共查询到20条相似文献,搜索用时 203 毫秒
1.
在一般的数字签名中,拥有签名者公钥的任何人都可以验证该签名的有效性;而强指定验证者签名是由签名者指定一个验证者,在签名验证阶段,只有这个指定验证者可以验证该签名的有效性,其他人都不能验证该签名。这是因为在签名的验证阶段必须用到指定验证者的私钥。基于这个性质,强指定验证者签名被广泛应用于电子商务、网上投标、电子选举中。基于双线性对提出了一个新的基于身份的强指定验证者签名方案,并基于GBDH困难问题假设,采用密码学上安全性分析的方法,证明了该方案在适应性选择消息和选择身份攻击下是不可伪造的。最后,分析了方案的计算成本,结果表明该方案具有较高的效率。 相似文献
2.
3.
强指定验证者签名能够解决不向第3方证明发送方身份的前提下,仅指定的接收方可验证消息发送方身份的问题。基于计算双线性Diffe-Hellman假定,利用双线性对,提出了一种强指定验证者签名方案。该方案具有不可伪造性、签名者身份的隐私性和不可传递性。在团购、政府招标、艺术品拍卖等典型电子商务应用中具有现实意义。 相似文献
4.
5.
6.
强指定验证者签名方案(SDVS)能让指定的接收方确认消息发送方的身份, 但不能向第三方证明发送方的身份, 在电子商务和电子政务中有广泛应用. 在DBDH问题和Gap BDH问题困难的前提下, 利用双线性对, 构造了基于身份的强指定验证者签名方案, 并在标准模型下证明了方案的安全性. 分析结果表明新提出的方案具有签名者身份的隐私性、不可传递性以及对签名验证的不可委托性. 该方案使用双线性对, 不需要证书, 可简化密钥管理; 其通信和计算效率高, 实现简单, 可用于计算能力受限的设备. 相似文献
7.
8.
无证书广义指定多个验证者有序多重签名 总被引:2,自引:0,他引:2
有序多重签名方案一般都是基于离散对数或身份的,存在着证书管理问题或是密钥托管问题。广义指定多个验证者签名体制允许签名的持有者指定多个签名的验证者,只有被指定的验证者可以验证签名的有效性。将无证书签名体制和广义指定多个验证者签名体制相结合,提出了无证书广义指定多个验证者有序多重签名方案及其安全模型。在随机预言模型下的安全性分析表明:该方案可以抵抗适应性选择消息攻击,其不可伪造性基于BDH困难假设。 相似文献
9.
研究了Willy,Zhang和Yi等学者提出的基于身份的强指定验证者签名方案(简记为WZY方案)的安全性证明,发现在他们的安全性证明中存在漏洞:在证明签名方案的不可伪造性时,敌手拥有指定验证者的私钥。在一个简单的假设下:假设对于一个有效的输入,Hash函数的输出是随机的,并且敌手事先知道这个输入,重新证明了WZY方案的不可伪造性依赖于双线性Diffie-Hellman问题,从而完善了WZY方案的安全性证明。 相似文献
10.
基于辫群的代理签名方案的分析与改进 总被引:1,自引:0,他引:1
对两个基于辫群的代理签名方案进行了分析,发现它们并不满足不可伪造性。第一个方案中不能抵抗原始签名人改变攻击,在第二个方案中任何攻击者可以伪造一个有效的代理签名,在该签名中,代理签名者以及消息可以任意指定。根据上述缺陷,提出一个改进的强代理签名方案, 新方案在不增加计算复杂性的前提下,保证了签名的安全性,同时代理授权过程中还增加了不需要安全通道的性质。 相似文献
11.
Attack on Digital Multi-Signature Scheme Based on Elliptic Curve Cryptosystem 总被引:1,自引:0,他引:1
下载免费PDF全文
![点击此处可从《计算机科学技术学报》网站下载免费的PDF全文](/ch/ext_images/free.gif)
The concept of multisignature, in which multiple signers can cooperate to sign the same message and any verifier can verify the validity of the multi-signature, was first introduced by Itakura and Nakamura. Several multisignature schemes have been proposed since. Chen et al. proposed a new digital multi-signature scheme based on the elliptic curve cryptosystem recently. In this paper, we show that their scheme is insecure, for it is vulnerable to the so-called active attacks, such as the substitution of a "false" public key to a "true" one in a key directory or during transmission. And then the attacker can sign a legal signature which other users have signed and forge a signature himself which can be accepted by the verifier. 相似文献
12.
