代理多重签名方案的密码分析与修改

对伊丽江等提出的的代理多重签名方案进行了详细的分析，指出该方案是不安全的，不能抵抗公钥替换攻击和合谋攻击，并给出了两个改进的代理多重签名方案。改进后的方案具有不可否认性，不使用安全信道，以及抵抗公钥替换攻击和合谋攻击等优点。     

浅析前向安全无证书代理盲签名方案的改进

本文对最近何和杜学者提出的一个前向安全无证书代理盲签名方案进行了改进,并对改进方案的安全性和有效性进行了分析。分析结果显示,改进的方案不仅能克服原方案存在的缺陷,而且在不增加计算负担的情况下减少了签名的长度。因此,改进的方案具有更好的性能。     

对Lin-Dou群签名方案的安全性分析

为了设计出更加安全的群签名方案,针对Lin和Dou等人最近提出的群签名方案进行了分析,证明该方案是不安全的,无法抵抗本文提出的伪造攻击。利用该伪造攻击,攻击人不需要任何签名者的保密身份信息和秘密密钥信息,只是通过选取随机参数、改变原方案的部分设计步骤就能成功伪造出验证有效的群签名,从而威胁到群签名人的合法权益。分析了该群签名方案可被伪造的原因,并对如何克服该缺陷提出相应改进思想。为了验证该伪造攻击的有效性,设计了一个伪造攻击签名示例,进一步证明了Kn-Dou群签名方案是不安全的。     

对一个代理盲签名方案的分析

对一类代理盲签名方案进行讨论和分析,并成功地进行了伪造攻击,指出其设计上的不足之处,在分析方案不安全原因的基础上,提出改进方案.     

基于移动代理的电子商务安全方案

将移动代理技术引入电子商务具有很多的优势，同时也对电子商务的安全性问题提出了新的挑战。文中构建了一个基于移动代理的电子商务模型，分析了模型中存在的安全问题，提出了一个改进的电子商务安全方案．改进方案采取分层的结构，从不同的层次保证移动代理的安全和电子商务信息流和资金流的安全．实验结果表明，该方案是切实可行的。     

改进的超椭圆曲线结构化多重盲签名

安全高效的多重盲签名方案在电子商务和电子现金系统有很多重要的应用.本文对已有的结构化多重签名方案进行了分析和改进,提出快速和高效的基于超椭圆曲线的结构化多重盲签名方案.我们将签名结构从二层扩展为三层,使有序和广播更好的结合,并给出各种情形下的具体算法.最后,比较和分析了改进方案的复杂度和安全性,与已有文献比较,改进方案的运算量减少了(3n+2)TH+(273.8n+32.2)TML.结果表明,改进方案具有运算量低,所需时间少,安全性高且易于实现等优点.     

基于XML的多方数据通信安全模型研究

本文针对XML签名规范的不足之处,提出了基于XML的多方通信安全模型,保证XML数据的确认性、完整性和不可否认性,解决基于XML通信技术的业务链中多方通信数据安全问题,从应用层的角度提供了多方通信时的身份认证和XML数据完整性,同时该模型还具有整体签名、部分验证的特点。     

Eiguanxi一种无线通信系统中改进的帧同步方法

同步问题是MIMOOVDM系统的关键问题。本文对基于正交帧头的同步方案提出厂改进．将自适应门限的帧头判决门限方案引入其中。仿真表明，这种改进的方案在不增加系统复杂度的前提下，提高了帧同步的正确检测率，保证了同步的稳定性和快速性。     

语义感知的多态攻击网络签名产生方法

多态攻击网络签名在传统串模式挖掘与匹配技术中应用难以生成有效的签名数据.本文在传统应用方法基础上,提出并测试了基于语义感知方法.首先,详细分析了多态攻击数据状态特征.然后,通过使用静态数据流形成过程分析提取了静态语义原始代码.最后,按照基于特征分类标准,应用Sig Free方法生成了多层多态签名数据,而且数据里面还包含代码的多态语义与串模式相应信息.通过对比Hamsa方案的实验数据表明,此方法可以有效降低数字签名的失误率和失真率.     

