An improved ring signature scheme without trusted key generation center for wireless sensor network

Security of wireless sensor network (WSN) is a considerable challenge, because of limitation in energy, communication bandwidth and storage. ID-based cryptosystem without checking and storing certificate is a suitable way used in WSN. But key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest key generation center (KGC) can forge the signature of any node and on the other hand the node can deny the signature actually signed by him/herself. To solving this problem, we propose an ID-based ring signature scheme without trusted KGC. We also present the accurate secure proof to prove that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other ring signature schemes, we think proposed scheme is more efficient.     

Improved ID-Based Signature Scheme Solving Key Escrow

Introduction Inatraditionalpublickeycryptosystem(PKC),theassociationbetweenauser'sidentity andhispublickeyisobtainedthroughadigitalcer-tificateissuedbyacertificationauthority(CA).TheCAchecksthecredentialsofauserbeforeis-suingacertificatetohim.Tosimplifythecertifi-catemanagementprocess,Shamir[1]introducedthe conceptofID-basedcryptosystemin1984,which allowedforauser'sidentityinformationsuchas hisname,IPaddress,telephonenumber,email address,etc.toserveashispublickey.Sucha publickeyisclearlyb…     

破译Merkle-Hellman背包加密方案的DNA计算模型

背包公钥密码体制是第一个公钥体制,其攻击算法是NP完全问题.首先对背包问题和背包公钥体制进行了描述,然后给出了2种破译Merkle-Hellman背包加密方案DNA计算模型,即分步排除法和二分法,分步排除法是一种基本算法,二分法对分步排除法进行了改进,提高了破译背包密码的效率.     

On constructing certificateless proxy signature from certificateless signature

In proxy signature schemes, an original signer A delegates its signing capability to a proxy signer B, in such a way that B can sign message on behalf of A.The recipient of the final message verifies at the same time that B computes the signature and that A has delegated its signing capability to B.Recently many identity-based(ID-based) proxy signature schemes have been proposed, however, the problem of key escrow is inherent in this setting.Certificateless cryptography can overcome the key escrow problem.In this paper, we present a general security model for certificateless proxy signature scheme.Then, we give a method to construct a secure certificateless proxy scheme from a secure certificateless signature scheme, and prove that the security of the construction can be reduced to the security of the original certificateless signature scheme.     

实用背包密码术的研究

本文在已研制的背包间题密码系统的基础上,对整个算法从理论上、方法上进行了进 一步修改完善,并对整个密码算法的原理、应用和安全性进行了论证.这种密码系统 是建立在传统密码学和公开密钥密码体制的基础之上,它既可实现保密性又可保持 真实性,特别适于作为计算机信息的通用加密工具。      

New constructions of dynamic threshold cryptosystem

This study deals with the dynamic property of threshold cryptosystem. A dynamic threshold cryptosystem allows the sender to choose the authorized decryption group and the threshold value for each message dynamically. We first introduce an identity based dynamic threshold cryptosystem, and then use the Canetti- Halevi-Katz （CHK） transformation to transform it into a fully secure system in the traditional public key setting. Finally, the elegant dual system encryption technique is applied to constructing a fully secure dynamic threshold cryptosystem with adaptive security.     

A Group Oriented Cryptosystem for the Vector Space Access Structure

Introduction Whenasenderwantstosecurelysendames-sagemtoagroupofreceivers(alsocalledpartici-pants),andallowseachreceivertoaccessthemes-sageseparately,thesendercanuseeachreceiver's publickeytoencryptmandsendtohim.Thisis notessentiallydifferentfromsendingamessageto asinglereceiver,becausethesenderonlyneedsto re-performthesendingprotocolofausualcryp-tosystemfortimes.However,ifthesenderre-quiresthattheseparticipantsshouldcooperatively accessthemessage,thatis,theycandecryptthe ciphertextofthemessage…     

