共查询到20条相似文献,搜索用时 125 毫秒
1.
We propose and analyze two efficient signature schemes whose security is tightly related to the Diffie-Hellman problems in
the random oracle model. The security of our first scheme relies on the hardness of the computational Diffie-Hellman problem;
the security of our second scheme - which is more efficient than the first-is based on the hardness of the decisional Diffie-Hellman
problem, a stronger assumption. Given the current state of the art, it is as difficult to solve the Diffie-Hellman problems
as it is to solve the discrete logarithm problem in many groups of cryptographic interest. Thus, the signature schemes shown
here can currently offer substantially better efficiency (for a given level of provable security) than existing schemes based
on the discrete logarithm assumption. The techniques we introduce can also be applied in a wide variety of settings to yield
more efficient cryptographic schemes (based on various number-theoretic assumptions) with tight security reductions. 相似文献
2.
We present the first undeniable signatures scheme based on RSA. Since their introduction in 1989 a significant amount of
work has been devoted to the investigation of undeniable signatures. So far, this work has been based on discrete log systems.
In contrast, our scheme uses regular RSA signatures to generate undeniable signatures. In this new setting, both the signature
and verification exponents of RSA are kept secret by the signer, while the public key consists of a composite modulus and
a sample RSA signature on a single public message.
Our scheme possesses several attractive properties. First, provable security, as forging the undeniable signatures is as
hard as forging regular RSA signatures. Second, both the confirmation and denial protocols are zero-knowledge. In addition,
these protocols are efficient (particularly, the confirmation protocol involves only two rounds of communication and a small
number of exponentiations). Furthermore, the RSA-based structure of our scheme provides with simple and elegant solutions
to add several of the more advanced properties of undeniable signatures found in the literature, including convertibility
of the undeniable signatures (into publicly verifiable ones), the possibility to delegate the ability to confirm and deny
signatures to a third party without giving up the power to sign, and the existence of distributed (threshold) versions of
the signing and confirmation operations.
Due to the above properties and the fact that our undeniable nsignatures are identical in form to standard RSA signatures, the scheme we present becomes a very attractive candidate for practical implementations.
Received 25 July 1997 and revised 5 November 1998 相似文献
3.
基于零知识证明的电子现金 总被引:5,自引:0,他引:5
在零知识证明系统的基础上提出了一种不同于以往的构造电子现金的方案。它不基于特定的盲签名方案和零知识证明系统,从而提供了基于任意零知识证明系统和盲签名方案构筑电子现金的方法。在合理的密码学假设前提下,证明了方案的安全性。 相似文献
4.
5.
6.
密码学中的随机预言模型与标准模型 总被引:1,自引:0,他引:1
随机预言模型与标准模型是密码学可证明安全理论中非常重要的两类模型。在此对这两种模型进行了描述,并研究了运用它们证明密码方案或协议安全性时所采取的不同技术,包括随机预言模型在加密和数字签名方案中的应用研究,以及标准模型下可证明安全性理论在加密方案中的应用研究。此外对进一步研究方向进行了展望。 相似文献
7.
Michel Abdalla Pierre-Alain Fouque Vadim Lyubashevsky Mehdi Tibouchi 《Journal of Cryptology》2016,29(3):597-631
In this paper, we present three digital signature schemes with tight security reductions in the random oracle model. Our first signature scheme is a particularly efficient version of the short exponent discrete log-based scheme of Girault et al. (J Cryptol 19(4):463–487, 2006). Our scheme has a tight reduction to the decisional short discrete logarithm problem, while still maintaining the non-tight reduction to the computational version of the problem upon which the original scheme of Girault et al. is based. The second signature scheme we construct is a modification of the scheme of Lyubashevsky (Advances in Cryptology—ASIACRYPT 2009, vol 5912 of Lecture Notes in Computer Science, pp 598–616, Tokyo, Japan, December 6–10, 2009. Springer, Berlin, 2009) that is based on the worst-case hardness of the shortest vector problem in ideal lattices. And the third scheme is a very simple signature scheme that is based directly on the hardness of the subset sum problem. We also present a general transformation that converts what we term \(lossy \) identification schemes into signature schemes with tight security reductions. We believe that this greatly simplifies the task of constructing and proving the security of such signature schemes. 相似文献
8.
9.
一种基于比特承诺的部分盲签名方案 总被引:13,自引:1,他引:13
本文讨论了部分盲签名的概念,并提出了一种基于比特承诺的部分盲签名方案,该方案主要用于提高离线电子现金系统的效率,在基于离散对数假设的前提下,我们还证明了所提出的方案的安全性。 相似文献
10.
