多方数字签名体制与应用研究
|
摘要
面向多方的数字签名不仅在信息安全中扮演着重要的角色,而且在电子商务、电子政务等领域有着广泛的应用。本文的主要目标是研究面向多方的数字签名协议,包括构造或改进、安全性分析、安全性证明和应用协议设计,利用双线性对,二次剩余等技术建立一些适合特殊应用场合的签名方案并探讨其在电子商务中的应用。具体内容涉及到门限签名、环签名、代理签名、代理环签名和电子拍卖协议,主要成果体现在以下几个方面:
以公钥认证方法为线索,提出了两个在标准模型下可证安全的门限签名方案:基于身份的门限签名和无证书的门限签名。我们首先给出形式化定义,规范了安全模型,然后描述提出的方案,最后给出其安全性证明。现有方案的安全性要么只给出了简单的安全性分析,要么给出了在随机预言机模型下的安全性证明,对于基于身份的门限签名方案,提出的方案的安全性证明利用了Paterson签名方案的证明技巧,其安全性证明不需要借助随机预言机模型,在标准模型下就可以完成。对于无证书的门限签名方案,根据Wang等人提出的无证书门限签名方案中可模拟性的概念,通过证明基本的基于身份的签名方案是不可伪造的和相应的无证书的门限签名方案是可模拟的,在计算Diffie-Hellman问题是困难的假设下,在标准模型中证明了其不可伪造性。
利用二次剩余提出了一个新的基于身份的环签名方案,并在随机预言机模型中给出了安全性证明,在大数因子分解困难的假设下,该方案被证明是安全的。现有的基于身份的环签名方案都是利用双线性对构建的,运行效率较低,与这些利用双线性对构造的方案相比,该方案具有更高的效率。基于环签名及密钥链技术,设计了一个新的密封投标的电子拍卖协议。所给协议具有如下特点:(1)安全性好,能够满足投标者匿名、投标价保密、不可否认性以及不可伪造等密封电子拍卖的所有安全性要求;(2)安全性高、步骤简略。
无证书的代理签名方案在保留基于身份的代理签名不需要证书的优点下,成功地解决了基于身份的代理签名方案中的密钥托管问题。本文给出了无证书代理签名的安全定义,并建立了形式化安全模型。与以往的方案不同的是,新方案的安全性得到了形式化的证明,其安全性建立在计算Diffie-Hellman问题是困难的假设下。基于身份的代理环签名近年来受到了密码学和信息安全界的普遍关注,我们首次给出了基于身份的代理环签名方案的形式化定义和安全模型,并利用双线性对提出了一个具体的方案。在随机预言机模型中给出了安全性证明,在计算Diffie-Hellman (CDH)问题是困难的假设下,该方案被证明是安全的。最后,性能分析结果表明我们的方案在效率方面要优于目前存在的其他方案。
Multi-party signature schemes have been shown to be useful in various applications, such as electronic polling, electronic payment, etc. In this thesis, we focus on construct-ing or improving of signature schemes, security analysis, security proof, and designing of applied protocols. Here we construct some multi-party signature suitable for especial re-quirements based on the quadratic residues and bilinear pairings. Our research works are related to the threshold signature, ring signature, proxy signature, proxy ring signature and electronic auction protocols. The main contributions are as follows.
The idea of threshold cryptography is to distribute the secret information and compu-tation among multi parties in order to prevent a single point of failure or abuse. Recently, Paterson and Schuldt proposed an Identity-based (ID-based) signature scheme which is provably secure in the absence of random oracles. We propose an ID-based threshold sig-nature scheme and a certificateless threshold signature based on their signature scheme, respectively. Both of the proposed construction are proved secure in the standard model. To the best of our knowledge, previous related schemes could only be proved secure in the random oracle model.
We firstly propose an ID-based ring signature scheme based on quadratic residue. The proposed scheme is proven to be existential unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the hardness of factoring. Because the proposed scheme does not need pairing computation, a powerful but computationally expensive primitive, so it is more efficient than those which are con-structed from bilinear pairing. An efficient sealed-bid electronic auction protocol based on the ring signature and encryption key chain had been proposed. The peculiar charac-teristics of our protocol are non-repudiation of bidders but preserving their anonymity and allowing the auctioneer to determine the wining bid without revealing the losing bid. Our protocol has additional characteristics such as public verifiability, unforgeability, correct-ness and fairness.
In order to eliminate the use of certificates in traditional proxy signature and the key-escrow problem in identity-based proxy signature, the notion of certificateless proxy signature was introduced. We first present a security model for certificateless proxy sig- nature schemes, and then propose an efficient construction based on bilinear pairings. The security of the proposed scheme can be proved to be equivalent to the computational Diffie-Hellman problem in the random oracle with a tight reduction. Identity-based (ID-based) proxy ring signature schemes have been shown to be useful in various applications, such as electronic polling, electronic payment, etc. We firstly propose a feasible ID-based proxy ring signature scheme based on bilinear pairings. The proposed scheme is proved to be existential unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the Computational Diffie-Hellman problem is hard to solve. Finally, our scheme turns out to be more efficient than the previously proposed ones.
