共查询到20条相似文献,搜索用时 31 毫秒
1.
Recently, Kang et al. proposed a new identity-based strong designated verifier signature scheme (ID-SDVS) and identity-based designated verifier proxy signature scheme (ID-DVPS). They claimed that their schemes are unforgeable. However, we found out that their schemes are universally forgeable in the sense that anyone can forge valid ID-SDVS and ID-DVPS on an arbitrary message without the knowledge of the secret key of either the signer or the designated verifier. Finally, we propose an improved ID-SDVS which is unforgeable. We give formal security proof of universal unforgeability of our scheme. We also give an improved ID-DVPS. 相似文献
2.
Wang Huaqun Zhang Futai Sun Yanfei 《Dependable and Secure Computing, IEEE Transactions on》2009,6(2):149-151
The concept of ring signature was first introduced by Rivest et al. in 2001. In a ring signature, instead of revealing the actual identity of the message signer, it specifies a set of possible signers. The verifier can be convinced that the signature was indeed generated by one of the ring members; however, the verifier is unable to tell which member actually produced the signature. A convertible ring signature scheme allows the real signer to convert a ring signature into an ordinary signature by revealing secret information about the ring signature. Thus, the real signer can prove the ownership of a ring signature if necessary, and the the other members in the ring cannot prove the ownership of a ring signature. Based on the original ElGamal signature scheme, a generalized ring signature scheme was proposed for the first time in 2008. The proposed ring signature can achieve unconditional signer ambiguity and is secure against adaptive chosen-message attack in the random oracle model. By comparing to ring signatures based on RSA algorithm, the authors claimed that the proposed generalized ring signature scheme is convertible. It enables the actual message signer to prove to a verifier that only she is capable of generating the ring signature. Through cryptanalysis, we show that the convertibility of the generalized ring signature scheme cannot be satisfied. Everyone in the ring signature has the ability to claim that she generates the generalized ring signature. 相似文献
3.
Xinyi Huang Willy Susilo Yi Mu Wei Wu 《International Journal of Information Security》2008,7(3):171-183
In Asiacrypt 2003, the concept of universal designated verifier signature (UDVS) was introduced by Steinfeld, Bull, Wang and Pieprzyk. In the new paradigm, any signature holder (not necessarily the signer) can designate the publicly verifiable signature to any desired designated verifier
(using the verifier’s public key), such that only the designated verifier can believe that the signature holder does have
a valid publicly verifiable signature, and hence, believes that the signer has signed the message. Any other third party cannot
believe this fact because this verifier can use his secret key to create a valid UDVS which is designated to himself. In ACNS
2005, Zhang, Furukawa and Imai proposed the first UDVS scheme without random oracles. In this paper, we give a security analysis
to the scheme of Zhang et al. and propose a novel UDVS scheme without random oracles based on Waters’ signature scheme, and
prove that our scheme is secure under the Gap Bilinear Diffie Hellman assumption. 相似文献
4.
Baoyuan Kang Author Vitae Colin Boyd Author Vitae 《Journal of Systems and Software》2009,82(2):270-273
Unlike ordinary digital signatures, a designated verifier signature scheme makes it possible for a signer to convince a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party. In a strong designated verifier signature scheme, no third party can even verify the validity of a designated verifier signature, since the designated verifier’s private key is required in the verifying phase. Firstly, this paper proposes the model of identity-based strong designated verifier signature scheme based on bilinear pairings by combining identity-based cryptosystem with the designated verifier signature scheme, and then, provides one concrete strong identity-based designated verifier signature scheme, which has short size of signature, low communication and computational cost. We provide security proofs for our scheme. 相似文献
5.
6.
给出一种可容忍信息泄露的指定验证者盲代理签名方案,它具有一些代理签名方案的新特点:匿名性和可追踪性。指定验证者在验证代理签名之后只能确信代理签名是代表原始签名者的签名而无法确定代理签名者身份;当出现争议时,指定验证者可通过代理群管理员追查出代理签名者的身份。提出的方案较好地解决了基于身份指定验证者签名中的密钥托管问题。与同类方案相比,签名和验证次数少、交互次数更少。 相似文献
7.
In this paper, we introduce an extended ring signature scheme in which the actual signer has the ability to admit to having signed a document at his will. Generally speaking, this scheme can be considered as an extension and improvement of the ring signature suggested by Rivest et al. in 2001. The proposed scheme is called signer-admission ring signature which combines the idea of the designated confirmer signatures proposed by Chaum in 1994 and the designated verifier proofs proposed by Jakobsson et al. in 1996. This paper presents a scenario explaining why the signer-admission property is valuable in real-life applications. An actual signer may possibly want to expose himself if, in doing so, he will acquire an enormous benefit. Here, we propose a generic construction of the signer-admission ring signature as well as a demonstration modified from Rivest et al.’s scheme to achieve signer-admission. 相似文献
8.
两个指定验证人签名方案的安全性分析 总被引:2,自引:0,他引:2
2005年,王晓明等人把多重指定验证人签名与门限代理签名结合起来,提出了一个门限代理多重指定验证人签名(Wang-Fu).同年,陈伟东等人也提出了一个指定验证人的数字签名方案(Chen-Feng-Tan).证明Wang-Fu方案中指定验证人集合的管理者可以直接伪造签名.为此,每个验证人对在验证阶段使用私钥产生的部分数据必须进行零知识证明.CFT方案不满足非传递性,即指定验证人可以向第三方证明其拥有的签名是由签名人签署的.其原因在于,该方案直接利用了Schnorr签名技巧,指定验证人很客易把拥有的签名转化为关于原始签名人公钥参数的一个普通签名. 相似文献
9.
