对两种代理盲签名体制的密码学分析

代理盲签名结合了代理签名与盲签名的优点，而多级代理签名实现了签名权利在许可范围内逐级向下代理的要求。利用椭圆曲线上的双线性对，陈玲玲等人提出了一种基于身份的代理盲签名方案，胡江红等人提出了一种基于身份的多级强代理盲签名方案。给出了这两个方案的密码学分析，指出在陈玲玲等人的方案中，代理签名人可以利用授权证书计算得到原始签名人的私钥，从而可直接伪造原始签名人的签名或授权，同时指出所提的两个方案也无法满足不可追踪性．代理签名人可以将自己在签名协议中的签名和签名的消息联系起来从而跟踪消息的拥有者，从而证明了这两个方案是不安全的。     

一种高效的基于身份的代理盲签名方案

在代理签名中,原始签名人能将数字签名的权力委托给代理签名人;而在盲签名方案中,签名者不能看到被签消息的内容。签名被接受者得到后,签名者不能追踪签名,结合代理签名与盲签名的优点,利用基于椭圆曲线上的Weil配对（WeilPair—ing）的双线性映射,构造了一个高效的基于身份的代理盲签名方案．分析表明,该方案不仅满足代理盲签名所要求的所有性质,而且其效率也优于已有同类方案．     

Certificateless strong key-insulated signature without random oracles

It is important to ensure the private key secure in cryptosystem. To reduce the underlying danger caused by the private key leakage, Dodis et al. (2003) introduced the notion of key-insulated security. To handle the private key leakage problems in certificateless signature schemes, we propose a new certificateless strong key-insulated signature scheme. Our scheme has two desirable properties. First, its security can be proved without utilizing the random oracle model. Second, it solves the key escrow problems in identity-based key-insulated signatures (IBKISs).     

Directed proxy signature in the standard model

A directed signature is a type of signature with restricted verification ability. Directed signatures allow only a designated verifier to check the validity of the signature issued to him, and at the time of trouble or if necessary, any third party can verify the signature with the help of the signer or the designated verifier. Directed signature schemes are widely used in situations where the receiver’s privacy should be protected. Proxy signatures allow an entity to delegate its signing capability to another entity in such a way that the latter can sign message on behalf of the former when the former is not available. Proxy signature schemes have found numerous practical applications such as distributed systems and mobile agent applications. In this paper, we firstly define the notion of the directed proxy signature by combining the proxy signature and directed signature. Then, we formalize its security model and present a concrete scheme in the standard model. Finally, we use the techniques from provable security to show that the proposed scheme is unforgeable under the gap Diffie-Hellman assumption, and invisible under the decisional Diffie-Hellman assumption.     

Identity-based key-insulated proxy signature without random oracles

In an identity based proxy signature (IBPS) scheme, a designated proxy signer can generate the signature on behalf of an original signer. Traditional IBPS schemes normally rely on the assumption that private keys are kept perfectly secure. However, due to viruses, worms or other break-ins allowed by operating-system holes, key exposure seems inevitable. To minimize the damage caused by key exposure in IBPS, we propose an identity-based key-insulated proxy signature (IBKIPS) scheme in the standard model, i.e. without random oracles.     

An Efficient Provable Secure ID-Based Proxy Signature Scheme Based on CDH Assumption

IntroductionMambo, et al.[1]first introduced the conceptof proxy signature. In their scheme, an originalsigner delegates his signing right to a proxy signerin such a way that the proxy signer can sign anymessage on behalf of the original signer and theverifier can verify and distinguish proxy signaturefrom original signature. Proxy signature is of greatuse in such a case that a manager needs to autho-rize his secretary to sign documents on behalf ofhimself before his leaving for a vacation. Du…     

Provably Secure Short Proxy Signature Scheme from Bilinear Maps

An enhanced formal model of security for proxy signature schemes is presented and a provably secure short proxy signature scheme is proposed from bilinear maps. The proposed proxy signature scheme is based on two short secure signature schemes. One is used for delegating the signing rights and computing the standard signature; the other is used for computing proxy signature. Finally, a security proof of the proposed proxy signature scheme is showed by reducing tightly the security of the proposed proxy signature scheme to the security of the two basic signature schemes. The proposed proxy signature scheme has the shortest ordinary signatures and proxy signatures. Moreover, the proxy signature generation needs no pairing operation and verification needs just two pairing operation.     

