門限與代理數(shù)字簽名方案研究
發(fā)布時(shí)間:2018-07-22 14:29
【摘要】:通過使用數(shù)字簽名技術(shù),可以防止網(wǎng)絡(luò)傳輸信息的偽造、抵賴和篡改等問題。本文對(duì)數(shù)字簽名領(lǐng)域中的門限簽名方案、門限代理簽名方案和多代理多簽名方案進(jìn)行了深入的研究,并將數(shù)字簽名技術(shù)應(yīng)用到移動(dòng)自組網(wǎng)中。本文主要的研究工作和創(chuàng)新體現(xiàn)在如下幾個(gè)方面:(1)對(duì)門限簽名方案的研究。提出了一種成員可以動(dòng)態(tài)添加和刪除的門限簽名方案和一種成員協(xié)商的門限簽名方案。①基于有限域上的離散對(duì)數(shù)困難問題,提出了一種成員可以動(dòng)態(tài)添加和刪除的門限簽名方案。從生成系統(tǒng)參數(shù)和密鑰產(chǎn)生階段、部分簽名的產(chǎn)生和驗(yàn)證階段以及最終簽名的產(chǎn)生和驗(yàn)證階段三方面綜合分析,證明該方案計(jì)算量較少。②基于離散對(duì)數(shù)和秘密共享思想,提出一種無密鑰分配中心的門限簽名方案。簽名組成員共同協(xié)商,生成每個(gè)成員的子秘密,成員生成自己的部分簽名后發(fā)送給SC (Signature Combiner),SC對(duì)收到的部分簽名進(jìn)行驗(yàn)證,如果部分簽名合法,SC將部分簽名合成為最終簽名。從正確性、安全性和效率三方面分析,證明了所提方案的安全性。(2)對(duì)門限代理簽名方案的研究。提出一個(gè)簽名不可否認(rèn)的門限代理簽名方案。系統(tǒng)初始化階段,采用零知識(shí)證明的方法對(duì)簽名者提供的公鑰進(jìn)行驗(yàn)證,避免公鑰替換攻擊。原始簽名人只需計(jì)算一個(gè)公共的代理份額,將它廣播給代理群,根據(jù)原始簽名人分配的代理份額,代理簽名人生成自己的代理秘密份額,并生成代理子簽名。由簽名合成者生成最終的代理簽名。代理簽名驗(yàn)證階段,需要用到代理簽名人的公鑰,代理簽名人不能否認(rèn)對(duì)消息的簽名。應(yīng)用將敵手分為三類的安全模型,模擬各類敵手偽造簽名的過程,證明了所提方案的安全性。(3)對(duì)多代理多簽名方案的研究。提出了原始簽名人指定不同代理群的多代理多簽名(Multi-Proxy Multi-Signature, MPMS)方案和門限多代理多簽名(Threshold Multi-Proxy Multi-Signature, TMPMS)方案。①提出一種基于雙線性對(duì)的MPMS方案。文中給出MPMS方案的形式化定義和安全模型,并提出一種原始簽名人可以指定不同代理群的MPMS方案。為證明方案的安全性,文中對(duì)現(xiàn)有的安全模型進(jìn)行改進(jìn),在計(jì)算Diffie-Hellman問題困難的基礎(chǔ)上,驗(yàn)證所提方案是安全的。②對(duì)TMPMS方案進(jìn)行研究,提出一種基于離散對(duì)數(shù)的TMPMS方案。文中給出TMPMS方案的形式化定義和安全模型,方案中原始簽名人可以指定不同的代理群,每個(gè)代理群的門限值可以不相同。在有限域上的離散對(duì)數(shù)困難問題的基礎(chǔ)上,證明了所提方案的安全性。(4)數(shù)字簽名在移動(dòng)自組網(wǎng)中的應(yīng)用。針對(duì)移動(dòng)自組網(wǎng)無中心控制、拓?fù)浣Y(jié)構(gòu)動(dòng)態(tài)變化等特點(diǎn),將數(shù)字簽名技術(shù)應(yīng)用在移動(dòng)自組網(wǎng)中,提出一個(gè)不依賴密鑰管理中心的、無需安全信道的密鑰管理方案。節(jié)點(diǎn)密鑰的初始分配和更新都是在節(jié)點(diǎn)相互協(xié)商后生成,不需要密鑰管理中心的協(xié)助。節(jié)點(diǎn)對(duì)要傳送的秘密信息,先進(jìn)行加密,然后生成密文的數(shù)字簽名,實(shí)現(xiàn)了秘密信息在公共信道上的傳輸。
[Abstract]:By using digital signature technology, we can prevent the forgery, repudiation and tampering of the network transmission information. This paper studies the threshold signature scheme, the threshold proxy signature scheme and the multi proxy multi signature scheme in the digital signature field, and applies the digital signature technique to the mobile ad hoc network. The main research of this paper is the paper. The work and innovation are embodied in the following aspects: (1) the study of threshold signature schemes. A threshold signature scheme which can dynamically add and delete members and a threshold signature scheme for member negotiation is proposed. (1) a threshold for dynamic addition and deletion of members is proposed based on the discrete logarithmic difficulties on the finite field. Signature scheme. From three aspects of generation and key generation of the system, the generation and verification stage of the partial signature and the generation and verification stage of the final signature, it is proved that the scheme has less computational complexity. 