Efficient Dynamic Threshold Group Signature Scheme Based on Elliptic Curve Cryptosystem

The short secret key characteristic of elliptic curve cryptosystem （ECC） are integrated with the （ t, n ） threshold method to create a practical threshold group signature scheme characterized by simultaneous signing. The scheme not only meets the requirements of anonymity and traceability of group signature but also can withstand Tseng and Wang＇s conspiracy attack. It allows the group manager to add new members and delete old members according to actual application, while the system parameters have a little change. Cryptanalysis result shows that the scheme is efficient and secure.     

可验证的动态多秘密共享

提出了一种新的可验证的动态门限多秘密共享方案。该方案的安全性基于Shamir的秘密共享体制和椭圆曲线加密算法的安全性以及椭圆曲线离散对数问题的求解困难性。共享秘密可以周期性的改变,秘密分发者周期性的改变公告栏上的信息以增强系统的健壮性。对于不同的共享秘密,秘密分发者可以动态调整该秘密的门限值。此外,方案能有效检测和识别参与者的欺骗行为,参与者也可以验证其接受到的信息,且无需改变私有信息在任何时候都可以重构秘密。由于公告栏上的信息是定期更新的,所以不会影响新秘密的共享。     

A Group Oriented Cryptosystem for the Vector Space Access Structure

Introduction Whenasenderwantstosecurelysendames-sagemtoagroupofreceivers(alsocalledpartici-pants),andallowseachreceivertoaccessthemes-sageseparately,thesendercanuseeachreceiver's publickeytoencryptmandsendtohim.Thisis notessentiallydifferentfromsendingamessageto asinglereceiver,becausethesenderonlyneedsto re-performthesendingprotocolofausualcryp-tosystemfortimes.However,ifthesenderre-quiresthattheseparticipantsshouldcooperatively accessthemessage,thatis,theycandecryptthe ciphertextofthemessage…     

An improved ring signature scheme without trusted key generation center for wireless sensor network

Security of wireless sensor network (WSN) is a considerable challenge, because of limitation in energy, communication bandwidth and storage. ID-based cryptosystem without checking and storing certificate is a suitable way used in WSN. But key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest key generation center (KGC) can forge the signature of any node and on the other hand the node can deny the signature actually signed by him/herself. To solving this problem, we propose an ID-based ring signature scheme without trusted KGC. We also present the accurate secure proof to prove that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other ring signature schemes, we think proposed scheme is more efficient.     

An Efficient Provable Secure ID-Based Proxy Signature Scheme Based on CDH Assumption

IntroductionMambo, et al.[1]first introduced the conceptof proxy signature. In their scheme, an originalsigner delegates his signing right to a proxy signerin such a way that the proxy signer can sign anymessage on behalf of the original signer and theverifier can verify and distinguish proxy signaturefrom original signature. Proxy signature is of greatuse in such a case that a manager needs to autho-rize his secretary to sign documents on behalf ofhimself before his leaving for a vacation. Du…     

A Distributed Authentication Algorithm Based on GQ Signature for Mobile Ad Hoc Networks

Introduction Mobile ad hoc networks (MANETs) are newinfrastructureless networks without the usual rout-ing infrastructure like fixed routers and routingbackbones. A mobile ad hoc network is a multi-hop temporary self-organizing system compromisedof a group of mobile nodes with radios. MANETshave some special characteristics: self organizing,dynamic topology, limited bandwidth, resourceconstraint nodes, multi-hop routing, vulnerable tosecurity attacks etc. Recently, MANET has beenone of t…     

Certificateless strong key-insulated signature without random oracles

It is important to ensure the private key secure in cryptosystem. To reduce the underlying danger caused by the private key leakage, Dodis et al. (2003) introduced the notion of key-insulated security. To handle the private key leakage problems in certificateless signature schemes, we propose a new certificateless strong key-insulated signature scheme. Our scheme has two desirable properties. First, its security can be proved without utilizing the random oracle model. Second, it solves the key escrow problems in identity-based key-insulated signatures (IBKISs).     

Improved ID-Based Signature Scheme Solving Key Escrow

Introduction Inatraditionalpublickeycryptosystem(PKC),theassociationbetweenauser'sidentity andhispublickeyisobtainedthroughadigitalcer-tificateissuedbyacertificationauthority(CA).TheCAchecksthecredentialsofauserbeforeis-suingacertificatetohim.Tosimplifythecertifi-catemanagementprocess,Shamir[1]introducedthe conceptofID-basedcryptosystemin1984,which allowedforauser'sidentityinformationsuchas hisname,IPaddress,telephonenumber,email address,etc.toserveashispublickey.Sucha publickeyisclearlyb…     

Key Management Using Certificate-Based Cryptosystem in Ad Hoc Networks

Introduction Anadhocnetworkisacollectionofau-tonomousnodesthatcommunicatewitheachother byformingamulti-hopwirelessnetwork.The propertyofnotrelyingonthesupportfromany fixedinfrastructuremakesitusefulforawide rangeofapplications,suchasinstantconsultation betweenmobileusersinthebattlefields,emergen-cy,anddisastersituations,wheregeographicalor terrestrialconstraintsdemandtotallydistributed networks.Whileadhocnetworkprovidesagreat flexibilityforestablishingcommunications,italso bringsalotofresearch…     

入侵容忍及其应用研究

入侵容忍作为第3代安全技术的核心,旨在容忍攻击,确保信息的机密性、完整性和可用性.分析了入侵容忍的基于门限密码体制的实现机制以及它的实现方式,并指出了其中存在的问题,最后预测了它的发展方向.     