Recently, Kang et al. proposed a new identity-based strong designated verifier signature scheme (ID-SDVS) and identity-based designated verifier proxy signature scheme (ID-DVPS). They claimed that their schemes are unforgeable. However, we found out that their schemes are universally forgeable in the sense that anyone can forge valid ID-SDVS and ID-DVPS on an arbitrary message without the knowledge of the secret key of either the signer or the designated verifier. Finally, we propose an improved ID-SDVS which is unforgeable. We give formal security proof of universal unforgeability of our scheme. We also give an improved ID-DVPS. 相似文献
13.
提出了一个具有消息恢复的共享验证代理签名方案。在该方案中,把签名的验证权让[n]个验证人分享,使得指定验证组中的[t]个或更多验证人合作能从签名中恢复消息并能验证签名的有效性。该方案满足代理签名方案的安全要求,传送签名时无需传送消息,和其他代理签名方案相比,降低了通信开销;同时也降低了验证人欺骗的风险,万一遇到验证人欺骗,该方案能准确地检查出哪一个验证人在欺骗。 相似文献
14.
15.
16.
Xinyi Huang Willy Susilo Yi Mu Wei Wu 《International Journal of Information Security》2008,7(3):171-183
In Asiacrypt 2003, the concept of universal designated verifier signature (UDVS) was introduced by Steinfeld, Bull, Wang and Pieprzyk. In the new paradigm, any signature holder (not necessarily the signer) can designate the publicly verifiable signature to any desired designated verifier
(using the verifier’s public key), such that only the designated verifier can believe that the signature holder does have
a valid publicly verifiable signature, and hence, believes that the signer has signed the message. Any other third party cannot
believe this fact because this verifier can use his secret key to create a valid UDVS which is designated to himself. In ACNS
2005, Zhang, Furukawa and Imai proposed the first UDVS scheme without random oracles. In this paper, we give a security analysis
to the scheme of Zhang et al. and propose a novel UDVS scheme without random oracles based on Waters’ signature scheme, and
prove that our scheme is secure under the Gap Bilinear Diffie Hellman assumption. 相似文献
17.
《国际计算机数学杂志》2012,89(3):285-289
Recently Chen, [K. Chen, Signature with message recovery, Electronics Letters, 34(20) (1998) 1934], proposed a signature with message recovery. But Mitchell and Yeun [C. J. Mitchell and C. Y. Yeun, Comment - signature with message recovery, Electronics Letters, 35(3) (1999) 217] observed that Chen's scheme is only an authenticated encryption scheme and not a signature scheme as claimed. In this article, we propose a new signature scheme in the sense of Mitchell and Yeun and with message recovery feature. The designated verifier signature is introduced by Jakobsson et al. [M. Jakobsson, K. Sako, R. Impagliazzo, Designated verifier proofs and their applications, Proc. of Eurocrypt’96, LNCS 1070 (1996) pp. 143–154]. We propose a designated verifier signature scheme with non-repudiation of origin. We also give a protocol for a convertible designated verifier signature scheme with non-repudiation of origin. Both of these schemes are based on our proposed signature scheme with message recovery. 相似文献
18.
切尼提出了一种带有信号恢复的签名方案,但是米切尔和尤尼称这种方案仅仅是一种鉴别编码方案而并非签名方案.在理解米切尔和尤尼的观点的基础上,提出了一种带有信号恢复特征的新签名方案;在詹科比森提出的指定检验者的签名方案的基础上,提出了一种带有防发送方抵赖的指定检验者的签名方案,并为该方案给出了协议. 相似文献
19.
20.
Liming Zuo Neeraj Kumar Hang Tu Ankit Singh Naveen Chilamkurti Seungmin Rho 《The Journal of supercomputing》2014,70(1):177-199
Security is a paramount concern for various applications, such as electronic voting system as sensitive data is to be transmitted among the nodes during transmission. Recently, Wu and Lin (Inf Technol Control 42:231–237, 2013) proposed a new probabilistic signature scheme and used it to construct two universal designated verifier signature schemes. They demonstrated that their scheme was secure under the bilinear inverse Diffie–Hellman assumption. However, in this paper, we will show that their scheme cannot provide unforgeability, i.e., the adversary could forge a legal signature of any message. The analysis shows that their schemes are not suitable for practical applications. To overcome these weaknesses, we proposed three improved schemes which are provably secure in the random oracles. In summary, our contributions in this paper was listed in following three folds: (1) we have shown that Wu et al. schemes cannot provide unforgeability, i.e., the adversary could forge a legal signature of any message. (2) We have proposed three improved schemes which overcomes the drawbacks of Wu et al. scheme and finally, (3) we have implemented the real-time packet analyzer for detection of invalid signature in electronic voting system using Snort. The analysis shows that the existing scheme is not suitable for practical applications and our implemented scheme is able to detect the vulnerability in the electronic voting system. The designed scheme generated alerts at regular intervals so that administrator takes adequate measures to mitigate the intrusion presented in the system. 相似文献