数字签名理论及应用研究
|
摘要
随着计算机网络技术的发展,信息安全问题日益突出,其核心技术基础之一的数字签名技术,被广泛地应用于军事、通信、电子商务和电子政务等领域,它在身份认证、数据完整性和抗否认等方面具有其它技术无法替代的作用,而且随着电子签名法的实施,这种应用将变得更加普遍。
本文比较系统地对数字签名理论、方法和应用进行了研究,重点研究了数字签名中的若干关键技术问题。
根据各种不同的签名方程的构造特点,比较完整地探讨了签名方案的构造及其参数选取的方法。包括:1)给出了ElGamal型数字签名方程参数选取的一般方法,推广了选择签名的方法和范围。2)提出了一种基于椭圆曲线的具有消息恢复的认证加密方案,并指出在单向函数为同态函数的情况下存在两种已知明文的伪造攻击,从而说明选取符合一定条件的签名方案可以有效地避免这样的攻击;结合消息链接恢复特性,提出了相应的认证加密方案,该方案较好地解决了消息加密认证、消息链接恢复及传输量较大等问题。3)提出了一种基于椭圆曲线的具有消息恢复的签名方案及其参数选取方法。
对于盲签名,考虑到信息拥有者是否被签名人追踪的问题,提出了广义弱盲签名方案的构造方法,该方案几乎包含了目前所有该类签名。结合代理签名和盲签名的特点,利用多元线性变换来刻画用户与代理签名人之间变量的传递关系,从而提出了一种基于椭圆曲线的代理盲签名方案。
利用椭圆曲线上的Weil配对的双线性性质,提出了基于ID的盲签名方案,该方案以ID为基础的公钥代替以数字证书为基础的公钥,节约了验证签名时的时间开销,减少了交互的次数并节省了存储空间。
基于公钥自证明的思想,提出了一种具有消息恢复的自认证加密方案。该方案实现了通信双方对彼此公钥的自证明和信息接收者可以从签名中恢复消息等功能,且具有第三层次的信任等级、较少的计算时间开销和较高的安全性等优点。
基于盲签名技术提出了一种匿名电子投票协议,该协议除满足电子投票的基本性质外,较好地解决了选票碰撞以及投票者的中途退出等问题,而且还可以有效地防止一人多票或一票多投现象的发生,即使管理机构和计票机构勾结,在计票前可同时保证选票的秘密性和公平性。还从实用的角度对电子投票系统原型进行了研究,对电子投票系统进行了设计,编程实现了其中的核心算法及部分功能。
The information security has become more and more crucial with the development of computer and network technologies. The digital signature is one of key techniques in information security, especially in the authentication, data integrity, and non-repudiation. It has been widely used in military, communication, e-commerce and e-government, etc., and will become more and more popular after the e-signature law is put in practice.The main interest of this dissertation is on the theory and method of digital signature and its application. The research focuses on some key problems of digital signature.Based on the characteristics of various signing equation, problems such as constructing signature scheme and chooing parameter of signing equation are fully investigated in this dissertation. Some significant results are obtained, including: 1)a method of choosing the parmeters of signing equation to generate ElGamal signing equation, this method extends the available range of choosing signature. 2)a new elliptic curve authenticated encryption scheme with message recovery. It is pointed out that there are two forgery attacks with known plaintext under the one-way function is homostasis function, all of these indicate some signature schemes satisfying certain conditions can avoid the forgery attack. 3)a new elliptic curve authenticated encryption scheme with message linkage recovery, which solves the problems such as message encryption and authentication, message linkage recovery and load of transmitting data.4)an elliptic curve signature scheme with message recovery, and the generalized forms of constructing signing eqauation and methods of choosing parameteres of signing equation.With the consideration of whether the owner of message is persuing by signer in blind signature, this dissertation proposes a method to generate ElGamal weakly-blind signature scheme, which contains almost all of the known type of weakly-blind signature scheme. Using multi-linear transform formula to describe the relationships among the variables held by user and proxy signer, this dissertation proposes a proxy blind signature based on elliptic curve cryptosystem.Using the bilinear theory of Weil pairing defined on elliptic curve, a new ID-based blind signature scheme is proposed. In this scheme, ID-based public key is not the public key stored in certificate. This scheme can omit the process of getting public key from the system in verification phase, therefore decrease interaction time and reduce the store space.Based on self-certificated public key, an authenticated encryption scheme with message recovery is proposed. In this scheme, both sides of communication can self verify
本文比较系统地对数字签名理论、方法和应用进行了研究,重点研究了数字签名中的若干关键技术问题。
根据各种不同的签名方程的构造特点,比较完整地探讨了签名方案的构造及其参数选取的方法。包括:1)给出了ElGamal型数字签名方程参数选取的一般方法,推广了选择签名的方法和范围。2)提出了一种基于椭圆曲线的具有消息恢复的认证加密方案,并指出在单向函数为同态函数的情况下存在两种已知明文的伪造攻击,从而说明选取符合一定条件的签名方案可以有效地避免这样的攻击;结合消息链接恢复特性,提出了相应的认证加密方案,该方案较好地解决了消息加密认证、消息链接恢复及传输量较大等问题。3)提出了一种基于椭圆曲线的具有消息恢复的签名方案及其参数选取方法。
对于盲签名,考虑到信息拥有者是否被签名人追踪的问题,提出了广义弱盲签名方案的构造方法,该方案几乎包含了目前所有该类签名。结合代理签名和盲签名的特点,利用多元线性变换来刻画用户与代理签名人之间变量的传递关系,从而提出了一种基于椭圆曲线的代理盲签名方案。
利用椭圆曲线上的Weil配对的双线性性质,提出了基于ID的盲签名方案,该方案以ID为基础的公钥代替以数字证书为基础的公钥,节约了验证签名时的时间开销,减少了交互的次数并节省了存储空间。
基于公钥自证明的思想,提出了一种具有消息恢复的自认证加密方案。该方案实现了通信双方对彼此公钥的自证明和信息接收者可以从签名中恢复消息等功能,且具有第三层次的信任等级、较少的计算时间开销和较高的安全性等优点。
基于盲签名技术提出了一种匿名电子投票协议,该协议除满足电子投票的基本性质外,较好地解决了选票碰撞以及投票者的中途退出等问题,而且还可以有效地防止一人多票或一票多投现象的发生,即使管理机构和计票机构勾结,在计票前可同时保证选票的秘密性和公平性。还从实用的角度对电子投票系统原型进行了研究,对电子投票系统进行了设计,编程实现了其中的核心算法及部分功能。
