Cryptanalysis and Improvement of Digital Multisignature Scheme Based on RSA

Introduction Multisignature is a joint signature generated by agroup of signers. The group has a security policy thatrequires a multisignature to be signed by all groupmembers with the knowledge of multiple privatekeys. Digital multisignatures should have…     

一种高效的基于身份的代理盲签名方案

在代理签名中,原始签名人能将数字签名的权力委托给代理签名人;而在盲签名方案中,签名者不能看到被签消息的内容。签名被接受者得到后,签名者不能追踪签名,结合代理签名与盲签名的优点,利用基于椭圆曲线上的Weil配对（WeilPair—ing）的双线性映射,构造了一个高效的基于身份的代理盲签名方案．分析表明,该方案不仅满足代理盲签名所要求的所有性质,而且其效率也优于已有同类方案．     

Efficient democratic group signatures with threshold traceability

Democratic group signature (DGS) is a group-oriented primitive with great flexibilities, i.e., no group manager, anonymity, and traceability. In a DGS scheme with (t, n)-threshold traceability, any subset of not less than t members can jointly reveal the identity of the signer while preserving security even in the presence of an active adversary can corrupt up to t − 1 group members. This paper proposes an efficient DGS scheme. We use publicly verifiable secret sharing (PVSS) to distribute the trapdoor via which the real signer is revealed. The computation cost and communication overhead of our DGS signatures are greatly reduced, compared with the existing work. For example, the size of the resulting signature contains only 2n + 1 elements of Z _q , except the PVSS output.     

一种基于椭圆曲线的多重数字签名方案

对基本的椭圆曲线数字签名算法（ECDSA）进行了改进，提出了一种新的基于椭圆曲线的多重数字签名方案．该方案能够允许多个用户按顺序地对一份文件进行签名，最后形成一个群体签名．并提出一种新的签名验证方案，可以有效地防止成员的欺诈行为．签名者可以通过验证操作发现伪签名，同时签名中心可以及时通过签名者提供的失败信息查找原因并进行处理，签名中心还可验证签名者公钥的有效性以防止成员内部的欺诈行为．方案充分利用椭圆曲线密码体制密钥小、速度快等优点，降低了通信成本，因而更具有安全性和实用性．     

On constructing certificateless proxy signature from certificateless signature

In proxy signature schemes, an original signer A delegates its signing capability to a proxy signer B, in such a way that B can sign message on behalf of A.The recipient of the final message verifies at the same time that B computes the signature and that A has delegated its signing capability to B.Recently many identity-based(ID-based) proxy signature schemes have been proposed, however, the problem of key escrow is inherent in this setting.Certificateless cryptography can overcome the key escrow problem.In this paper, we present a general security model for certificateless proxy signature scheme.Then, we give a method to construct a secure certificateless proxy scheme from a secure certificateless signature scheme, and prove that the security of the construction can be reduced to the security of the original certificateless signature scheme.     

对两种代理盲签名体制的密码学分析

代理盲签名结合了代理签名与盲签名的优点，而多级代理签名实现了签名权利在许可范围内逐级向下代理的要求。利用椭圆曲线上的双线性对，陈玲玲等人提出了一种基于身份的代理盲签名方案，胡江红等人提出了一种基于身份的多级强代理盲签名方案。给出了这两个方案的密码学分析，指出在陈玲玲等人的方案中，代理签名人可以利用授权证书计算得到原始签名人的私钥，从而可直接伪造原始签名人的签名或授权，同时指出所提的两个方案也无法满足不可追踪性．代理签名人可以将自己在签名协议中的签名和签名的消息联系起来从而跟踪消息的拥有者，从而证明了这两个方案是不安全的。     

Efficient Dynamic Threshold Group Signature Scheme Based on Elliptic Curve Cryptosystem

The short secret key characteristic of elliptic curve cryptosystem （ECC） are integrated with the （ t, n ） threshold method to create a practical threshold group signature scheme characterized by simultaneous signing. The scheme not only meets the requirements of anonymity and traceability of group signature but also can withstand Tseng and Wang＇s conspiracy attack. It allows the group manager to add new members and delete old members according to actual application, while the system parameters have a little change. Cryptanalysis result shows that the scheme is efficient and secure.     

