《基于离散对数问题的代理签名体制研究》由会员分享,可在线阅读,更多相关《基于离散对数问题的代理签名体制研究(77页珍藏版)》请在金锄头文库上搜索。
1、上海交通大学硕士学位论文基于离散对数问题的代理签名体制研究姓名:周红生申请学位级别:硕士专业:通信与信息系统指导教师:倪佑生;李建华20040101上海交通大学硕士学位论文 I基于离散对数问题的代理签名体制研究 摘 要 在代理签名体制中原始签名人将其数字签名能力授权给代理签名人代理签名人代表原始签名人对文件进行签名Mambo 等人首先引入代理签名的概念并将代理签名分成完全代理部分代理以及委任状代理三种方式 部分代理方式有着灵活的实际应用但是存在着原始签名人与代理签名人的相互抵赖问题Mambo 等人的代理保护型的代理签名具有抗抵赖的属性 Kim 等人提出了带委任状的部分代理签名体制这种方式结合了
2、部分代理方式以及委任状方式的优点 本论文首先研究代理多重签名在代理多重签名体制中多个原始签名人可以分别将签名权力委托给各自的代理签名人 再由这些代理签名人联合生成一个代表所有原始签名人的数字签名 文中对现有的这种代理多重签名体制进行分析改进 利用带委任状的部分代理机制构造出更安全有效的方案安全分析表明新方案生成的代理签名包含有代理签名人的真正信息克服了抵赖问题 而且新方案可以在委任状中限制代理签名人的签名能力 还可以在委任状中指定合法代理签名人的集合以防止代理签名人将签名能力向其他人转移 阻止了签名能力的滥用 在面向群的业务中带有抗抵赖属性的门限代理签名体制非常有用最近提出了一些抗抵赖的门限代
3、理签名方案然而所有的方案上海交通大学硕士学位论文 II都是面向固定的代理群在实际的应用中代理群变化频繁本论文首次提出了面向动态代理群的抗抵赖的门限抵赖签名体制 现有的门限代理签名体制都不能抵抗公钥替代攻击以及其他攻击 本论文的方案可以抵抗现有的攻击 在论文的第二部分我们对代理签名体制的应用进行了研究基于 Brands 电子现金方案 我们提出了一个新的多银行电子现金系统通过分析表明 由于引入了代理签名方案 新方案可以方便地取消发币银行的发币能力 克服了现有的基于群签名的多银行电子现金系统的群成员撤销困难群成员合伙攻击等问题 是一个安全的电子现金系统 在本论文的最后部分我们研究了两个最近的与代理签
4、名体制相关的密码学协议我们成功的对 Harn 的修改的多密钥协商协议He的基于多难题的数字签名方案进行攻击 我们还给出了一个目前最高效的认证的多密钥协商协议 关键词密码学数字签名代理签名代理多重签名门限代理签名电子现金多密钥协商 上海交通大学硕士学位论文 IIIResearch on Proxy Signature Schemes Based on Discrete Logarithms ABSTRACT Proxy signatures are signature schemes that an original signer delegates his signing capability
5、 to a proxy signer, and then the proxy signer generates a signature on behalf of the original signer. Mambo et al. firstly introduced the concept of proxy signature. According to delegation type they classified proxy signatures as full delegation, partial delegation, and delegation by warrant. In fu
6、ll delegation, the proxy signer is given the same secret key owned by the original signer. Thus, the proxy signature is indistinguishable from the signature created by the original signer. In the delegation by warrant, a warrant is used to certify whether the proxy signer is delegated by the origina
7、l signer and to validate the proxy information. In partial delegation, the proxy signature key is computed from the original signers secret key. But the proxy signer cannot derive the original signers secret key from the given proxy signature key. The partial delegation is more flexible in practical
8、 use. However, there exists a dispute in the proxy signature scheme that if he original signer can derive the proxy signature key then he can generate a valid proxy signature as that signed by the proxy signers. This problem can be 上海交通大学硕士学位论文 IVsolved by adding the nonrepudiation property, the cap
9、ability of identifying the actual signer who created the proxy signature, to the proxy signature scheme. Mambo et al.s proxy-protected proxy signature scheme has nonrepudiation property. Kim et al. extended it to partial delegation with warrant by using Schnorr signature and including warrant inform
10、ation in partial delegation schemes. Partial delegation with warrant combines the benefit of the partial delegation and the delegation by warrant. In this thesis, by partial delegation with warrant, we improve previous proxy multi-signature scheme to a stronger and more efficient scheme. Security an
11、alysis shows that the new scheme is nonrepudiable because the authentic information of proxy signers has been included in a valid proxy signature. It also prevents proxy signers from any misuse of signing capabilities by confining the signing capabilities of proxy signers and by designating a set of
12、 valid proxy signers in warrant. The threshold proxy signature scheme with nonrepudiation property is useful in some group- oriented applications. Recently, some nonrepudiable threshold proxy signature schemes are proposed. However, all proposed schemes are for a fixed proxy group. In some practical
13、 group-oriented applications, the proxy group change frequently. In this paper, we propose a nonrepudiable threshold proxy signature scheme suited for a dynamic proxy group. Furthermore, the existed nonrepudiable 上海交通大学硕士学位论文 Vthreshold proxy signature schemes are vulnerable to the public key substi
14、tution attack. The proposed scheme can overcome this kind of attack. In the second part, t o achieve secure electronic payment, based on proxy signature scheme and Brands e- cash scheme, we presents a new e-cash system with multiple banks. Security analysis shows that the new scheme is secure. Havin
15、g combined with a presented proxy signature scheme, it can avoid some bothersome problems such as member deletion complexity and coalition attacks in existing e-cash system with multiple banks based on group signature scheme. Also in this system, the signing capability of issuing bank can be easily
16、canceled. At the last part, we study some recent cryptography protocols related to proxy signature schemes. We give successful attacks on Harns authenticated multiple-key agreement protocol and Hes digital signature scheme based multiple problems factoring and discrete logarithms. Furthermore, we give an efficient improvement of authenticated multiple-key agreement protocol. Key Words: Cryptography; Digital Signature; Proxy Signature; Proxy Multi-signature; Threshold Proxy Signatu