The information security has become more and more crucial with the development of computer and network technologies. The digital signature is one of key techniques in information security, especially in the authentication, data integrity, and non-repudiation. It has been widely used in military, communication, e-commerce and e-government, etc., and will become more and more popular after the e-signature law is put in practice.The main interest of this dissertation is on the theory and method of digital signature and its application. The research focuses on some key problems of digital signature.Based on the characteristics of various signing equation, problems such as constructing signature scheme and chooing parameter of signing equation are fully investigated in this dissertation. Some significant results are obtained, including: 1)a method of choosing the parmeters of signing equation to generate ElGamal signing equation, this method extends the available range of choosing signature. 2)a new elliptic curve authenticated encryption scheme with message recovery. It is pointed out that there are two forgery attacks with known plaintext under the one-way function is homostasis function, all of these indicate some signature schemes satisfying certain conditions can avoid the forgery attack. 3)a new elliptic curve authenticated encryption scheme with message linkage recovery, which solves the problems such as message encryption and authentication, message linkage recovery and load of transmitting data.4)an elliptic curve signature scheme with message recovery, and the generalized forms of constructing signing eqauation and methods of choosing parameteres of signing equation.With the consideration of whether the owner of message is persuing by signer in blind signature, this dissertation proposes a method to generate ElGamal weakly-blind signature scheme, which contains almost all of the known type of weakly-blind signature scheme. Using multi-linear transform formula to describe the relationships among the variables held by user and proxy signer, this dissertation proposes a proxy blind signature based on elliptic curve cryptosystem.Using the bilinear theory of Weil pairing defined on elliptic curve, a new ID-based blind signature scheme is proposed. In this scheme, ID-based public key is not the public key stored in certificate. This scheme can omit the process of getting public key from the system in verification phase, therefore decrease interaction time and reduce the store space.Based on self-certificated public key, an authenticated encryption scheme with message recovery is proposed. In this scheme, both sides of communication can self verify
引文
1 Diffie W. Hellman M E. New directions in cryptography[J]. IEEE Transactions on Information Theory. 1976, IT-22(6):644-654.
2 Revist R L, Shamir A, Adleman L. A method for obtaining digital signatures and public-key cryptosystems[J]. Communications of the ACM. 1978, 21 (2): 120~126.
3 冯登国,卿斯汉.信息安全—核心理论与实践.北京:国防工业出版社,2000.
4 杨义先,孙伟,钮心忻.现代密码新理论[M].北京:科学出版社,2002.
5 Mao W著,王继林等译.现代密码学理论与实践.北京:电子工业出版社,2004.
6 吴克力.数字签名理论与算法研究[D].博士学位论文.南京:南京理工大学,2004.
7 张键红,韦永壮,王育民.基于RSA的多重数字签名[J].通信学报,2003,24(8):150~154.
8 王庆梅,吴克力,刘凤玉.具有消息认证功能的多重数字签名方案.计算机工程,2003,29(19):13~15.
9 Harn I, Keisler T. New scheme for Digital Multisignature[J]. Electronic Letters, 1989, 25(15):1002~1003.
10 Mitomi S, Miyaji A. A general model of multisignature schemes with message flexibility, order flexibility, and order verifiability[J]. IEICE Trans., Fundamentals. 2001, E84-A(10):2488~2499.
11 Lin C Y, Wu T C, Hwang J J. ID-based Structured Multisignature Schemes[A]. Advances in Network and Distributed systems Security[C]. Boston, 2001, 45~59.
12 Mambo M, Usuda K, Okamoto E. Proxy signature for delegating signing operation[A]. Proc. 3rd ACM Conference on computer and communication security[C]. 1996, 48~57.
13 Kim S, Park S, Won D. Proxy signatures:Revisited[A]. ICICS'97, LNCS #1334[C]. Springer-Verlag, 223~232.
14 W B Lee, C Y Chang. Efficient proxy-protected proxy signature scheme based on discrete logarithm[A]. Proceedings of 10th Conference on information security[C]. Hualien, Taiwan, ROC, 2000, 4~7.
15 吴克力,郝鹃,刘凤玉.签名接收方可查的时控代理签名方案.计算机应用, 2003,23(6),38~39,42.
16 吴克力,刘以安.基于因子分解表述难题的代理签名方案.华东船舶工业学院学报(自然科学版),2003,17(5):66~69.
17 吴克力,刘凤玉.签名次数受限的代理签名方案.兵工学报,2004年10月已录用,编号:A4073.
18 李继国,曹珍富等.代理签名的现状与进展[J].通信学报,2003,24(10):114~124.
