New (t, n) threshold directed signature scheme with provable security

Directed signature scheme allows only a designated verifier to check the validity of the signature issued to him; and at the time of trouble or if necessary, any third party can verify the signature with the help of the signer or the designated verifier as well. Due to its merits, directed signature scheme is widely used in situations where the receiver’s privacy should be protected. Threshold directed signature is an extension of the standard directed signature, in which several signers may be required to cooperatively sign messages for sharing the responsibility and authority. To the best of our knowledge, threshold directed signature has not been well studied till now. Therefore, in this paper, we would like to formalize the threshold directed signature and its security model, then present a new (t, n) threshold directed signature scheme from bilinear pairings and use the techniques from provable security to analyze its security.     

A Convertible Multi-Authenticated Encryption scheme for group communications

Recently, Wu et al. proposed a Convertible Multi-Authenticated Encryption (CMAE) scheme, which allows a signing group with multiple signers to generate a multi-authenticated ciphertext signature on the chosen message so that only a designated verifier can recover and verify the message. In case of later dispute, the verifier can convert the multi-authenticated ciphertext signature into an ordinary one that can be verified by anyone. In this study, a CMAE scheme for group communications is proposed. This is presented by first reviewing the concepts of group-oriented encryption schemes and the merits of Wu et al.’s scheme. This shows that not only can a multi-authenticated ciphertext signature be generated by a signing group, but also the message can be recovered and verified by a verifying group with multiple verifiers. The security of the proposed scheme is based solely on the DDH problem, which provides higher security confidence than using the CDH problem in Wu et al.’s CMAE scheme.     

Web proxy cache replacement scheme based on back-propagation neural network

Web proxy caches are used to reduce the strain of contemporary web traffic on web servers and network bandwidth providers. In this research, a novel approach to web proxy cache replacement which utilizes neural networks for replacement decisions is developed and analyzed. Neural networks are trained to classify cacheable objects from real world data sets using information known to be important in web proxy caching, such as frequency and recency. Correct classification ratios between 0.85 and 0.88 are obtained both for data used for training and data not used for training. Our approach is compared with Least Recently Used (LRU), Least Frequently Used (LFU) and the optimal case which always rates an object with the number of future requests. Performance is evaluated in simulation for various neural network structures and cache conditions. The final neural networks achieve hit rates that are 86.60% of the optimal in the worst case and 100% of the optimal in the best case. Byte-hit rates are 93.36% of the optimal in the worst case and 99.92% of the optimal in the best case. We examine the input-to-output mappings of individual neural networks and analyze the resulting caching strategy with respect to specific cache conditions.     

基于身份的无可信中心门限环签名方案

已有的多数基于身份的门限环签名方案不能克服密钥托管问题,而能克服密钥托管问题的基于身份的无可信中心签名方案存在效率不高的缺陷。该文利用分布式秘密共享思想和双线性对,提出一个有效的基于身份的无可信中心门限环签名方案。该方案能保证不诚实的PKG无法伪造环签名,有效避免了密钥托管问题。同时该方案只需要2次对运算,比已有的门限环签名方案和无可信中心的基于身份的签名方案效率更高。     

一种安全增强的无线Ad Hoc网络门限签名方案

在椭圆曲线可验证门限签名的基础上,结合Feldman可验证秘密共享和一种新型的可验证密钥重分派算法,提出一种具有前摄安全性、参数可调节的椭圆曲线可验证门限签名方案。该方案通过周期地在不同的访问结构中重新分派密钥分片,增强了签名密钥的安全性,同时使签名方案中的门限和签名服务器个数都可动态调整,增强了灵活性和可伸缩性。     

基于多级单向哈希链的网格代理证书管理

代理证书是网格安全基础设施(GSI)中关键机制之一,用户需要通过代理证书访问网格服务,但目前的GSI方案中缺乏有效的代理证书管理机制。针对代理证书的生命周期控制不灵活、证书容易受到攻击等问题,该文提出一种基于多级单向哈希链的网格代理证书管理方案。多级单向哈希链由2层或2层以上哈希链构成,每个代理证书都由一个哈希值保护,其有效时间能够得到自适应控制,增强了网格代理证书管理的安全性和任务成功率。实验表明网格环境下该方案计算和通信开销较小。     

基于身份的卡梅隆数字签名方案

卡梅隆签名是一种非交互式的数字签名,其使用的Hash函数是一种特殊的陷门单向Hash函数——卡梅隆Hash。卡梅隆数字签名具有不可传递性和不可否认性等优点。该文利用基于身份和双线性对的签名方案,结合卡梅隆Hash函数,构造了基于身份的卡梅隆数字签名方案。与传统的卡梅隆方案相比,该方案中公开Hash密钥的所有者无须恢复相应的私钥,且是指定验证者的方案。     

一种局部与全局相结合的微粒群优化算法

分析一种基于ElGamal的前向安全签名方案.该方案满足前向安全性,但在签名者私钥泄漏后,签名是不安伞的,即不满足后向安全性,有一定的局限性.该文引入强前向安全的思想,克服了该方案的局限性,并将改进后的强前向安全签名与代理签名相结合,提出一种新的满足强前向安全定义的强前向安全代理签名方案.     

基于RSA的数字签名算法及其快速实现

在基于RSA的数字签名算法中,直接决定实现效率的是大数模幂运算。对基于二进制的Montgomery算法进行了改进,并将其应用于大数的模幂运算中。改进后的算法在保证算法快速实现的同时,又节省了算法运算空间。     

基于ElGamal的前向安全签名方案的分析与改进

对基于ElGamal体制的前向安全签名方案进行了分析,指出该方案实际上并不具有前向安全性。在此基础上,提出了一种改进方案,由于新方案中无论签名还是验证,都包含了时间段信息,这样攻击者在获得这个时间段的签名私钥后,无法伪造出此前一时间段的签名,实现了前向安全性。改进后的方案安全性同时基于离散对数、因子分解和模合数P次方根的难解问题。