DESIGN OF A DIGITAL SIGNATURE SCHEME BASED ON FACTORING AND DISCRETE LOGARITHMS

Objective Focusing on the security problem of authentication and confidentiality in the context of computer networks, a digital signature scheme was proposed based on the public key cryptosystem. Methods Firstly,the course of digital signature based on the public key cryptosystem was given. Then, RSA and ELGamal schemes were described respectively. They were the basis of the proposed scheme. Generalized ELGamal type signature schemes were listed. After comparing with each other, one scheme, whose Signature equation was (m r)x=j s modФ(p) , was adopted in the designing. Results Based on two well-known cryptographic assumptions, the factorization and the discrete logarithms, a digital signature scheme was presented. It must be required that s“ was not equal to p‘q“ in the signing procedure, because attackers could forge the signatures with high probabilities if the discrete logarithms modulo a large prime were solvable. The variable public key “e“ is used instead of the invariable parameter “3“ in Ham‘s signature scheme to enhance the security. One generalized ELGamal type scheme made the proposed scheme escape one multiplicative inverse operation in the signing procedure and one modular exponentiation in the verification procedure.Conclusion The presented scheme obtains the security that Harn‘s scheme was originally claimed. It is secure if the factorization and the discrete logarithms are simultaneously unsolvable.     

基于ECC的入侵容忍数字签字方案

入侵容忍是网络安全中的一种新方法,该方法保证系统在遭受攻击的情况下信息的机密性、完整性和可用性.本文基于安全的椭圆曲线,结合门限体制、可验证秘密共享体制以及主动秘密共享方案,给出一种新的入侵容忍签字方案.新方案在签名时可以避免密钥重构,防止了密钥的泄漏.     

破译Merkle-Hellman背包加密方案的DNA计算模型

背包公钥密码体制是第一个公钥体制,其攻击算法是NP完全问题.首先对背包问题和背包公钥体制进行了描述,然后给出了2种破译Merkle-Hellman背包加密方案DNA计算模型,即分步排除法和二分法,分步排除法是一种基本算法,二分法对分步排除法进行了改进,提高了破译背包密码的效率.     

Distributed certificateless key encapsulation mechanism secure against the adaptive adversary

This paper proposes an adaptively secure solution to certificateless distributed key encapsulation mechanism from pairings by using Canetti's adaptive secure key generation scheme based on discrete logarithm. The proposed scheme can withstand adaptive attackers that can choose players for corruption at any time during the run of the protocol, and this kind of attack is powerful and realistic. In contrast, all previously presented threshold certificateless public key cryptosystems are proven secure against the more idealized static adversaries only. They choose and fix the subset of target players before running the protocol. We also prove security of this scheme in the random oracle model.     

基于QoS升降级的无线单播多播混合带宽资源分配方法

在单播与多播混合服务的OFDM蜂窝系统中,因负载较重而使带宽资源被完全占用时,为接纳更多的多播用户,在单播多媒体用户可接受的范围内提出：基于信道容量平滑的QoS升降级带宽借用方法.通过建立QoS升降级的子载波借用模型和CUpDown-QoS算法,达到最大化多播用户数和减小多播切换呼叫中断率;提出了GoS保证下,限制新呼叫的动态带宽借用阈值,给出基于Markov模型的CBP（Call Blocking Probability）与HDP（Handoff Dropping Probability）最优折中的阈值确定方法,以及多播优先的动态带宽借用策略对阈值确定的影响.     

一种动态门限群签名方案的弱点

已有的门限群签名方案几乎都存在弱点,设计性能良好的门限群签名是密码学中的一个公开问题。针对一种动态门限群签名方案详细分析了其存在的弱点,其中最主要的弱点是:部分成员可以合谋得到系统的秘密参数,从而伪造群签名。     

基于Pairing抗选择密文攻击的新门限密码体制

为提高Baek-Zheng方案的解密效率,用逆运算代替Baek-Zheng方案中所用的点乘运算设计验证过程.由于验证过程只需1次Pairing操作,故在保持Baek-Zheng方案的加密速度以及密文和解密碎片的长度的前提下,新方案将每个门限解密参与者的效率提高了近1倍.新方案在O rac le D iffie-Hellm an假设下被证明可以抗选择密文攻击.     

具有可追查性的抗合谋攻击(t,n)门限签名方案

在分析王斌和李建华的无可信中心门限签名方案(王-李方案)以及X ie-Yu改进方案安全缺陷的基础上,提出了一种新的具有可追查性的抗合谋攻击(t,n)门限签名方案;对新方案的安全性进行了分析,并与现有方案的效率进行了比较.结果表明:该方案不仅能够从根本上抵抗合谋攻击和伪造签名攻击,而且在保证匿名性的前提下,能够真正实现签名成员身份的可追查性,同时通过构造安全的分布式密钥生成协议保证群私钥的不可知性,因此比现有方案具有更高的安全性.此外,新方案的计算量和通信量与王-李方案接近,但优于X ie-Yu方案.     

实用背包密码术的研究

本文在已研制的背包间题密码系统的基础上,对整个算法从理论上、方法上进行了进 一步修改完善,并对整个密码算法的原理、应用和安全性进行了论证.这种密码系统 是建立在传统密码学和公开密钥密码体制的基础之上,它既可实现保密性又可保持 真实性,特别适于作为计算机信息的通用加密工具。      

A universal composability framework for analysis of proxy threshold signature

The universal composability framework is a new approach for designing and analyzing the security of cryptographic protocols. In this framework, the security of protocols is maintained under a general protocol composition operation. In the paper, we propose the universal composability framework for the analysis of proxy threshold signature and present a universally composable secure proxy threshold signature scheme which is the first one in this area. The proposed scheme is suitable for the mobile agents, which should migrate across different environment through network. Furthermore, we give the concrete analysis of the reduction to prove the security of the proposed scheme.