19 伊丽江,白国强,肖国镇.代理多重签名[J].计算机研究与发展,2001,38(2):204~206.
20 李继国,曹珍富等.代理多重签名方案的密码分析与修改[J].高技术通讯,2003,13(4):1~5.
21 Chaum D, Heyst E. V. Group signatures[A]. Advances in Cryptology-Eurocrypto'91, LNCS 547[C]. Berlin: Springer-Verlag, 1991: 257~65.
22 Camenish J, Stadler M. Efficient Group Signature Schemes for Large Groups[A]. Advances in Cryptology-CRPTO'97, LNCS 1294[C]. Berlin: Springer-Verlag, 1997, 410~424.
23 Bresson E, Stern J. Efficient revocation in group signature[A]. PKC 2001, LNCS 1992[C]. Berlin: Springer-Verlag, 1999: 190~206.
24 王尚平,王育民等.群签名中成员删除问题的更新算子解决方案[J].软件学报,2003,14(11):1911~1917.
25 张福泰等.群签名及其应用[J].通信学报,2001,22(1):77~85.
26 Ateniese G, Camenisch J, Joye M, Tsudik G. A practical and provably secure coalition-resistant group signature scheme[A]. In Advances in CRYPTO'00, LNCS 1880[C]. Springer-Verlag, 2000. 255~270.
27 Ateniese G, Tsudik G. Some open issues and directions in group signature[A]. In Financial Crypto'99, LNCS 1648[C]. Springer-Verlag, 1999. 196~211.
28 Camenisch J. Efficient and generalized group signature[A]. In Eurocrypt'97, LNCS 1233[C]. Springer-Verlag, 1997.465~479.
29 Chen L, Pedersen T P. New group signature schemes[A]. In Eurocrypt'94, LNCS 950[C]. Springer-Verlag, 1994. 171~181.
30 Bellare M, Shi H, Zhang C. Foundations of Group Signatures: The Case of Dynamic Groups[J/OL]. http://eprint.iacr.org/2004/077.
31 Rivest R L, Shamir A, Tauman Y. How to Leak a Secret[A]. Cryptology-Asiacrypt 2001, LNCS 2248[C]. Berlin: Springer-Verlag, 2001: 552~565.
32 Zhang F, Kim K. ID-Based Blind Signature and Ring Signature from pairings[A]. Cryptology-Asiacrypt 2002, LNCS 2501[C]. Berlin: Springer-Verlag, 2002: 533~547.
33 CY Lin, TC Wu. An Identity-based Ring Signature Scheme from Bilinear Pairings[A]. 18th International Conference on Advanced Information Networking and Applications (AINA'04) Volume 2[C]. 2004:182~186.
34 Chaum D. Blind signature for untraceable payments[A]. Proc. Crypto'82[C]. New York: Plenum Press, 1983:199~203.
35 Chaum D. Blind signatures system[A]. CRYPTO'83 [C]. New York: Plenum Press, 1983: 153~158.
36 Stadler M A, Piveteau J M, Camenisch J L. A blind signatures scheme based on ElGamal signature[A]. EUROCRYPT'95[C]. Heidelberg: Springer-Verlag, 1995:209~219.
37 Okamoto T. Provable secure and practical identification schemes and corresponding digital signature schemes[A]. CRYPTO'92[C]. New York: Springer-Verlag, 1992:31~52.
38 Camenisch J, Piveteau J, Stadler M. Blind signatures based on discrete logarithm problem[A]. EUROCRYPT'94[C]. Heidelberg: Springer-Verlag, 1994: 428~432.
39 姚亦峰,朱华飞,陈抗生.基于二元仿射变换的广义EIGamal型盲签名方案[J].电子学报,2000,28(7):128~129.
40 Fan C I, Lei C L. Efficient blind signature scheme based on quadratic residues[J]. IEE Electronic Letters, 1996. 32(9): 811~813.
41 Fan C I, Lei C L. User efficient blind signatures[J]. IEE Electronics Letters, 1998, 34(6):544~546.
42 Fan C I, Chen W K, Yeh Y S. Randomization enhanced Chaum's blind signature scheme[J]. Computer Communications, 2000, 23(13): 1677~1680.
43 Lin W D, Jan J K. A security personal learning tools using a proxy blind signature scheme[A]. Proceedings of International Conference on Chinese Language Computing[C]. USA: Chinese Language Computer Society Knowledge Systems Institute, 2000:273~277.
44 Tan Z, Liu Z, Tang C. Digital proxy blind signature schemes based on DLP and ECDLP[J]. MM Research Preprints, 2002, 21(7): 212~217.
45 Lal S, Awasthi A K. Proxy blind signature scheme[J/OL]. http://eprint.iacr.org/2003/072.
46 吴克力,朱保平,刘凤玉.公平的群盲签名方案.南京理工大学学报(自然科学版), 2004,28(1),90~94.
47 Fan C I, Lei C L. Low-computation partially blind signatures for electronic cash[J]. IEICE Transactions on Fundamentals, 1998, 81(5): 818~824.
48 Chien H Y, Jan J K, Tseng Y M. RSA-Based partially blind signature with low computation[A]. IEEE 8th International Conference on Parallel and Distributed Systems[C]. Kyongju: Institute of Electrical and Electronics Engineers Computer Society, 2001: 385~389.
49 Fuw-Yi Yang, Jinn-Ke Jan. A provably secure scheme for restrictive partially blind signatures[J/OL], http://eprint.iacr.org/2004/037/.