2. Based on the discrete logarithm and secret sharing idea, a threshold signature scheme is proposed for the non key key allocation center. The members jointly negotiate, generate the subsecret of each member, the member generates its own partial signature and sends it to SC (Signature Combiner), and SC validates the partial signature received. If part of the signature is legitimate, SC syntheses the part of the signature to the final signature. The security of the proposed scheme is proved from three aspects of correctness, security and efficiency. (2) research on the threshold proxy signature scheme. A signature undeniable threshold proxy signature scheme is proposed. In the system initialization phase, a zero knowledge proof method is used to verify the public key provided by the signer and avoid the public key replacement attack. The original signer only needs to compute a public proxy share and broadcast it to the proxy group. According to the agent share allocated by the original signer, the proxy signer generates its own secret share and generates the proxy signature. The signature synthesizer generates the final proxy signature. The proxy signature verification stage requires the public key of the proxy signer, the proxy signer can not recognize the signature of the message. The application will divide the enemy hands into three categories. The security model, simulating the process of forgery of signatures by all kinds of opponents, proves the security of the proposed scheme. (3) the study of multi proxy and multi signature schemes. The Multi-Proxy Multi-Signature, MPMS scheme and Threshold Multi-Proxy Multi-Signature for the original signers with different proxy groups are proposed. (TMPMS) scheme. (1) a MPMS scheme based on bilinear pairing is proposed. In this paper, the formal definition and security model of MPMS scheme are given, and a MPMS scheme with different agent groups can be specified by the original signer. In order to prove the security of the scheme, the existing security model is improved in this paper, and it is difficult to calculate the Diffie-Hellman problem. On the basis, the proposed scheme is safe. Secondly, the TMPMS scheme is studied and a TMPMS scheme based on the discrete logarithm is proposed. The formal definition and security model of the TMPMS scheme are given in this paper. The original signer can specify different proxy groups in the scheme, and the threshold value of each agent group can be different. On the basis of several difficult problems, the security of the proposed scheme is proved. (4) the application of digital signature in the mobile ad hoc network. The digital signature technology is applied to the mobile ad hoc network for the characteristics of the mobile ad hoc network without central control and the dynamic topology of the topology. A key without key management center and no key for the secure channel is proposed. The initial distribution and update of the node key are generated after the nodes are negotiated with each other, without the assistance of the key management center. The node encrypts the secret information to be transmitted first, then generates the digital signature of the ciphertext, and realizes the transmission of the secret information on the public channel.
