Provably secure robust threshold partial blind signature

Threshold digital signature and blind signature are playing important roles in cryptography as well as in practical applications such as e-cash and e-voting systems. Over the past few years, many cryptographic researchers have made considerable headway in this field. However, to our knowledge, most of existing threshold blind signature schemes are based on the discrete logarithm problem. In this paper, we propose a new robust threshold partial blind signature scheme based on improved RSA cryptosystem. This scheme is the first threshold partial blind signature scheme based on factoring, and the robustness of threshold partial blind signature is also introduced. Moreover, in practical application, the proposed scheme will be especially suitable for blind signature-based voting systems with multiple administrators and secure electronic cash systems to prevent their abuse.     

A Controllable Proxy Digital Signature Scheme Based on Hyper-elliptic Curve Cryptosystem

Most of the known proxy digital signature schemes have the same problems that they cannot provide the overall, complete and reliable control ability on the stretch of proxy digital signature power. In this paper, a new proxy digital signature scheme based on the Hyper-elliptic Curve Cryptosystem （HECC） is presented to solve this problem. It has the ability to provide the overall, reliable control on the use of proxy digital signing power. In addition, it has been applied for the Chinese patent of invention （No. 200510019215.9）. Further more, this paper also analyzes the new scheme＇s computation complexity and security problem. The new scheme, which is an extension of elliptic curve cryptosystems, is beneficial for the study on the domain of proxy digital signature.     

ID-Based Fair Off-Line Electronic Cash System with Multiple Banks

ID-based public key cryptography （ID-PKC） has many advantages over certificate-based public key cryptography （CA-PKC）, and has drawn researchers＇ extensive attention in recent years. However, the existing electronic cash schemes are constructed under CA-PKC, and there seems no electronic cash scheme under ID-PKC up to now to the best of our knowledge. It is important to study how to construct electronic cash schemes based on ID-PKC from views on both practical perspective and pure research issue. In this paper, we present a simpler and provably secure ID-based restrictive partially blind signature （RPBS）, and then propose an ID-based fair off-line electronic cash （ID-FOLC） scheme with multiple banks based on the proposed ID-based RPBS. The proposed ID-FOLC scheme with multiple banks is more efficient than existing electronic cash schemes with multiple banks based on group blind signature.     

Batch proxy quantum blind signature scheme

Motivated by proxy signature and blind signature for the secure communications,the batch signature is proposed to create a novel quantum cryptosystem.It is based on three-dimensional two-particle-entangled quantum system which is used to distribute the quantum keys and create strings of quantum-trits(qutrits) for messages.All of the messages,which are expected to be signed,are encrypted by the private key of the message owner during communications.Different from the classical blind signature,an authenticity verification of signatures and an arbitrator’s efficient batch proxy signature are simultaneously applied in the present scheme.Analysis of security and efficiency shows that it enables us to achieve a large number of quantum blind signatures for quantities of messages with a high efficiency with the arbitrator’s secure batch proxy blind signature.     

Generic Transformation from Weakly to Strongly Unforgeable Signatures

Current techniques for transforming unforgeable signature schemes （the forged message has never been signed） to strongly unforgeable ones （the forged message could have been signed） require supplementary components to be added onto the original key pairs of the schemes. In addition, some of them can only be applied to a certain type of signature schemes. In this paper, we propose a new generic transformation technique which converts any unforgeable signature scheme into a strongly unforgeable one without modifying any component in the original key pair. This makes our technique especially compatible for practical use. Our technique is based on strong one-time signature schemes. We show that they can be constructed efficiently from any one-time signature scheme that is based on one-way functions. The performance of our technique also compares favorably with that of current ones. Besides, it is shown in this paper that our transformation can further be applied to schemes satisfying only a weak variant of unforgeability without any further modification. Furthermore, our technique can also be used for constructing strongly unforgeable signature schemes in other cryptographic settings which include certificateless signature, identity-based signature, and several others. To the best of our knowledge, similar extent of versatility is not known to be supported by any of those comparable techniques. Finally and of independent interest, we show that our generic transformation technique can be modified to an on-line/off-line signature scheme, which possesses a very efficient signing process.     

