标准模型下基于身份的传递签名

基于waters的签名方案,提出了第一个基于身份的传递签名方案,方案被证明在标准模型下是安全的.与现有的传递签名方案相比,该方案将签名传递的不可伪造性归约到基于双线性配对的CDH问题上,并给出了方案的复杂度分析.     

基于二元仿射变换的广义ELGamal型盲签名方案

利用广义ELGamal型签名方案或DSS构造盲签名 (指强盲签名 )方案 ,是人们普遍关注但仍未解决的问题 .本文提出了利用二元仿射变换 ,由Harn和Xu提出的十八种安全广义ELGamal型数字签名方案出发构造其盲签名方案的方法 .利用该方法得到十八种相应的盲签名方案 .进一步分析得到其中十二种方案是强盲签名方案 ,而其余在该方法下只能得到弱盲签名方案 .     

基于二元仿射变换的广义ELGamal型盲签名方案

利用广义ELGamal型签名方案或DSS构造盲签名(指强盲签名)方案,是人们普遍关注但仍未解决的问题.本文提出了利用二元仿射变换,由Harn和Xu提出的十八种安全广义ELGamal型数字签名方案出发构造其盲签名方案的方法.利用该方法得到十八种相应的盲签名方案.进一步分析得到其中十二种方案是强盲签名方案,而其余在该方法下只能得到弱盲签名方案.     

基于同态加密体制的通用可传递签名方案

通过分析基于大整数分解、离散对数和双线性对等数学问题的特殊可传递签名方案,抽象出了可传递签名实现方法的共性。以此为基础,提出了一个基于同态加密体制的通用可传递签名方案,该方案利用同态加密体制能支持密文运算的特性实现了可传递签名及验证的一般模型,为基于同态密码体制构造安全可靠的可传递签名方案提供了一种通用框架。其次,通过适当定义安全目标和设计安全性实验,完成了该通用可传递签名方案的可证明安全性,指出若使用的同态加密方案是CPA安全而标准签名是CMA安全的,则所提出的方案就达到CMA安全。最后,给出了该通用可传递签名方案并进行了性能分析与比较。     

对一种新型代理签名方案的分析与改进

Gu-Zhang-Yang(2005)提出了一个不需要可信第三方参与的匿名代理签名方案,由于该方案的签名验证数据中没有回避孤悬因子这一现象,因此并不满足强不可伪造性,原始签名人可以伪造一个有效的代理签名通过验证,并成功地在代理签名者身份揭示阶段向公众证明该伪造的代理签名是由合法的代理签名者产生的.本文在分析该方案安全性的基础上提出了改进的匿名代理签名方案,克服了原方案的不足.     

指名签名与指名代理签名

该文分别对一个指名签名方案(KPW方案)和一个指名代理签名方案(PL方案)进行分析,结果表明;在KPW方案中签名人不仅能验证而且也能向第三方证明签名的有效性,甚至能将签名转化为通常的自认证签名,因此不是指名签名方案;在PL方案中任何人都可验证签名的有效性,它只是一个自认证签名方案.该文进一步给出了KPW方案的一个改进方案,使之具有指名签名的全部性质,同时也给出了一个基于该方案的指名代理签名方案.     

基于单向累加器的无向可传递闭包图认证

提出了使用单向累加器进行无向可传递闭包图认证的新方法,构造了具体认证方案.签名时,签名者对节点集合的等价类进行累加,并为节点签发包含部分累加值的证书.累加值构成了图的签名,证书表明了节点对等价类的所属关系.验证时,只需对相关节点的证书做一次累加运算,便可验证节点间边的存在性.通过与典型的可传递签名方案的比较,表明新方案所需的空间复杂度和时间复杂度更小.另外,新方案同时支持节点和边的动态增删,这解决了Micali和Rivest提出的一个公开问题.     

新型面向授权子集环签名方案

对传统的面向个人环签名方案进行扩展,提出了一个面向授权子集的环签名方案.在方案中,签名子集首先构建一个包含其自身所有成员在内的群组,然后构建一个包含签名子集在内的群组成员的子集集合.环签名是由签名子集中的所有成员合作做出的.验证者可以验证签名是否是由子集集合中的某一个子集所做出的,却无法找出具体的签名子集.在随机问答器模型下,证明了方案是安全的.通过对方案的复杂性分析表明,签名系统是高效的.     

无随机预言机的广义指定验证者签名方案

现有的广义指定验证者签名方案的安全性大都是在随机预言机模型下证明的,但是在该模型下的可证安全并不意味着在现实中是安全的.基于Zhang等人提出的无随机预言机模型下的短签名方案,提出了一个在标准模型下可证安全的广义指定验证者签名方案,其强不可伪造性基于k＋1平方根假设和指数知识假设,证明了提出方案在选择公钥和选择消息攻击下是无条件不可传递的.方案的签名长度为1366 bits,比现有方案的签名长度要短.     

