Directed proxy signature in the standard model

A directed signature is a type of signature with restricted verification ability. Directed signatures allow only a designated verifier to check the validity of the signature issued to him, and at the time of trouble or if necessary, any third party can verify the signature with the help of the signer or the designated verifier. Directed signature schemes are widely used in situations where the receiver’s privacy should be protected. Proxy signatures allow an entity to delegate its signing capability to another entity in such a way that the latter can sign message on behalf of the former when the former is not available. Proxy signature schemes have found numerous practical applications such as distributed systems and mobile agent applications. In this paper, we firstly define the notion of the directed proxy signature by combining the proxy signature and directed signature. Then, we formalize its security model and present a concrete scheme in the standard model. Finally, we use the techniques from provable security to show that the proposed scheme is unforgeable under the gap Diffie-Hellman assumption, and invisible under the decisional Diffie-Hellman assumption.     

Identity-based verifiably committed signature scheme without random oracles

An identity-based verifiably committed signature scheme （IB-VCS） was proposed, which is proved secure in the standard model （i.e., without random oracles）. It enjoys the setup-free property and stand-alone property, both of which make an exchange protocol more practical. The scheme is unconditionally secure against the cheating signer, its security against the cheating verifier is reduced to the computational Diffie-Hellman （CDH） problem in the underlying group, it is secure against the cheating trusted third party if the underlying Paterson Schuldt＇s identity based signature （IBS） scheme is secure, which is proven true based on the CDH assumption in the standard model.     

Attribute-based signature on lattices

Attribute-based signature is a versatile class of digital signatures. In attribute-based signature, a signer obtains his private key corresponding to the set of his attributes from a trusted authority, and then he can sign a message with any predicate that is satisfied by his attributes set. Unfortunately, there does not exist an attribute- based signature which is resistance to the quantum attacks. This means we do not have secure attribute-based signature schemes in a post-quantum world. Based on this consideration, an attribute-based signature on lattices, which could resist quantum attacks, is proposed. This scheme employs ＂bonsai tree＂ techniques, and could be proved secure under the hardness assumption of small integer solution problem.     

Certificateless message recovery signatures providing girault’s level-3 security

A digital signature with message recovery is a signature that the message itself (or partial of the message) is not required to be transmitted together with the signature. It has the advantage of small data size of communication comparing with the traditional digital signatures. In this paper, combining both advantages of the message recovery signatures and the certificateless cryptography, we propose the first certificatelss signature scheme with message recovery. The remarkable feature of our scheme is that it can achieve Girault’s Level-3 security while the conventional certificateless signature scheme only achieves Level-2 security. The security of the scheme is rigorously proved in the random oracle model based on the hardness of the k bilinear Diffie-Hellman inverse (k-BDHI) problem.     

Democratic group signatures with linkability from gap Diffie-Hellman group

Democratic group signatures(DGSs) attract many researchers due to their appealing properties, i.e., anonymity, traceability and no group manager.Security results of existing work are based on decisional Diffie-Hellman(DDH) assumption.In this paper, we present a democratic group signature scheme based on any gap Diffie-Hellman(GDH) group where DDH problem is easily but computational Diffie-Hellman(CDH) problem is hard to be solved.Besides the properties of ordinary DGSs, our scheme also provides the property of linkability, i.e., any public verifier can tell whether two group signatures are generated using the same private key.Security properties of our scheme employ a new and independently interesting decisional product Diffie-Hellman(DPDH) assumption which is weaker than DDH one.     

Provably Secure Short Proxy Signature Scheme from Bilinear Maps

An enhanced formal model of security for proxy signature schemes is presented and a provably secure short proxy signature scheme is proposed from bilinear maps. The proposed proxy signature scheme is based on two short secure signature schemes. One is used for delegating the signing rights and computing the standard signature; the other is used for computing proxy signature. Finally, a security proof of the proposed proxy signature scheme is showed by reducing tightly the security of the proposed proxy signature scheme to the security of the two basic signature schemes. The proposed proxy signature scheme has the shortest ordinary signatures and proxy signatures. Moreover, the proxy signature generation needs no pairing operation and verification needs just two pairing operation.     