Designing efficient proxy signature schemes for mobile communication

Proxy signature is an active cryptographic research area, and a wide range of literatures can be found nowadays suggesting improvement and generalization of existing protocols in various directions. However, from the efficiency view, many proposed proxy signature schemes in these literatures are not satisfying and cannot fit to the mobile communication. Therefore, there is a desire to design efficient proxy signature schemes. Based on Boneh et al＇s pairing-based short signature, this paper presents two proxy signature schemes. One is proxy-protected signature scheme, and the other is proxy aggregate signature scheme. Since both of them can achieve high efficiency, it is believed that they are specially suitable for mobile communication environment.     

Nonrepudiable proxy multi-signature scheme

The concept of proxy signature introduced by Mambo,Usuda,and Okamoto allows a desigated person,called a proxy signer,to sign on behalf of an original singer.However,most existing proxy signature schemes to not support nonrepudiation.In this paper,two secure nonrepudiable proxy multi-signature schemes are proposed that overcome disadvantages of the existing schemes.The proposed schemes can withstand public key substitution attack.In addition,the new schemes have some other advatages such as proxy signature key generation and updating using insecure channels.THis approach can also be applied to other ElGamal-like proxy signature schemes.     

Non-ambiguity of blind watermarking: a revisit with analytical resolution

Resistance to ambiguity attack is an important requirement for a secure digital rights management (DRM) system. In this paper,we revisit the non-ambiguity of a blind watermarking based on the compu-tational indistinguishability between pseudo random sequence generator (PRSG) sequence ensemble and truly random sequence ensemble. Ambiguity attacker on a watermarking scheme,which uses a PRSG sequence as watermark,is viewed as an attacker who tries to attack a noisy PRSG sequence. We propose and prove the security theorem for binary noisy PRSG sequence and security theorem for gen-eral noisy PRSG sequence. It is shown that with the proper choice of the detection threshold Th = an1/2 (a is a normalized detection threshold; n is the length of a PRSG sequence) and n 1.39×m/a2 (m is the key length),the success probability of an ambiguity attack and the missed detection probability can both be made negligibly small thus non-ambiguity and robustness can be achieved simultaneously for both practical quantization-based and blind spread spectrum (SS) watermarking schemes. These analytical resolutions may be used in designing practical non-invertible watermarking schemes and measuring the non-ambiguity of the schemes.     

Attack on Digital Multi-Signature Scheme Based on Elliptic Curve Cryptosystem

The concept of multisignature, in which multiple signers can cooperate to sign the same message and any verifier can verify the validity of the multi-signature, was first introduced by Itakura and Nakamura. Several multisignature schemes have been proposed since. Chen et al. proposed a new digital multi-signature scheme based on the elliptic curve cryptosystem recently. In this paper, we show that their scheme is insecure, for it is vulnerable to the so-called active attacks, such as the substitution of a ＂false＂ public key to a ＂true＂ one in a key directory or during transmission. And then the attacker can sign a legal signature which other users have signed and forge a signature himself which can be accepted by the verifier.     

Breaking and Repairing Trapdoor-Free Group Signature Schemes from Asiacrypt 2004

Group signature schemes allow a member of a group to sign messages anonymously on behalf of the group. in case of later dispute, a designated group manager can revoke the anonymity and identify the originator of a signature. In Asiacrypt2004, Nguyen and Safavi-Naini proposed a group signature scheme that has a constant-sized public key and signature length, and more importantly, their group signature scheme does not require trapdoor, Their scheme is very efficient and the sizes of signatures are smaller than those of the other existing schemes. In this paper, we point out that Nguyen and Safavi-Naini＇s scheme is insecure. In particular, it is shown in our cryptanalysis of the scheme that it allows a non-member of the group to sign on behalf of the group. And the resulting signature convinces any third party that a member of the group has indeed generated such a signature, although none of the members has done so. Therefore is in case of dispute, even the group manager cannot identify who has signed the message. In the paper a new scheme that does not suffer from this problem is provided.     