【學(xué)位授予單位】:東北大學(xué)
【學(xué)位級(jí)別】:博士
【學(xué)位授予年份】:2014
【分類號(hào)】:TN918.4
本文編號(hào):2137764
[Abstract]:By using digital signature technology, we can prevent the forgery, repudiation and tampering of the network transmission information. This paper studies the threshold signature scheme, the threshold proxy signature scheme and the multi proxy multi signature scheme in the digital signature field, and applies the digital signature technique to the mobile ad hoc network. The main research of this paper is the paper. The work and innovation are embodied in the following aspects: (1) the study of threshold signature schemes. A threshold signature scheme which can dynamically add and delete members and a threshold signature scheme for member negotiation is proposed. (1) a threshold for dynamic addition and deletion of members is proposed based on the discrete logarithmic difficulties on the finite field. Signature scheme. From three aspects of generation and key generation of the system, the generation and verification stage of the partial signature and the generation and verification stage of the final signature, it is proved that the scheme has less computational complexity. 2. Based on the discrete logarithm and secret sharing idea, a threshold signature scheme is proposed for the non key key allocation center. The members jointly negotiate, generate the subsecret of each member, the member generates its own partial signature and sends it to SC (Signature Combiner), and SC validates the partial signature received. If part of the signature is legitimate, SC syntheses the part of the signature to the final signature. The security of the proposed scheme is proved from three aspects of correctness, security and efficiency. (2) research on the threshold proxy signature scheme. A signature undeniable threshold proxy signature scheme is proposed. In the system initialization phase, a zero knowledge proof method is used to verify the public key provided by the signer and avoid the public key replacement attack. The original signer only needs to compute a public proxy share and broadcast it to the proxy group. According to the agent share allocated by the original signer, the proxy signer generates its own secret share and generates the proxy signature. The signature synthesizer generates the final proxy signature. The proxy signature verification stage requires the public key of the proxy signer, the proxy signer can not recognize the signature of the message. The application will divide the enemy hands into three categories. The security model, simulating the process of forgery of signatures by all kinds of opponents, proves the security of the proposed scheme. (3) the study of multi proxy and multi signature schemes. The Multi-Proxy Multi-Signature, MPMS scheme and Threshold Multi-Proxy Multi-Signature for the original signers with different proxy groups are proposed. (TMPMS) scheme. (1) a MPMS scheme based on bilinear pairing is proposed. In this paper, the formal definition and security model of MPMS scheme are given, and a MPMS scheme with different agent groups can be specified by the original signer. In order to prove the security of the scheme, the existing security model is improved in this paper, and it is difficult to calculate the Diffie-Hellman problem. On the basis, the proposed scheme is safe. Secondly, the TMPMS scheme is studied and a TMPMS scheme based on the discrete logarithm is proposed. The formal definition and security model of the TMPMS scheme are given in this paper. The original signer can specify different proxy groups in the scheme, and the threshold value of each agent group can be different. On the basis of several difficult problems, the security of the proposed scheme is proved. (4) the application of digital signature in the mobile ad hoc network. The digital signature technology is applied to the mobile ad hoc network for the characteristics of the mobile ad hoc network without central control and the dynamic topology of the topology. A key without key management center and no key for the secure channel is proposed. The initial distribution and update of the node key are generated after the nodes are negotiated with each other, without the assistance of the key management center. The node encrypts the secret information to be transmitted first, then generates the digital signature of the ciphertext, and realizes the transmission of the secret information on the public channel.
【學(xué)位授予單位】:東北大學(xué)
【學(xué)位級(jí)別】:博士
【學(xué)位授予年份】:2014
【分類號(hào)】:TN918.4
【參考文獻(xiàn)】
相關(guān)博士學(xué)位論文 前1條
1 鄧宇喬;數(shù)字簽名理論及其在數(shù)字版權(quán)管理系統(tǒng)中的應(yīng)用研究[D];華南理工大學(xué);2010年
,本文編號(hào):2137764
本文鏈接:http://sikaile.net/kejilunwen/wltx/2137764.html
最近更新
教材專著
