本文選題：短簽名 + 聚合簽名�。� 參考：《北京郵電大學(xué)》2014年博士論文

【摘要】：數(shù)字簽名是信息安全的核心技術(shù)之一,在商業(yè)、金融、軍事等領(lǐng)域有著廣泛的應(yīng)用。無(wú)證書(shū)數(shù)字簽名避免了傳統(tǒng)數(shù)字簽名系統(tǒng)中證書(shū)管理問(wèn)題,也消除了基于身份簽名系統(tǒng)中的密鑰托管問(wèn)題,這使得無(wú)證書(shū)數(shù)字簽名從其概念提出的初始就受到了學(xué)術(shù)界和工業(yè)界的極大關(guān)注,是近年來(lái)密碼學(xué)與信息安全領(lǐng)域突出的研究熱點(diǎn)之一。而可證明安全是現(xiàn)代密碼方案的基本要求,它已經(jīng)成為密碼方案和協(xié)議的理論基礎(chǔ)和設(shè)計(jì)依據(jù)。本文旨在提供更多可證明安全的無(wú)證書(shū)數(shù)字簽名方案,研究?jī)?nèi)容主要包括無(wú)證書(shū)加密體制、普通的無(wú)證書(shū)簽名方案、帶有特殊性質(zhì)的無(wú)證書(shū)簽名方案(無(wú)證書(shū)聚合簽名、無(wú)證書(shū)部分盲簽名、無(wú)證書(shū)簽密)。具體來(lái)說(shuō),主要有以下研究成果： 1.分析并改進(jìn)了Hwang等人的無(wú)證書(shū)加密體制。Hwang等人的加密體制是第一個(gè)宣稱(chēng)在標(biāo)準(zhǔn)模型下可以證明能夠抵抗“惡意但被動(dòng)”的KGC攻擊的無(wú)證書(shū)加密體制。我們證明了他們的加密體制不能抵抗“惡意但被動(dòng)”KGC的攻擊,甚至是不能抵抗“誠(chéng)實(shí)但好奇”KGC的攻擊。我們也提出了一個(gè)改進(jìn)的加密體制,并在標(biāo)準(zhǔn)模型下證明了我們的加密體制能夠抵抗“惡意但被動(dòng)”的KGC攻擊。 2.分析并改進(jìn)了Yu等人的無(wú)證書(shū)簽名方案。許多在標(biāo)準(zhǔn)模型下設(shè)計(jì)的無(wú)證書(shū)簽名方案都被證明是不能抵抗密鑰代替攻擊。最近,Yu等人在標(biāo)準(zhǔn)模型下設(shè)計(jì)了一個(gè)無(wú)證書(shū)簽名方案,并聲稱(chēng)他們的方案可以抵抗密鑰代替攻擊,然而,我們證明了Yu等人的簽名方案仍然容易遭受密鑰代替攻擊。利用我們的無(wú)證書(shū)加密體制,我們對(duì)Yu等人的簽名方案進(jìn)行了改進(jìn)。我們的簽名方案不僅避免了Yu等人方案的安全缺陷,且能提供更短的系統(tǒng)參數(shù)長(zhǎng)度、更短的簽名長(zhǎng)度和更高的計(jì)算效率。 3.設(shè)計(jì)了一個(gè)新的無(wú)證書(shū)簽名方案,并在隨機(jī)預(yù)言模型下證明了我們的方案對(duì)自適應(yīng)選擇消息攻擊是存在不可偽造的。新方案不僅能提供可證明安全性且具有較短的簽名長(zhǎng)度(一個(gè)群元素),因此我們的方案適合在存儲(chǔ)能力較低的環(huán)境下使用。 4.分析并改進(jìn)了Xiong等人的無(wú)證書(shū)聚合簽名方案。Xiong等人聲稱(chēng)他們的聚合簽名方案在面對(duì)“惡意但被動(dòng)”KGC攻擊時(shí)仍然是安全的。我們證明了Xiong等人的方案甚至不能抵抗“誠(chéng)實(shí)但好奇”的KGC的攻擊；我們也提出了一個(gè)改進(jìn)的聚合簽名方案,并在隨機(jī)預(yù)言模型下證明了我們的聚合簽名方案能夠抵抗“惡意但被動(dòng)”的KGC攻擊。性能分析表明我們的方案是高效實(shí)用的。 5.分析并改進(jìn)了Zhang等人的無(wú)證書(shū)部分盲簽名方案。在2011年,Zhang等人把部分盲簽名方案擴(kuò)展到無(wú)證書(shū)密碼學(xué)中,提出了第一個(gè)可應(yīng)用于電子現(xiàn)金系統(tǒng)的部分盲簽名方案。我們證明了這個(gè)方案中的惡意KGC可以偽造任何消息的簽名。最近,Zhang等人給出了一個(gè)糾正的方案,不過(guò)他們并沒(méi)有給出這個(gè)方案的安全分析。我們證明了這個(gè)糾正的方案中的惡意用戶(hù)通過(guò)更換簽名人的公鑰可以偽造任何消息的簽名。我們的攻擊表明一旦把Zhang等人的方案應(yīng)用到電子現(xiàn)金中,惡意的用戶(hù)或者KGC能偽造任何有效的電子現(xiàn)金(也就是簽名),而銀行并不會(huì)發(fā)現(xiàn),這樣肯定會(huì)給銀行造成巨大的損失。我們也提出了相應(yīng)的改進(jìn)方案,并且證明了新方案具有部分盲的特性以及在自適應(yīng)選擇消息攻擊條件下具有存在不可偽造性；同時(shí)基于我們的方案,我們描述了一個(gè)電子現(xiàn)金系統(tǒng)。 6.改進(jìn)了Liu等人的無(wú)證書(shū)簽密方案。Liu等人首次在標(biāo)準(zhǔn)模型下考慮了無(wú)證書(shū)簽密方案的安全性。不幸的是他們的方案已被證明存在著安全缺陷。我們對(duì)Liu等人無(wú)證書(shū)簽密方案進(jìn)行了改進(jìn),并證明了新方案在標(biāo)準(zhǔn)模型下是可以抵抗類(lèi)型Ⅰ和類(lèi)型Ⅱ敵手(“惡意但被動(dòng)”KGC)的攻擊。新方案實(shí)現(xiàn)了在無(wú)證書(shū)密碼體制下同時(shí)安全地提供簽名和加密的功能,而且與Liu等人的方案相比有更短的系統(tǒng)參數(shù)。
[Abstract]:Digital signature is one of the core technologies of information security. It is widely used in commercial, financial, military and other fields. The certificate free digital signature avoids the problem of certificate management in the traditional digital signature system, and eliminates the key escrow problem in the identity signature system. This makes the certificate free digital signature beginning from its concept. It has attracted great attention from academia and industry. It is one of the hotspots in the field of cryptography and information security in recent years. But it is proved that security is the basic requirement of modern cryptographic schemes. It has become the theoretical basis and design basis of cryptographic schemes and protocols. This article is intended to provide more certificateless numbers that can be proved safe. The main research contents include the certificate free encryption system, the ordinary certificate free signature scheme, the certificate free signature scheme with special properties (certificate free aggregation signature, certificate free partial blind signature, certificate free signature).
1. analysis and improvement of Hwang et al.'s certificate free encryption system.Hwang et al encryption system is the first certificateless encryption system that claims to be able to resist "malicious but passive" KGC attacks under the standard model. We prove that their encryption system cannot resist the attack of "evil but passive" KGC, or even not. Against the attack of "honest but curious" KGC, we also proposed an improved encryption system and proved that our encryption system can resist "malicious but passive" KGC attacks under the standard model.