一种新的基于身份的门限签名方案

 门限签名能够分散签名权力,比普通单人签名具有更高的安全性.目前大多数门限签名都是随机预言模型下可证明安全的.本文利用椭圆曲线上的双线性对,以Paterson签名方案为基础,提出了一种无随机预言的基于身份的门限签名方案.该方案需要一个可信任的私钥生成中心来生成和管理私钥.在标准模型下对该方案进行了安全性证明,表明该方案是健壮的,并且能够抵抗适应性选择消息攻击.     

Stateless Transitive Signature Schemes

A new practical method is introduced to transform the stateful transitive signature scheme to stateless one with-out the loss of security.According to the approach,two concrete stateless transitive signature schemes based on Factoringand RSA are presented respectively.Under the assumption of the hardness of factoring and one-more-RSA-inversion prob-lem,both two schemes are secure under the adaptive chosen-message attacks in random oracle model.     

Identity‐based proxy signature over NTRU lattice

Proxy signature scheme is an important cryptographic primitive, for an entity can delegate his signing right to another entity. Although identity‐based proxy signature schemes based on conventional number‐theoretic problems have been proposed for a long time, the researchers have paid less attention to lattice‐based proxy signature schemes that can resist quantum attack. In this paper, we first propose an identity‐based proxy signature scheme over Number Theory Research Unit (NTRU)‐lattice. We proved that the proposed paradigm is secure under the hardness of the γ‐shortest vector problem on the NTRU lattice in random oracle model; furthermore, the comparison with some existing schemes shows our scheme is more efficient in terms of proxy signature secret key size, proxy signature size, and computation complexity. As the elemental problem of the proposed scheme is difficult even for quantum computation model, our scheme can work well in quantum age.     

Identity-based threshold signature and mediated proxy signature schemes

Proxy signature schemes allow an original signer to delegate his signing rights to a proxy signer. However, many proxy signature schemes have the defect which is the inability to solve the proxy revocation problem. In this article, we firstly propose an identity-based threshold signature scheme and show that it has the properties of unforgeability and robustness. In our threshold signature scheme, we adopt such a method that the private key associated with an identity rather than the master key is shared. Then, based on the threshold signature scheme, an identity-based mediated proxy signature scheme is proposed where a security mediator (SEM) is introduced to help a proxy signer to generate valid proxy signatures, examine whether a proxy signer signs according to the warrant, and check the revocation of a proxy signer. It is shown that the proposed scheme satisfies all the security requirements of a secure proxy signature. Moreover, a proxy signer must cooperate with the SEM to generate a valid proxy signature, which makes the new scheme have an effective and fast proxy revocation .     

Security analysis and improvement of two attribute-based signature schemes

In order to overcome the drawbacks of current attribute-based signature (ABS) schemes in terms of security,efficiency and signing policy,Ma,et al.and Cao,et al.respectively proposed a threshold ABS with single attribute au-thority and a multi-authority ABS with signing policy supporting AND,OR,threshold gates,and presented the security proof of their schemes under computational Diffie-Hellman assumption.Both schemes were demonstrated have security pitfalls by presenting specified attacks against them.Specifically,their schemes are all vulnerable to forgery attack.Thus,they are not feasible for practical applications.In addition,the cause of the flaws in these ABS schemes are presented,as well as an improvement of Ma et al.'s scheme.     

Provable secure proxy signature scheme without bilinear pairings

Proxy signature is an active research area in cryptography. A proxy signature scheme allows an entity to delegate his or her signing capability to another entity in such a way that the latter can sign messages on behalf of the former. Many proxy signature schemes using bilinear pairings have been proposed. But the relative computation cost of the pairing is more than 10 times of the scalar multiplication over elliptic curve group. In order to save the running time and the size of the signature, we propose a proxy signature scheme without bilinear pairings and prove its security against adaptive chosen‐message attack in random oracle model. The security of our scheme is based on the hardness of the elliptic curve discrete logarithm problem. With the running time being saved greatly, our scheme is more practical than the previous related scheme for practical applications. Copyright © 2011 John Wiley & Sons, Ltd.     

Identity-based key-insulated proxy signature

In proxy signature schemes, the proxy signer B is permitted to produce a signature on behalf of the original signer A. However, exposure of proxy signing keys can be the most devastating attack on a proxy signature scheme since any adversary can sign messages on behalf of the proxy signer. In this paper, we applied Dodis, et al.’s key-insulation mechanism and proposed an Identity-Based (ID-based) Key-Insulated Proxy Signature (IBKIPS) scheme with secure key-updates. The proposed scheme is strong key-insulated and perfectly key-insulated. Our scheme also supports unbounded period numbers and random-access key-updates.     

两种无证书的分布环签名方案

 2004年Javier Heranz等人推广了环签名的概念,提出了两种基于身份的分布环签名方案,并证明了它们的安全性.但是Javier Heranz等人的方案继承了基于身份的公钥密码体制的固有缺陷,即密钥托管问题.本文将Javier Heranz等人的方案应用到无证书的环境下,提出了两种无证书的分布环签名方案.第一种方案是利用双线性对构造的,可用于一般的分布环签名的情形.第二种方案利用的是Shamir的秘密共享方案,用于门限可进入结构的情形,其效率较第一种方案高.它们既保留了Javier Heranz等人的方案的优点,又达到了真正的不可伪造性.