50 Fuw-Yi Yang, Jinn-Ke Jan. A Provable Secure Scheme for Partially Blind Signatures[J/OL]. http://eprint.iacr.org/2004/230/
51 Sherman S. M. Chow, Lucas C. K. Hui, S. M. Yiu, K. P. Chow. Two Improved Partially Blind Signature Schemes from Bilinear Pairings[J/OL]. http://eprint.iacr.org/2004/108/.
52 Girault M. Self-certified public keys[A], Advances in cryptology, Proc. Eurocrypt'91, LNCS 434[C], Springer, 490~497.
53 Petersen H., Horster P. Self-certified keys—concepts and applications[A]. In Proc. 3rd Int. Conference on Communications and Multimedia Security'97[C], Chapman & Hall, September, 102~116.
54 Chang, Yuh-Shihng, Wu, Tzong-Chen; Huang, Shih-Chan. ElGamal-like digital signature and multisignature schemes using self-certified public keys[J]. Journal of Systems and Software, 2000, 50(2):99~105
55 Tseng, Yuh-Min Jan, Jinn-Ke, Chien, Hung-Yu. Digital signature with message recovery using self-certified public keys and its variants[J]. Applied Mathematics and Computation 2003, 136(2-3): 203~214
56 李子臣,杨义先.具有消息恢复的数字签名方案[J].电子学报,2000,28(1):125~126.
57 李子臣,李中献.具有消息恢复签名方案的伪造攻击[J].通信学报,2000,21(5):84~87.
58 何桂萍.基于离散对数加密系统的密钥认证模式[J].计算机工程与设计,2000,21(5):26~29.
59 张爱新 杨明福.基于自证明公钥认证的数字签名方案[J].计算机应用与软件,2001,18(8):63~65.
60 Boneh D, Shacham H, Lynn B. Short signatures from the Weil pairing[A]. In proceedings of Asiacrypt'01, LNCS 2139[C]. Berlin: Springer-Verlag, 2001: 514~532.
61 王泽成等.一种基于Weil配对的数字签名方案的安全性分析与改进[J].计算机工程,2003,29(16):60~61.
62 ElGamal T. A public key cryptosystem and a signature scheme based on discrete logarithms[J]. IEEE Transaction on information theory, 1985, 31(4):469~472.
63 Harn, L., Xu Y. Design of generalized ElGamal type digital scheme based on discrete logarithm[J]. Electronics letters, 1994, 31 (24):2025~2026.
64 Horster P., Michels M. and Petersen H. Meta-ElGamal signature schemes[A]. Proc. 2nd conference computer communication security[C], Fairfax, Virginia, 1994, Nov. 2~4, 96~107.
65 Nyberg K., Rueppel R. A. Message recovery for signature schemes based on the discrete logarithm[A]. Advances in Cryptology-Eurocrypt'94[C]. Springer-Verlag, 1994, 175~190.
66 Nyberg K., Rueppel R. A. Message recovery for signature schemes based on the discrete logarithm[J]. Designs, Codes and Cryptography, Vol. 7, 1996, 61~81.
67 Horster P., Michels M., Petersen H.. Authenticated encryption schemes with low communication costs[J]. Electronics Letters, 1994, 30(15): 1230~1231.
68 S. J. Hwang, C. C. Chang , W. P. Yang. Authenticated encryption schemes with message linkages[J]. Information Processing Letters. 1996, Vol. 58, 189~194.
69 W. B. Lee, C. C. Chang. Authenticated encryption schemes with linkage between message blocks[J]. Information Processing Letters, 1997, 63:247~250.
70 W. B. Lee, C. C. Chang. Authenticated encryption schemes without using a one-way hash function[J]. Electronics Letters, 1995, 31:1656~1657.
71 Y. M. Tseng J. K. Jan. An efficient authenticated encryption schemes with message linkages and low communication costs[J]. Journal of information and engineering. 2002, Vol. 18, 41~46.
72 李继红 肖国镇.广义ElGamal签名的一种安全性分类[J].西安电子科技大学学报,1998,25(5):654~658.
73 李继红 谷大武 肖国镇.ElGamal型签名方案与相应型方案的安全性关系研究[J].通信学报,2000,21(4):58~61.
74 He J, Kiesler T. Enhancing the security of ElGamal's signature scheme. IEE Pro. digit. Tech., 1994, 141(4):249~252.
75 卢建株,陈火炎.具有消息恢复的数字签名方案及其安全性[J].小型微型计算机系统,2003,24(4):695~697.
76 Nguyen L. A Trapdoor-free and Efficient Group Signature Scheme from Bilinear Pairings. http://eprint.iacr.org/2004/104/.
77 Chen X, Zhang F, Kim K. A New ID-based Group Signature Scheme from Bilinear Pairing. Proceedings of WISA'2003, Jeju Island(KR), August 2003, 585~592.
78 Libert B, Quisquater J J. New identity based signcryption schemes from pairings. http://eprint.iacr.org/2003/023/.
79 王晓明.基于椭圆曲线的若干密码方案[J].计算机工程与设计,2002,23(7):18~19.
80 ANSI X9.62. Public key cryptography for the financial services industry: The elliptic curve digital signature (ECDSA)[S]. 1999
81 Shamir. identity-based cryptosystem based on the discrete logarithm problem[A], In: Advances in cryptology-Eurocrypt'84[C], Springer, Berlin, 1985, 47~53.
82 祁明,林卓声.若干盲签名方案及其在电了商务中的应用[J].计算机工程与设计,2000,21(4):39~41,49.
