《前向安全代理签名理论及其应用研究》由会员分享,可在线阅读,更多相关《前向安全代理签名理论及其应用研究(128页珍藏版)》请在金锄头文库上搜索。
1、湘潭大学 博士学位论文 前向安全代理签名理论及其应用研究 姓名:肖红光 申请学位级别:博士 专业:计算数学 指导教师:王键 20080501 5 摘 要 网络技术的飞速发展,给人类活动提供巨大便利和好处,同时也给人们的活 动带来了前所未有的威胁。由于一些重要数据需要在网络上传递,其安全性必须 得到保证,数字签名是解决数据完整性和可用性的一种有效方法。本文将前向安 全签名应用到代理签名理论研究中,致力于降低签名密钥泄露所带来的风险问 题,减少签名密钥泄漏所产生的伪造签名攻击的可能性。 根据通用结合性理论, 本文在国内外首次将前向安全数字签名思想引入到代 理盲签名、盲代理签名和门限代理签名理论的研
2、究;在盲代理签名的基础上,首 次提出多重盲代理签名体制, 解决一个原始签名人需要委托多个代理签名人进行 盲签名的问题;首次提出了前向安全代理盲签名、前向安全盲代理签名、前向安 全盲代理多重签名、前向安全多重盲代理签名和前向安全门限代理签名理论;首 次提出前向安全门限代理签名的形式化定义; 将前向安全门限代理签名理论应用 到定向运动的数字化平台的构建,这是本文的主要创新之处。现将取得的主要成 果归纳如下: 分析了一类代理盲签名方案的安全漏洞,提出了改进方案,并针对可能 存在的代理签名密钥泄露问题,首次提出了前向安全的代理盲签名方案; 为提高盲代理签名抗风险的能力,首次提出了前向安全盲代理签名方案
3、; 在盲代理签名方案中,一个代理签人只能代表一个原始签名人进行盲签名, 为解决需要一个代理签名人能够代表多个原始签名人进行盲签名的问题, 提 出了一种新的盲代理多重签名方案; 为降低代理签名密钥泄露问题带来的风 险, 首次提出了前向安全的盲代理多重签名方案, 解决更高安全强度条件下, 一个盲代理签名能够同时代表多个原始签名人进行盲代理签名的问题; 结合 多重签名的有序性,首次提出了一种前向安全盲代理有序多重数字签名方 案,解决盲代理多重签名必须按照实现规定签名顺序的情况; 为解决盲代理签名中需要将一个签名权委托给多个代理签名人,由这多 个代理签名人联合产生一个有效的盲代理签名需要, 首次提出了
4、多重盲代理 签名的概念,设计了两个多重盲代理签名方案;针对可能存在的签名密钥泄 露问题,首次提出了前向安全多重盲代理签名方案,解决在更高安全强度的 条件下, 一个盲代理签名能够解决盲代理签名中需要将一个签名权委托给多 个代理签名人,由这多个代理签名人联合产生一个有效的盲代理签名的问 题; 对一个门限代理签名方案的安全性进行分析,发现存在伪造攻击和公钥 替换攻击的安全漏洞,提出改进方案,通过引入部分密钥的前向安全更新方 6 式实现代理群成员集合签名密钥的前向更新方式, 首次提出前向安全门限代 理签名的定义和模型,并设计了前向安全门限代理签名方案;结合定向运动 中比赛路径不确定性的特殊要求, 提出
5、了基于前向安全门限代理签名的定向 运动数字化平台构想, 解决了定向运动中同一运动场不同比赛场次运动员成 绩安全统计的问题; 对一个门限代理签名方案的安全性进行了分析,发现存在不能抵抗合谋 攻击和不能满足不可伪造性的安全漏洞,提出了改进方案,通过部分密钥的 前向安全更新方式实现任何代理签名人都不可能单独控制签名密钥的前向 安全,使得部分密钥和代理签名密钥都具有前向安全性,并结合代理签名中 存在的代理权滥用的问题, 首次提出可收回代理权的前向安全门限代理签名 方案,并分析了有效性和安全性。 关键词:数字签名;前向安全,代理盲签名;盲代理签名;门限代理签名 7 A b s t r a c t Wit
6、h the advance development of network technique, they bring much convenience and advantage to peoples actions. On the other hand, they bring an unprecedented treat. Due to some important data need to be transferred by network, the security should be satisfied. Digital signature is an effective means
7、to deal with integrity and availability. This dissertation mainly discusses reducing the risk, lessening the forge signature attacks probability owing to signature key disclosure. According to universal composability, we combine the forward secure signature thoughts with proxy blind signature scheme
8、, blind proxy signature scheme and threshold proxy signature scheme for the first time. In order to resolve the problem that one original signer need delegate the digital signing power to multi-proxy carrying on blind signature, a multi-blind proxy signature scheme is proposed for the first time. Mo
9、reover, the notions of forward secure proxy blind signature scheme, forward secure blind proxy signature scheme, forward secure blind proxy multi-signature scheme, forward secure multi-blind proxy signature scheme and forward secure threshold proxy signature are introduced, and some methods of desig
10、ning these schemes are given. The first time we introduce the formal definition about forward secure threshold proxy signature and construct the platform of orienteering sports based on forward secure threshold proxy signature scheme. These are the mainly creativeness in this paper. Our main contrib
11、ution includes the following: We make security analysis on a kind of proxy blind signature scheme. Some leaks have been found. Some improvements on them have been proposed. In order to prevent the leakage of proxy signature key, we propose forward secure proxy blind signature scheme for the first ti
12、me. To improve the ablity to withstand signature key leakage, the first time we propose a forward secure blind proxy scheme based on blind proxy scheme. To our knowledge, in a blind proxy signature scheme, a proxy can sign a message on behalf of only one original signer. A new blind proxy multi-sign
13、ature scheme has been constructed to solve the open problem. Thus, a proxy signer can execute the signing on behalf of many original signers. To solve the leakage of proxy signature key, we propose forward secure blind proxy multi-signature scheme based on blind proxy multi-signature scheme for the
14、very first time. The type of proxy signature can gain more security properties. Based on forward secure blind proxy multi-signature schemes, we propose a forward secure blind proxy ordered multi-signature scheme. The signature scheme can avoid that the signature is generated in the given signature o
15、rder. Based on Okamoto signature scheme, a blind proxy signature scheme has been proposed. The signature is proved to be secure based on DLP assumption. A new concept multi-blind proxy signature is introduced. Moreover, two multi-blind proxy signature scheme have been constructed. Based on multi-bli
16、nd proxy 8 signature schemes, we propose forward secure multi-blind proxy signature schemes. A (t, n) threshold proxy signature scheme enables an original signer to delegate the signature authority to a proxy group of n members such that t or more than t proxy signers can cooperatively sign messages on behalf of the original signer. In the paper, we have reviewed the security of a nonrepudiable threshold proxy signature schemes. We have showed that the threshold proxy s