以公钥认证方法为线索,提出了两个在标准模型下可证安全的门限签名方案:基于身份的门限签名和无证书的门限签名。我们首先给出形式化定义,规范了安全模型,然后描述提出的方案,最后给出其安全性证明。现有方案的安全性要么只给出了简单的安全性分析,要么给出了在随机预言机模型下的安全性证明,对于基于身份的门限签名方案,提出的方案的安全性证明利用了Paterson签名方案的证明技巧,其安全性证明不需要借助随机预言机模型,在标准模型下就可以完成。对于无证书的门限签名方案,根据Wang等人提出的无证书门限签名方案中可模拟性的概念,通过证明基本的基于身份的签名方案是不可伪造的和相应的无证书的门限签名方案是可模拟的,在计算Diffie-Hellman问题是困难的假设下,在标准模型中证明了其不可伪造性。
利用二次剩余提出了一个新的基于身份的环签名方案,并在随机预言机模型中给出了安全性证明,在大数因子分解困难的假设下,该方案被证明是安全的。现有的基于身份的环签名方案都是利用双线性对构建的,运行效率较低,与这些利用双线性对构造的方案相比,该方案具有更高的效率。基于环签名及密钥链技术,设计了一个新的密封投标的电子拍卖协议。所给协议具有如下特点:(1)安全性好,能够满足投标者匿名、投标价保密、不可否认性以及不可伪造等密封电子拍卖的所有安全性要求;(2)安全性高、步骤简略。
无证书的代理签名方案在保留基于身份的代理签名不需要证书的优点下,成功地解决了基于身份的代理签名方案中的密钥托管问题。本文给出了无证书代理签名的安全定义,并建立了形式化安全模型。与以往的方案不同的是,新方案的安全性得到了形式化的证明,其安全性建立在计算Diffie-Hellman问题是困难的假设下。基于身份的代理环签名近年来受到了密码学和信息安全界的普遍关注,我们首次给出了基于身份的代理环签名方案的形式化定义和安全模型,并利用双线性对提出了一个具体的方案。在随机预言机模型中给出了安全性证明,在计算Diffie-Hellman (CDH)问题是困难的假设下,该方案被证明是安全的。最后,性能分析结果表明我们的方案在效率方面要优于目前存在的其他方案。
Multi-party signature schemes have been shown to be useful in various applications, such as electronic polling, electronic payment, etc. In this thesis, we focus on construct-ing or improving of signature schemes, security analysis, security proof, and designing of applied protocols. Here we construct some multi-party signature suitable for especial re-quirements based on the quadratic residues and bilinear pairings. Our research works are related to the threshold signature, ring signature, proxy signature, proxy ring signature and electronic auction protocols. The main contributions are as follows.
The idea of threshold cryptography is to distribute the secret information and compu-tation among multi parties in order to prevent a single point of failure or abuse. Recently, Paterson and Schuldt proposed an Identity-based (ID-based) signature scheme which is provably secure in the absence of random oracles. We propose an ID-based threshold sig-nature scheme and a certificateless threshold signature based on their signature scheme, respectively. Both of the proposed construction are proved secure in the standard model. To the best of our knowledge, previous related schemes could only be proved secure in the random oracle model.
We firstly propose an ID-based ring signature scheme based on quadratic residue. The proposed scheme is proven to be existential unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the hardness of factoring. Because the proposed scheme does not need pairing computation, a powerful but computationally expensive primitive, so it is more efficient than those which are con-structed from bilinear pairing. An efficient sealed-bid electronic auction protocol based on the ring signature and encryption key chain had been proposed. The peculiar charac-teristics of our protocol are non-repudiation of bidders but preserving their anonymity and allowing the auctioneer to determine the wining bid without revealing the losing bid. Our protocol has additional characteristics such as public verifiability, unforgeability, correct-ness and fairness.
In order to eliminate the use of certificates in traditional proxy signature and the key-escrow problem in identity-based proxy signature, the notion of certificateless proxy signature was introduced. We first present a security model for certificateless proxy sig- nature schemes, and then propose an efficient construction based on bilinear pairings. The security of the proposed scheme can be proved to be equivalent to the computational Diffie-Hellman problem in the random oracle with a tight reduction. Identity-based (ID-based) proxy ring signature schemes have been shown to be useful in various applications, such as electronic polling, electronic payment, etc. We firstly propose a feasible ID-based proxy ring signature scheme based on bilinear pairings. The proposed scheme is proved to be existential unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the Computational Diffie-Hellman problem is hard to solve. Finally, our scheme turns out to be more efficient than the previously proposed ones.
引文
[1]W. Diffie, M. E. Hellman. New directions in cryptography. IEEE Transactions on Informa-tion Theory,1976, IT-22(6):644-654.
[2]R. L. Rivest, A. Shamir, L. Adleman. A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM,1978, Vol.21:120-126.
[3]M. O. Rabin. Digitalized Signatures and Public-Key Functions as Intractable as Factor-ization, Technical Report LCS/TR212, Cambridge MA, MIT Lab. for Computer Science, 1979.
[4]T. ElGamal. A public key cryptosystem and a signature scheme based on discrete loga-rithms, IEEE transactions on information theory,1985, vol.31, no.4:469-472.
[5]N. Koblitz. Elliptic curve cryptosystems, Mathematics of Computation,1987, Vol 48:203-209.
[6]V. S. Miller. Use of elliptic curves in cryptography, Advances in Cryptology Crypto'85, LNCS 218, Berlin:Springer-Verlag,1986:417-426.
[7]C. P. Schnorr. Efficient Identification and Signatures for Smart Cards. Advances in Cryp-tology-Crypto'89, LNCS 435, Springer-Verlag, Berlin,1990:239-252.
[8]C. P. Schnorr. Efficient signature generation by smart cards, Journal of Cryptology,1991, vol.4, no.3:161-174.
