现了紧安全归约。此外,我们的方案可以用来构造附加其他性质的环签名方案,如可链接环签名,同时对于其他匿名签名方案的紧安全设计也具有启发意义。     

Reducing Queue Oscillation at a Congested Link

Queue length oscillation at a congested link causes many undesirable properties such as large delay jitter, underutilization of the link and packet drops in burst. The main reason of this oscillation is that most queue management schemes determine the drop probability based on the current traffic without consideration on the impact of that drop probability on the future traffic. In this paper, we propose a new active queue (AQM) scheme to reduce queue oscillation and realize stable queue length. The proposed scheme measures the current arrival and drop rates, and uses them to estimate the next arrival rate. Based on this estimation, the scheme calculates the drop probability which is expected to realize stable queue length. We present extensive simulation with various topologies and offered traffic to evaluate performance of the proposed scheme. The results show that the proposed scheme remarkably reduces queue length oscillation compared to other well-known AQMs. It is also shown that the proposed scheme improves fairness among TCP flows due to the stable drop probability, and maintains high utilization with small queue length.     

Improved convertible authenticated encryption scheme with provable security

Convertible authenticated encryption (CAE) schemes allow a signer to produce an authenticated ciphertext such that only a designated recipient can decrypt it and verify the recovered signature. The conversion property further enables the designated recipient to reveal an ordinary signature for dealing with a later dispute over repudiation. Based on the ElGamal cryptosystem, in 2009, Lee et al. proposed a CAE scheme with only heuristic security analyses. In this paper, we will demonstrate that their scheme is vulnerable to the chosen-plaintext attack and then further propose an improved variant. Additionally, in the random oracle model, we prove that the improved scheme achieves confidentiality against indistinguishability under adaptive chosen-ciphertext attacks (IND-CCA2) and unforgeability against existential forgery under adaptive chosen-message attacks (EF-CMA).     

Graph based signature classes for detecting polymorphic worms via content analysis

Malicious softwares such as trojans, viruses, or worms can cause serious damage for information systems by exploiting operating system and application software vulnerabilities. Worms constitute a significant proportion of overall malicious software and infect a large number of systems in very short periods. Polymorphic worms combine polymorphism techniques with self-replicating and fast-spreading characteristics of worms. Each copy of a polymorphic worm has a different pattern so it is not effective to use simple signature matching techniques. In this work, we propose a graph based classification framework of content based polymorphic worm signatures. This framework aims to guide researchers to propose new polymorphic worm signature schemes. We also propose a new polymorphic worm signature scheme, Conjunction of Combinational Motifs (CCM), based on the defined framework. CCM utilizes common substrings of polymorphic worm copies and also the relation between those substrings through dependency analysis. CCM is resilient to new versions of a polymorphic worm. CCM also automatically generates signatures for new versions of a polymorphic worm, triggered by partial signature matches. Experimental results support that CCM has good flow evaluation time performance with low false positives and low false negatives.     

A secure and efficient authenticated encryption for electronic payment systems using elliptic curve cryptography

The use of e-payment system for electronic trade is on its way to make daily life more easy and convenient. Contrarily, there are a number of security issues to be addressed, user anonymity and fair exchange have become important concerns along with authentication, confidentiality, integrity and non-repudiation. In a number of existing e-payment schemes, the customer pays for the product before acquiring it. Furthermore, many such schemes require very high computation and communication costs. To address such issues recently Yang et al. proposed an authenticated encryption scheme and an e-payment scheme based on their authenticated encryption. They excluded the need of digital signatures for authentication. Further they claimed their schemes to resist replay, man-in-middle, impersonation and identity theft attack while providing confidentiality, authenticity, integrity and privacy protection. However our analysis exposed that Yang et al.’s both authenticated encryption scheme and e-payment system are vulnerable to impersonation attack. An adversary just having knowledge of public parameters can easily masquerade as a legal user. Furthermore, we proposed improved authenticated encryption and e-payment schemes to overcome weaknesses of Yang et al.’s schemes. We prove the security of our schemes using automated tool ProVerif. The improved schemes are more robust and more lightweight than Yang et al.’s schemes which is evident from security and performance analysis.     

