基于椭圆曲线的多重盲签名方案

提出了两个基于椭圆曲线的多重盲签名方案,该方案可以同时完成盲签名和多重签名的任务而且签名尺寸不会随签名人数增加而增加.还对方案的正确性、盲性、不可伪造性作了证明.     

基于环Zn上圆锥曲线的代理多重盲签名方案

提出了一种基于剩余类环Zn上圆锥曲线的代理多重盲签名方案,该方案具备盲签名、代理签名和多重签名的组合优势并且签名尺寸不会随签名人数的增加而增加,另外,与基于其它类型的公钥密码体制的代理多重盲签名方案相比,该方案还具有明文嵌入方便、运算速度快、更易于实现等优点。论文对方案的正确性、盲性、不可伪造性、不可抵赖性和可区分性进行了证明。     

基于身份的门限多重盲签名方案

利用椭圆曲线上的双线性映射、门限多重签名和签名盲化技术,提出一个基于身份的门限多重盲签名方案,分析了方案的盲性以及安全性。该方案具有盲性、不可伪造性等安全特征,可有效地阻止敌人窃取主密钥以及子秘密,并且能够利用多重签名的保证签名的不可否认性。     

基于双线性对的门限代理盲多重签名方案 *

该方案是门限代理多重签名与盲签名的有机集成 ,既解决了代理签名方案中代理签名人权利过于集中的问题 ,又通过盲签名实现了签名的匿名性和不可追踪性。在该数字签名方案的基础上 ,采用双线性对的签名和验证方式 ,提出了基于双线性对的门限代理盲多重签名方案 ,极大地提高了门限代理盲多重签名的安全性和实现速度。     

基于ECC的多重代理多重盲签名方案

在讨论代理多重签名方案、多重代理签名方案、多重代理多重签名方案及盲签名方案设计原理的基础上,将多重代理多重签名方案与盲签名方案相结合,提出基于椭圆曲线密码的广播多重代理多重盲签名方案和有序多重代理多重盲签名方案,并对其进行安全性分析,分析结果表明,2类方案均满足多重代理多重签名的安全特性及盲签名的盲性和不可追踪性。     

一种新的代理多重盲签名方案

代理多重签名,即一个代理签名人可以同时代表多个原始签名人的利益在一个文件上签名;而盲签名方案,具有消息的内容对签名者是不可见的特性,且签名被接收者泄露后,签名者不能追踪签名。 代理多重签名和盲签名在电子商务和电子现金系统中有着广泛的应用。结合两种方案的特点,基于Schnorr签名体制,给出了一种新的代理多重盲签名方案,即一个代理签名人能够代表多个原始签名人进行代理盲签名。该方案具有计算量小、效率高和安全性强等优点,且签名长度不随原始签名人的增加而增长。     

多重代理多重盲签名方案

多重代理多重盲签名方案综合了多重代理多重签名方案和盲签名方案的优点,它是由一组原始签名人授权给一组代理签名人,并且这组代理签名人并不知道消息的具体内容。基于离散对数问题提出广播多重代理多重盲签名方案和有序多重代理多重盲签名方案,通过对其安全性分析,两类方案均满足多重代理多重签名的安全性及盲签名的盲性和不可链接性。     

一种高效的代理多重盲签名方案

代理多重签名和盲签名在电子商务和电子现金系统中有着广泛的应用。结合这两种方案的特点,基于Schnorr签名和Chaum盲签名体制,该文提出一种高效的代理多重盲签名方案。该方案具有计算量小、效率高和安全性强等优点,且签名长度不随原始签名人的增加而增长,并能广泛应用于电子货币和电子投票等领域。     

代理多重盲签名方案的改进

通过对LCZ代理多重盲签名方案的安全性分析,发现任何一个原始签名者都可以冒充代理签名者伪造有效的代理多重盲签名,该方案并不满足强不可伪造性。在LCZ方案和HQL方案的基础上提出了一种改进方案,改进后的方案有效克服了原方案的安全缺陷,并满足代理多重盲签名的各种要求。     

对两个代理盲多重签名的分析和改进

盲签名和代理多重签名在电子商务和电子现金系统中有着广泛的应用.结合这两种签名的特点,人们提出了代理盲多重签名方案.在代理盲多重签名中,一个原始签名组将签名权委托给代理签名人,由其对签名请求者发送来的盲化消息进行代理签名.通过分别对秦艳琳等人和周立章提出的代理盲多重签名方案的安全性分析,发现秦的方案中一个恶意的原始签名人可以伪造出代理签名密钥,从而生成代理盲多重签名;并同时指出周的方案无法抵挡代理签名伪造攻击,不满足不可伪造性.针对上述两种攻击,在秦方案的基础上提出了一种新的方案,证明及分析了新方案的正确性和安全性.该方案有效地克服了原方案的缺陷,并满足代理盲多重签名的各种要求,提高了系统的安全性.     