基于离散对数问题构造弱盲签名方案

文章结合盲参数签名方案与已有的弱盲签名方案的构造方法,在广义ElGamal签名方案的基础上,基于离散对数构造了一些新的弱盲签名方案,并对这些方案进行了检验和分析。     

基于线性变换构造弱盲签名方案

该文在广义ElGamal签名方案的基础上,基于一元线性变换构造一些新的弱盲签名方案,并对这些方案进行了检验和分析。     

广义ElGamal型弱盲签名的构造方法

结合CPS盲签名方案的协议过程和不同的签名方程,分别构造了不同的弱盲签名方案,同时分类总结了包含ElGamal型签名方案在内的更为一般的签名方案,以这些签名方案为基础构造了相应的弱盲签名方案。     

基于椭圆曲线的Schnorr盲签名

由于椭圆曲线密码具有良好的性质,基于椭圆曲线的盲签名引起了人们的普遍关注。利用仿射变换对基于椭圆曲线的Schnorr签名构造盲签名方案,得到了一系列盲签名方案。通过对这些盲签名方案进一步分析得知,当随机参数为3个时,得到基于椭圆曲线的Schnorr强盲签名方案;当随机参数少于3个时,得到基于椭圆曲线的Schnorr弱盲签名方案。     

两个基于离散对数的盲签名方案

盲签名方案在电子货币等密码系统中具有重要的作用。该文对两个广义ＥＩＧａｍａｌ型数字签名方案进行修改,并从修改的签名方案出发构造了两个强盲签名方案。     

广义ELGamal型盲签名方案的强弱性分析

分析了基于离散对数问题构造盲签名方案的一些文献中在对盲签名的强弱性分析方面存在的问题。通过证明任意一个合法的消息签名对,都能找到一组盲因子使之与某个盲消息签名对相联系,指出了以姚亦峰的二元仿射变换为构造思想,引入三元随机盲化参数得到的盲签名方案的强盲性证明中“基于离散对数难题”的这一论据是不成立的,重新给出了其强盲性的形式化证明;而使用二元随机盲化参数得到的盲签名方案为弱盲签名的论断是错误的,重新证明它也属于强盲签名。     

两个基于RSA的特殊数字签名方案

介绍了数字签名背景、签名体制的形式化描述以及两个特殊的数字签名方案。对如何用RSA实现盲签名和多重数字签名方案进行了研究,分析了两种具体方案实现的安全性。最后总结了这两种特殊数字签名实现过程中算法设计的优劣。     

一种基于身份的盲签名方案及其安全性证明

盲签名是一种特殊的数字签名,它可以保护用户的个人隐私。目前,已有的盲签名方案中,使用了比较多的双线性映射,因此计算成本过高,而且部分方案并没有给出严格的安全性证明。针对这些情况,本文提出一种新的基于身份的盲签名方案,基于n-CDH问题,在随机预言模型下证明了该方案是安全的。该方案在签名阶段没有使用双线性映射,验证阶段只使用1次双线性映射,因此与其他盲方案比较,计算成本更低。      

基于ID的代理盲签名

在代理签名中，原始签名人能将其数字签名的权力委托给代理签名人；而在盲签名方案中，被签消息的内容对签名者是不可见的，签名被接受者得到后，签名者不能追踪签名。文章结合二者的优点，利用基于椭圆曲线上的Weil配对的双线性映射，在基于身份的数字签名的基础上，构造了一个基于ID的代理盲签名方案，并对其安全性作了简要分析。