共查询到20条相似文献,搜索用时 15 毫秒
1.
Ring signature was first introduced in 2001. In a ring signature, instead of revealing the actual identity of the message signer, it specifies a set of possible signers. The verifier can be convinced that the signature was indeed generated by one of the ring members, however, she is unable to tell which member actually produced the signature. In this paper, we propose a generalized ring signature scheme and a generalized multi-signer ring signature based on the original ElGamal signature scheme. The proposed ring signature can achieve unconditional signer ambiguity and is secure against adaptive chosen-message attacks in the random oracle model. Comparing to ring signature based on RSA algorithm, the proposed generalized ring signature scheme has three advantages: (1) all ring members can share the same prime number and all operations can be performed in the same domain; (2) by combining with multi-signatures, we can develop the generalized multi-signer ring signature schemes to enforce cross-organizational involvement in message leaking. It may result in a higher level of confidence or broader coverage on the message source; and (3) the proposed ring signature is a convertible ring signature. It enables the actual message signer to prove to a verifier that only she is capable of generating the ring signature. 相似文献
2.
两个具有语义安全的可转换认证加密方案 总被引:2,自引:0,他引:2
提出了两个具有语义安全的可转换认证加密方案,方案具有以下性质:能够提供消息的语义安全——任何攻击者,即使获得了一个认证加密签名,也无法确定他所猜测的消息是否为真正的消息;收到签名后,接收者只用自己的私钥和签名者的公钥来恢复、验证消息;如果签名者后来否定签名,接收者可以通过恢复的消息和其它一些相关参数向任何第三方证明签名者的欺骗。 相似文献
3.
4.
A strong designated verifier signature scheme makes it possible for a signer to convince a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party, and no third party can even verify the validity of a designated verifier signature. We show that anyone who intercepts one signature can verify subsequent signatures in Zhang-Mao ID-based designated verifier signature scheme and Lal-Verma ID-based designated verifier proxy signature scheme. We propose a new and efficient ID-based designated verifier signature scheme that is strong and unforgeable. As a direct corollary, we also get a new efficient ID-based designated verifier proxy signature scheme. 相似文献
5.
Baoyuan Kang Author Vitae Colin Boyd Author Vitae 《Journal of Systems and Software》2009,82(2):270-273
Unlike ordinary digital signatures, a designated verifier signature scheme makes it possible for a signer to convince a designated verifier that she has signed a message in such a way that the designated verifier cannot transfer the signature to a third party. In a strong designated verifier signature scheme, no third party can even verify the validity of a designated verifier signature, since the designated verifier’s private key is required in the verifying phase. Firstly, this paper proposes the model of identity-based strong designated verifier signature scheme based on bilinear pairings by combining identity-based cryptosystem with the designated verifier signature scheme, and then, provides one concrete strong identity-based designated verifier signature scheme, which has short size of signature, low communication and computational cost. We provide security proofs for our scheme. 相似文献
6.
通过对罗大文等提出的无证书的可验证环签名方案(罗大文, 何明星, 李虓. 无证书的可验证环签名方案. 计算机工程, 2009, 35(15): 135-137)和可验证的代理环签名方案(罗大文, 何明星, 李虓.可验证的代理环签名方案. 西南民族大学学报:自然科学版, 2009, 35(3):608-611)进行分析,指出这两个可验证环签名方案不满足不可否认性,即环中的成员可以冒充环内其他成员生成有效的环签名,并使验证者相信签名是后者所为。针对上述问题,利用签名者的私钥产生秘密值,提出了改进的可验证环签名方案,安全性分析表明改进的方案克服了原方案的安全缺陷,满足可验证环签名的所有安全要求。 相似文献
7.
Xinyi Huang Willy Susilo Yi Mu Wei Wu 《International Journal of Information Security》2008,7(3):171-183
In Asiacrypt 2003, the concept of universal designated verifier signature (UDVS) was introduced by Steinfeld, Bull, Wang and Pieprzyk. In the new paradigm, any signature holder (not necessarily the signer) can designate the publicly verifiable signature to any desired designated verifier
(using the verifier’s public key), such that only the designated verifier can believe that the signature holder does have
a valid publicly verifiable signature, and hence, believes that the signer has signed the message. Any other third party cannot
believe this fact because this verifier can use his secret key to create a valid UDVS which is designated to himself. In ACNS
2005, Zhang, Furukawa and Imai proposed the first UDVS scheme without random oracles. In this paper, we give a security analysis
to the scheme of Zhang et al. and propose a novel UDVS scheme without random oracles based on Waters’ signature scheme, and
prove that our scheme is secure under the Gap Bilinear Diffie Hellman assumption. 相似文献
8.
9.
In 1996, Jakobsson et al. proposed a designated verifier signature scheme in which only one specified person, called a designated verifier, can be convinced of the validity of the signature and the identity of the signer. This is possible by giving the designated verifier the ability to simulate a signature him/herself in an indistinguishable way. Therefore, the other third party cannot determine whether the signature is from the signer or the designated verifier. However, in some circumstances, the third party may be convinced that a signature intended for the designated verifier is actually generated by the signer.In 2003, Saeednia et al. proposed a strong designated verifier signature scheme to overcome this problem. However, we found that Saeednia et al.'s scheme would reveal the identity of the signer if the secret key of this signer is compromised. In this paper, we provide a new strong designated verifier signature scheme that provides signer ambiguity, even if the secret key of the signer is compromised. We also analyze the proposed scheme. 相似文献
10.