Because of its wide application in anonymous authentication and attribute-based messaging, the attribute-based signature scheme has attracted the public attention since it was proposed in 2008. However, most of the existing attribute-based signature schemes are no longer secure in quantum era. Fortunately, lattice-based cryptography offers the hope of withstanding quantum computers. And lattices has elevated it to the status of a promising potential alternative to cryptography based on discrete log and factoring, owing to implementation simplicity, provable security reductions and quantum-immune. In this paper, the first lattice attribute-based signature scheme in random oracle model is proposed, which is proved existential unforgeability and perfect privacy. Compared with the current attribute-based signature schemes, our new attribute-based signature scheme can resist quantum attacks and has much shorter public-key size and signature size. Furthermore, this scheme is extended into an attribute-based signature scheme on number theory research unit (NTRU) lattice, which is also secure even in quantum era and has much higher efficiency than the former. 相似文献
11.
在指定验证者代理签名中,原始签名者把自己的签名权力授权给一个代理签名者,后者可以代表前者签名消息,但是仅仅只有指定验证者能够相信签名的有效性。已知的指定验证者代理签名方案的安全性证明都是在随机预言机模型中的,该文中基于Waters签名方案,首次提出无随机预言机下可证安全的指定验证者代理签名方案。在弱Gap Bilinear Diffie-Hellman假设下,证明所提方案能够抵抗适应性选择消息攻击下的存在性伪造。 相似文献
12.
齐爱琴 《微电子学与计算机》2012,29(4):131-133
当今的代理签名技术是在原有签名机制上的改进,无法提供强大的安全保证机制.对比提出了一种基于离散对数的门限哈希函数的方法来构建安全代理签名机制,并提供了详细的安全和性能分析.分析结果显示该机制安全性高、性能稳定. 相似文献
13.
简要讨论了电子现金的特点,并在EIGamal签名、承诺方案和ZK的基础上构造了一种电子现金方案,最后对此方案的安全性作了说明。 相似文献
14.
Multi‐proxy signature is one of the useful primitives of the proxy signature. Till now, only a few schemes of identity‐based multi‐proxy signature (IBMPS) have been proposed using bilinear pairings, but most of the schemes are insecure or lack a formal security proof. Because of the important application of IBMPS scheme in distributed systems, grid computing, and so on, construction of an efficient and provable‐secure IBMPS scheme is desired. In 2005, Li & Chen proposed an IBMPS scheme from bilinear pairings, but their paper lacks a formal model and proof of the security. Further, in 2009, Cao & Cao presented an IBMPS scheme with the first formal security model for it. Unfortunately, their scheme is not secure against the Xiong et al's attack. In this paper, first, we present an IBMPS scheme, then we formalize a security model for the IBMPS schemes and prove that the presented scheme is existential unforgeable against adaptive chosen message and identity attack in the random oracle model under the computational Diffie–Hellman assumption. Also, our scheme is not vulnerable for the Xiong et al's attack. The presented scheme is more efficient in the sense of computation and operation time than the existing IBMPS schemes. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献
15.
16.
17.
基于RSA的因式分解和离散对数问题,文中提出了一种安全性高,具有良好特性的(t,n)门限群签名方案。其安全性是基于求离散对数和RSA大整数因式分解的困难。方案不仅具有可追踪性和防止群内成员共谋获得系统秘密参数,而且还具有签名验证简单且计算量少,签名的匿名性和防冒充性等优点。 相似文献
18.
This paper presents a self‐certified digital signature scheme with message recovery that is proven to be secure. So far, many schemes of this kind have been proposed to keep message secret in the transmission. But Zhang et al. has proposed the man‐in‐middle attack to Shao's self‐certified signature scheme, which is based on discrete logarithm. The attacker can make a new signature by using an old one, but the reason of such man‐in‐middle attack was not referred. We present the scheme of Yoon et al., which is also based on discrete logarithm, that cannot resist man‐in‐middle attack either, give the analysis of the attack, and propose a new scheme. The proposed scheme can resist forgery attack in the random oracle model and avoid message leakage, the man‐in‐middle attack, and meanwhile has several security characters. Compared with some self‐certified schemes, our scheme is the best because of the time cost. Copyright © 2013 John Wiley & Sons, Ltd. 相似文献
19.
Without the assumption that the private keys are kept secure perfectly, cryptographic primitives cannot be deployed in the insecure environments where the key leakage is inevitable. In order to reduce the damage caused by the key exposure in the identity-based (ID-based) signature scenarios efficiently, we propose an ID-based key-insulated signature scheme in this paper, which eliminates the expensive bilinear pairing operations. Compared with the previous work, our scheme minimizes the computation cost without any extra cost. Under the discrete logarithm (DL) assumption, a security proof of our scheme in the random oracle model has also been given. 相似文献
20.
Short Signatures from the Weil Pairing 总被引:24,自引:0,他引:24
We introduce a short signature scheme based on the Computational
Diffie–Hellman assumption on certain elliptic and hyperelliptic
curves. For standard security parameters, the signature length is
about half that of a DSA signature with a similar level of security. Our
short signature scheme is designed for systems where signatures are
typed in by a human or are sent over a low-bandwidth channel. We
survey a number of properties of our signature scheme such as
signature aggregation and batch verification. 相似文献