[9]National Institute of Standards and Technology (NIST). A proposed federal information processing standard for digital signature standard (DSS), Federal Register Announcement August 30,1991.
[10]National Institute of Standards and Technology(NIST). Digital Signature Standard (DSS), FIPS Publication 186, May 1994.
[11]A. Shamir. Identity-based cryptosystems and signature schemes. Advances in Cryptology-CRYPTO'84, LNCS 196, Berlin:Springer-Verlag,1985:47-53.
[12]A. Fiat and A. Shamir. How to prove yourself:practical solutions to identification and signature problems. Advances in Cryptology-CRYPTO'86, LNCS 263, Berlin:Springer-Verlag,1986:186-194.
[13]L. Guillou and J.J. Quisquater. A "paradoxical" identity-based signature scheme resulting from zero-knowledge. Advances in Cryptology-CRYPTO'88, LNCS 403, Berlin:Springer-Verlag,1988:216-231.
[14]S.S. Al-Riyami, K.G. Paterson. Certificateless public key cryptography. Advances in Cryptology-ASIACRYPT 2003, LNCS 2894, Berlin:Springer-Verlag,2003:452-473.
[15]A. Shamir. How to share a secret. Communications of the ACM,1979, Vol.22, No.11: 612-613.
[16]G. R. Blakley. Safeguarding cryptographic keys. In Proc. of AFIPS National Computer Conference, Vol 48,1979:313-317.
[17]M. Cerccedo, M. Matsumoto and H. Imai. Efficient and secure multiparty generation of digital signatrues based on discrete logarithms, IEEE Trans. Fundamentals., Vol. E76-A, 1993:532-545.
[18]R. Gennaro, S. Jarecki, H. Krawczyk and T. Rabin. Robust threshold DSS signatures, Ad-vances in Cryptology-Eurocrypt 1996, LNCS 1070, Springer-Verlag,1996:354-371.
[19]D. Stinson, R. Strobl. Provably secure distributed Schnorr signatures and a (t,n) threshold scheme for implicit certificate, ACISP 2001, LNCS 2119, Springer-Verlag,2001:417-434.
[20]J. Baek, Y. Zheng. Identity-Based Threshold Decryption. In PKC 2004, LNCS 2947, Springer-Verlag,2004:262-276.
[21]J. Baek, Y. Zheng. Identity-Based Threshold Signature Scheme from the Bilinear Pairings. In Proceeding of the international Conference on Information and Technology:Coding and Computing (ITCC'04),2004:124-128.
[22]X. Chen, F. Zhang, D. M. Konidala, and K. Kim. New ID-Based Threshold Signature Scheme from Bilinear Pairings. In INDOCRYPT 2004, LNCS 3348, Springer-Verlag,2004: 371-383.
[23]X. Y. Huang, W. Susilo, et al. On the Security of Certificateless Signature Schemes from Asiacrypt 2003. Cryptology and Network Security:4th International Conference, volulme 3810 of LNCS, Springer,2005:13-25.
[24]D. H. Yum, P. J. Lee. Generic Construction of Certificateless Signature. Proc. of Information Security and Privacy:9th Australasian Conference, ACISP 2004, LNCS 3108, Springer, 2004:200-211.
[25]B. C. Hu, D. S. Wong, et al. Key Replacement Attack Against a Generic Construction of Certificateless Signature. Proc. of Information Security and Privacy:Australasian Confer-ence, ACISP 2006, LNCS 4058, Springer,2006:235-246.
[26]M. C. Gorantla, A. Saxena. An Efficient Certificateless Signature Scheme. In:Hao, Y, Liu, J., Wang, Y.-P., Cheung, Y.-m., Yin, H., Jiao, L., Ma, J., Jiao, Y.-C.(eds.) CIS 2005, LNCS 3802, Springer,2005:110-116.
[27]X. Cao, K. G. Paterson, W. Kou. An Attack on a Certificateless Signature Scheme. In: Cryptography ePrint Archive. Available online:http://eprint.iacr.org/2006/367.
[28]Z. Zhang, D. Wong, J. Xu, D. Feng. Certificateless Public-Key Signature:Security Model and Efficient Construction. In:Zhou. J., Yung, M., Bao, F.(eds) ACNS 2006, LNCS 3989, Springer-Verlag, Berlin,2006:293-308.
[29]X. Huang, Y Mu, et al. Certificateless Signature Revisited. In J.Pieprzyk, H.Ghodosi, and E. Dawson(Eds.) ACISP 2007, LNCS 4586, Springer,2007:308-322.
[30]A. W. Cheng, R.Comley. Efficient certificateless encryption schemes and security models. Cryptology ePrint Archive, Report 2006/211,2006. http://eprint.iacr.org/2006/211.
[31]L. C. Wang, Z. F. Chao, X. X. Li, H. F. Qian. Simulatability and security of certificateless threshold signatures, Information Scieneces 177(6),2007:1382-1394.
[32]M. Bellare, P. Rogaway. Random oracles are practical:a paradigm for designing efficient protocols. First ACM Conference on Computer and Communications Security,1993:62-73.
[33]M. Bellare, A.Boldyreva, A.Palacio. An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem. In:Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS 3027, Springer, Heidelberg,2004:171-188.
[34]R. Rivest, A. Shamir, Y. Tauman. How to Leak a Secret. In:AsiaCrypt'01, LNCS 2248, Berlin:Springer-Verlag,2001:552-565.
[35]D. Chaum, E. Hevst. Group Signature. In EUROCRYPT 1991, LNCS 547, Berlin: Springer-Verlag,1991:257-265.
