基于属性的密钥授权签名

在基于属性的签名中,所有用户的属性集由一个授权中心管理.这使其工作负担沉重,并成为系统的瓶颈,降低系统效率.现有的方案将授权中心分为一个总授权中心和多个属性授权中心,它们共同管理用户属性集.在每次签名时,所有属性授权中心和总授权中心都需要参与,这样授权中心之间的通信复杂性很高.针对以上问题,借助于树型结构和分层思想,提出了密钥授权签名,并在基于CDH困难性假设下证明了其具有不可伪造性.该方案不仅使逻辑语义表达更精确而且可以减少授权中心的工作量.     

ID-based deniable ring authentication with constant-size signature

Deniable ring authentication allows a member of an ad-hoc sunset of participants to authenticate a message without revealing which member has issued the signature, and the verifier cannot transfer the signature to any third party. It is an important cryptographic primitive for privacy and anonymous communication. Unfortunately, the size of the signature of the proposed deniable ring authentication is dependent on the size of the ring. It is inefficient especially when the size of the ring is large. In this paper, we propose an ID-based version of deniable ring authentication. We present a generic construction which uses dynamic accumulators to construct ID-based deniable ring authentication with constant-size signature. We also give an ID-based deniable ring authentication based on bilinear pairings, which is proved to be secure in the random oracle model.     

盲聚合签名方案

在电子货币系统中,用户Alice要从不同的银行得到签名支票（这是一个盲签名过程）,然后将这些支票付给Bob.Bob再拿着这些支票到各个银行进行验证取款.这个过程需要耗费大量的时间和存储控件.提出了一个盲聚合签名方案,可以让Bob得到一个唯一的签名,从而大大节省时间和空间并且降低对带宽的要求.该方案结合了盲签名和聚合签名优点,能使生成的盲签名聚合为一个聚合签名.     

A one-time signature using run-length encoding

A one-time signature scheme using run-length encoding is presented, that in the random oracle model offers security against chosen-message attacks. For parameters of interest, the proposed scheme enables about 33% faster verification with a comparable signature size than a construction of Merkle and Winternitz. The public key size remains unchanged (1 hash value). The main price for the faster verification is an increase of the time for signing messages and for key generation.     

数字签名综述

通过介绍与数字签名有关的两个重要概念公钥密码体制、陷门函数以及签名方案应满足的条件,给出了数字签名方案的算法思想及数学描述,并结合RSA和DSA两个经典数字签名方案进行相应分析,从而进一步说明了数字签名方案数学描述的普遍适用性。最后介绍了对数字签名的两种主要攻击与4种破解方案和目前这项技术研究的热点和新的发展方向。     

一种不同授权的组签名方案

文章介绍了一种具有不同的授权组签名方案。在该方案中，每个组成员负责对文档的某一特定部分段进行签名，并且不用暴露整个文档就可以验征该文档的部分内容。     

基于无线传感网的轻量级数字签名系统设计

为了确保传感器网络中传输数据的可靠性,本文设计了一个基于对称密码体制的数字签名系统。系统使用对称密码机制来提高效率,采用硬件加密设备保证共享密钥池的安全,通过使用特定的密钥生成算法解决对称密钥的分发问题。实验结果表明,系统能耗低、效率高,具有很强的实用性。     

Designing efficient proxy signature schemes for mobile communication

Proxy signature is an active cryptographic research area, and a wide range of literatures can be found nowadays suggesting improvement and generalization of existing protocols in various directions. However, from the efficiency view, many proposed proxy signature schemes in these literatures are not satisfying and cannot fit to the mobile communication. Therefore, there is a desire to design efficient proxy signature schemes. Based on Boneh et al＇s pairing-based short signature, this paper presents two proxy signature schemes. One is proxy-protected signature scheme, and the other is proxy aggregate signature scheme. Since both of them can achieve high efficiency, it is believed that they are specially suitable for mobile communication environment.     

Efficient threshold proxy signature protocol for mobile agents

Mobile agents can migrate across different execution environments through the network. One important task of a mobile agent is to act as a proxy signer to sign a digital signature on behalf of the agent owner. As the agent and the remote hosts are not trustworthy, or are probably malicious, there are great challenges for the task. In this paper, we propose an efficient, secure (t,n) threshold proxy signature scheme based on the RSA cryptosystem. The proposed scheme shares the proxy signing key with a simple Lagrange formula. However, it does not reveal any secret information. Owing to its simple algorithm and few parameter requirements, the proposed scheme requires few calculations and few transactions. The proxy signature generation stage and the proxy signature combining stage are completely non-interactive. Furthermore, the size of the partial proxy signing key and that of the partial proxy signature are constant and independent of the number of proxy signers.     