A non-delegatable strong designated verifier signature (NSDVS) enforces verification of a signature by a designated verifier only. The concept is useful in various commercial cryptographic applications such as copyright protection, e-voting, and e-libraries. This paper reports the shortest NSDVS so far that consists of only two elements. The scheme is inspired by an identification scheme and Cramer et al.’s OR-proof technique where a prover can prove that he knows at least one out two secrets. It is solidified by a symmetric key based group to group encryption algorithm. Two implementations of the algorithm are reported. The scheme is provably secure with respect to its properties of unforgeability, non-transferability, privacy of signer’s identity, and non-delegatability. 相似文献
10.
A strong designated verifier signature scheme makes it possible for a signer to convince a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party, and no third party can even verify the validity of a designated verifier signature. We show that anyone who intercepts one signature can verify subsequent signatures in Zhang-Mao ID-based designated verifier signature scheme and Lal-Verma ID-based designated verifier proxy signature scheme. We propose a new and efficient ID-based designated verifier signature scheme that is strong and unforgeable. As a direct corollary, we also get a new efficient ID-based designated verifier proxy signature scheme. 相似文献
11.
指定验证者签名(DVS)克服了传统的数字签名中可公开验证的缺点,可防止验证者向第三方表明他获得了签名方发布的数字签名。但传统的密码方案的安全性依赖理想的假设,即攻击者不能获得保密的密钥的信息,而边信道攻击表明攻击者可以获得部分的秘密信息,因此有必要设计可以容忍信息泄露的指定验证者签名方案。基于“或”证明的技术,把Okamoto认证方案推广到指定验证者签名的情形,并在给定的泄露界下,证明了所提出的指定验证者签名方案在相对泄露模型下是安全的。 相似文献
12.
13.
为保护用户的隐私,授权签名能够控制签名只有在签名者或可信第三方(TTP)的协助下由特定的验证者进行验证,有向签名是其中一种变型。然而,出于特定条件下除去验证限制的目的,签名者希望把同一类型的多个授权签名转换成自认证签名。通过改进QZX有向签名方案,使不可否认签名可以分别被TTP或者签名者协助验证,并同时具有批量转换和TTP监管的功能。 相似文献
14.
15.
16.
Ting-Yi Chang 《Information and Computation》2011,209(7):1007-1015
In an ID-based universal designated verifier signature scheme, a single signer generates a signature that can only be verified by a designated verifier using a simplified public identity such as an e-mail address. In this paper, we expand the scheme to a multi-user setting for generating and verifying signatures in practical applications. An ID-based multi-signer universal designated multi-verifier signature scheme based on bilinear pairings is proposed that allows a set of multi-signer to cooperatively generate a signature and designate a set of multi-verifier to verify it. The security of the proposed scheme is demonstrated to be resistant to existentially forgery from adaptive chosen-message and chosen-ID attacks under the Bilinear Diffie-Hellman problem. 相似文献
17.
指出樊睿等人的基于无证书的代理签名方案和明洋等人的基于无证书的广义指定验证者签名方案都无法抵抗替换公钥攻击,同时樊睿等人的方案也无法抵抗原始签名人改变攻击,攻击者可以伪造一个他授权代理签名人对相同消息的代理签名,此外,还指出明洋等人在安全性证明中将重放技术直接应用在无证书环境中是不正确的。通过将代理授权证书和用户的公钥作为密码哈希函数的输入,使攻击者无法替换用户的公钥及更改代理授权证书,改进方案有效提高了原方案的安全性,同时保留了原方案的其他优点。 相似文献
18.
与普通的数字签名不同,验证者要知道一个证实数字签名的有效性,必须得到一个称为证实者的第三方的合作与帮助.但除了签名者,其他任何人(包括证实者)都不能以签名者的名义产生有效的证实签名.同时,只要参与了验证,证实者就不能欺骗验证者.进一步地,在必要的时候,证实者还可以将证实签名转化为普通的数字签名,从而使得任何人都可以验证这些签名的有效性.王尚平等学者提出了一个基于DSA和RSA的证实数字签名方案,并认为他们的方案是安全而高效的.与现有的具体方案相比,他们的方案确实是高效的.但是,这一方案存在严重的安全缺陷,从而使得他们的尝试是不成功的. 相似文献
19.
提出了具有新特点的代理签名方案:匿名性、可追踪性和前向安全性。在该方案中,代理签名者身份对验证者来说是不可见的,签名出现争议时,验证者可以借助原始签名者确定代理签名者的身份;攻击者即使i时段侵入系统,也无法伪造i时段之前的签名。同时,原始签名人还可以根据需要收回代理签名权。 相似文献
20.
针对现实中签名的安全问题,提出了基于Waters技术的标准模型下安全的广义指定验证者签密方案。签密能够在一个逻辑步骤内同时完成加密和签名的功能。在广义指定验证者签名中,签名持有者即其拥有签名者的签名,能够确认一个指定验证者使其拥有这个签名,而指定验证者不能转移这种认定给其他任何人,仅指定的验证者能够验证签名的存在性。该方案通过广义指定验证者和签密的结合,消除了签名者和签名持有者在签名传输时所需的安全通道。在计算性线性Diffie-Hellman问题假设下,该方案被证明是安全的。和现有的方案相比,所提方案具有较高的计算效率。 相似文献