83 Harn L. Cryptanatysis of blind signature based on the discrete logarithm problem. Electronic Letters, 1995, 31 (14): 1136
84 杜伟章,陈克非.基于线性变换构造弱盲签名方案[J].计算机工程与应用,2003,39(17):38~40.
85 Lin W. D, Jan J. K. A security personal learning tools using a proxy blind signature scheme[A]. Proceedings of International Conference on Chinese Language Computing[C]. Illinois, USA, July 2000, 273~277.
86 谭作文等.基于离散对数的代理盲签名[J].软件学报,2003,14(11):1931~1935.
87 Zhao Zemao, Liu Fengyu. Construction of Proxy Blind Signature Scheme Based on Multi-Linear Transform. Journal of Electronics(China), 2004, 21(6): 505~510.
88 Miller V. Use of elliptic curves in cryptography. Advances in Cryptology-Proceedings of CRYPTO'85, LNCS 218. Berlin: Springer-Verlag, 1985, 410~424.
89 Koblitz N. Elliptic curve cryptosystems. Mathematics of Computation. 1987, 48(5):203~209.
90 MenezesA J, Okamota T, Vanstones S A. Reducing elliptic curve logarithms to a finite field. IEEE Transactions on Information Theory. 1993, 39:1639~1646.
91 Joux A. A one round protocol for tripartite Diffie-Hellman, In Proceedings of the 4th International Symposium on Algorithmic Number Theory, LNCS 1838. Springer-Verlag, 2000, 385~394.
92 Boneh D, Franklin M. Identity-Based Encryption from the Weil Paring. Advances in Cryptology-Proceedings of CRYPTO'01, LNCS 2139. Berlin: Springer-Verlag, 2001, 213~229.
93 Hess F. Exponent group signature schemes and efficient identity based signature schemes based on pairings[EB/OL]. Cryptology ePrint Archive, Report 2002/012, available at http://eprint.iacr.org/2002/012/.
94 Fangguo Zhang, Kwangjo Kim. ID-Based Blind Signature and Ring Signature from Pairings[A]. Proc of Asiacrpt, 2002 LNCS, 533~547, Springer-Verlag, 2002.
95 Fangguo Zhang and Kwangjo Kim. Efficient ID-Based Blind Signature and Proxy Signature from bilinear pairings[A]. In: Advances in Cryptology-Crypto'2003[C], volume 2727 of Lecture notes in Computer Science, 312-323, Springer-Verlag. 2003.
96 Jung Hee Cheon, Yongdae Kim and Hyo Jin Yoon. A New ID-based Signature with Batch Verification[EB/OL]. Cryptology ePrint Archive, Report 2004/131, available at http://eprint.iacr.org/2004/131/.
97 Benaloh J, Yung M. Distributing the power of a government to enhance the privacy of votes[A]. Proc of the 5th ACM of distributed computing[C]. Calgary, 1986. 52~62.
98 Iverson K R. A Cryptographic Scheme for Computerized General Elections[A]. Proceedings of Crypto'91, LNCS576[C]. Berlin: Springer-verlag, 1991, 405~419.
99 Chaum D. Elections with unconditionally secret balllots and disruption equivalent breaking RSA[A]. Eurocrypt'88, LNCS330[C]. Berlin: Springer-verlag, 1988, 177~182.
100 Ohta K. An electrical voting scheme using a single administrator[A]. 1988 Spring National Convention Record[C]. Berlin: IEICE, 1988, A-294.
101 Asano T, Matsumoto T, Imai H. A study on some schemes for fair election secret voting[A]. Proc. of the. 1991 symposium on cryptography and information security[C]. Japan, 1991: SCIS91-12A.
102 Sako K. Electronic voting system with objection to the center[A]. Proc. of the 1992 symposium on cryptography and information security[C]. 1992: SCIS92-13C.
103 Fujioka A, Okamoto T, Ohta K. A practical secret voting scheme for large scale elections[A]. Auscrypt'92, LNCS718[C]. Berlin: Springer-verlag, 1993, 244~251.
104 孟江涛,冯登国,胡振宇.电子选举中的安全协议[J].中国科学院研究生院,2002,19(3):295~305.
105 郑燕飞,陈克非.电子选举:理论实践与未来.计算机科学[J].计算机科学,2002,29(4):12~14.
106 汪保友,杨风,胡运发.基于盲签名的在线选举方案[J].小型微型计算机系统,
2 Revist R L, Shamir A, Adleman L. A method for obtaining digital signatures and public-key cryptosystems[J]. Communications of the ACM. 1978, 21 (2): 120~126.
3 冯登国,卿斯汉.信息安全—核心理论与实践.北京:国防工业出版社,2000.
4 杨义先,孙伟,钮心忻.现代密码新理论[M].北京:科学出版社,2002.
5 Mao W著,王继林等译.现代密码学理论与实践.北京:电子工业出版社,2004.
6 吴克力.数字签名理论与算法研究[D].博士学位论文.南京:南京理工大学,2004.
7 张键红,韦永壮,王育民.基于RSA的多重数字签名[J].通信学报,2003,24(8):150~154.
8 王庆梅,吴克力,刘凤玉.具有消息认证功能的多重数字签名方案.计算机工程,2003,29(19):13~15.
9 Harn I, Keisler T. New scheme for Digital Multisignature[J]. Electronic Letters, 1989, 25(15):1002~1003.
10 Mitomi S, Miyaji A. A general model of multisignature schemes with message flexibility, order flexibility, and order verifiability[J]. IEICE Trans., Fundamentals. 2001, E84-A(10):2488~2499.