基于报文摘要的电子文档手工签名方法

计算机的广泛应用和ISO9000系列质量管理体系的普及,使电子文档的签名问题日益突出,由于密钥管理困难等问题,使数字签名目前在国内无法推广应用,提出了基于报文摘要的电子文档手工签名方法,即对电子文档的报文摘要进行手工签名,解决了国内许多企业面临的电子文档如何签名的实际问题。     

基于RSA签名的安全数字时间戳方案

已存在的时间戳机制没有解决服务付费问题,即客户在请求时间戳服务机构给他的文档Hash值加盖时间戳时,应该如何向时间戳服务机构支付费用。介绍了已经存在的时间戳机制,基于盲数字签名,提出了一个解决问题的新方案,该方案引入了一个售票实体,解决了服务付费问题,并且基于RSA数字签名,构造了一个完整的时间戳系统。     

Lattice-based linearly homomorphic signature scheme over binary field

To design an efficient post-quantum linearly homomorphic signature scheme, using the pre-image sampling function, a lattice-based linearly homomorphic signature scheme over a binary field is proposed in this paper. Linear homomorphism is achieved through the homomorphism of the lattice-based hash function used in the proposed signature scheme. It is shown that the proposed scheme satisfies the privacy property. Based on the hardness of the short integer solution problem, the proposed scheme is unforgeahle against the type 1 and type 2 adversaries in the random oracle model. Moreover, compared with a presented linearly homomorphic signature scheme in 2011, the proposed scheme has some advantages with respect to the public key size, signature length and computational cost.     

A novel cryptoprocessor architecture for chained Merkle signature scheme

One-time signature schemes rely on hash functions and are, therefore, assumed to be resistant to attacks by quantum computers. These approaches inherently raise a key management problem, as the key pair can be used only for one message. That means, for one-time signature schemes to work, the sender must deliver the verification key together with the message and the signature. Upon reception, the receiver has to verify the authenticity of the verification key before verifying the signature itself. Hash-tree based solutions tackle this problem by basing the authenticity of a large number of verification keys on the authenticity of a root key. This approach, however, causes computation, communication, and storage overhead. Due to hardware acceleration, this paper proposes, for the first time, a processor architecture which boosts the performance of a one-time signature scheme without degrading memory usage and communication properties. This architecture realizes the chained Merkle signature scheme on the basis of Winternitz one-time signature scheme. All operations, i.e., key generation, signing, and verification are implemented on an FPGA platform, which acts as a coprocessor. Timing measurements on the prototype show a performance boost of at least one order of magnitude compared to an identical software solution.     

基于零知识证明的签名方案研究

数字签名已经成为网络信息时代身份认证的基本手段之一,为提高基于零知识证明技术的签名方案的安全性,对基于零知识概念的签名方案中签名者伪造签名问题进行了研究,分析了其中存在的潜在问题,提出了一种在不增加计算复杂性的情况下达到抗击签名者伪造签名的简单修改方案,并对该修改方案的可行性、安全性和计算复杂性做了具体分析.     

A scalable signature scheme for video authentication

This paper addresses the problem of ensuring the integrity of a digital video and presents a scalable signature scheme for video authentication based on cryptographic secret sharing. The proposed method detects spatial cropping and temporal jittering in a video, yet is robust against frame dropping in the streaming video scenario. In our scheme, the authentication signature is compact and independent of the size of the video. Given a video, we identify the key frames based on differential energy between the frames. Considering video frames as shares, we compute the corresponding secret at three hierarchical levels. The master secret is used as digital signature to authenticate the video. The proposed signature scheme is scalable to three hierarchical levels of signature computation based on the needs of different scenarios. We provide extensive experimental results to show the utility of our technique in three different scenarios—streaming video, video identification and face tampering.

A new definition of homomorphic signature for identity management in mobile cloud computing

In this paper, we define a new homomorphic signature for identity management in mobile cloud computing. A mobile user firstly computes a full signature on all his sensitive personal information (SPI), and stores it in a trusted third party (TTP). During the valid period of his full signature, if the user wants to call a cloud service, he should authenticate him to the cloud service provider (CSP) through TTP. In our scheme, the mobile user only needs to send a {0,1}ⁿ${\{0,1\}}^n$ vector to the access controlling server (TTP). The access controlling server who doesn?t know the secret key can compute a partial signature on a small part of user?s SPI, and then sends it to the CSP. We give a formal secure definition of this homomorphic signature, and construct a scheme from GHR signature. We prove that our scheme is secure under GHR signature.     

Improved digital signature protocol using iterated function systems

In this paper, a novel digital signature protocol is proposed. It is based on the iterated function system attractor, which is regarded as an emerging method. The idea behind our proposed method is based on selecting a known fractal set and then finding the attractor of the affine transformation functions. The attractor is then used in the encryption and decryption of a hash function to ensure the protection of the document from eavesdropping and integrity during the transmission. The properties and software implementation of the proposed protocol are discussed in detail. A comparison is made with the Rivest, Shamir, and Adleman cryptosystems, which shows that it performs better.