安全群签名体制研究及安全性分析
|
摘要
在当今网络化、信息化、数字化的社会中,人们在通过网络进行活动时,迫切需要一种能够进行身份鉴别、数据完整性认证和抗否认的技术,这样数字签名、证书认证技术应运而生。为了满足应用领域的特殊性,各种特殊的数字签名技术相继被提出,其中群签名、门限群签名的研究,在管理、军事、政治及经济等多个方面有着广泛的应用。比如在公共资源的管理,重要军事命令的签发,重要领导人的选举,电子商务,重要新闻的发布,金融合同的签署等事务中,群签名都可发挥重要作用。
对安全群签名体制的理论模型,安全性需求进行了深入的研究。对一个具有有效成员撤销功能的前向安全群签名方案进行了密码学分析,指出了该方案中存在的一些设计错误和缺陷。提出了一个改进的前向安全的群签名方案,同时在改进方案中,提出了新的安全特性,使方案不仅具备前向安全性,同时也能防止群成员的超前签名行为。改进方案突破了传统前向安全群签名方案中设置固定时间段的限制,具有无限的时间段,不再需要在时间段使用完后重新设置系统参数与成员参数。改进方案能支持成员的有效撤销功能,使得被撤销的成员不能再代表群进行签名,同时在被撤销前的签名仍然保持有效,是一个安全性能完善的群签名方案。
对基于椭圆曲线的双线性映射在群签名中的应用进行了深入的研究,由于双线性映射的安全性建立在GAP群上,而在GAP群上的DDH问题是容易求解的,这样导致在基于双线性映射的群签名方案设计中很难同时兼顾群签名的匿名性和可跟踪性。所以目前基于双线性映射的群签名还处于一个起步阶段,还没有一个有代表性的基于双线性映射的群签名方案,而现有的一些基于双线性映射的群签名方案的设计缺陷较多,且安全性较差。在对现有的方案进行分析的基础上,提出了一个具有多种安全策略的基于双线性映射的群签名方案,方案很好地满足了群签名的全部安全需求。
在军队,政府等一些涉密机构中,如何安全地保存秘密显得尤为重要。有些情况下,秘密需要由多个人保存,每个人保存一个秘密份额,必要时由多个人合作恢复秘密,这样可以避免由一个人保存而容易发生秘密的丢失和被篡改。密钥共享技术的研究成果很好地解决了这样一类问题。同时秘密共享技术也是门限群签名的理论基础。对秘密共享技术的理论进行了深入的研究,重点分析研究了基于门限的秘密共享技术,对门限秘密共享方案中普遍存在的各种问题进行了系统的总结,分析了一种多重密钥共享认证方案,指出了该方案设计中存在的一些设计错误和缺陷。在分析的基础上,提出了一个可信的多重密钥共享认证方案,方案的每一个处理过程都有严格的验证,确保在秘密恢复过程中不会出现欺诈行为,恢复出的秘密具有很高的可信度。
对门限群签名体制的理论模型以及安全需求进行了深入的研究,对一个抗合谋攻击的门限群签名方案进行了分析,指出了目前门限群签名方案中普遍存在的缺陷。在分析的基础上,有效地将群签名与门限群签名技术融合在一起,提出了一个能抵抗合谋攻击的门限群签名方案。
对基于双线性映射的门限群签名方案设计技术进行了深入的研究,分析了一个基于双线性映射的卡梅隆门限群签名和一个基于双线性映射的前向安全的门限群签名,指出了这些方案设计中存在的一些设计错误和缺陷。在分析的基础上,根据门限签名合成者身份的不同采用不同的设计策略,提出了一个基于双线性映射的门限群签名方案,以及一个基于双线性映射的前向安全的门限群签名方案。其中前向安全的门限群签名方案摆脱了前向安全群签名方案中一定将时间分成若干个时间段的模式,无需时间段的概念,方案简洁,实用。两个方案都很好地满足了门限群签名的全部安全性要求。
论文最后部分,总结了论文的主要工作及研究成果,并对今后的研究工作的重点进行了展望。
In recent network, information and digitization society, it is very important to invent a kind of technologies which can be used for identifying identity, data integrity and anti-denial, so the digital signature and certificate authentication arise at this historic moment. In order to satisfy the particularity application domain, different special digital signature technologies were proposed one after another. Amongst these special digital signatures, the research for group signature and the threshold group signature, in the management, the military, politics and the economy and so on many aspects have the widespread application. For instance, in public resource's management, important military order's signing and issuing, the important leader's election, electronic commerce, national news's issue, the financial contract signs and so on, the group signature may play an important role.
A comprehensive research has made in the theoretical model and the security requirements for security group signature scheme. A forward security group signature scheme with effective member revoke was analyzed, some design mistakes and flaws in this scheme were pointed out. An improvement's forward security's group signature scheme was proposed in the improvement scheme, simultaneously some new security features were proposed, in improvement scheme, there is not only the forward security, but also there is ability to prevent the group member signing a valid signature which time is before the group member join group. The improvement scheme broke through the limit in the traditional forward security group signature scheme in which establish the fixed time periods, improvement scheme has the infinite time periods, no longer needed to reset system parameters and the member parameter after the time periods be used out. The improvement scheme can support member's effective revocation, any member can not sign a valid signature again when he is cancelled from group, simultaneously signatures signed before being abolished still maintained effective, and improvement scheme is a perfect group signature scheme which satisfies all security requirements.
A comprehensive research has made in the application of elliptic curve based bilinear mapping in the group signature, security of bilinear mapping is established on the GAP group. Because the DDH problem is easy to solve in GAP, this fact results it is very difficult to design a bilinear mapping based group signature scheme which can satisfy anonymity and the tractability. Therefore in recent, the research about bilinear mapping based group signature is also at a start stage, there are no a bilinear mapping based group signature scheme obtains common recognition. There are some design defects in existing schemes, and the security is not very ideal. Though analyzed the existing schemes, a bilinear mapping based group signature scheme with multi-security strategies proposed, the proposed scheme satisfy the all security requirements for group signature completely.