[36]L. Chen, C. Kudla, K. Paterson. Concurrent Signatures. In EUROCRYPT'04. LNCS 3027, Berlin:Springer-Verlag,2004:287-305.
[37]S. Chow, W. Susilo. Generic Construction of (Identity-Based) Perfect Concurrent Signa-tures, Information and Communications Security, LNCS 3783,Berlin:Springer-Verlag, 2005:194-206.
[38]R. Rivest, A. Shamir, Y. Tauman. How to leak a secret:Theory and Applications of Ring Signatures. In Essays in Theoretical Computer Science:in Memory of Shimon Even. LNCS 3895, Berlin:Springer-Verlag,2006:164-186.
[39]S. Chow, R. Lui, L. Hui, et al. Identity Based Ring Signature:Why, How and What Next. In second European Public Key Infrastructure Workshop, EuroPKI 2005, LNCS 3545, Berlin: Springer-Verlag,2005:144-161.
[40]F. Zhang, K. Kim. ID-Based Blind Signature and Ring Signature from Pairings. In Yuliang Zheng, editor, Advances in Cryptology-ASIACRYPT 2002:8th International Conference on the Theory and Application of Cryptology and Information Security, Queenstown, New Zealand, December 1-5,2002. LNCS 2501, Berlin:Springer-Verlag,2002:533-547.
[41]C. Lin, T. Wu. An identity-based ring signature scheme from bilinear pairings. http://eprint.iacr.org/2003/117:IACR,2003.
[42]A. Awasthi, S. Lal. ID-based Ring Signature and Proxy Ring Signature Schemes from Bi-linear Pairings. http://eprint.iacr.org/2004/184:IACR,2004.
[43]H. Javier, G. Saez. New Identity-Based Ring Signature Schemes, in Information and Com-munications Security.,6th International Conference, ICICS 2004, LNCS 3269, Berlin: Springer-Verlag,2004:27-39.
[44]S. Chow, S. Yiu, L. Hui. Efficient Identity Based Ring Signature. Applied Cryptography and Network Security-ACNS'05, LNCS 3531, Berlin:Springer-Verlag:2005.
[45]L. Nguyen. Accumulators from Bilinear Pairings and Applications to ID-based Ring Signa-tures and Group Membership Revocation. Topics in Cryptology-CT-RSA'05, LNCS 3376, Berlin:Springer-Verlag,2005:275-292.
[46]S. Chow, L. Hui, S. Yiu. Identity Based Threshold Ring Signature. International Conference on Information Security and Cryptology-ICISC'04, LNCS 3506, Berlin:Springer-Verlag, 2004:218-232.
[47]T. Cao, D. Lin, R. Xue. ID-based Ring Authenticated Encryption. International Conference on Advanced Information Networking and Applications,2005:591-596.
[48]L. Fabien, D. Vergnaud. Multi-designated Verifiers Signatures, International Conference
on Information and Communications Security-ICICS'04, Berlin:Springer-Verlag, LNCS 3269,2004:495-507.
[49]W. Susilo, Y. Mu. Non-interactive Deniable Ring Authentication. International Conference on Information Security and Cryptology-ICISC'03, LNCS 2971, Berlin:Springer-Verlag, 2003:386-401.
[50]M. Mambo, K. Usuda, E. Okamoto. Proxy signatures for delegating signing operation, In: 3rd ACM Conference on Computer and Communications Security (CCS'96),48C57.ACM, 1996:48-57.
[51]M. Mambo, K. Usuda, and E. Okamoto. Proxy signature:Delegation of the power to sign messages, In IEICE Trans. Fundamentals, E79-A(9),1996:1338-1353.
[52]J. Leiwo, C. Hanle, P. Homburg, A.S. Tanenbaum. Disallowing unauthorized state changes of distributed shared objects. In in Information Security for Global Information Infrastruc-tures (SEC'00),2000:381-390.
[53]A. Bakker, M. Steen, A. S. Tanenbaum. A law-abiding peer-to-peer network for free-software distribution, In Proc. IEEE International Sympposium on Network Computing and Applications (NCA'01),2001:60-67.
[54]H. V. Park, L. Y. Lee. A Digital Nominative Proxy Signalure. Scheme for Mobile Commu-nication. In International Conference on Information and Communications Security (ICICS 2001), LNCS 2229, Springer-Verlag, Berlin,2001:451-455.
[55]I. Foster, C. Kesselman, G. Tsudik, S. Tuecke. A security architecture for computational grids. Proceedings of the 5th ACM conference on Computer and communications security (CCS),1998:83-92.
[56]B. Alomair, K. Sampigethaya, R. Poovendran. Efficient Generic Forward-Secure Signatures and Proxy Signatures, in EuroPKI, LNCS 5057, Springer-Verlag, Berlin,2008:166-181.
[57]A. Boldyreva, A. Palacio, B. Warinschi. Secure Proxy Signature Schemes for Delegation of Signing Rights, IACR ePrint Archive, available at http://eprint.iacr.org/2003/096,2003.
[58]S. Kim, S. Park, D. Won. Proxy signatures, revisited, in International Conference on In-formation and Communications Security (ICICS'97), LNCS 1334, Spinger-Verlag, Berlin, 1997:223-232.
[59]B. Lee, H. Kim, K. Kim. Secure Mobile Agent Using Strong Non-designated Proxy Signa-ture, in ACISP, LNCS 2119, Springer-Verlag, Berlin,2001:474-486.