基于数字信道化技术的自适应门限检测算法

当卫星通信系统中同时存在强信号和弱信号时,固定门限对微弱信号出现大概率漏警问题,该文提出了一种基于数字信道化技术的自适应门限检测算法。该算法针对不同的子信道集产生适配的自适应检测门限,在强信号的检测上保持了固定门限的优势,在弱信号的检测上能够有效检测和跟踪目标频率信息,支持对强信号和弱信号进行分离和检测。通过蒙特卡洛仿真对数字信道化后的固定门限检测和自适应门限检测进行对比,自适应门限算法能够有效检测强信号和弱信号,实现强弱信号的有效分离,验证了基于数字信道化技术的自适应门限检测算法的有效性。     

New Representative Collective Signatures Based on the Discrete Logarithm Problem

The representative collective digital signature scheme allows the creation of a unique collective signature on document M that represents an entire signing community consisting of many individual signers and many different signing groups, each signing group is represented by a group leader. On document M, a collective signature can be created using the representative digital signature scheme that represents an entire community consisting of individual signers and signing groups, each of which is represented by a group leader. The characteristic of this type of letter is that it consists of three elements (U, E, S), one of which (U) is used to store the information of all the signers who participated in the formation of the collective signature on document M. While storing this information is necessary to identify the signer and resolve disputes later, it greatly increases the size of signatures. This is considered a limitation of the collective signature representing 3 elements. In this paper, we propose and build a new type of collective signature, a collective signature representing 2 elements (E, S). In this case, the signature has been reduced in size, but it contains all the information needed to identify the signer and resolve disputes if necessary. To construct the approved group signature scheme, which is the basic scheme for the proposed representative collective signature schemes, we use the discrete logarithm problem on the prime finite field. At the end of this paper, we present the security analysis of the AGDS scheme and a performance evaluation of the proposed collective signature schemes.     

Code-based Sequential Aggregate Signature Scheme

This paper proposes the first code-based quantum immune sequential aggregate signature (SAS) scheme and proves the security of the proposed scheme in the random oracle model. Aggregate signature (AS) schemes and sequential aggregate signature schemes allow a group of potential signers to sign different messages respectively, and all the signatures of those users on those messages can be aggregated into a single signature such that the size of the aggregate signature is much smaller than the total size of all individual signatures. Because of the aggregation of many signatures into a single short signature, AS and SAS schemes can reduce bandwidth and save storage; moreover, when a SAS is verified, not only the valid but also the order in which each signer signed can be verified. AS and SAS schemes can be applied to traffic control, banking transaction and military applications. Most of the existing AS and SAS schemes are based either on pairing or Rivest–Shamir–Adleman (RSA), and hence, can be broken by Shor’s quantum algorithm for Integer Factoring Problem (IFP) and Discrete Logarithm Problem (DLP). There are no quantum algorithms to solve syndrome decoding problems. Hence, code-based cryptography is seen as one of the promising candidates for post-quantum cryptography. This paper shows how to construct quantum immune sequential aggregate signatures based on coding theory. Specifically, we construct our scheme with the first code based signature scheme proposed by Courtois, Finiasz and Sendrier (CFS). Compared to the CFS signature scheme without aggregation, the proposed sequential aggregate signature scheme can save about 90% storage when the number of signers is asymptotically large.     

Extending RSA cryptosystems to proxy multi‐signature scheme allowing parallel individual signing operation

Abstract

Even though there have been many research studies on proxy signature schemes, only Shao's proxy multi‐signature scheme is based on the factoring problem (FAC). Unfortunately, Shao's scheme requires sequential signing operations and strict order of the modulus. It is not practical and not efficient. We, therefore, based on RSA cryptosystems, propose new proxy‐protected mono‐signature and proxy‐protected multi‐signature schemes. In contrast to their counterparts, our scheme allows parallel signing operations and also improves the signers’ computational performance.     

An Efficient and Practical Quantum Blind Signature Protocol with Relaxed Security Model

Blind signature has a wide range of applications in the fields of E-commerce and block-chain because it can effectively prevent the blind signer from getting the original message with its blindness. Owing to the potential unconditional security, quantum blind signature (QBS) is more advantageous than the classical ones. In this paper, an efficient and practical quantum blind signature scheme relaxed security model is presented, where quantum superposition, decoy qubits and hash function are used for the purpose of blindness. Compared with previous QBS scheme, the presented scheme is more efficient and practical with a relaxed security model, in which the signer’s dishonest behavior can be detected other than being prevented as in other QBS schemes.     

New Collective Signatures Based on the Elliptic Curve Discrete Logarithm Problem

There have been many digital signature schemes were developed based on the discrete logarithm problem on a finite field. In this study, we use the elliptic curve discrete logarithm problem to build new collective signature schemes. The cryptosystem on elliptic curve allows to generate digital signatures with the same level of security as other cryptosystems but with smaller keys. To extend practical applicability and enhance the security level of the group signature protocols, we propose two new types of collective digital signature schemes based on the discrete logarithm problem on the elliptic curve: i) the collective digital signature scheme shared by several signing groups and ii) the collective digital signature scheme shared by several signing groups and several individual signers. These two new types of collective signatures have combined the advantages of group digital signatures and collective digital signatures. These signatures have a fixed size and do not depend on the number of members participating in the creation of the final collective signature. One of the advantages of the proposed collective signature protocols is that they can be deployed on top of the available public key infrastructures.     