In the army, the government and some important organizations in which has the massive secret information, it is very important how to preserves the secrets safely. In some situations, the secret needs preserved by some person, each person preserves a secret share, when the necessity the secret can be restored by some person's cooperation, with this method, it may avoid the secret loss and tampered while by only one person preserving secret. The research achievement of secret sharing technology can satisfy this requirement very well. Simultaneously the secret sharing technology is also the fundamental of threshold group signature. A comprehensive research Has made in the theory of secret sharing technology, especially the threshold based secret sharing technology, summarizes the universal security problems threshold based secret sharing scheme, analyzed a multiple secret sharing authentication scheme, pointed out the mistakes and flaws in this scheme. A credible multiple secrets sharing authentication scheme was proposed, with the strict confirmation for each processes, scheme guaranteed that will detect all cheating in the secret recovery procedure, restored secret will have the very high confidence level.
A comprehensive research has made in the theoretical model and the security requirements of threshold based group signature scheme. A threshold based group signature scheme with against conspiracy attack was analyzed. A few universal mistakes and flaws in threshold based group signature scheme were pointed out. Though the analysis and combining group signature technology to threshold based group signature scheme, a threshold based group signature scheme with against conspiracy attack was proposed.
A comprehensive research has made in designing technologies of bilinear mapping based threshold group signature scheme. A bilinear mapping based chamellon threshold group signature and a forward security threshold group signature were analyzed, the mistakes and flaws in these schemes were pointed out. Though the analysis, taking different strategy according to the threshold signature synthetist's role, a bilinear mapping based threshold group signature scheme in which synthetist is a group member was proposed, as well as a bilinear mapping based threshold group signature scheme with forward security in which synthetist is security mediator was proposed. The proposed forward security threshold group signature scheme did not need to divide time into the time periods. Two schemes satisfy all secure requirements for threshold based group signature.
Finally, summarize the major tasks in thesis and the research achievement, and the future work.
对安全群签名体制的理论模型,安全性需求进行了深入的研究。对一个具有有效成员撤销功能的前向安全群签名方案进行了密码学分析,指出了该方案中存在的一些设计错误和缺陷。提出了一个改进的前向安全的群签名方案,同时在改进方案中,提出了新的安全特性,使方案不仅具备前向安全性,同时也能防止群成员的超前签名行为。改进方案突破了传统前向安全群签名方案中设置固定时间段的限制,具有无限的时间段,不再需要在时间段使用完后重新设置系统参数与成员参数。改进方案能支持成员的有效撤销功能,使得被撤销的成员不能再代表群进行签名,同时在被撤销前的签名仍然保持有效,是一个安全性能完善的群签名方案。
对基于椭圆曲线的双线性映射在群签名中的应用进行了深入的研究,由于双线性映射的安全性建立在GAP群上,而在GAP群上的DDH问题是容易求解的,这样导致在基于双线性映射的群签名方案设计中很难同时兼顾群签名的匿名性和可跟踪性。所以目前基于双线性映射的群签名还处于一个起步阶段,还没有一个有代表性的基于双线性映射的群签名方案,而现有的一些基于双线性映射的群签名方案的设计缺陷较多,且安全性较差。在对现有的方案进行分析的基础上,提出了一个具有多种安全策略的基于双线性映射的群签名方案,方案很好地满足了群签名的全部安全需求。
在军队,政府等一些涉密机构中,如何安全地保存秘密显得尤为重要。有些情况下,秘密需要由多个人保存,每个人保存一个秘密份额,必要时由多个人合作恢复秘密,这样可以避免由一个人保存而容易发生秘密的丢失和被篡改。密钥共享技术的研究成果很好地解决了这样一类问题。同时秘密共享技术也是门限群签名的理论基础。对秘密共享技术的理论进行了深入的研究,重点分析研究了基于门限的秘密共享技术,对门限秘密共享方案中普遍存在的各种问题进行了系统的总结,分析了一种多重密钥共享认证方案,指出了该方案设计中存在的一些设计错误和缺陷。在分析的基础上,提出了一个可信的多重密钥共享认证方案,方案的每一个处理过程都有严格的验证,确保在秘密恢复过程中不会出现欺诈行为,恢复出的秘密具有很高的可信度。
对门限群签名体制的理论模型以及安全需求进行了深入的研究,对一个抗合谋攻击的门限群签名方案进行了分析,指出了目前门限群签名方案中普遍存在的缺陷。在分析的基础上,有效地将群签名与门限群签名技术融合在一起,提出了一个能抵抗合谋攻击的门限群签名方案。
对基于双线性映射的门限群签名方案设计技术进行了深入的研究,分析了一个基于双线性映射的卡梅隆门限群签名和一个基于双线性映射的前向安全的门限群签名,指出了这些方案设计中存在的一些设计错误和缺陷。在分析的基础上,根据门限签名合成者身份的不同采用不同的设计策略,提出了一个基于双线性映射的门限群签名方案,以及一个基于双线性映射的前向安全的门限群签名方案。其中前向安全的门限群签名方案摆脱了前向安全群签名方案中一定将时间分成若干个时间段的模式,无需时间段的概念,方案简洁,实用。两个方案都很好地满足了门限群签名的全部安全性要求。
论文最后部分,总结了论文的主要工作及研究成果,并对今后的研究工作的重点进行了展望。
In recent network, information and digitization society, it is very important to invent a kind of technologies which can be used for identifying identity, data integrity and anti-denial, so the digital signature and certificate authentication arise at this historic moment. In order to satisfy the particularity application domain, different special digital signature technologies were proposed one after another. Amongst these special digital signatures, the research for group signature and the threshold group signature, in the management, the military, politics and the economy and so on many aspects have the widespread application. For instance, in public resource's management, important military order's signing and issuing, the important leader's election, electronic commerce, national news's issue, the financial contract signs and so on, the group signature may play an important role.
A comprehensive research has made in the theoretical model and the security requirements for security group signature scheme. A forward security group signature scheme with effective member revoke was analyzed, some design mistakes and flaws in this scheme were pointed out. An improvement's forward security's group signature scheme was proposed in the improvement scheme, simultaneously some new security features were proposed, in improvement scheme, there is not only the forward security, but also there is ability to prevent the group member signing a valid signature which time is before the group member join group. The improvement scheme broke through the limit in the traditional forward security group signature scheme in which establish the fixed time periods, improvement scheme has the infinite time periods, no longer needed to reset system parameters and the member parameter after the time periods be used out. The improvement scheme can support member's effective revocation, any member can not sign a valid signature again when he is cancelled from group, simultaneously signatures signed before being abolished still maintained effective, and improvement scheme is a perfect group signature scheme which satisfies all security requirements.
