共查询到19条相似文献,搜索用时 125 毫秒
1.
针对固定维数的格基委托算法或格上基于盆景树生成的代理签名方案中私钥和签名的长度均过大的问题,提出一种较小尺寸的代理签名方案。该方案对随机预言机进行了合并优化,并使用一个更小范数但是向量盲化的消息,从而控制代理签名私钥的维数,其安全性基于格上最短向量问题和小整数解问题的困难性,并且满足代理签名方案所有的安全性要求。与现有方案相比,该方案有效地减小了代理签名私钥和代理签名的长度,使代理私钥长度与原始签名用户私钥长度相当。 相似文献
2.
3.
4.
针对现有的格上身份基线性同态签名方案密钥存储量大、结构复杂导致方案实际运行效率相对偏低的问题,提出了一个NTRU(Number Theory Research Unit)格上高效的身份基线性同态签名方案。首先在密钥生成阶段利用NTRU密钥生成算法产生主密钥,接着采用格基委派算法给出身份签名私钥,最后运行NTRU格上原像抽样算法产生出线性同态签名。对方案的安全性证明与性能分析结果表明,新方案满足正确性,具有弱内容隐私性。在随机预言机模型下,该方案在小整数解问题困难性条件下满足适应性选择身份和选择消息的存在性不可伪造性。同时,由于采用NTRU格的特殊结构,新方案在密钥量与运行效率方面与已有方案相比较均具有显著的优势,这对于计算资源受限环境的同态认证中具有重要的应用价值。 相似文献
5.
高效的无证书有序多重签名方案 总被引:2,自引:0,他引:2
针对分布式环境下信任建模中信任链上推荐信息的认证问题,研究了无证书有序多重签名方案的安全模型,进而基于椭圆曲线密码和双线性映射提出一个无证书有序多重签名方案,并在随机预言机模型下,证明方案的安全性建立在计算 Diffie-Hellman 问题的困难性上。该方案无需证书管理中心,多重签名的长度与单用户的签名长度相当,与签名人数无关,在部分签名阶段不需双线性对运算,在部分签名及整体签名的验证阶段都只需一个双线性对运算,与同类方案相比,具有运行效率上的优势,可方便地应用于大规模分布式环境下信任传播的过程中。 相似文献
6.
7.
当前基于格设计的能够抵抗量子计算机攻击的签名方案是基于数论难题的传统签名方案的热门候选替代。通过Fiat-Shamir变换以及拒绝采样技术构造格签名是一种重要方法,共有5个格签名方案提交到美国国家标准与技术局的后量子算法项目中,基于Fiat-Shamir变换进行设计的有两个方案。其中Dilithium是基于模错误学习(MLWE)问题构造的Fiat Shamir签名,它的一个特性是在签名算法中使用了高效简洁的均匀采样。Dilithium签名方案构造在一般格上,为了获得更紧凑的公钥尺寸,Dilithium对公钥进行了压缩。另一方面,NTRU格上的密码方案比一般格上的密码方案在效率和参数尺寸上有更大的优势,该文给出了Dilithium签名在NTRU格上的一个高效变种方案,在继承Dilithium简洁设计的基础上,综合了NTRU和拒绝采样的技术优势而无需额外的压缩处理,进一步提升了基于格的Fiat-Shamir签名的效率。 相似文献
8.
文中提出了一个基于环Zn上的圆锥曲线的代理盲签名,并对该方案做了分析。该方案的安全性是基于大整数的因数分解困难性和有限群上计算离散对数问题的困难性,由于阶的运算以及点的运算在Cn(a,b)上比较容易,且通过引进标准二进制计算群元素的整数倍的算法,使该方案具有运算速度快,易于实现等优点。 相似文献
9.
10.
11.
《中国邮电高校学报(英文版)》2014,21(6):52-60
The notion of the identity-based (id-based) strong designate verifier signature (SDVS) was extent to the lattice-based cryptography. The authors proposed an id-based SDVS scheme over lattices by using the basis delegation technical in fixed dimension. The proposed scheme is based on the hardness of the learning with errors (LWE) problem, and the unforgeability against adaptive chosen message and selective identity attack is based on the hardness of the short integer solution (SIS) problem in the random oracle model. If the parameters m, n and q are the same, the signature length of this scheme is only 3mlbq bits shorter than (3m+n)lb q bits which is the signature length of the known lattice-based SDVS scheme in the public key environment. As a result, the proposed scheme is not only id-based but also efficient about the signature length and the computation cost. Moreover, this article also proposed an id-based strong designate verifier ring signature (SDVRS) scheme based on the proposed SDVS scheme, which satisfies anonimity, unforgeability. 相似文献
12.
13.
14.
We introduce a new lattice-based cryptographic structure called a bonsai tree, and use it to resolve some important open problems in the area. Applications of bonsai trees include an efficient, stateless ‘hash-and-sign’ signature scheme in the standard model (i.e., no random oracles), and the first hierarchical identity-based encryption (HIBE) scheme (also in the standard model) that does not rely on bilinear pairings. Interestingly, the abstract properties of bonsai trees seem to have no known realization in conventional number-theoretic cryptography. 相似文献
15.
The conventional ring signature schemes cannot address the scenario where the rank of members of the ring needs to be distinguished, for example, in electronically commerce application. To solve this problem, we presented a Trusted Platform Module (TPM)-based threshold ring signature scheme. Employing a reliable secret Share Distribution Center (SDC), the proposed approach can authenticate the TPM-based identity rank of members of the ring but not track a specific member's identity. A subset including t members with the same identity rank is built. With the signing cooperation of t members of the subset, the ring signature based on Chinese remainder theorem is generated. We proved the anonymity and unforgeability of the proposed scheme and compared it with the threshold ring signature based on Lagrange interpolation polynomial. Our scheme is relatively simpler to calculate. 相似文献
16.
17.
18.