An improved ring signature scheme without trusted key generation center for wireless sensor network

Security of wireless sensor network (WSN) is a considerable challenge, because of limitation in energy, communication bandwidth and storage. ID-based cryptosystem without checking and storing certificate is a suitable way used in WSN. But key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest key generation center (KGC) can forge the signature of any node and on the other hand the node can deny the signature actually signed by him/herself. To solving this problem, we propose an ID-based ring signature scheme without trusted KGC. We also present the accurate secure proof to prove that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other ring signature schemes, we think proposed scheme is more efficient.     

Improved ID-Based Signature Scheme Solving Key Escrow

Introduction Inatraditionalpublickeycryptosystem(PKC),theassociationbetweenauser'sidentity andhispublickeyisobtainedthroughadigitalcer-tificateissuedbyacertificationauthority(CA).TheCAchecksthecredentialsofauserbeforeis-suingacertificatetohim.Tosimplifythecertifi-catemanagementprocess,Shamir[1]introducedthe conceptofID-basedcryptosystemin1984,which allowedforauser'sidentityinformationsuchas hisname,IPaddress,telephonenumber,email address,etc.toserveashispublickey.Sucha publickeyisclearlyb…     

基于椭圆曲线的不可否认门限代理签名方案

针对已有的门限代理签名方案不能有效地抵抗签名人协作攻击和伪造攻击,以及在某些场合实用性不强的缺点提出了改进方案.在代理签名生成阶段要求每个实际签名人提供自己的私钥信息,在形成的代理签名中不仅包含每个代理签名人的秘密信息,还包含了每个实际签名人的秘密信息,从而能有效抵抗协作攻击和伪造攻击.另外,用椭圆曲线密码机制替换了已有的方案中用的ElGamal离散对数密钥机制,使系统效率更高.     

Provably secure and efficient proxy signature with untrustworthy proxy signer

Proxy signature has drawn great concerns.However, there still remains a challenge to construct a provably secure and effcient proxy signature scheme.In this paper, we propose an effcient proxy signature scheme based on factoring, and prove that it is secure in the random oracle.Furthermore, we present a new type of proxy signature, called Proxy Signature with Untrustworthy Proxy Signer, and construct a concrete scheme.     

Attribute-based signature on lattices

Attribute-based signature is a versatile class of digital signatures. In attribute-based signature, a signer obtains his private key corresponding to the set of his attributes from a trusted authority, and then he can sign a message with any predicate that is satisfied by his attributes set. Unfortunately, there does not exist an attribute- based signature which is resistance to the quantum attacks. This means we do not have secure attribute-based signature schemes in a post-quantum world. Based on this consideration, an attribute-based signature on lattices, which could resist quantum attacks, is proposed. This scheme employs ＂bonsai tree＂ techniques, and could be proved secure under the hardness assumption of small integer solution problem.     

Batch RSA signature scheme

We describe a batch RSA digital signature scheme in which a signer can sign messages for multiple recipients simultaneously. The construction is quite efficient due to the batch signing method. This is useful to improve the performance of a high-loaded signing server, for example a secure electronic transaction (SET) gateway. Theoretical calculations and experimental results show that the proposed scheme can improve the performance of the signing server significantly. Foundation item: the National Basic Research Program (973) of China (No. 2005CB321804)     

Efficient and provably-secure certificateless proxy re-encryption scheme for secure cloud data sharing

In current cloud computing system, large amounts of sensitive data are shared to other cloud users. To keep these data confidentiality, data owners should encrypt their data before outsourcing. We choose proxy reencryption （PRE） as the cloud data encryption technique. In a PRE system, a semi-trusted proxy can transform a ciphertext under one public key into a ciphertext of the same message under another public key, but the proxy cannot gain any information about the message. In this paper, we propose a certificateless PRE （CL-PRE） scheme without pairings. The security of the proposed scheme can be proved to be equivalent to the computational Dire- Hellman （CDH） problem in the random oracle model. Compared with other existing CL-PRE schemes, our scheme requires less computation cost and is significantly more efficient. The new scheme does not need the public key certificates to guarantee validity of public keys and solves the key escrow problem in identity-based public key cryptography.     