[60]T. Malkin, S. Obana, M. Yung. The Hierarchy of Key Evolving Signatures and a Character-ization of Proxy Signatures, in Advances in Cryptology-EUROCRYPT 2004, LNCS 3027, Springer-Verlag, Berlin,2004:306-322.
[61]K. Zhang. Threshold Proxy Signature Schemes, Proceedings of the First International Workshop on Information Security,1997:282-290.
[62]W. D. Lin, J. K. Jan. A security personal learning tools using a proxy blind signature scheme, Proceedings of International Conference on Chinese Language Computing, Illi-nois, USA, July 2000:273-277.
[63]J. Li, T. H. Yuen, X. F. Chen, et al. Proxy Ring Signature:Formal Definitions, Efficient Construction and New Variant, Proc. International Conferene of Computational Intelligence and Security (CIS'06), vol.2,2006:1259-1264.
[64]H. Kim, J. Baek, B. Lee and K. Kim. Secret computation with secrets for mobile agent using one-time proxy signature. Proceedings of Symposium on Cryptography and Information Security, (SCIS'01),2001:845-850.
[65]F. Zhang and K. Kim. Efficient ID-Based Blind Signature and Proxy Signature from Bilin-ear Pairings, in Australasian Conference on Information Security and Privacy (ACISP'03), LNCS 2727, Springer-Verlag, Berlin,2003:218-219.
[66]J. Xu, Z. Zhang, and D. Feng. ID-Based Proxy Signature Using Bilinear Pairings, in Par-allel and Distributed Processing and Applications-ISPA 2005 Workshops, LNCS 3559, Springer-Verlag, Berlin,2005:359-367.
[67]K. A. Shim. An Identity-Based Proxy Signature Scheme from Pairings, International Con-ference on Information and Communications Security (ICICS'06), LNCS 4307, Springer-Verlag, Berlin,2006:60-71.
[68]X. Li, K. Chen, L. Sun. Certificateless signature and proxy signature schemes from bilinear pairings. Lithuanian Mathematical Journal 45(1),2005:95-103.
[69]Awasthil A K, Lal S. A new proxy ring signature scheme. Proceeding of RMS 2004, Agra, INDIA,29-33. Available:http://arxiv.org/abs/cs/0410010v1.
[70]F. G. Zhang, R. Safavi-Naini, C. Y. Lin. Some New Proxy Signature Schemes from Pairings, Progress on Cryptography:25 Years of Cryptography in China. In:Kluwer International Series in Engineering and Computer Science, vol.769,2004:59-66.
[71]F. G. Zhang, S. N. Reihaneh, and C. Y. Lin. New proxy signature, proxy blind signature and proxy ring signature schemes from bilinear pairings. Cryptology ePrint Archive, Report 2003/104.
[72]W. M. Lang, Z. K. Yang, W. Q. Cheng, et al. A New ID-Based Proxy Ring Signature Scheme Journal of Harbin Institute of Technology,6(2),2004:10-15.
[73]W. M. Lang, Z. K. Yang, W. Q. Cheng, et al. An improved identity-based proxy ring signa-ture scheme. High Technology Letters,11(1),2005:17-19.
[74]W. Q. Cheng, W. M. Lang, Z. K. Yang, et al. An Identity-Based Proxy Ring Sig-nature Scheme from Bilinear Pairings, Proc.9th IEEE Symposium on Computers and Comm.(ISCC'04), vol.1,2004:424-429.
[75]H. Q. WANG, L. J. Zhang, J. X. Zhao. Feasibility analysis of two identity-based proxy ring siganture schemes. High Technology Letters,13(2),2007:207-209.
[76]A. K. Awasthi, Sunder Lal. ID-based Ring Signature and Proxy Ring Signature Schemes from Bilinear Pairings. International Journal of Network Security, Vol.4, No.2,2007: 187-192.
[77]D. Boneh, M. K. Franklin. Identity-based encryption from the Weil pairing. In J. Kilian, editor, CRYPTO 2001, volume 2139 of LNCS, Springer,2001:213-229.
[78]A. Lysyanskaya. Unique signatures and verifiable random functions from the DH-DDH separation. In CRYPTO 2002, volume 2442 of LNCS, Springer 2002:597-612.
[79]C. Cocks. An Identity Based Encryption Scheme Based on Quadratic Residues. Cryptogra-phy and Coding Lecture Notes in Computer Science, LNCS2260, Berlin:Springer-Verlag, 2001:360-364.
[80]Z. C. Chai, Z. F. Cao, X. L. DONG. Identity-based signature scheme based on quadratic residues, Science in China Series F,50(3),2007:373-380,
[81]K. G. Paterson, J. C. N. Schuldt. Efficient Identity-based Signatures Secure in the Stan-dard Model, L. Batten and R. Safavi-Naini (Eds.):Australasian Conference on Information Security and Privacy (ACISP'06), LNCS 4058,2006:207-222.
[82]B. Waters. Efficient identity-based encryption without random oracles. In Ronald Cramer, editor, EUROCRYPT 2005, LNCS 3494, Springer,2005:114-127.
[83]J. Herranz, G. Sdez. Forking Lemmas for Ring Signature Schemes. Proceedings of IN-DOCRYPT, LNCS 2904, Berlin:Springer-Verlag,2003:266-279.
[84]P. S. L. M. Barreto, B. Lynn, M. Scott. On the Selection of Pairing-Friendly Groups, SAC
2004, LNCS 3006, Berlin:Springer-Verlag,2004:17-25.