Optimal resilient threshold GQ signatures

GQ signature scheme is widely used in many cryptographic protocols, such as forward-secure signature scheme, identity-based signature scheme, etc. However, there is no threshold version of this important signature scheme in the open literature. We proposed the first threshold GQ signature scheme. The scheme is proved unforgeable and robust against any adaptive adversary by assuming hardness of computing discrete logarithm modulo a safe prime and existence of fully synchronous broadcast channel. Furthermore, with some modifications, our scheme achieves optimal resilience such that the adversary can corrupt up to a half of the players. As an extension of our work, we provided a threshold identity-based signature scheme and a threshold forward-secure signature scheme, which is the threshold version of the most efficient forward-secure signature scheme up to now.     

一种基于Schnorr体制的同时型多盲签名方案

本文提出了一种基于Schnorr体制的非平凡同时型多盲签名方案，可以同时完成盲签名和同时型多签名尺寸不会随签名人数增加而增加，并对该签名方案的正确性、盲性和不可伪造性作了证明，文章最后给出了一个基于该方案的具体应用。     

Ring Signature with Weak Linkability and Its Applications

We suggest a linkable ring signature scheme providing strong anonymity and weak linkability. We show that our linkable ring signature scheme can be used to construct a selectively linkable ring signature scheme, an efficient convertible (verifiable) ring signature scheme, and an efficient deductible ring signature scheme.     

一种改进的ElGamal数字签名方案

数字签名在现代信息安全中发挥着不可替代的作用,ElGamal数字签名是一种重要的离散对数数字签名方案,但是原始ElGamal签名方案存在不少安全和效率方面的问题。提出一种新型ElGamal数字签名方案,证明其能抵挡一种新型的伪造攻击和同态攻击,并对其安全性和复杂度进行了分析与说明。     

一种基于二叉树结构与椭圆曲线的批量签名方案

基于RSA、DSA等传统算法的批量签名有消息数目的限制,性能也越来越不能满足需要.针对现有的批量签名算法大多基于RSA、DSA等传统算法的现状,本文提出了一种高效的基于二叉树结构与椭圆曲线的批量签名方案.该方案利用二叉树结构计算散列总值,而签名与认证算法采用椭圆曲线算法.方案相对基于RSA、DSA等传统算法的批量签名方案有速度快、安全性能高、存储空间小等优点,而且没有消息数目的限制.     

有界恢复模型下弹性泄露签名的新构造

弹性泄露密码学是当前密码学研究的热点.给出一个弹性泄露签名的定义,该定义是标准签名定义的一个扩展.构造一个有界恢复模型下的弹性泄露签名方案,并在标准模型下证明了它的安全性.本文的方案基于双线性配对的弹性泄露签名,结合了一次签名和Waters签名的特,通过改进,长度可大大缩短,克服了一次签名签名长度过长的缺点,具有较好的实用价值.     

Identity-based strong designated verifier signature schemes: Attacks and new construction

A strong designated verifier signature scheme makes it possible for a signer to convince a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party, and no third party can even verify the validity of a designated verifier signature. We show that anyone who intercepts one signature can verify subsequent signatures in Zhang-Mao ID-based designated verifier signature scheme and Lal-Verma ID-based designated verifier proxy signature scheme. We propose a new and efficient ID-based designated verifier signature scheme that is strong and unforgeable. As a direct corollary, we also get a new efficient ID-based designated verifier proxy signature scheme.     

Signature scheme with message recovery and its application

Recently Chen, [K. Chen, Signature with message recovery, Electronics Letters, 34(20) (1998) 1934], proposed a signature with message recovery. But Mitchell and Yeun [C. J. Mitchell and C. Y. Yeun, Comment - signature with message recovery, Electronics Letters, 35(3) (1999) 217] observed that Chen's scheme is only an authenticated encryption scheme and not a signature scheme as claimed. In this article, we propose a new signature scheme in the sense of Mitchell and Yeun and with message recovery feature. The designated verifier signature is introduced by Jakobsson et al. [M. Jakobsson, K. Sako, R. Impagliazzo, Designated verifier proofs and their applications, Proc. of Eurocrypt’96, LNCS 1070 (1996) pp. 143–154]. We propose a designated verifier signature scheme with non-repudiation of origin. We also give a protocol for a convertible designated verifier signature scheme with non-repudiation of origin. Both of these schemes are based on our proposed signature scheme with message recovery.     

Key-insulated aggregate signature

In order to minimize the damage caused by key exposure in aggregate signatures, a key-insulated aggregate signature scheme is proposed in this paper. We give the definition and the security model of the key-insulated aggregate signature. We also construct a concrete key-insulated aggregate signature scheme that meets our definition. Our scheme has the properties of efficient verification and short signature length. We prove the security of our scheme in the random oracle model under the computation Diffie-Hellman assumption.     

THE CHURCHYARD CIPHERS

Shared generation of secure signatures, called threshold signatures, was introduced by Desmedt and Frankel in 1991. A threshold signature scheme is not only a threshold scheme but also a signature scheme. Therefore, it should possess the properties of both threshold scheme and digital signature scheme. In this paper, we investigate conspiracy attacks, that can impersonate any group to generate a signature, on the Desmedt-Frankel threshold RSA signature scheme. We also discuss the requirements of secure threshold signature schemes.