对两种代理盲签名体制的密码学分析

代理盲签名结合了代理签名与盲签名的优点，而多级代理签名实现了签名权利在许可范围内逐级向下代理的要求。利用椭圆曲线上的双线性对，陈玲玲等人提出了一种基于身份的代理盲签名方案，胡江红等人提出了一种基于身份的多级强代理盲签名方案。给出了这两个方案的密码学分析，指出在陈玲玲等人的方案中，代理签名人可以利用授权证书计算得到原始签名人的私钥，从而可直接伪造原始签名人的签名或授权，同时指出所提的两个方案也无法满足不可追踪性．代理签名人可以将自己在签名协议中的签名和签名的消息联系起来从而跟踪消息的拥有者，从而证明了这两个方案是不安全的。     

On constructing certificateless proxy signature from certificateless signature

In proxy signature schemes, an original signer A delegates its signing capability to a proxy signer B, in such a way that B can sign message on behalf of A.The recipient of the final message verifies at the same time that B computes the signature and that A has delegated its signing capability to B.Recently many identity-based(ID-based) proxy signature schemes have been proposed, however, the problem of key escrow is inherent in this setting.Certificateless cryptography can overcome the key escrow problem.In this paper, we present a general security model for certificateless proxy signature scheme.Then, we give a method to construct a secure certificateless proxy scheme from a secure certificateless signature scheme, and prove that the security of the construction can be reduced to the security of the original certificateless signature scheme.     

Cryptanalysis and Improvement of Digital Multisignature Scheme Based on RSA

Introduction Multisignature is a joint signature generated by agroup of signers. The group has a security policy thatrequires a multisignature to be signed by all groupmembers with the knowledge of multiple privatekeys. Digital multisignatures should have…     

DESIGN OF A DIGITAL SIGNATURE SCHEME BASED ON FACTORING AND DISCRETE LOGARITHMS

Objective Focusing on the security problem of authentication and confidentiality in the context of computer networks, a digital signature scheme was proposed based on the public key cryptosystem. Methods Firstly,the course of digital signature based on the public key cryptosystem was given. Then, RSA and ELGamal schemes were described respectively. They were the basis of the proposed scheme. Generalized ELGamal type signature schemes were listed. After comparing with each other, one scheme, whose Signature equation was (m r)x=j s modФ(p) , was adopted in the designing. Results Based on two well-known cryptographic assumptions, the factorization and the discrete logarithms, a digital signature scheme was presented. It must be required that s“ was not equal to p‘q“ in the signing procedure, because attackers could forge the signatures with high probabilities if the discrete logarithms modulo a large prime were solvable. The variable public key “e“ is used instead of the invariable parameter “3“ in Ham‘s signature scheme to enhance the security. One generalized ELGamal type scheme made the proposed scheme escape one multiplicative inverse operation in the signing procedure and one modular exponentiation in the verification procedure.Conclusion The presented scheme obtains the security that Harn‘s scheme was originally claimed. It is secure if the factorization and the discrete logarithms are simultaneously unsolvable.     

一种高效的基于身份的代理盲签名方案

在代理签名中,原始签名人能将数字签名的权力委托给代理签名人;而在盲签名方案中,签名者不能看到被签消息的内容。签名被接受者得到后,签名者不能追踪签名,结合代理签名与盲签名的优点,利用基于椭圆曲线上的Weil配对（WeilPair—ing）的双线性映射,构造了一个高效的基于身份的代理盲签名方案．分析表明,该方案不仅满足代理盲签名所要求的所有性质,而且其效率也优于已有同类方案．     

基于椭圆曲线的具有消息恢复的数字签名方案

基于椭圆曲线离散对数问题(ECDLP)和平方剩余问题,本文提出了一种新的具备消息自动恢复特性的数字签名方案,同时对该方案进行了各种安全性分析,得出结论:该方案具有前向安全性,而且在第三方仲裁时无需泄露密钥(即具有零知识特性).     