[85]F. Brandt. How to obtain full privacy in auctions, International Journal of Information Se-curity,5(4),2005:201-216.
[86]F. Brandt, T. Sandholm. Efficient Privacy-Preserving Protocols for Multi-unit Auctions, In Financial Cryptography and Data Security:9th International Conference, FC 2005, Roseau, The Commonwealth Of Dominica:Springer-Verlag GmbH, LNCS 3570,2005:298-312.
[87]K. Suzuki, K. Kobayashi, H. Morita. Efficient Sealed-Bid Auction Using Hash Chain, Pro-ceedings of the Third International Conference on Information Security and Cryptology (ICISC), LNCS 2015,2000:183-191.
[88]K. Suzuki, M. Yokoo. Secure generalized Vickrey auction using homomorphic encryption, In Proc. of 7th FC Conference, LNCS 2742, Springer,2003:239-249.
[89]M. Abe, K. Suzuki. M+1-st Price Auction Using Homomorphic Encryption, Public Key Cryptography (PKC'02), LNCS 2274,2002:115-124.
[90]A. Juels, M. Szydlo. A Two-Server, Sealed-Bid Auction Protocol, Financial Cryptography, LNCS 2357,2002:72-86.
[91]M. K. Franklin, M. K. Reiter, K. Jernigan. The Design and Implementation of a Secure Auction Service, IEEE Trans. Software Eng.,22(5),1996:302-312.
[92]Multi-round Anonymous Auction Protocols, IEICE Transactions on Information and Sys-tem, Vol.E82-D No.4,1999:769-777.
[93]K. Sako. An Auction Protocol Which Hides Bids of Losers, in Public Key Cryptography (PKC'00), LNCS 1751,2000:422-432.
[94]D. Rolli, M. Conrad, D. Neumann, C. Sorge. Distributed Ascending Proxy Auction:A Cryptographic Approach, Wirtschaftsinformatik,48 (1),2006:7-15.
[95]K. Sakurai, S. Miyazaki. A Bulletin-Board Based Digital Auction Scheme with Bidding Down Strategy, International Workshop on Cryptographic Techniques and E-Commerce, 1999:180-187.
[96]D. Shih, H. Huang, D. C. Yen. A secure reverse Vickrey auction scheme with bid privacy, Inf. Sci.,176(5),2006:550-564.
[97]D. Shih, C. Cheng, J. Shen. A Secure Protocol of Reverse Discriminatory Auction with Bid Privacy, in International Conference on the Management of Mobile Business (ICMB 2007), 2007:52-52.
[98]C. A. Waldspurger, T. Hogg, B. A. Huberman, J. O. Kephart, W. S. Stornetta. Spawn:A Distributed Computational Economy, IEEE Trans. Software Eng.,18(2),1992:103-117.
[99]王继林,张键红,王育民.基于环签名思想的一种类群签名方案,电子学报,32(3),2004: 408-410.
[100]H. Lipmaa, N. Asokan, V. Niemi. Secure Vickrey Auctions without Threshold Trust, In Matt Blaze, editor, Financial Cryptography 2002, LNCS 2357, Southampton Beach, Bermuda, March 11-14, Springer-Verlag.2002:85-101.
[101]Y. Watanabe, H. Imai. Reducing the round complexity of a sealed-bid auction protocol with an off-line TTP, in ACM Conference on Computer and Communications Security (CCS' 00),2000,80-86.
[102]D. Pointcheval, J. Stern. Security arguments for digital signatures and blind signatures. Journal of Cryptology,13(3),2000:361-369.
[103]D. Naccache, J. Stern. A New Public Key Cryptosystem Based on Higher Residues, in ACM Conference on Computer and Communications Security (CCS'98),1998:59-66.
[104]K. A. Shim. An Identity-Based Proxy Signature Scheme from Pairings, International Con-ference on Information and Communications Security (ICICS'06), LNCS 4307, Springer-Verlag, Berlin,2006:60-71.
[105]D. Boneh, B. Lynn and H. Shacham. Short signatures from the weil pairing, in AsiaCrypt 2001, volume 2248 of LNCS, pp.514-532. Springer; J. Cryptography,17(4),2001:297-319,
[106]J. S. Coron. On the exact security of full domain hash, Advances in Cryptology-CRYPTO 2000, LNCS 1880, Springer-Verlag,2000:229-235.
[107]C.-L. Hsu, T.-S. Wu, T.-C. Wu, New nonrepudiable threshold proxy signature scheme with known signers, Journal of Systems and Software, v.58 n.2, September 1,2001:119-124.
[108]C. L. Hsu, T. S. Wu, T. C. Wu. Improvement of threshold proxy signature scheme, Applied Mathematics and Computation,136(2-3),2003:315-321.
[109]C. L. Hsu, T. S. Wu. Self-certified threshold proxy signature schemes with message recov-ery, nonrepudiation, and traceability, Applied Mathematics and Computation,164(1),2005: 201-225.
[110]F. Li, Y. Hu. Security Analysis of the Pomykala-Barabasz Scheme, Fundamenta Informati-cae,80(4),2007:453-459.
[111]李发根.基于双线性对的签密体制研究:[博士学位论文].中国西安:西安电子科技大学,2007.
[112]辛向军.几种具有附加性质的数字签名体制的研究:[博士学位论文].中国西安:西安电子科技大学,2007.
[113]王琴.代理签名的多种扩展形式研究:[博士学位论文].中国上海:上海交通大学,2007.