A comprehensive research has made in the application of elliptic curve based bilinear mapping in the group signature, security of bilinear mapping is established on the GAP group. Because the DDH problem is easy to solve in GAP, this fact results it is very difficult to design a bilinear mapping based group signature scheme which can satisfy anonymity and the tractability. Therefore in recent, the research about bilinear mapping based group signature is also at a start stage, there are no a bilinear mapping based group signature scheme obtains common recognition. There are some design defects in existing schemes, and the security is not very ideal. Though analyzed the existing schemes, a bilinear mapping based group signature scheme with multi-security strategies proposed, the proposed scheme satisfy the all security requirements for group signature completely.
In the army, the government and some important organizations in which has the massive secret information, it is very important how to preserves the secrets safely. In some situations, the secret needs preserved by some person, each person preserves a secret share, when the necessity the secret can be restored by some person's cooperation, with this method, it may avoid the secret loss and tampered while by only one person preserving secret. The research achievement of secret sharing technology can satisfy this requirement very well. Simultaneously the secret sharing technology is also the fundamental of threshold group signature. A comprehensive research Has made in the theory of secret sharing technology, especially the threshold based secret sharing technology, summarizes the universal security problems threshold based secret sharing scheme, analyzed a multiple secret sharing authentication scheme, pointed out the mistakes and flaws in this scheme. A credible multiple secrets sharing authentication scheme was proposed, with the strict confirmation for each processes, scheme guaranteed that will detect all cheating in the secret recovery procedure, restored secret will have the very high confidence level.
A comprehensive research has made in the theoretical model and the security requirements of threshold based group signature scheme. A threshold based group signature scheme with against conspiracy attack was analyzed. A few universal mistakes and flaws in threshold based group signature scheme were pointed out. Though the analysis and combining group signature technology to threshold based group signature scheme, a threshold based group signature scheme with against conspiracy attack was proposed.
A comprehensive research has made in designing technologies of bilinear mapping based threshold group signature scheme. A bilinear mapping based chamellon threshold group signature and a forward security threshold group signature were analyzed, the mistakes and flaws in these schemes were pointed out. Though the analysis, taking different strategy according to the threshold signature synthetist's role, a bilinear mapping based threshold group signature scheme in which synthetist is a group member was proposed, as well as a bilinear mapping based threshold group signature scheme with forward security in which synthetist is security mediator was proposed. The proposed forward security threshold group signature scheme did not need to divide time into the time periods. Two schemes satisfy all secure requirements for threshold based group signature.
Finally, summarize the major tasks in thesis and the research achievement, and the future work.
引文
[1]张先红编著.数字签名原理及技术.北京:机械工业出版社,2004,7~12
[2]D Chaum,V.E.Heyst.Group signatures.Proceedings of EUROCRYPT'91,Lecture Notes in Computer Science.Springer-Verlag,1991,547:257~265
[3]J.Camenish,M.Stadler.Efficient group signatures for large groups.Proceedings of CRYPT'97,Lecture Notes in Computer Science.Springer-Verlag,1997,1296:410~424
[4]J.Camenish,M.A.Michels.group signature scheme with improved efficiency.Proceedings of ASIA CRYPT'98,Lecture Notes in Computer Science.Springer-Verlag,1998,1541:160~174
[5]G.Ateniese,B.Medeiros.Efficient group signatures without trapdoors.In Advances in Cryptology ASIACRYPT 2003,Taipei,Taiwan,November 2003.Springer-Verlag,LNCS,2894:246~268
[6]G.Ateniese,G.Tsudik.Some open issues and new directions in group signatures.In:Franklin M (Ed.).Financial Cryptography FC 1999,LNCS 1648.Berlin:Springer-Verlag,1999,196~211
[7]G.Ateniese,J.Camenish,M Joye,G Tsudik.A practical and provably secure coalition-resistant group signature scheme.MBellare.Advances in Cryptology Crypto'2000.Berlin:Springer-Verlag:2000,255~270
[8]张福泰,张方国,王育民.群签名及其应用.通信学报,2001,22(1):77~85