11 Lin C Y, Wu T C, Hwang J J. ID-based Structured Multisignature Schemes[A]. Advances in Network and Distributed systems Security[C]. Boston, 2001, 45~59.
12 Mambo M, Usuda K, Okamoto E. Proxy signature for delegating signing operation[A]. Proc. 3rd ACM Conference on computer and communication security[C]. 1996, 48~57.
13 Kim S, Park S, Won D. Proxy signatures:Revisited[A]. ICICS'97, LNCS #1334[C]. Springer-Verlag, 223~232.
14 W B Lee, C Y Chang. Efficient proxy-protected proxy signature scheme based on discrete logarithm[A]. Proceedings of 10th Conference on information security[C]. Hualien, Taiwan, ROC, 2000, 4~7.
15 吴克力,郝鹃,刘凤玉.签名接收方可查的时控代理签名方案.计算机应用, 2003,23(6),38~39,42.
16 吴克力,刘以安.基于因子分解表述难题的代理签名方案.华东船舶工业学院学报(自然科学版),2003,17(5):66~69.
17 吴克力,刘凤玉.签名次数受限的代理签名方案.兵工学报,2004年10月已录用,编号:A4073.
18 李继国,曹珍富等.代理签名的现状与进展[J].通信学报,2003,24(10):114~124.
19 伊丽江,白国强,肖国镇.代理多重签名[J].计算机研究与发展,2001,38(2):204~206.
20 李继国,曹珍富等.代理多重签名方案的密码分析与修改[J].高技术通讯,2003,13(4):1~5.
21 Chaum D, Heyst E. V. Group signatures[A]. Advances in Cryptology-Eurocrypto'91, LNCS 547[C]. Berlin: Springer-Verlag, 1991: 257~65.
22 Camenish J, Stadler M. Efficient Group Signature Schemes for Large Groups[A]. Advances in Cryptology-CRPTO'97, LNCS 1294[C]. Berlin: Springer-Verlag, 1997, 410~424.
23 Bresson E, Stern J. Efficient revocation in group signature[A]. PKC 2001, LNCS 1992[C]. Berlin: Springer-Verlag, 1999: 190~206.
24 王尚平,王育民等.群签名中成员删除问题的更新算子解决方案[J].软件学报,2003,14(11):1911~1917.
25 张福泰等.群签名及其应用[J].通信学报,2001,22(1):77~85.
26 Ateniese G, Camenisch J, Joye M, Tsudik G. A practical and provably secure coalition-resistant group signature scheme[A]. In Advances in CRYPTO'00, LNCS 1880[C]. Springer-Verlag, 2000. 255~270.
27 Ateniese G, Tsudik G. Some open issues and directions in group signature[A]. In Financial Crypto'99, LNCS 1648[C]. Springer-Verlag, 1999. 196~211.
28 Camenisch J. Efficient and generalized group signature[A]. In Eurocrypt'97, LNCS 1233[C]. Springer-Verlag, 1997.465~479.
29 Chen L, Pedersen T P. New group signature schemes[A]. In Eurocrypt'94, LNCS 950[C]. Springer-Verlag, 1994. 171~181.
30 Bellare M, Shi H, Zhang C. Foundations of Group Signatures: The Case of Dynamic Groups[J/OL]. http://eprint.iacr.org/2004/077.
31 Rivest R L, Shamir A, Tauman Y. How to Leak a Secret[A]. Cryptology-Asiacrypt 2001, LNCS 2248[C]. Berlin: Springer-Verlag, 2001: 552~565.
32 Zhang F, Kim K. ID-Based Blind Signature and Ring Signature from pairings[A]. Cryptology-Asiacrypt 2002, LNCS 2501[C]. Berlin: Springer-Verlag, 2002: 533~547.
33 CY Lin, TC Wu. An Identity-based Ring Signature Scheme from Bilinear Pairings[A]. 18th International Conference on Advanced Information Networking and Applications (AINA'04) Volume 2[C]. 2004:182~186.
34 Chaum D. Blind signature for untraceable payments[A]. Proc. Crypto'82[C]. New York: Plenum Press, 1983:199~203.
35 Chaum D. Blind signatures system[A]. CRYPTO'83 [C]. New York: Plenum Press, 1983: 153~158.
36 Stadler M A, Piveteau J M, Camenisch J L. A blind signatures scheme based on ElGamal signature[A]. EUROCRYPT'95[C]. Heidelberg: Springer-Verlag, 1995:209~219.
37 Okamoto T. Provable secure and practical identification schemes and corresponding digital signature schemes[A]. CRYPTO'92[C]. New York: Springer-Verlag, 1992:31~52.
38 Camenisch J, Piveteau J, Stadler M. Blind signatures based on discrete logarithm problem[A]. EUROCRYPT'94[C]. Heidelberg: Springer-Verlag, 1994: 428~432.
39 姚亦峰,朱华飞,陈抗生.基于二元仿射变换的广义EIGamal型盲签名方案[J].电子学报,2000,28(7):128~129.
40 Fan C I, Lei C L. Efficient blind signature scheme based on quadratic residues[J]. IEE Electronic Letters, 1996. 32(9): 811~813.
41 Fan C I, Lei C L. User efficient blind signatures[J]. IEE Electronics Letters, 1998, 34(6):544~546.
42 Fan C I, Chen W K, Yeh Y S. Randomization enhanced Chaum's blind signature scheme[J]. Computer Communications, 2000, 23(13): 1677~1680.
43 Lin W D, Jan J K. A security personal learning tools using a proxy blind signature scheme[A]. Proceedings of International Conference on Chinese Language Computing[C]. USA: Chinese Language Computer Society Knowledge Systems Institute, 2000:273~277.