Democratic group signatures with linkability from gap Diffie-Hellman group

Democratic group signatures(DGSs) attract many researchers due to their appealing properties, i.e., anonymity, traceability and no group manager.Security results of existing work are based on decisional Diffie-Hellman(DDH) assumption.In this paper, we present a democratic group signature scheme based on any gap Diffie-Hellman(GDH) group where DDH problem is easily but computational Diffie-Hellman(CDH) problem is hard to be solved.Besides the properties of ordinary DGSs, our scheme also provides the property of linkability, i.e., any public verifier can tell whether two group signatures are generated using the same private key.Security properties of our scheme employ a new and independently interesting decisional product Diffie-Hellman(DPDH) assumption which is weaker than DDH one.     

Identity-based key-insulated proxy signature without random oracles

In an identity based proxy signature (IBPS) scheme, a designated proxy signer can generate the signature on behalf of an original signer. Traditional IBPS schemes normally rely on the assumption that private keys are kept perfectly secure. However, due to viruses, worms or other break-ins allowed by operating-system holes, key exposure seems inevitable. To minimize the damage caused by key exposure in IBPS, we propose an identity-based key-insulated proxy signature (IBKIPS) scheme in the standard model, i.e. without random oracles.     

具有可追查性的抗合谋攻击(t,n)门限签名方案

在分析王斌和李建华的无可信中心门限签名方案(王-李方案)以及X ie-Yu改进方案安全缺陷的基础上,提出了一种新的具有可追查性的抗合谋攻击(t,n)门限签名方案;对新方案的安全性进行了分析,并与现有方案的效率进行了比较.结果表明:该方案不仅能够从根本上抵抗合谋攻击和伪造签名攻击,而且在保证匿名性的前提下,能够真正实现签名成员身份的可追查性,同时通过构造安全的分布式密钥生成协议保证群私钥的不可知性,因此比现有方案具有更高的安全性.此外,新方案的计算量和通信量与王-李方案接近,但优于X ie-Yu方案.     

Identity-based verifiably committed signature scheme without random oracles

An identity-based verifiably committed signature scheme （IB-VCS） was proposed, which is proved secure in the standard model （i.e., without random oracles）. It enjoys the setup-free property and stand-alone property, both of which make an exchange protocol more practical. The scheme is unconditionally secure against the cheating signer, its security against the cheating verifier is reduced to the computational Diffie-Hellman （CDH） problem in the underlying group, it is secure against the cheating trusted third party if the underlying Paterson Schuldt＇s identity based signature （IBS） scheme is secure, which is proven true based on the CDH assumption in the standard model.     

基于椭圆曲线的不可否认门限代理签名方案

针对已有的门限代理签名方案不能有效地抵抗签名人协作攻击和伪造攻击,以及在某些场合实用性不强的缺点提出了改进方案.在代理签名生成阶段要求每个实际签名人提供自己的私钥信息,在形成的代理签名中不仅包含每个代理签名人的秘密信息,还包含了每个实际签名人的秘密信息,从而能有效抵抗协作攻击和伪造攻击.另外,用椭圆曲线密码机制替换了已有的方案中用的ElGamal离散对数密钥机制,使系统效率更高.     