[9]H.Petersen.How to convert any digital signature scheme into a group signature scheme.Security Protocols Workshop.Pairs,1997,177~1901
[10]S.J.Kim,S.J.Park,D.H.Won.Convertible group signatures.Advances in Cryptology.ASIACRYPT'96,Lecture Notes in Computer Science.Springer-Verlag,1996,
1163:311~3211
[11]陈泽文,张龙军,王育民,黄继武,黄达人.一种基于中国剩余定理的群签名方案.电子学报,2004,32(7):1602~1605
[12]李俊,崔国华,刘志远.一个群签名方案的密码学分析与改进.电子学报,2007,35(4):778~781
[13]A.Shamir.How to share a secret.Communications of the ACM,1979,22(11):612~613
[14]G.R.Blakley.Safeguarding cryptographic keys.In Afipes 1797 Natl.Comput.Conf.,Volume 48,New York,1979:165~172
[15]Y.Desmedt.Society and group oriented cryptography.In:Pomerance C ed.A dvances in Cryptology-Crypto'87 Proceedings.Berlin:Springer-Verlag,1988,120~127
[16]Y.Desmedt,Y.Frankel.Shared generation of authenticators and signatures.In:Feigenbaum J ed.A dvances in Cryptology-Crypto'91 Proceedings.Berlin:Springer-Verlag,1992,457~469
[17]L.Harn,S.Yang.Group-Oriented undeniable signature schemes without the assistance of a mutually trusted party.In:Seberry J,Zheng Y eds.Advances in Cryptology--Auscrypt'92 Proceedings.Berlin:Springer-Verlag,1992,133~142
[18]A.Lysyanskaya,Z.Ramzan.Group blind digital signatures:A scalable solution to electronic cash.Proceedings of the 2nd Financial Cryptography Conference.Anguilla,BWI,February 98,Springer-Verlag,1998,184~197
[19]D.Chaum.Blind signature systems.Proceedings of CRYPTO'83.Plenum Press,1984,153~153
[20]J Chamenisch,J M Piveteau,M.A.Stadler.Blind Signatures Based on the Discrete Logarithm Problem.Eurocrypt'94 1995:428~432
[21]严亚俊,邹永辉,马文平.一种有效的盲群签名方案.计算机工程,2005,31(22):184~197
[22]S.J.Kim,S.J.Park,D.H.Won.Group signatures for hierarchical multigroups.Lecture Notes in Computer Science,Springer-Verlag,1998,1163:273~281
[23]T.Marten,W,Douglas.Hierarchical Group Signatures.ICALP 2005,LNCS 3580,Springer-Verlag Berlin Heidelberg 2005,pp.446~458
[24]王晓明.一个安全的多群签名方案.小型微型计算机系统,2006,27(7):1237~1241
[25]柳欣,徐秋亮,尚久庆.基于ACJT方案构造高效多群签名方案.通信学报,2005,26(4):38~44
[26]X.M.Wang,F.W.Fu,G.Z.Zhan,A Forward Secure Multisignature Scheme,Chinese Journal of Computers,2004,27 (9),1177~1191
[27]L.Harn.Group-Oriented (t,n) threshold digital signature scheme and multisignature.IEE Proceedings,Computers and Digital Techniques,1994,141 (5):307~313
[28]王晓峰,王尚平.多重数字签名方案及其安全性证明.电子学报,2008,31(1):176~183
[29]吴克力.一个带签名者意向的结构化多重签名方案.电子与信息学报,2006,28(5):825-826
[30]R.Anderson,Invited lecture.In:Proceedings of the 4th ACM Conference on Computer and Communications Security,Zurich,Switzerland,1997,1~7
[31]Michel Abdalla,Leonid Reyzin.A New Forward-Secure Digital Signature Scheme.ASIACRYPT 2000,LNCS 1976,2000,116-129
[32]D.X.Song,Practical forward secure group signature schemes,Proc of the 8th ACM Conf on Computer and Communications Security ( CCS 2001 ),New York:ACM Press,2001,225~234
[33]S.Z.Chen,D.X.Li,An efficient revocable group signature schemes with forward security.Chinese Journal of Computers,2006,29 (6):998~1003
[34]R.P.Li,J.Yu,G.W.Li,and D.X.Li,Forward Secure Group Signature Schemes with Efficient Revocation,Journal of Computer Research and Development,2007,44 (7):1219~1226
[35]秦波,王尚平,王晓峰,罗喜召.一种新的前向安全可证实数字签名方案.计算机研究与发展,2003,40(7):1016~1020
[36]祝建华,崔国华,周时阳.一种多安全策略的群签名方案.计算机科学,已录用,2009年9月
[37]李运发,邹德清,韩宗芬,羌卫中.基于前向安全的组签名体制研究.计算机研究与发展,2006,43(12):2069~2075
[38]彭华熹,冯登国.一个基于双线性映射的前向安全门限签名方案.计算机研究与发展,2007,44(4):574~580
[39]Ye-Feng HE,Jian-Zhong ZHANG.An Efficient and Secure Dynamic Group Signature Scheme.Joumal of Software,2005,16(04):609~609
[40]陈少真,李大兴.基于DSA的适合大群体的有效群签名.计算机研究与发展,2004,41(2):282~286
[41]崔国华,李俊.一种适合大群组的高效群签名方案.计算机科学,2007,34(2):79~82
[42]张键红,伍前红,邹建成,王育民.一种高效的群签名.电子学报,2005,33(6):1113~1115
[43]S.P.Wang,Y.M.Wang,X.F.Wang,B.Qin,C.He,Y.J.Zou.A new solution scheme for the member deletion problem in group signature by use of renew operator.Journal of Software,2003,14(11):1911~1917
[44]黄振杰,牛志华,王育民.Camenisch群签名方案的改进和成员废除.计算机学报,2004,27(8):11 15~1120
[45]Z.J.Huang,X.Z.Lin.Cryptanalysis of a Member Deletion Scheme for Group Signature.Journal of Software,2005,16(03):472~476
[46]陈泽文,王继林,黄继武,王育民,黄达人,ACJT群签名方案中成员撤销的高效实现.软件学报,2005,16(1):151~157
[47]W.B.Mao著,王继林,伍前红等译.现代密码理论与实践/(英).北京:电子工业出版社,2004,89~98
[48]Dan,Boneh.The Decision Diffie-Hellman Problem.ANTS 1998,48~63
[49]G.Brassard,D.Chaum,C.Crepeau.Minimum disclosure proofs of knowledge.Journal of Computer and System Sciences,1988,37(2):156~189
[50]U.Feige,A.Fiat,A Shamir.Zero-knowledge proofs of identity.Journal of Cryptology,1988,1 (2):77~94
[51]M.Bellare,P.Rogaway.Random Oracles are practical:A paradigm for designing efficient protocols.In:Proc of ACM CCS'931 New York:ACM Press,19931 62~73
[52]夏先智,赵毅.基于椭圆曲线加密算法技术优势的探讨.计算机科学,2003, 30(10):181~183