[114]徐静,标准模型下可证安全的门限签名方案,计算机学报,29(9),1636-1640,2006。
[115]张乐友,胡予濮,刘振华,标准模型下基于身份的可证安全门限签名方案,西安电子科技大学学报,35(1),81-86,2008。
[116]陈虎,张福泰,宋如顺,可证安全的无证书代理签名方案,软件学报,20(3),692-701,2009。
[117]张跃宇,李晖,王育民,标准模型下基于身份的环签名方案,通信学报,29(4),40-44,2008。
[118]谭运猛,汤浩,郎为民,付雄,一种基于双线性对的高效环签名方案,微计算机信息,22(4-3),5-7,2006。
[2]R. L. Rivest, A. Shamir, L. Adleman. A method for obtaining digital signatures and public-key cryptosystems, Communications of the ACM,1978, Vol.21:120-126.
[3]M. O. Rabin. Digitalized Signatures and Public-Key Functions as Intractable as Factor-ization, Technical Report LCS/TR212, Cambridge MA, MIT Lab. for Computer Science, 1979.
[4]T. ElGamal. A public key cryptosystem and a signature scheme based on discrete loga-rithms, IEEE transactions on information theory,1985, vol.31, no.4:469-472.
[5]N. Koblitz. Elliptic curve cryptosystems, Mathematics of Computation,1987, Vol 48:203-209.
[6]V. S. Miller. Use of elliptic curves in cryptography, Advances in Cryptology Crypto'85, LNCS 218, Berlin:Springer-Verlag,1986:417-426.
[7]C. P. Schnorr. Efficient Identification and Signatures for Smart Cards. Advances in Cryp-tology-Crypto'89, LNCS 435, Springer-Verlag, Berlin,1990:239-252.
[8]C. P. Schnorr. Efficient signature generation by smart cards, Journal of Cryptology,1991, vol.4, no.3:161-174.
[9]National Institute of Standards and Technology (NIST). A proposed federal information processing standard for digital signature standard (DSS), Federal Register Announcement August 30,1991.
[10]National Institute of Standards and Technology(NIST). Digital Signature Standard (DSS), FIPS Publication 186, May 1994.
[11]A. Shamir. Identity-based cryptosystems and signature schemes. Advances in Cryptology-CRYPTO'84, LNCS 196, Berlin:Springer-Verlag,1985:47-53.
[12]A. Fiat and A. Shamir. How to prove yourself:practical solutions to identification and signature problems. Advances in Cryptology-CRYPTO'86, LNCS 263, Berlin:Springer-Verlag,1986:186-194.
[13]L. Guillou and J.J. Quisquater. A "paradoxical" identity-based signature scheme resulting from zero-knowledge. Advances in Cryptology-CRYPTO'88, LNCS 403, Berlin:Springer-Verlag,1988:216-231.
[14]S.S. Al-Riyami, K.G. Paterson. Certificateless public key cryptography. Advances in Cryptology-ASIACRYPT 2003, LNCS 2894, Berlin:Springer-Verlag,2003:452-473.
[15]A. Shamir. How to share a secret. Communications of the ACM,1979, Vol.22, No.11: 612-613.
[16]G. R. Blakley. Safeguarding cryptographic keys. In Proc. of AFIPS National Computer Conference, Vol 48,1979:313-317.
[17]M. Cerccedo, M. Matsumoto and H. Imai. Efficient and secure multiparty generation of digital signatrues based on discrete logarithms, IEEE Trans. Fundamentals., Vol. E76-A, 1993:532-545.
[18]R. Gennaro, S. Jarecki, H. Krawczyk and T. Rabin. Robust threshold DSS signatures, Ad-vances in Cryptology-Eurocrypt 1996, LNCS 1070, Springer-Verlag,1996:354-371.
[19]D. Stinson, R. Strobl. Provably secure distributed Schnorr signatures and a (t,n) threshold scheme for implicit certificate, ACISP 2001, LNCS 2119, Springer-Verlag,2001:417-434.
[20]J. Baek, Y. Zheng. Identity-Based Threshold Decryption. In PKC 2004, LNCS 2947, Springer-Verlag,2004:262-276.
[21]J. Baek, Y. Zheng. Identity-Based Threshold Signature Scheme from the Bilinear Pairings. In Proceeding of the international Conference on Information and Technology:Coding and Computing (ITCC'04),2004:124-128.
[22]X. Chen, F. Zhang, D. M. Konidala, and K. Kim. New ID-Based Threshold Signature Scheme from Bilinear Pairings. In INDOCRYPT 2004, LNCS 3348, Springer-Verlag,2004: 371-383.
[23]X. Y. Huang, W. Susilo, et al. On the Security of Certificateless Signature Schemes from Asiacrypt 2003. Cryptology and Network Security:4th International Conference, volulme 3810 of LNCS, Springer,2005:13-25.
[24]D. H. Yum, P. J. Lee. Generic Construction of Certificateless Signature. Proc. of Information Security and Privacy:9th Australasian Conference, ACISP 2004, LNCS 3108, Springer, 2004:200-211.
[25]B. C. Hu, D. S. Wong, et al. Key Replacement Attack Against a Generic Construction of Certificateless Signature. Proc. of Information Security and Privacy:Australasian Confer-ence, ACISP 2006, LNCS 4058, Springer,2006:235-246.
[26]M. C. Gorantla, A. Saxena. An Efficient Certificateless Signature Scheme. In:Hao, Y, Liu, J., Wang, Y.-P., Cheung, Y.-m., Yin, H., Jiao, L., Ma, J., Jiao, Y.-C.(eds.) CIS 2005, LNCS 3802, Springer,2005:110-116.