Distributed certificateless key encapsulation mechanism secure against the adaptive adversary

This paper proposes an adaptively secure solution to certificateless distributed key encapsulation mechanism from pairings by using Canetti's adaptive secure key generation scheme based on discrete logarithm. The proposed scheme can withstand adaptive attackers that can choose players for corruption at any time during the run of the protocol, and this kind of attack is powerful and realistic. In contrast, all previously presented threshold certificateless public key cryptosystems are proven secure against the more idealized static adversaries only. They choose and fix the subset of target players before running the protocol. We also prove security of this scheme in the random oracle model.     

A universal composability framework for analysis of proxy threshold signature

The universal composability framework is a new approach for designing and analyzing the security of cryptographic protocols. In this framework, the security of protocols is maintained under a general protocol composition operation. In the paper, we propose the universal composability framework for the analysis of proxy threshold signature and present a universally composable secure proxy threshold signature scheme which is the first one in this area. The proposed scheme is suitable for the mobile agents, which should migrate across different environment through network. Furthermore, we give the concrete analysis of the reduction to prove the security of the proposed scheme.     

Identity-based verifiably committed signature scheme without random oracles

An identity-based verifiably committed signature scheme （IB-VCS） was proposed, which is proved secure in the standard model （i.e., without random oracles）. It enjoys the setup-free property and stand-alone property, both of which make an exchange protocol more practical. The scheme is unconditionally secure against the cheating signer, its security against the cheating verifier is reduced to the computational Diffie-Hellman （CDH） problem in the underlying group, it is secure against the cheating trusted third party if the underlying Paterson Schuldt＇s identity based signature （IBS） scheme is secure, which is proven true based on the CDH assumption in the standard model.     

一种基于离散对数问题的存根代理盲签名方案

数字签名用来保证原始数据完整性和有效性,一个数字签名方案包括数字签名生成算法和数字签名验证算法.简短地介绍了盲签名、代理签名的基本思想和基本性质,并给出如何通过非对称密码算法的思想来实现这些签名方案,提出并详细介绍了一种基于离散对数问题的有存根的(免责声明)代理盲签名方案,讨论了基于离散对数问题的密码学算法的可能攻击方法,在此基础上给出了协议实现时的一些有益的建议.     

DESIGN OF A DIGITAL SIGNATURE SCHEME BASED ON FACTORING AND DISCRETE LOGARITHMS

Objective Focusing on the security problem of authentication and confidentiality in the context of computer networks, a digital signature scheme was proposed based on the public key cryptosystem. Methods Firstly,the course of digital signature based on the public key cryptosystem was given. Then, RSA and ELGamal schemes were described respectively. They were the basis of the proposed scheme. Generalized ELGamal type signature schemes were listed. After comparing with each other, one scheme, whose Signature equation was (m r)x=j s modФ(p) , was adopted in the designing. Results Based on two well-known cryptographic assumptions, the factorization and the discrete logarithms, a digital signature scheme was presented. It must be required that s“ was not equal to p‘q“ in the signing procedure, because attackers could forge the signatures with high probabilities if the discrete logarithms modulo a large prime were solvable. The variable public key “e“ is used instead of the invariable parameter “3“ in Ham‘s signature scheme to enhance the security. One generalized ELGamal type scheme made the proposed scheme escape one multiplicative inverse operation in the signing procedure and one modular exponentiation in the verification procedure.Conclusion The presented scheme obtains the security that Harn‘s scheme was originally claimed. It is secure if the factorization and the discrete logarithms are simultaneously unsolvable.     

An Efficient Forward Secure Signature Scheme

Introduction Exposureofsecretkeysthreatensthesecurity ofadigitalsignaturegreatly.Totacklethisprob-lem,severaldifferentmethodshavebeenpro-posed,includingsecretsharing[1],thresholdsigna-ture[2],andproactivesignature[3].Thesemethods,however,needcooperativeandinteractivecompu-tationsinmultiplesevers,whicharequitecostly.Forwardsecuresignatureschemecanreducethe damageofkeyexposurewithoutcooperativeand interactivecomputations.Intheparadigmoffor-wardsecuresignature,thewholelifetimeofsigna-tureisdivid…