44 Tan Z, Liu Z, Tang C. Digital proxy blind signature schemes based on DLP and ECDLP[J]. MM Research Preprints, 2002, 21(7): 212~217.
45 Lal S, Awasthi A K. Proxy blind signature scheme[J/OL]. http://eprint.iacr.org/2003/072.
46 吴克力,朱保平,刘凤玉.公平的群盲签名方案.南京理工大学学报(自然科学版), 2004,28(1),90~94.
47 Fan C I, Lei C L. Low-computation partially blind signatures for electronic cash[J]. IEICE Transactions on Fundamentals, 1998, 81(5): 818~824.
48 Chien H Y, Jan J K, Tseng Y M. RSA-Based partially blind signature with low computation[A]. IEEE 8th International Conference on Parallel and Distributed Systems[C]. Kyongju: Institute of Electrical and Electronics Engineers Computer Society, 2001: 385~389.
49 Fuw-Yi Yang, Jinn-Ke Jan. A provably secure scheme for restrictive partially blind signatures[J/OL], http://eprint.iacr.org/2004/037/.
50 Fuw-Yi Yang, Jinn-Ke Jan. A Provable Secure Scheme for Partially Blind Signatures[J/OL]. http://eprint.iacr.org/2004/230/
51 Sherman S. M. Chow, Lucas C. K. Hui, S. M. Yiu, K. P. Chow. Two Improved Partially Blind Signature Schemes from Bilinear Pairings[J/OL]. http://eprint.iacr.org/2004/108/.
52 Girault M. Self-certified public keys[A], Advances in cryptology, Proc. Eurocrypt'91, LNCS 434[C], Springer, 490~497.
53 Petersen H., Horster P. Self-certified keys—concepts and applications[A]. In Proc. 3rd Int. Conference on Communications and Multimedia Security'97[C], Chapman & Hall, September, 102~116.
54 Chang, Yuh-Shihng, Wu, Tzong-Chen; Huang, Shih-Chan. ElGamal-like digital signature and multisignature schemes using self-certified public keys[J]. Journal of Systems and Software, 2000, 50(2):99~105
55 Tseng, Yuh-Min Jan, Jinn-Ke, Chien, Hung-Yu. Digital signature with message recovery using self-certified public keys and its variants[J]. Applied Mathematics and Computation 2003, 136(2-3): 203~214
56 李子臣,杨义先.具有消息恢复的数字签名方案[J].电子学报,2000,28(1):125~126.
57 李子臣,李中献.具有消息恢复签名方案的伪造攻击[J].通信学报,2000,21(5):84~87.
58 何桂萍.基于离散对数加密系统的密钥认证模式[J].计算机工程与设计,2000,21(5):26~29.
59 张爱新 杨明福.基于自证明公钥认证的数字签名方案[J].计算机应用与软件,2001,18(8):63~65.
60 Boneh D, Shacham H, Lynn B. Short signatures from the Weil pairing[A]. In proceedings of Asiacrypt'01, LNCS 2139[C]. Berlin: Springer-Verlag, 2001: 514~532.
61 王泽成等.一种基于Weil配对的数字签名方案的安全性分析与改进[J].计算机工程,2003,29(16):60~61.
62 ElGamal T. A public key cryptosystem and a signature scheme based on discrete logarithms[J]. IEEE Transaction on information theory, 1985, 31(4):469~472.
63 Harn, L., Xu Y. Design of generalized ElGamal type digital scheme based on discrete logarithm[J]. Electronics letters, 1994, 31 (24):2025~2026.
64 Horster P., Michels M. and Petersen H. Meta-ElGamal signature schemes[A]. Proc. 2nd conference computer communication security[C], Fairfax, Virginia, 1994, Nov. 2~4, 96~107.
65 Nyberg K., Rueppel R. A. Message recovery for signature schemes based on the discrete logarithm[A]. Advances in Cryptology-Eurocrypt'94[C]. Springer-Verlag, 1994, 175~190.
66 Nyberg K., Rueppel R. A. Message recovery for signature schemes based on the discrete logarithm[J]. Designs, Codes and Cryptography, Vol. 7, 1996, 61~81.
67 Horster P., Michels M., Petersen H.. Authenticated encryption schemes with low communication costs[J]. Electronics Letters, 1994, 30(15): 1230~1231.
68 S. J. Hwang, C. C. Chang , W. P. Yang. Authenticated encryption schemes with message linkages[J]. Information Processing Letters. 1996, Vol. 58, 189~194.
69 W. B. Lee, C. C. Chang. Authenticated encryption schemes with linkage between message blocks[J]. Information Processing Letters, 1997, 63:247~250.
70 W. B. Lee, C. C. Chang. Authenticated encryption schemes without using a one-way hash function[J]. Electronics Letters, 1995, 31:1656~1657.
71 Y. M. Tseng J. K. Jan. An efficient authenticated encryption schemes with message linkages and low communication costs[J]. Journal of information and engineering. 2002, Vol. 18, 41~46.
72 李继红 肖国镇.广义ElGamal签名的一种安全性分类[J].西安电子科技大学学报,1998,25(5):654~658.
73 李继红 谷大武 肖国镇.ElGamal型签名方案与相应型方案的安全性关系研究[J].通信学报,2000,21(4):58~61.
74 He J, Kiesler T. Enhancing the security of ElGamal's signature scheme. IEE Pro. digit. Tech., 1994, 141(4):249~252.
75 卢建株,陈火炎.具有消息恢复的数字签名方案及其安全性[J].小型微型计算机系统,2003,24(4):695~697.