Signature scheme based on the root extraction problem over braid groups

Several public key cryptosystems and authentication schemes based on the conjugator search and root extraction problems over braid groups have been proposed. However, security analysis showed that it is not necessary to solve the underlying conjugator search problem or the root extraction problem in order to break these public key cryptographic algorithms. Hence, these cryptographic primitives suffer from some security drawbacks. A digital signature scheme based on the root extraction problem over braid groups is proposed. It is proven that the only way for the attacker to forge a signature is to extract the eth root for a given braid in the braid group. It is also shown that given sufficiently many message-signature pairs, the attacker needs to solve an intractable problem, the group factorisation problem, in order to forge a signature. Furthermore, it is pointed out that the attacker cannot learn much useful information by reconstructing braid equations with respect to the public and secret keys. Performance analysis shows that the proposed signature scheme is efficient and practical, and the key sizes are acceptable. The computational overheads to sign a message and to verify a signature are only equivalent to several 1024-RSA modular multiplications.     

A Trust Value Sharing Scheme in Heterogeneous Identity Federation Topologies

Recent developments in heterogeneous identity federation systems have heightened the need for the related trust management system. The trust management system evaluates, manages, and shares users’ trust values. The service provider (SP) members of the federation system rely on users’ trust values to determine which type and quality of service will be provided to the users. While identity federation systems have the potential to help federated users save time and energy and improve service experience, the benefits also come with significant privacy risks. So far, there has been little discussion about the privacy protection of users in heterogeneous identity federation systems. In this paper, we propose a trust value sharing scheme based on a proxy ring signature for the trust management system in heterogeneous identity federation topologies. The ring signature schemes can ensure the validity of the data and hide the original signer, thereby protecting privacy. Moreover, no group manager participating in the ring signature, which naturally matches with our decentralized heterogeneous identity federation topologies. The proxy signature can reduce the workload of the private key owner. The proposed scheme shortens the calculation time for verifying the signature and then reduces the overall time consumption in the process of trust sharing. Our studies prove that the proposed scheme is privacy-preserving, efficient, and effective.     

Key-Private Identity-Based Proxy Re-Encryption

An identity-based proxy re-encryption scheme (IB-PRE) allows a semi-trusted proxy to convert an encryption under one identity to another without revealing the underlying message. Due to the fact that the proxy was semi-trusted, it should place as little trust as necessary to allow it to perform the translations. In some applications such as distributed file system, it demands the adversary cannot identify the sender and recipient’s identities. However, none of the exiting IB-PRE schemes satisfy this requirement. In this work, we first define the security model of key-private IB-PRE. Finally, we propose the first key-private IB-PRE scheme. Our scheme is chosen plaintext secure (CPA) and collusion resistant in the standard model.     

An encryption/signature scheme with low message expansion

Abstract

Secrecy, authenticity and integrity are three major services provided by the public key cryptography. To provide these three services via the ElGamal public key cryptosystem and Signature scheme, the message expanding ratio is four and the overhead of communication is heavy. In this paper, a concurrent encryption/signature scheme will be proposed to provide these three services with a lower message expanding ratio. In the new scheme, the signer can encrypt and sign the message concurrently so the signature that serves as the ciphertext is a pair of integers. Thus the message expanding ratio can be decreased to two.     

An Efficient Certificateless Aggregate Signature Scheme Designed for VANET

The Vehicular Ad-hoc Network (VANET) is the fundamental of smart transportation system in the future, but the security of the communication between vehicles and vehicles, between vehicles and roadside infrastructures have become increasingly prominent. Certificateless aggregate signature protocol is used to address this security issue, but the existing schemes still have many drawbacks in terms of security and efficiency: First, many schemes are not secure, and signatures can be forged by the attacker; Second, even if some scheme are secure, many schemes use a large number of bilinear pairing operation, and the computation overhead is large. At the same time, the length of the aggregated signature also increases linearly with the increase of user numbers, resulting in a large communication overhead. In order to overcome the above challenges, we propose a new certificateless aggregate signature scheme for VANET, and prove the security of the scheme under the random oracle model. The new scheme uses pseudonym to realize the conditional privacy protection of the vehicle’s information. The new scheme does not use bilinear pairing operation, and the calculation efficiency is high. At the same time, the length of the aggregate signature of the new scheme is constant, thereby greatly reducing the communication and storage overhead. The analysis results demonstrate that the new scheme is not only safer, but also superior in performance to the recent related schemes in computation overhead and communication cost.