一种动态门限群签名方案的弱点

已有的门限群签名方案几乎都存在弱点,设计性能良好的门限群签名是密码学中的一个公开问题。针对一种动态门限群签名方案详细分析了其存在的弱点,其中最主要的弱点是:部分成员可以合谋得到系统的秘密参数,从而伪造群签名。     

Attribute-based signature on lattices

Attribute-based signature is a versatile class of digital signatures. In attribute-based signature, a signer obtains his private key corresponding to the set of his attributes from a trusted authority, and then he can sign a message with any predicate that is satisfied by his attributes set. Unfortunately, there does not exist an attribute- based signature which is resistance to the quantum attacks. This means we do not have secure attribute-based signature schemes in a post-quantum world. Based on this consideration, an attribute-based signature on lattices, which could resist quantum attacks, is proposed. This scheme employs ＂bonsai tree＂ techniques, and could be proved secure under the hardness assumption of small integer solution problem.     

Verifiably Encrypted Signatures Without Random Oracles

Introduction SincethepioneeringworkduetoBonehand Franklin[1],bilinearmapshavebecomeaveryfash-ionablebuildingblockandallowedtheopeningup ofcompletelynewterritoryincryptography,mak-ingitpossibletodesigncryptographicprimitives thatwerepreviouslyunknownorimpractical,for instance,identity-basedcryptosystem,ringsigna-tures,andshortsignatures,etc[2-6].Therearemanyapplicationsfordigitalsigna-tureswithsmallsize,suchaslow-bandwidthcom-municationenvironments.Thefirstpairing-based shortsignatureschemepro…     

Directed proxy signature in the standard model

A directed signature is a type of signature with restricted verification ability. Directed signatures allow only a designated verifier to check the validity of the signature issued to him, and at the time of trouble or if necessary, any third party can verify the signature with the help of the signer or the designated verifier. Directed signature schemes are widely used in situations where the receiver’s privacy should be protected. Proxy signatures allow an entity to delegate its signing capability to another entity in such a way that the latter can sign message on behalf of the former when the former is not available. Proxy signature schemes have found numerous practical applications such as distributed systems and mobile agent applications. In this paper, we firstly define the notion of the directed proxy signature by combining the proxy signature and directed signature. Then, we formalize its security model and present a concrete scheme in the standard model. Finally, we use the techniques from provable security to show that the proposed scheme is unforgeable under the gap Diffie-Hellman assumption, and invisible under the decisional Diffie-Hellman assumption.     

Batch RSA signature scheme

We describe a batch RSA digital signature scheme in which a signer can sign messages for multiple recipients simultaneously. The construction is quite efficient due to the batch signing method. This is useful to improve the performance of a high-loaded signing server, for example a secure electronic transaction (SET) gateway. Theoretical calculations and experimental results show that the proposed scheme can improve the performance of the signing server significantly. Foundation item: the National Basic Research Program (973) of China (No. 2005CB321804)     

一种基于RSA的有序多重数字签名方案

提出了一种基于RSA的有序多重数字签名方案,该方案能够允许多个用户顺序地对一份文件进行签名,最后形成一个群体签名;并提出一种新的签名验证方案,可以有效地防止成员的欺诈行为,因而更具有安全性和实用性.     

论电子签名法的安全价值取向

电子签名作为一种证明数据电文归属以及当事人认可电文内容的电子技术手段,通过与签名者发生联系,起到识别签名者身份,保障交易安全的作用.因此,安全就理所当然得成为电子签名法的价值取向,电子签名立法模式的选择、对电子签名效力的预决性的立法认可都是这种价值取向的体现,这种价值取向必将极大地促进电子商务活动的发展.     

车载网络中基于群签名的可保护隐私的车辆认证

安全和隐私是配置车载网络时所需要的2个重要条件,具有保护隐私功能的认证是实现这2个条件的关键技术.不同于已有的认证方案,文中用群签名来实现车载网络中能保护隐私的车辆认证.为了满足认证的快速性要求,基于目前安全性最强、效率较高和签名较短的ZL 06局部验证者撤销短群签名方案,提出了2个具有隐私保护功能的车载网络中的车辆认证方案.群签名所具有的良好性质保证了所提出的认证方案具有实用性和隐私保护功能.