2. analyze and improve the certificate free signature scheme of Yu et al. Many certificateless signature schemes designed under the standard model are proved to be unable to resist the key instead of the attack. Recently, Yu and others design a certificate free signature scheme under the standard model, and claim that their scheme can replace the attack with the resistance key, however, we prove that The signature schemes of Yu and others are still vulnerable to key replacement attacks. Using our certificateless encryption system, we have improved the signature scheme of Yu and others. Our signature scheme not only avoids the security defects of Yu and others, but also provides shorter system parameter length, shorter signature length and higher computing efficiency.
3. a new certificateless signature scheme is designed. Under the random oracle model, it is proved that our scheme is not forgery for adaptive selection message attack. The new scheme not only provides proven security and has a shorter signature length (a group element), so our scheme is suitable for low storage environment. Use it below.
4. analysis and improvement of Xiong et al.'s certificate free aggregation signature scheme,.Xiong et al., and others claimed that their aggregation signature scheme was still safe in the face of "malicious but passive" KGC attacks. We proved that Xiong et al's scheme could not even resist "honest but curious" KGC attack; we also proposed an improved aggregation. The signature scheme and the random oracle model demonstrate that our aggregated signature scheme can resist "malicious but passive" KGC attacks. Performance analysis shows that our scheme is efficient and practical.
5. analysis and improve the certificateless partial blind signature scheme of Zhang et al. In 2011, Zhang and others extended the partial blind signature scheme to the certificateless cryptography, proposed the first partial blind signature scheme which can be applied to the electronic cash system. We proved that the evil intent KGC in this scheme can forge any message signatures. Recently, Z Hang et al. Gave a correction scheme, but they did not give a security analysis of the scheme. We proved that the malicious user in this correction scheme can forge any message signatures by replacing the public key of the signer. Our attack indicates that once the Zhang and other human schemes are applied to the electronic cash, it is malicious. The user or KGC can forge any effective electronic cash (that is, signature), and the bank will not find it, which will certainly cause huge losses to the bank. We also propose a corresponding improvement scheme and prove that the new scheme is partially blind and Unforged under the condition of adaptive choice message attack. At the same time, based on our plan, we describe an electronic cash system.
6. improved the certificateless signcryption scheme of Liu et al..Liu et al. For the first time considering the security of the certificate free signature scheme under the standard model. Unfortunately, their scheme has been proved to have security defects. We have improved the non certificate signature scheme of Liu et al. And proved that the new scheme is resistant under the standard model. Type I and type II enemy ("malicious but passive" KGC) attack. The new scheme provides a secure signature and encryption function under the certificateless cryptosystem, and has a shorter system parameter compared with the Liu et al scheme.
【學(xué)位授予單位】：北京郵電大學(xué)
【學(xué)位級(jí)別】：博士
【學(xué)位授予年份】：2014
【分類(lèi)號(hào)】：TN918.91

【參考文獻(xiàn)】

相關(guān)期刊論文 前5條

1 ;CERTIFICATELESS SIGNATURE AND BLIND SIGNATURE[J];Journal of Electronics(China);2008年05期

2 馮登國(guó);可證明安全性理論與方法研究[J];軟件學(xué)報(bào);2005年10期

3 陳虎;張福泰;宋如順;;可證安全的無(wú)證書(shū)代理簽名方案(英文)[J];軟件學(xué)報(bào);2009年03期

4 張國(guó)艷;王小云;;Certificateless Encryption Scheme Secure in Standard Model[J];Tsinghua Science and Technology;2009年04期

5 ;Improved certificateless multi-proxy signature[J];The Journal of China Universities of Posts and Telecommunications;2012年04期

，

本文編號(hào)：2076557