[53]V.Miller.Use of elliptic in cryptography.In H.C.Williams,editor,Advances in cryptology,Proceedings of CRYPTO'85,Lecture Notes in Computer Science 218,Springer-Verlag:1986.417~426
[54]N.Koblitz.Elliptic curve cryptosystems.Math.Comp.,1987,48(5):203~209
[55]A.J.Menezes,T.Okamoto,S.A.vanstone.Reducing elliptic curve logarithms to a finite field.IEEE Trans.Info.Theory,1983,39:1636~1646
[56]D.Boneh,B.Lynn,H.Shacham.Short signatures from the weil pairing.C Boyd ( Ed.),In Asiacrypt'01,Gold Coast,Australia:Springer-Verlag,2001,514~532
[57]D.Boneh,X.Boyen,Short signatures without random oracles,Christian Cachin,Jan Camenisch (Eds.),Eurocrypt'04,Interlaken,Switzerland,Springer-Verlag,2004,56~73
[58]D.L.Vo,K.Kim,Yet Another Forward Secure Signature from Bilinear Pairings.ICISC 2005,LNCS 3935,Springer-Verlag,Berlin Heidelberg,2006,pp.441-455
[59]J.Cha,J.H.Cheon.An Identity-based Signature from Gap Diffie-Hellman Groups.Public Key Cryptography-PKC 2003,LNCS 2567,Springer-Verlag,2003.18230.171~181
[60]X.Cheng,H.Zhu,Y.Qiu,and X.Wang,Efficient Group signatures from Bilinear Pairing,CISC'05 LNCS 3822,Springer-Verlag,2005,128~139
[61]H.Park,H.Kim,K.Chun,and J.Lee,Untraceability of Group Signature Scheme based on Bilinear Mapping and their Improvement,Intemational Conference on Information Technology(ITNG'07) IEEE,2007,103~109
[62]Z.Wang,H.Y.Chen,A practical Identity-Based Signature Scheme from Bilinear.EUC Workshops 2007,LNCS 4809,2007,704~715
[63]陈辉焱,吕述望,刘振华.基于身份的具有部分消息恢复功能的签名方案.计算机学报,2006,29(9):1622~1627
[64]司东光,辛向军,陈原,肖国镇.具有指定验证者的短签名方案.电子学报,2008,36(1):24~27
[65]Guohua Cui,Jianhua Zhu,Shiyang Zhou.A Group Signature Scheme with Multiple Strategies from Bilinear Pairings.2009 First International Workshop on Education Technology and Computer Science,volume 3,Wuhan,848~852
[66]W.A.Jackson,K.M.Martin,M.O'Keee.Multisecret threshold schemes,in Advances In:cryptology-CRYPT0' 93,Springer-Verlag,Berlin,1993,126~135
[67]R.G.E.Pinch.Online multiple secret sharing,Electron.Lelt.1996,32,(12),1087~1088
[68]J.He,E.Dawson.Multistage secret sharing based on one-way function.Electronics Letters Volume 30,Issue 19,15 Sept.1994,1591~1592
[69]J.He,E.Dawson.Multisecret-sharing scheme based on one-way function.Electronics Letters Volume 31,Issue 2,19 Jan.1995,93~95
[70]B.Chor,S.Goldwasser,S.Micali.and B.Awerbuch.Verifiable secret sharing and achieving simultaneity in the presence of faults,Proceedings of 26th IEEE symposium on Foundations of computer science,1985,pp.251~260
[71]R.J.Hwang,W.B.Lee,C.C.Chang.A concept of designing cheater identification methods for secret sharing.Journal of Systems and Software,1999,46(1):7~11
[72]T.C.Wu,T.S.Wu.Cheating Detection and Cheater Identification in Secret Sharing Schemes.IEE Proceedings Computers and Digital Techniques,1995,142 (5):367~369
[73]C.C.Chang,C.W.Chan.Detecting dealer cheating in secret sharing systems.Proceedings of the 24th Annual Int'l Computer Software and Applications Conf.(COMPSAC 2000).Taipei,2000,449~453
[74]庞辽军,姜正涛,王育民.基于一般访问结构的多重秘密共享方案.计算机研究与发展,2006,43(1):34~38
[75]L.Ham.Efficient sharing (broadcasting) of multiple secrets,IEE Proceedings Computers and Digital Techniques.,1995,142 (3):237~240
[76]M.Stadler.Publicly verifiable secret sharing.Advance in Cryptology EUROCRYPT' 96,Berlin:Springer2Verlag,1996,190~199
[77]L.Chen,D.Gollmann,C.J.Mitchell,and P.Wild.Secret sharing with reusable polynomials,proceedings of The Second Australasian conference on Information security and Privacy-ACISP'97 1997,Springer-Verlag,Berlin pp.183~193
[78]T.Y.Lin,T.C.Wu.( t,n ) threshold verifiable multi-secret sharing scheme based on factorization intractability and discrete logarithm modulo composite problem.IEE Proc Commput.Digit.Tech.,1999,146 (5):264-268
[79]施荣华.一种多重密钥共享认证方案.计算机学报,2003,26(5):552~556
[80]W.H.He,T.S.Wu.Comment on Lin-Wu (t,n)-threshold verifiable multi-secret sharing scheme.Computers and Digital Techniques,lEE Proceedings,2001,148(3):139~139
[81]王贵林,卿斯汉.对一种多重密钥共享认证方案的分析和改进.软件学报,2006,17(7):1627~1632
[82]T.Y.Chang,M.S.Hwang,W.P.Yang.An improvement on the Lin-Wu (t,n) threshold verifiable multi-secret sharing scheme.Applied Mathematics and Computation,2005,163:169~178
[83]祝建华,崔国华,郑明辉,周时阳.一种可信多重密钥共享认证方案.小型微型计算机系统,2008,29(4):635~638
[84]Y.Desmedt,Y.Frankel.Threshold cryptosystems.In:Brassard G ed.Advances in Cryptology,CRYPTO'89 Proceedings.LNCS 435,Berlin:Springer-Verlag,1990,307~315
[85]C.Li,T.Hwang,N.Lee.Threshold-Multisignature schemes where suspected forgery implies traceability of adversarial shareholders.In:Santis A D ed.A dvances in Cryptology--Eurocrypt'94 Proceedings.Berlin:Springer-Verlag,1995.194~204