高效的无证书签名方案

传统的数字签名方案存在证书的存储和管理开销大的问题,基于身份的数字签名方案无法解决其固有的密钥托管问题,而无证书签名方案不需使用公钥证书,而且没有密钥托管问题,是目前的一个研究热点。基于双线性映射设计出一个无证书签名方案,并在随机预言机模型下证明了它的安全性。该无证书签名方案在签名和验证阶段共需要两个双线性映射运算,具有较高的执行效率。签名方案的安全性建立在计算Diffie-Hellman问题的困难性假设上。性能分析表明,设计的签名方案在保证安全性的前提下,具有较高的执行效率。     

两个代理签名方案的密码学分析

最近，戴等人提出了一种指定接收人的代理签名方案和一种消息保密的代理签名方案。在本文中，给出了这两个代理签名方案的安全分析，指出它们是不安全的，都不能抵抗原始签名者的伪造攻击。     

标准模型下基于身份的多接收者签密密钥封装

签密密钥封装机制能同时实现封装密钥的机密性和认证性。以Wa-IBE加密方案和PS-IBS签名机制为基础,提出一种标准模型下的身份基签密密钥封装机制(IBSC-KEM)和多接收者签密密钥封装机制(mIBSC-KEM)。新方案中的签名算法直接采用了PS-IBS签名,密钥封装算法采用了变形的WaIBE加密方案。因此,新方案的不可伪造性和机密性在标准模型下分别被规约为破解PS-IBS签名与WaIBE加密,具有可证明安全性。新方案可用于构建标准模型下安全的一对一和多对一认证与密钥交换方案。     

Cryptanalysis and improvement of a certificateless signcryption scheme without bilinear pairing

As an improtant cryptographic scheme, signcryption scheme has been widely used in applications since it could provide both of signature and encryption. With the development of the certificateless public key cryptography (CLPKC), many certificatelss signcryption (CLSC) schemes using bilinear pairing hve been proposed. Comparated other operations, the bilinear pairing operaion is much more compulicated. Therefore, CLSC scheme without bilinear pairing is more suitable for applications. Recently, Jing et al. proposed a CLSC scheme without bilinear pairing and claimed their scheme is secure against two types of adversaries. In this paper, we will show their scheme provide neither unforgeability property nor confidentiality property. To improve security, we also propose a new CLSC scheme without pairing and demonstrate it is provably secure in the random oracle model.     

基于区块链的无证书签密方案

签密算法能够在一个逻辑步骤中同时实现加密和签名功能,相较于传统的先签名后加密方案,签密算法具有计算量与通信成本低的优点,被广泛应用于电子支付、物联网等场景中。现有的基于椭圆曲线和双线性对实现的签密方案普遍存在执行效率低的问题,因此本文提出一种基于区块链的无证书签密方案。新方案基于离散对数实现,具有执行效率高等优点。新方案同时利用区块链不可篡改性和可追溯等优点,用以实现方案的不可否认性。安全性分析表明本文方案具有不可否认性、机密性及不可伪造等特性,性能分析表明新方案执行效率较高,仿真实验显示引入区块链后对系统整体性能影响甚微。     

基于Niederreiter密码体制的抗量子签密方案

针对后量子时代的网络通信安全问题,对编码密码中的Niederreiter密码体制进行研究,将基于改进Niederreiter密码的双公钥加密方案与Xinmei签名方案相结合,构造一种抗量子签密方案。安全性分析结果表明,该方案能够满足IND-CPA与EUF-CMA安全,并可实现对直接译码攻击以及ISD攻击的良好防御,相比先签名后加密的签密方法,其密文量下降50%,能够为后量子时代用户的网络通信提供机密性与不可伪造性的安全防护。     

无证书的可公开验证聚合签密方案

聚合签密的研究多以基于身份密码体制下提供机密性与认证性,提高验证的效率为目标,存在对证书管理以及密钥托管问题,因此需要设计新的聚合签密算法,在解决证书管理以及密钥托管问题的同时兼顾机密性与高效性。分析了当前主流的聚合签密算法及其发展,利用Zhang等(ZHANG L, ZHANG F T. A new certificateless aggregate signature scheme. Computer Communications, 2009,32(6)：1079-1085)方案,并考虑上述需求,提出了一种新的无证书的聚合签密方案。方案基于双线性Diffie-Hellman(BDH)和计算性Diffie-Hellman(CDH)问题,证明了方案的机密性和不可伪造性。实验结果表明,所提方案在聚合解签密运算量上与其他方案持平或降低;同时,新的方案还满足了可公开验证性,消除了公钥证书的使用,并且解决了基于身份密码体制中的密钥托管问题。     