切尼提出了一种带有信号恢复的签名方案,但是米切尔和尤尼称这种方案仅仅是一种鉴别编码方案而并非签名方案.在理解米切尔和尤尼的观点的基础上,提出了一种带有信号恢复特征的新签名方案;在詹科比森提出的指定检验者的签名方案的基础上,提出了一种带有防发送方抵赖的指定检验者的签名方案,并为该方案给出了协议. 相似文献
11.
12.
13.
Gao Wen Chen Liqun Hu Yupu Newton Christopher J. P. Wang Baocang Chen Jiangshan 《International Journal of Information Security》2019,18(3):355-370
In cryptography, a ring signature is anonymous as it hides the signer’s identity among other users. When generating the signature, the users are arranged as a ring. Compared with group signatures, a ring signature scheme needs no group manager or special setup and supports flexibility of group choice. However, the anonymity provided by ring signatures can be used to conceal a malicious signer and put other ring members under suspicion. At the other extreme, it does not allow the actual signer to prove their identity and gain recognition for their actions. A deniable ring signature is designed to overcome these disadvantages. It can initially protect the signer, but if necessary, it enables other ring members to deny their involvement, and allows the real signer to prove who made the signed action. Many real-world applications can benefit from such signatures. Inspired by the requirement for them to remain viable in the post-quantum age, this work proposes a new non-interactive deniable ring signature scheme based on lattice assumptions. Our scheme is proved to be anonymous, traceable and non-frameable under quantum attacks.
相似文献14.
In this paper, we introduce an extended ring signature scheme in which the actual signer has the ability to admit to having signed a document at his will. Generally speaking, this scheme can be considered as an extension and improvement of the ring signature suggested by Rivest et al. in 2001. The proposed scheme is called signer-admission ring signature which combines the idea of the designated confirmer signatures proposed by Chaum in 1994 and the designated verifier proofs proposed by Jakobsson et al. in 1996. This paper presents a scenario explaining why the signer-admission property is valuable in real-life applications. An actual signer may possibly want to expose himself if, in doing so, he will acquire an enormous benefit. Here, we propose a generic construction of the signer-admission ring signature as well as a demonstration modified from Rivest et al.’s scheme to achieve signer-admission. 相似文献
15.
丁家琳 《计算技术与自动化》2020,39(3):178-182
回顾了Ren-Harn的广义环签名算法,但Ren-Harn的广义环签名并不能满足可转化性的定义。以Ren-Harn的方案为基础,提出了基于时间戳的Ren-Harn算法,即在算法中引入时间戳变量,同时构造出双线性映射的单向陷门函数。通过环签名算法的验证,改进方案不仅严格满足可转化性的定义,而且具有很好的安全性。在保障真实签名者对于环签名的独创性,防止信息的恶意篡改等方面有很深远的影响和意义。 相似文献
16.
Li-Wang(2006)提出了一种通用指定验证者环签名方案(UDVRS)。该方案允许签名者指定一个验证者并产生一个指定验证者环签名,使得只有指定验证者才能验证该环签名。通过对Li-Wang提出的通用环签名方案进行分析,指出了该方案并不满足指定验证者性质,给出了攻击方法。为避免该缺陷,对Li-Wang通用指定验证者环签名方案进行改进,改进后的方案是可证安全的。 相似文献
17.
Kyung-Ah Shim Author Vitae 《Computers & Electrical Engineering》2011,37(2):180-186
A proxy signature enables an original signer to delegate its signing capability to a proxy signer and the proxy signer can sign a message on behalf of the original signer. Later, anyone can verify the validity of proxy signatures. The “public-verifiable” property of the proxy signature is not suitable in some applications in which a proxy signed message may be personally or commercially sensitive. A designated verifier proxy signature scheme is suitable for these environments. In this paper, we propose a provably secure short designated verifier proxy signature scheme in the random oracle model under the Bilinear Diffie-Hellman assumption. 相似文献
18.
《国际计算机数学杂志》2012,89(5):753-770
Subliminal signature schemes enable senders to hide subliminal messages in a digital signature such that no one besides the authorised subliminal message receiver (called designated receiver) can extract subliminal messages from that signature. This paper is the first to construct subliminal channels on the identity-based threshold ring signature scheme. Two types of subliminal channels are proposed. The first is the unknown-sender subliminal channel, wherein the sender is anonymously sending the subliminal message through an identity-based threshold ring signature. Although the designated receiver can extract the subliminal message and confirm that it is from the known ring of signers, he/she cannot identify the real sender. The other proposed subliminal channel is the known-sender subliminal channel in which the designated receiver can identify the actual sender. Furthermore, the proposed unknown-sender subliminal channel can be extended to permit the sender to send multiple subliminal messages to multiple designated receivers via a single threshold ring signature. 相似文献
19.
20.
给出一种可容忍信息泄露的指定验证者盲代理签名方案,它具有一些代理签名方案的新特点:匿名性和可追踪性。指定验证者在验证代理签名之后只能确信代理签名是代表原始签名者的签名而无法确定代理签名者身份;当出现争议时,指定验证者可通过代理群管理员追查出代理签名者的身份。提出的方案较好地解决了基于身份指定验证者签名中的密钥托管问题。与同类方案相比,签名和验证次数少、交互次数更少。 相似文献