[86]Lang-ru Lu,Ren-jie Zhao.A ( t,n) threshold group signature scheme.Advances in Cryptology--Chinacrypt'96.Beijing:Science Press,1996.177~184
[87]王斌,李建华.无可信中心的(t,n)门限签名方案.计算机学报,2003,26(11):1582~51584
[88]谢琪,于秀源.基于分组秘密共享的(t,n)门限群签名体制.计算机学报,2005,28(2):209~213
[89]C.T.Wang,C.H.Lin,C.C.Chang.Threshold signature schemes with traceable signers in group communications.Computer Communications,1998,21 (8):771~776
[90]Qiu-Liang Xu.A modified threshold RSA digital signature scheme.Chinese Journal of Computers,2000,23 (5):449~453
[91]郑明辉,王小非,崔国华,祝建华.一种给予公钥自认证的(t,n)门限群签名方案. 华中科技大学学报(自然科学版),2007,35(11):99~102
[92]J.K.Jan,Y.M.Tseng,H.Y.Chien.A threshold signature scheme withstanding the conspiracy attack.Communications of institute of Information and Computing Machinary,1999,2(3),31~38
[93]Minghui Zheng,Jianhua Zhu,Guohua Cui.A (t,n) threshold signature against conspiracy attack.Proceeding of Wicom'06,IEEE Communications Scoiety,China,2006,83~84
[94]Xiao-Ming WANG,Huo-Yan CHEN,Fang-Wei FU.Dynamic Threshold Group Signature Scheme.CHINESE JOURNAL OF COMPUTERS.2004,27(9):1182~1186
[95]Xing-Yang GUO,Quan ZHANG,Chao-Jing TANG.Cryptanalysis of a Dynamic Threshold Group Signature Scheme.JOURNAL OF NATIONAL UNIVERSITYOF DEFENSE TECHNOLOGY.2005,27(4):11~115
[96]王贵林,卿斯汉.几种门限群签名方案的弱点.软件学报,2000,11(10):1326~1332
[97]徐秋亮,陈泽雄.对一个“抗合谋攻击的门限签名方案”的攻击.小型微型计算机系 统,2005,26(12):2237~2239
[98]谢琪.两种门限签名方案的密码学分析及其改进.通信学报,2005,26(7):123~128
[99]马春波,何大可.基于双线性映射的卡梅隆门限签名方案.计算机研究与发展,2005,42(8):1427~1430
[100]Xiaofeng Chen,Fangguo Zhang,Divyan M.Konidala,Kwangjo Kim.New ID-based Threshhold Signature Scheme from Bilinear Pairings.INDOCRYPT 2004,LNCS 3348,371~383
[101]F.Hess.Efficient identity based signature Schemes based on pairings.In:Selected Areas in Cryptography(SAC 2002),Lecture Notes in Computer Science 2595.Berlin:Springer.Verlag,2002,310~324
[2]D Chaum,V.E.Heyst.Group signatures.Proceedings of EUROCRYPT'91,Lecture Notes in Computer Science.Springer-Verlag,1991,547:257~265
[3]J.Camenish,M.Stadler.Efficient group signatures for large groups.Proceedings of CRYPT'97,Lecture Notes in Computer Science.Springer-Verlag,1997,1296:410~424
[4]J.Camenish,M.A.Michels.group signature scheme with improved efficiency.Proceedings of ASIA CRYPT'98,Lecture Notes in Computer Science.Springer-Verlag,1998,1541:160~174
[5]G.Ateniese,B.Medeiros.Efficient group signatures without trapdoors.In Advances in Cryptology ASIACRYPT 2003,Taipei,Taiwan,November 2003.Springer-Verlag,LNCS,2894:246~268
[6]G.Ateniese,G.Tsudik.Some open issues and new directions in group signatures.In:Franklin M (Ed.).Financial Cryptography FC 1999,LNCS 1648.Berlin:Springer-Verlag,1999,196~211
[7]G.Ateniese,J.Camenish,M Joye,G Tsudik.A practical and provably secure coalition-resistant group signature scheme.MBellare.Advances in Cryptology Crypto'2000.Berlin:Springer-Verlag:2000,255~270
[8]张福泰,张方国,王育民.群签名及其应用.通信学报,2001,22(1):77~85
[9]H.Petersen.How to convert any digital signature scheme into a group signature scheme.Security Protocols Workshop.Pairs,1997,177~1901
[10]S.J.Kim,S.J.Park,D.H.Won.Convertible group signatures.Advances in Cryptology.ASIACRYPT'96,Lecture Notes in Computer Science.Springer-Verlag,1996,
1163:311~3211
[11]陈泽文,张龙军,王育民,黄继武,黄达人.一种基于中国剩余定理的群签名方案.电子学报,2004,32(7):1602~1605
[12]李俊,崔国华,刘志远.一个群签名方案的密码学分析与改进.电子学报,2007,35(4):778~781
[13]A.Shamir.How to share a secret.Communications of the ACM,1979,22(11):612~613
[14]G.R.Blakley.Safeguarding cryptographic keys.In Afipes 1797 Natl.Comput.Conf.,Volume 48,New York,1979:165~172
[15]Y.Desmedt.Society and group oriented cryptography.In:Pomerance C ed.A dvances in Cryptology-Crypto'87 Proceedings.Berlin:Springer-Verlag,1988,120~127
[16]Y.Desmedt,Y.Frankel.Shared generation of authenticators and signatures.In:Feigenbaum J ed.A dvances in Cryptology-Crypto'91 Proceedings.Berlin:Springer-Verlag,1992,457~469
[17]L.Harn,S.Yang.Group-Oriented undeniable signature schemes without the assistance of a mutually trusted party.In:Seberry J,Zheng Y eds.Advances in Cryptology--Auscrypt'92 Proceedings.Berlin:Springer-Verlag,1992,133~142
[18]A.Lysyanskaya,Z.Ramzan.Group blind digital signatures:A scalable solution to electronic cash.Proceedings of the 2nd Financial Cryptography Conference.Anguilla,BWI,February 98,Springer-Verlag,1998,184~197
[19]D.Chaum.Blind signature systems.Proceedings of CRYPTO'83.Plenum Press,1984,153~153
[20]J Chamenisch,J M Piveteau,M.A.Stadler.Blind Signatures Based on the Discrete Logarithm Problem.Eurocrypt'94 1995:428~432
[21]严亚俊,邹永辉,马文平.一种有效的盲群签名方案.计算机工程,2005,31(22):184~197
[22]S.J.Kim,S.J.Park,D.H.Won.Group signatures for hierarchical multigroups.Lecture Notes in Computer Science,Springer-Verlag,1998,1163:273~281