空间量子保密通信的研究现状

首先阐述了量子密码术(quantum cryptography,QC)在保密通信中的重要意义,然后简要地介绍了量子保密通仪协议安全性的基本原理和几种量子密码术协议,综述了空间量子保密通信实验研究的进展,最后在上述实验的基础上介绍了基于卫星的量子保密通信终端及其关键参数和关键技术。     

DESIGN OF A DIGITAL SIGNATURE SCHEME BASED ON FACTORING AND DISCRETE LOGARITHMS

Objective Focusing on the security problem of authentication and confidentiality in the context of computer networks, a digital signature scheme was proposed based on the public key cryptosystem. Methods Firstly,the course of digital signature based on the public key cryptosystem was given. Then, RSA and ELGamal schemes were described respectively. They were the basis of the proposed scheme. Generalized ELGamal type signature schemes were listed. After comparing with each other, one scheme, whose Signature equation was (m r)x=j s modФ(p) , was adopted in the designing. Results Based on two well-known cryptographic assumptions, the factorization and the discrete logarithms, a digital signature scheme was presented. It must be required that s“ was not equal to p‘q“ in the signing procedure, because attackers could forge the signatures with high probabilities if the discrete logarithms modulo a large prime were solvable. The variable public key “e“ is used instead of the invariable parameter “3“ in Ham‘s signature scheme to enhance the security. One generalized ELGamal type scheme made the proposed scheme escape one multiplicative inverse operation in the signing procedure and one modular exponentiation in the verification procedure.Conclusion The presented scheme obtains the security that Harn‘s scheme was originally claimed. It is secure if the factorization and the discrete logarithms are simultaneously unsolvable.     

Efficient and provably-secure certificateless proxy re-encryption scheme for secure cloud data sharing

In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption （PRE） as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE （CL-PRE） scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman （CDH） problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.     

ID-Based Authenticated Dynamic Group Key Agreement

IntroductionIn many modern collaborative and distributedapplications such as multicast communication, au-dio-video conference and collaborative tools, scal-able and reliable group communication is one of thecritical problems. A group key agreement (GKA)protocol allows a group of users to share a key,which may later be used to achieve some crypto-graphic goals. In addition to this basic tool an au-thentication mechanism provides an assurance ofkey shared with intended users. A protocol achiev…     

基于可信密码模块的远程证明协议

可信密码模块是以我国研发的密码算法为基础,结合国内安全需求与产业市场,借鉴国际先进的可信计算技术框架与技术理念自主创新研发的.本文中首先对可信计算平台密码技术方案和国际可信计算组织规范在密码算法、授权协议和密钥管理等几方面进行了比较.基于可信密码模块,提出的基于隐藏属性证书的远程证明方案,用属性证书代替平台配置信息,不仅能有效防止隐私性的暴露,而且可以在系统升级和备份过程中完成可信检测,提高了实现的效率.     

对两种代理盲签名体制的密码学分析

代理盲签名结合了代理签名与盲签名的优点，而多级代理签名实现了签名权利在许可范围内逐级向下代理的要求。利用椭圆曲线上的双线性对，陈玲玲等人提出了一种基于身份的代理盲签名方案，胡江红等人提出了一种基于身份的多级强代理盲签名方案。给出了这两个方案的密码学分析，指出在陈玲玲等人的方案中，代理签名人可以利用授权证书计算得到原始签名人的私钥，从而可直接伪造原始签名人的签名或授权，同时指出所提的两个方案也无法满足不可追踪性．代理签名人可以将自己在签名协议中的签名和签名的消息联系起来从而跟踪消息的拥有者，从而证明了这两个方案是不安全的。     