76 Nguyen L. A Trapdoor-free and Efficient Group Signature Scheme from Bilinear Pairings. http://eprint.iacr.org/2004/104/.
77 Chen X, Zhang F, Kim K. A New ID-based Group Signature Scheme from Bilinear Pairing. Proceedings of WISA'2003, Jeju Island(KR), August 2003, 585~592.
78 Libert B, Quisquater J J. New identity based signcryption schemes from pairings. http://eprint.iacr.org/2003/023/.
79 王晓明.基于椭圆曲线的若干密码方案[J].计算机工程与设计,2002,23(7):18~19.
80 ANSI X9.62. Public key cryptography for the financial services industry: The elliptic curve digital signature (ECDSA)[S]. 1999
81 Shamir. identity-based cryptosystem based on the discrete logarithm problem[A], In: Advances in cryptology-Eurocrypt'84[C], Springer, Berlin, 1985, 47~53.
82 祁明,林卓声.若干盲签名方案及其在电了商务中的应用[J].计算机工程与设计,2000,21(4):39~41,49.
83 Harn L. Cryptanatysis of blind signature based on the discrete logarithm problem. Electronic Letters, 1995, 31 (14): 1136
84 杜伟章,陈克非.基于线性变换构造弱盲签名方案[J].计算机工程与应用,2003,39(17):38~40.
85 Lin W. D, Jan J. K. A security personal learning tools using a proxy blind signature scheme[A]. Proceedings of International Conference on Chinese Language Computing[C]. Illinois, USA, July 2000, 273~277.
86 谭作文等.基于离散对数的代理盲签名[J].软件学报,2003,14(11):1931~1935.
87 Zhao Zemao, Liu Fengyu. Construction of Proxy Blind Signature Scheme Based on Multi-Linear Transform. Journal of Electronics(China), 2004, 21(6): 505~510.
88 Miller V. Use of elliptic curves in cryptography. Advances in Cryptology-Proceedings of CRYPTO'85, LNCS 218. Berlin: Springer-Verlag, 1985, 410~424.
89 Koblitz N. Elliptic curve cryptosystems. Mathematics of Computation. 1987, 48(5):203~209.
90 MenezesA J, Okamota T, Vanstones S A. Reducing elliptic curve logarithms to a finite field. IEEE Transactions on Information Theory. 1993, 39:1639~1646.
91 Joux A. A one round protocol for tripartite Diffie-Hellman, In Proceedings of the 4th International Symposium on Algorithmic Number Theory, LNCS 1838. Springer-Verlag, 2000, 385~394.
92 Boneh D, Franklin M. Identity-Based Encryption from the Weil Paring. Advances in Cryptology-Proceedings of CRYPTO'01, LNCS 2139. Berlin: Springer-Verlag, 2001, 213~229.
93 Hess F. Exponent group signature schemes and efficient identity based signature schemes based on pairings[EB/OL]. Cryptology ePrint Archive, Report 2002/012, available at http://eprint.iacr.org/2002/012/.
94 Fangguo Zhang, Kwangjo Kim. ID-Based Blind Signature and Ring Signature from Pairings[A]. Proc of Asiacrpt, 2002 LNCS, 533~547, Springer-Verlag, 2002.
95 Fangguo Zhang and Kwangjo Kim. Efficient ID-Based Blind Signature and Proxy Signature from bilinear pairings[A]. In: Advances in Cryptology-Crypto'2003[C], volume 2727 of Lecture notes in Computer Science, 312-323, Springer-Verlag. 2003.
96 Jung Hee Cheon, Yongdae Kim and Hyo Jin Yoon. A New ID-based Signature with Batch Verification[EB/OL]. Cryptology ePrint Archive, Report 2004/131, available at http://eprint.iacr.org/2004/131/.
97 Benaloh J, Yung M. Distributing the power of a government to enhance the privacy of votes[A]. Proc of the 5th ACM of distributed computing[C]. Calgary, 1986. 52~62.
98 Iverson K R. A Cryptographic Scheme for Computerized General Elections[A]. Proceedings of Crypto'91, LNCS576[C]. Berlin: Springer-verlag, 1991, 405~419.
99 Chaum D. Elections with unconditionally secret balllots and disruption equivalent breaking RSA[A]. Eurocrypt'88, LNCS330[C]. Berlin: Springer-verlag, 1988, 177~182.
100 Ohta K. An electrical voting scheme using a single administrator[A]. 1988 Spring National Convention Record[C]. Berlin: IEICE, 1988, A-294.
101 Asano T, Matsumoto T, Imai H. A study on some schemes for fair election secret voting[A]. Proc. of the. 1991 symposium on cryptography and information security[C]. Japan, 1991: SCIS91-12A.
102 Sako K. Electronic voting system with objection to the center[A]. Proc. of the 1992 symposium on cryptography and information security[C]. 1992: SCIS92-13C.
103 Fujioka A, Okamoto T, Ohta K. A practical secret voting scheme for large scale elections[A]. Auscrypt'92, LNCS718[C]. Berlin: Springer-verlag, 1993, 244~251.
104 孟江涛,冯登国,胡振宇.电子选举中的安全协议[J].中国科学院研究生院,2002,19(3):295~305.
105 郑燕飞,陈克非.电子选举:理论实践与未来.计算机科学[J].计算机科学,2002,29(4):12~14.
106 汪保友,杨风,胡运发.基于盲签名的在线选举方案[J].小型微型计算机系统,