[23]T.Marten,W,Douglas.Hierarchical Group Signatures.ICALP 2005,LNCS 3580,Springer-Verlag Berlin Heidelberg 2005,pp.446~458
[24]王晓明.一个安全的多群签名方案.小型微型计算机系统,2006,27(7):1237~1241
[25]柳欣,徐秋亮,尚久庆.基于ACJT方案构造高效多群签名方案.通信学报,2005,26(4):38~44
[26]X.M.Wang,F.W.Fu,G.Z.Zhan,A Forward Secure Multisignature Scheme,Chinese Journal of Computers,2004,27 (9),1177~1191
[27]L.Harn.Group-Oriented (t,n) threshold digital signature scheme and multisignature.IEE Proceedings,Computers and Digital Techniques,1994,141 (5):307~313
[28]王晓峰,王尚平.多重数字签名方案及其安全性证明.电子学报,2008,31(1):176~183
[29]吴克力.一个带签名者意向的结构化多重签名方案.电子与信息学报,2006,28(5):825-826
[30]R.Anderson,Invited lecture.In:Proceedings of the 4th ACM Conference on Computer and Communications Security,Zurich,Switzerland,1997,1~7
[31]Michel Abdalla,Leonid Reyzin.A New Forward-Secure Digital Signature Scheme.ASIACRYPT 2000,LNCS 1976,2000,116-129
[32]D.X.Song,Practical forward secure group signature schemes,Proc of the 8th ACM Conf on Computer and Communications Security ( CCS 2001 ),New York:ACM Press,2001,225~234
[33]S.Z.Chen,D.X.Li,An efficient revocable group signature schemes with forward security.Chinese Journal of Computers,2006,29 (6):998~1003
[34]R.P.Li,J.Yu,G.W.Li,and D.X.Li,Forward Secure Group Signature Schemes with Efficient Revocation,Journal of Computer Research and Development,2007,44 (7):1219~1226
[35]秦波,王尚平,王晓峰,罗喜召.一种新的前向安全可证实数字签名方案.计算机研究与发展,2003,40(7):1016~1020
[36]祝建华,崔国华,周时阳.一种多安全策略的群签名方案.计算机科学,已录用,2009年9月
[37]李运发,邹德清,韩宗芬,羌卫中.基于前向安全的组签名体制研究.计算机研究与发展,2006,43(12):2069~2075
[38]彭华熹,冯登国.一个基于双线性映射的前向安全门限签名方案.计算机研究与发展,2007,44(4):574~580
[39]Ye-Feng HE,Jian-Zhong ZHANG.An Efficient and Secure Dynamic Group Signature Scheme.Joumal of Software,2005,16(04):609~609
[40]陈少真,李大兴.基于DSA的适合大群体的有效群签名.计算机研究与发展,2004,41(2):282~286
[41]崔国华,李俊.一种适合大群组的高效群签名方案.计算机科学,2007,34(2):79~82
[42]张键红,伍前红,邹建成,王育民.一种高效的群签名.电子学报,2005,33(6):1113~1115
[43]S.P.Wang,Y.M.Wang,X.F.Wang,B.Qin,C.He,Y.J.Zou.A new solution scheme for the member deletion problem in group signature by use of renew operator.Journal of Software,2003,14(11):1911~1917
[44]黄振杰,牛志华,王育民.Camenisch群签名方案的改进和成员废除.计算机学报,2004,27(8):11 15~1120
[45]Z.J.Huang,X.Z.Lin.Cryptanalysis of a Member Deletion Scheme for Group Signature.Journal of Software,2005,16(03):472~476
[46]陈泽文,王继林,黄继武,王育民,黄达人,ACJT群签名方案中成员撤销的高效实现.软件学报,2005,16(1):151~157
[47]W.B.Mao著,王继林,伍前红等译.现代密码理论与实践/(英).北京:电子工业出版社,2004,89~98
[48]Dan,Boneh.The Decision Diffie-Hellman Problem.ANTS 1998,48~63
[49]G.Brassard,D.Chaum,C.Crepeau.Minimum disclosure proofs of knowledge.Journal of Computer and System Sciences,1988,37(2):156~189
[50]U.Feige,A.Fiat,A Shamir.Zero-knowledge proofs of identity.Journal of Cryptology,1988,1 (2):77~94
[51]M.Bellare,P.Rogaway.Random Oracles are practical:A paradigm for designing efficient protocols.In:Proc of ACM CCS'931 New York:ACM Press,19931 62~73
[52]夏先智,赵毅.基于椭圆曲线加密算法技术优势的探讨.计算机科学,2003, 30(10):181~183
[53]V.Miller.Use of elliptic in cryptography.In H.C.Williams,editor,Advances in cryptology,Proceedings of CRYPTO'85,Lecture Notes in Computer Science 218,Springer-Verlag:1986.417~426
[54]N.Koblitz.Elliptic curve cryptosystems.Math.Comp.,1987,48(5):203~209
[55]A.J.Menezes,T.Okamoto,S.A.vanstone.Reducing elliptic curve logarithms to a finite field.IEEE Trans.Info.Theory,1983,39:1636~1646
[56]D.Boneh,B.Lynn,H.Shacham.Short signatures from the weil pairing.C Boyd ( Ed.),In Asiacrypt'01,Gold Coast,Australia:Springer-Verlag,2001,514~532
[57]D.Boneh,X.Boyen,Short signatures without random oracles,Christian Cachin,Jan Camenisch (Eds.),Eurocrypt'04,Interlaken,Switzerland,Springer-Verlag,2004,56~73
[58]D.L.Vo,K.Kim,Yet Another Forward Secure Signature from Bilinear Pairings.ICISC 2005,LNCS 3935,Springer-Verlag,Berlin Heidelberg,2006,pp.441-455
[59]J.Cha,J.H.Cheon.An Identity-based Signature from Gap Diffie-Hellman Groups.Public Key Cryptography-PKC 2003,LNCS 2567,Springer-Verlag,2003.18230.171~181
[60]X.Cheng,H.Zhu,Y.Qiu,and X.Wang,Efficient Group signatures from Bilinear Pairing,CISC'05 LNCS 3822,Springer-Verlag,2005,128~139
[61]H.Park,H.Kim,K.Chun,and J.Lee,Untraceability of Group Signature Scheme based on Bilinear Mapping and their Improvement,Intemational Conference on Information Technology(ITNG'07) IEEE,2007,103~109
[62]Z.Wang,H.Y.Chen,A practical Identity-Based Signature Scheme from Bilinear.EUC Workshops 2007,LNCS 4809,2007,704~715
[63]陈辉焱,吕述望,刘振华.基于身份的具有部分消息恢复功能的签名方案.计算机学报,2006,29(9):1622~1627
[64]司东光,辛向军,陈原,肖国镇.具有指定验证者的短签名方案.电子学报,2008,36(1):24~27
[65]Guohua Cui,Jianhua Zhu,Shiyang Zhou.A Group Signature Scheme with Multiple Strategies from Bilinear Pairings.2009 First International Workshop on Education Technology and Computer Science,volume 3,Wuhan,848~852