Improved ID-Based Signature Scheme Solving Key Escrow

Introduction Inatraditionalpublickeycryptosystem(PKC),theassociationbetweenauser'sidentity andhispublickeyisobtainedthroughadigitalcer-tificateissuedbyacertificationauthority(CA).TheCAchecksthecredentialsofauserbeforeis-suingacertificatetohim.Tosimplifythecertifi-catemanagementprocess,Shamir[1]introducedthe conceptofID-basedcryptosystemin1984,which allowedforauser'sidentityinformationsuchas hisname,IPaddress,telephonenumber,email address,etc.toserveashispublickey.Sucha publickeyisclearlyb…     

广义椭圆曲线数字签名链口令认证方案

一次性口令是身份认证的重要技术。文章构造了一个基于椭圆曲线数字签名链的一次性口令认证和密钥协商方案。该方案使用了具有消息恢复功能、无须求逆的椭圆曲线数字签名算法,椭圆曲线认证密钥协商协议,密钥进化算法和椭圆曲线数字签名链等。方案有以下优点:服务器无需维护口令和验证列表;允许用户自主选择和更改口令,实现了双向认证;无需系统时钟同步和传输时延限制;能够抵抗重放攻击、离线字典攻击、中间人攻击和内部人攻击;具备口令错误敏感性和强安全修复性;生成的会话密钥具有新鲜性、机密性、已知密钥安全性和前向安全性。经对比,该方案具有更好的安全性能,适合强安全性需求的场合。     

公路工程中利用群签名的电子投标方案

公路工程电子投标是电子商务中的重要活动之一。利用群签名方案可设计出一种新的公路工程密封投标方案。该方案由公路工程招标者来确定公路工程中标者,公路工程中标者的身份则由群管理者根据公路工程中标者对投标消息的签名来确定,且经一次注册后,公路工程投标者即可参加多个投标活动,而不会泄露自己的身份,这使得该方案具有一定的可扩展性。     

一种基于RSA的有序多重数字签名方案

提出了一种基于RSA的有序多重数字签名方案,该方案能够允许多个用户顺序地对一份文件进行签名,最后形成一个群体签名;并提出一种新的签名验证方案,可以有效地防止成员的欺诈行为,因而更具有安全性和实用性.     

Certificateless strong key-insulated signature without random oracles

It is important to ensure the private key secure in cryptosystem. To reduce the underlying danger caused by the private key leakage, Dodis et al. (2003) introduced the notion of key-insulated security. To handle the private key leakage problems in certificateless signature schemes, we propose a new certificateless strong key-insulated signature scheme. Our scheme has two desirable properties. First, its security can be proved without utilizing the random oracle model. Second, it solves the key escrow problems in identity-based key-insulated signatures (IBKISs).     

Parallel Key-insulated Signature： Framework and Construction

To deal with the key-exposure problem in signature systems, a new framework named parallel key-insulated signature （PKIS） was introduced, and a concrete PKIS scheme was proposed. Compared with traditional key-insulated signature （KIS） schemes, the proposed PKIS scheme allows a frequent updating for temporary secret keys without increasing the risk of helper key-exposure. Moreover, the proposed PKIS scheme does not collapse even if some （not all） of the helper keys and some of the temporary secret keys are simultaneously exposed. As a result, the security of the PKIS scheme is greatly enhanced, and the damage caused by key-exposure is successfully minimized.     

A Group Oriented Cryptosystem for the Vector Space Access Structure

Introduction Whenasenderwantstosecurelysendames-sagemtoagroupofreceivers(alsocalledpartici-pants),andallowseachreceivertoaccessthemes-sageseparately,thesendercanuseeachreceiver's publickeytoencryptmandsendtohim.Thisis notessentiallydifferentfromsendingamessageto asinglereceiver,becausethesenderonlyneedsto re-performthesendingprotocolofausualcryp-tosystemfortimes.However,ifthesenderre-quiresthattheseparticipantsshouldcooperatively accessthemessage,thatis,theycandecryptthe ciphertextofthemessage…     

利用SOAP扩展实现Web服务中SOAP消息的安全

在利用SOAP消息与Web服务进行通信时,消息本身受到来自网络的各种安全性威胁.虽然SOAP的规范不涉及安全问题,但是允许安全问题作为扩展而被处理.文中通过对.NET framework的SOAP扩展机制的分析,提出了一种利用SOAP扩展加密Web服务中SOAP消息的方法.在对称加密和非对称加密的原理及Web服务技术的基础上,给出了一个具体的实施方案,使SOAP消息在进入公共网络前实现稳健加密.