基于身份不可授权的强指定验证者签名方案

针对目前基于身份的强指定验证者签名方案可授权及效率不高的问题,提出一种基于身份的强指定验证者签名方案。对基于双线性对的签名方案进行安全性证明以及效率分析。性能分析结果证明,与已有方案相比,该方案满足不可传递性、不可伪造性及不可授权性,双线性对运算和模乘运算相应减少,签名效率更高。     

Detection and analysis of secure intelligent universal designated verifier signature scheme for electronic voting system

Security is a paramount concern for various applications, such as electronic voting system as sensitive data is to be transmitted among the nodes during transmission. Recently, Wu and Lin (Inf Technol Control 42:231–237, 2013) proposed a new probabilistic signature scheme and used it to construct two universal designated verifier signature schemes. They demonstrated that their scheme was secure under the bilinear inverse Diffie–Hellman assumption. However, in this paper, we will show that their scheme cannot provide unforgeability, i.e., the adversary could forge a legal signature of any message. The analysis shows that their schemes are not suitable for practical applications. To overcome these weaknesses, we proposed three improved schemes which are provably secure in the random oracles. In summary, our contributions in this paper was listed in following three folds: (1) we have shown that Wu et al. schemes cannot provide unforgeability, i.e., the adversary could forge a legal signature of any message. (2) We have proposed three improved schemes which overcomes the drawbacks of Wu et al. scheme and finally, (3) we have implemented the real-time packet analyzer for detection of invalid signature in electronic voting system using Snort. The analysis shows that the existing scheme is not suitable for practical applications and our implemented scheme is able to detect the vulnerability in the electronic voting system. The designed scheme generated alerts at regular intervals so that administrator takes adequate measures to mitigate the intrusion presented in the system.     

An efficient dynamic-identity based signature scheme for secure network coding

The network coding based applications are vulnerable to possible malicious pollution attacks. Signature schemes have been well-recognized as the most effective approach to address this security issue. However, existing homomorphic signature schemes for network coding either incur high transmission/computation overhead, or are vulnerable to random forgery attacks. In this paper, we propose a novel dynamic-identity based signature scheme for network coding by signing linear vector subspaces. The scheme can rapidly detect/drop the packets that are generated from pollution attacks, and efficiently thwart random forgery attack. By employing fast packet-based and generation-based batch verification approaches, a forwarding node can verify multiple received packets synchronously with dramatically reduced total verification cost. In addition, the proposed scheme provides one-way identity authentication without requiring any extra secure channels or separate certificates, so that the transmission cost can be significantly reduced. Simulation results demonstrate the practicality and efficiency of the proposed schemes.     

高效的无证书签密方案

无证书的密码体制不但消除了传统公钥密码体制中的证书管理问题,而且解决了基于身份密码体制中的密钥泄露问题。签密方案结合了公钥加密和数字签名的功能,能够同时实现消息的机密性和认证性。提出一种新的无证书签密方案,新方案在签密过程中需要1次配对运算,在解签密过程中仅需要3次配对运算。与已有的方案相比,新方案具备更高的效率。在安全性方面,新方案满足机密性、不可伪造性和可公开验证性。     

群签名方案的效率分析

自1991年群签名的概念由Chaum与vanHeyst提出以来,群签名因其显著的特性引起人们的广泛关注。许多群签名方案及基于群签名方案的密码协议被提出。但是,群签名方案的效率是一个棘手问题。为使群签名同时具有匿名性与可追踪性(发生争议时可打开),群签名的执行效率往往比较低下。因此,群签名方案的效率分析便成为一个令人感兴趣的课题。该文对3个典型群签名方案进行了效率分析。结果显示,Ateniese等人在CRYPTO’2000上提出的群签名方案具有较为优越的效率与安全特性,以该方案为基础构造各种密码协议可能会达到较好性能。     

基于RSA的多重签密方案

指出原有多重签密方案存在的缺陷,并提出一种新的基于RSA的多重签密方案。本方案以RSA密码体制为基础,借鉴了原有多重签密方案的结构特点。改善了原有多重签密方案的缺陷,在安全性上实现了消息保密性、不可伪造性、不可否认等特性,同时考虑了原始消息的安全发送问题。在同等安全下,本方案比传统的先签名再加密方式,在执行效率和执行灵活性方面具有更多优势。基于RSA密码体制的广泛应用,方案简洁且易于建立,适合在电子政务和电子商务环境下为消息的安全传递提供认证加密保护。