[66]W.A.Jackson,K.M.Martin,M.O'Keee.Multisecret threshold schemes,in Advances In:cryptology-CRYPT0' 93,Springer-Verlag,Berlin,1993,126~135
[67]R.G.E.Pinch.Online multiple secret sharing,Electron.Lelt.1996,32,(12),1087~1088
[68]J.He,E.Dawson.Multistage secret sharing based on one-way function.Electronics Letters Volume 30,Issue 19,15 Sept.1994,1591~1592
[69]J.He,E.Dawson.Multisecret-sharing scheme based on one-way function.Electronics Letters Volume 31,Issue 2,19 Jan.1995,93~95
[70]B.Chor,S.Goldwasser,S.Micali.and B.Awerbuch.Verifiable secret sharing and achieving simultaneity in the presence of faults,Proceedings of 26th IEEE symposium on Foundations of computer science,1985,pp.251~260
[71]R.J.Hwang,W.B.Lee,C.C.Chang.A concept of designing cheater identification methods for secret sharing.Journal of Systems and Software,1999,46(1):7~11
[72]T.C.Wu,T.S.Wu.Cheating Detection and Cheater Identification in Secret Sharing Schemes.IEE Proceedings Computers and Digital Techniques,1995,142 (5):367~369
[73]C.C.Chang,C.W.Chan.Detecting dealer cheating in secret sharing systems.Proceedings of the 24th Annual Int'l Computer Software and Applications Conf.(COMPSAC 2000).Taipei,2000,449~453
[74]庞辽军,姜正涛,王育民.基于一般访问结构的多重秘密共享方案.计算机研究与发展,2006,43(1):34~38
[75]L.Ham.Efficient sharing (broadcasting) of multiple secrets,IEE Proceedings Computers and Digital Techniques.,1995,142 (3):237~240
[76]M.Stadler.Publicly verifiable secret sharing.Advance in Cryptology EUROCRYPT' 96,Berlin:Springer2Verlag,1996,190~199
[77]L.Chen,D.Gollmann,C.J.Mitchell,and P.Wild.Secret sharing with reusable polynomials,proceedings of The Second Australasian conference on Information security and Privacy-ACISP'97 1997,Springer-Verlag,Berlin pp.183~193
[78]T.Y.Lin,T.C.Wu.( t,n ) threshold verifiable multi-secret sharing scheme based on factorization intractability and discrete logarithm modulo composite problem.IEE Proc Commput.Digit.Tech.,1999,146 (5):264-268
[79]施荣华.一种多重密钥共享认证方案.计算机学报,2003,26(5):552~556
[80]W.H.He,T.S.Wu.Comment on Lin-Wu (t,n)-threshold verifiable multi-secret sharing scheme.Computers and Digital Techniques,lEE Proceedings,2001,148(3):139~139
[81]王贵林,卿斯汉.对一种多重密钥共享认证方案的分析和改进.软件学报,2006,17(7):1627~1632
[82]T.Y.Chang,M.S.Hwang,W.P.Yang.An improvement on the Lin-Wu (t,n) threshold verifiable multi-secret sharing scheme.Applied Mathematics and Computation,2005,163:169~178
[83]祝建华,崔国华,郑明辉,周时阳.一种可信多重密钥共享认证方案.小型微型计算机系统,2008,29(4):635~638
[84]Y.Desmedt,Y.Frankel.Threshold cryptosystems.In:Brassard G ed.Advances in Cryptology,CRYPTO'89 Proceedings.LNCS 435,Berlin:Springer-Verlag,1990,307~315
[85]C.Li,T.Hwang,N.Lee.Threshold-Multisignature schemes where suspected forgery implies traceability of adversarial shareholders.In:Santis A D ed.A dvances in Cryptology--Eurocrypt'94 Proceedings.Berlin:Springer-Verlag,1995.194~204
[86]Lang-ru Lu,Ren-jie Zhao.A ( t,n) threshold group signature scheme.Advances in Cryptology--Chinacrypt'96.Beijing:Science Press,1996.177~184
[87]王斌,李建华.无可信中心的(t,n)门限签名方案.计算机学报,2003,26(11):1582~51584
[88]谢琪,于秀源.基于分组秘密共享的(t,n)门限群签名体制.计算机学报,2005,28(2):209~213
[89]C.T.Wang,C.H.Lin,C.C.Chang.Threshold signature schemes with traceable signers in group communications.Computer Communications,1998,21 (8):771~776
[90]Qiu-Liang Xu.A modified threshold RSA digital signature scheme.Chinese Journal of Computers,2000,23 (5):449~453
[91]郑明辉,王小非,崔国华,祝建华.一种给予公钥自认证的(t,n)门限群签名方案. 华中科技大学学报(自然科学版),2007,35(11):99~102
[92]J.K.Jan,Y.M.Tseng,H.Y.Chien.A threshold signature scheme withstanding the conspiracy attack.Communications of institute of Information and Computing Machinary,1999,2(3),31~38
[93]Minghui Zheng,Jianhua Zhu,Guohua Cui.A (t,n) threshold signature against conspiracy attack.Proceeding of Wicom'06,IEEE Communications Scoiety,China,2006,83~84
[94]Xiao-Ming WANG,Huo-Yan CHEN,Fang-Wei FU.Dynamic Threshold Group Signature Scheme.CHINESE JOURNAL OF COMPUTERS.2004,27(9):1182~1186
[95]Xing-Yang GUO,Quan ZHANG,Chao-Jing TANG.Cryptanalysis of a Dynamic Threshold Group Signature Scheme.JOURNAL OF NATIONAL UNIVERSITYOF DEFENSE TECHNOLOGY.2005,27(4):11~115
[96]王贵林,卿斯汉.几种门限群签名方案的弱点.软件学报,2000,11(10):1326~1332
[97]徐秋亮,陈泽雄.对一个“抗合谋攻击的门限签名方案”的攻击.小型微型计算机系 统,2005,26(12):2237~2239
[98]谢琪.两种门限签名方案的密码学分析及其改进.通信学报,2005,26(7):123~128
[99]马春波,何大可.基于双线性映射的卡梅隆门限签名方案.计算机研究与发展,2005,42(8):1427~1430
[100]Xiaofeng Chen,Fangguo Zhang,Divyan M.Konidala,Kwangjo Kim.New ID-based Threshhold Signature Scheme from Bilinear Pairings.INDOCRYPT 2004,LNCS 3348,371~383
[101]F.Hess.Efficient identity based signature Schemes based on pairings.In:Selected Areas in Cryptography(SAC 2002),Lecture Notes in Computer Science 2595.Berlin:Springer.Verlag,2002,310~324