A Heuristic Method of Scalar Multiplication of Elliptic Curve over OEF

Introduction Recently,ellipticcurvecryptosystemshave beenthefocusofmuchattention,sincetheypro-videmanyadvantages,forexample,ashortkey lengthandfastcomputationspeed.Inparticular,theuseofoptimalextensionfield(OEF)[1]for softwareimplementationhasdeterminedthatanel-lipticcurvecryptosystemisfasterthanapublickey cryptosystembasedonmodularexponentiations.Especially,N.P.Smartcompareddiffierentfinite fieldsforellipticcurvecryptosystemsandconclud-edthatOEFsgivegreaterperformance[2].Thealgorithmsfora…     

Key Management Using Certificate-Based Cryptosystem in Ad Hoc Networks

Introduction Anadhocnetworkisacollectionofau-tonomousnodesthatcommunicatewitheachother byformingamulti-hopwirelessnetwork.The propertyofnotrelyingonthesupportfromany fixedinfrastructuremakesitusefulforawide rangeofapplications,suchasinstantconsultation betweenmobileusersinthebattlefields,emergen-cy,anddisastersituations,wheregeographicalor terrestrialconstraintsdemandtotallydistributed networks.Whileadhocnetworkprovidesagreat flexibilityforestablishingcommunications,italso bringsalotofresearch…     

An ID-Based Authenticated Key Agreement Protocol for Peer-to-Peer Computing

Introduction Overrecentyears,withtheemergenceofdis-tributedapplicationsovertheInternet,anewmod-elofcommunicationandcomputation,calledpeer-to-peer(P2P)computing,hasgainedgreatpopu-larity[1-3].Contrarytothetraditionalclient-server model,P2Pcomputingeliminatesthenotionof“server”,andallpeersinP2Psystemcanactas clientsandserversatthesametime.Therefore,thesinglepointoffailureandthebottleneckof“server”encounteredinthetraditionalclient-serv-ermodelcanbeeliminated,andtheperformance andreliabilit…     

The Braid-Based Bit Commitment Protocol

Introduction Theprimitiveofbitcommitmentcanbeim-plicitlytracedbacktoveryearlyworksbyRa-bin[1],Blum[2],andShamiretal[3].Itsbasicsce-nariois:AlicecansendaprooftoBobthatcom-mitshertoabitb(0or1)ofherchoiceinsucha waythatBobcannottellwhatbis(commit phase),butlaterAlicecanopenthecommitment andprovehimwhatboriginallywas(openphase).Abitcommitmentschemeissaidtobebindingif thepromisee(Alice)hasnochancetocheat,i.e.,shecannotopentheoppositeofheroriginalcom-mitment.Wecallabitcommitmenthidingifthe commi…     

基于椭圆曲线的不可否认门限代理签名方案

针对已有的门限代理签名方案不能有效地抵抗签名人协作攻击和伪造攻击,以及在某些场合实用性不强的缺点提出了改进方案.在代理签名生成阶段要求每个实际签名人提供自己的私钥信息,在形成的代理签名中不仅包含每个代理签名人的秘密信息,还包含了每个实际签名人的秘密信息,从而能有效抵抗协作攻击和伪造攻击.另外,用椭圆曲线密码机制替换了已有的方案中用的ElGamal离散对数密钥机制,使系统效率更高.     

Certificateless strong key-insulated signature without random oracles

It is important to ensure the private key secure in cryptosystem. To reduce the underlying danger caused by the private key leakage, Dodis et al. (2003) introduced the notion of key-insulated security. To handle the private key leakage problems in certificateless signature schemes, we propose a new certificateless strong key-insulated signature scheme. Our scheme has two desirable properties. First, its security can be proved without utilizing the random oracle model. Second, it solves the key escrow problems in identity-based key-insulated signatures (IBKISs).     

Practical identity-based aggregate signature from bilinear maps

A new identity-based(ID-based) aggregate signature scheme which does not need any kind of interaction among the signers was proposed to provide partial aggregation.Compared with the existing ID-based aggregate signatures, the scheme is more effcient in terms of computational cost.Security in the random oracle model based on a variant of the computation Diffe-Hellman(CDH) problem is captured.