[27]X. Cao, K. G. Paterson, W. Kou. An Attack on a Certificateless Signature Scheme. In: Cryptography ePrint Archive. Available online:http://eprint.iacr.org/2006/367.
[28]Z. Zhang, D. Wong, J. Xu, D. Feng. Certificateless Public-Key Signature:Security Model and Efficient Construction. In:Zhou. J., Yung, M., Bao, F.(eds) ACNS 2006, LNCS 3989, Springer-Verlag, Berlin,2006:293-308.
[29]X. Huang, Y Mu, et al. Certificateless Signature Revisited. In J.Pieprzyk, H.Ghodosi, and E. Dawson(Eds.) ACISP 2007, LNCS 4586, Springer,2007:308-322.
[30]A. W. Cheng, R.Comley. Efficient certificateless encryption schemes and security models. Cryptology ePrint Archive, Report 2006/211,2006. http://eprint.iacr.org/2006/211.
[31]L. C. Wang, Z. F. Chao, X. X. Li, H. F. Qian. Simulatability and security of certificateless threshold signatures, Information Scieneces 177(6),2007:1382-1394.
[32]M. Bellare, P. Rogaway. Random oracles are practical:a paradigm for designing efficient protocols. First ACM Conference on Computer and Communications Security,1993:62-73.
[33]M. Bellare, A.Boldyreva, A.Palacio. An Uninstantiable Random-Oracle-Model Scheme for a Hybrid-Encryption Problem. In:Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS 3027, Springer, Heidelberg,2004:171-188.
[34]R. Rivest, A. Shamir, Y. Tauman. How to Leak a Secret. In:AsiaCrypt'01, LNCS 2248, Berlin:Springer-Verlag,2001:552-565.
[35]D. Chaum, E. Hevst. Group Signature. In EUROCRYPT 1991, LNCS 547, Berlin: Springer-Verlag,1991:257-265.
[36]L. Chen, C. Kudla, K. Paterson. Concurrent Signatures. In EUROCRYPT'04. LNCS 3027, Berlin:Springer-Verlag,2004:287-305.
[37]S. Chow, W. Susilo. Generic Construction of (Identity-Based) Perfect Concurrent Signa-tures, Information and Communications Security, LNCS 3783,Berlin:Springer-Verlag, 2005:194-206.
[38]R. Rivest, A. Shamir, Y. Tauman. How to leak a secret:Theory and Applications of Ring Signatures. In Essays in Theoretical Computer Science:in Memory of Shimon Even. LNCS 3895, Berlin:Springer-Verlag,2006:164-186.
[39]S. Chow, R. Lui, L. Hui, et al. Identity Based Ring Signature:Why, How and What Next. In second European Public Key Infrastructure Workshop, EuroPKI 2005, LNCS 3545, Berlin: Springer-Verlag,2005:144-161.
[40]F. Zhang, K. Kim. ID-Based Blind Signature and Ring Signature from Pairings. In Yuliang Zheng, editor, Advances in Cryptology-ASIACRYPT 2002:8th International Conference on the Theory and Application of Cryptology and Information Security, Queenstown, New Zealand, December 1-5,2002. LNCS 2501, Berlin:Springer-Verlag,2002:533-547.
[41]C. Lin, T. Wu. An identity-based ring signature scheme from bilinear pairings. http://eprint.iacr.org/2003/117:IACR,2003.
[42]A. Awasthi, S. Lal. ID-based Ring Signature and Proxy Ring Signature Schemes from Bi-linear Pairings. http://eprint.iacr.org/2004/184:IACR,2004.
[43]H. Javier, G. Saez. New Identity-Based Ring Signature Schemes, in Information and Com-munications Security.,6th International Conference, ICICS 2004, LNCS 3269, Berlin: Springer-Verlag,2004:27-39.
[44]S. Chow, S. Yiu, L. Hui. Efficient Identity Based Ring Signature. Applied Cryptography and Network Security-ACNS'05, LNCS 3531, Berlin:Springer-Verlag:2005.
[45]L. Nguyen. Accumulators from Bilinear Pairings and Applications to ID-based Ring Signa-tures and Group Membership Revocation. Topics in Cryptology-CT-RSA'05, LNCS 3376, Berlin:Springer-Verlag,2005:275-292.
[46]S. Chow, L. Hui, S. Yiu. Identity Based Threshold Ring Signature. International Conference on Information Security and Cryptology-ICISC'04, LNCS 3506, Berlin:Springer-Verlag, 2004:218-232.
[47]T. Cao, D. Lin, R. Xue. ID-based Ring Authenticated Encryption. International Conference on Advanced Information Networking and Applications,2005:591-596.
[48]L. Fabien, D. Vergnaud. Multi-designated Verifiers Signatures, International Conference
on Information and Communications Security-ICICS'04, Berlin:Springer-Verlag, LNCS 3269,2004:495-507.
[49]W. Susilo, Y. Mu. Non-interactive Deniable Ring Authentication. International Conference on Information Security and Cryptology-ICISC'03, LNCS 2971, Berlin:Springer-Verlag, 2003:386-401.
[50]M. Mambo, K. Usuda, E. Okamoto. Proxy signatures for delegating signing operation, In: 3rd ACM Conference on Computer and Communications Security (CCS'96),48C57.ACM, 1996:48-57.
[51]M. Mambo, K. Usuda, and E. Okamoto. Proxy signature:Delegation of the power to sign messages, In IEICE Trans. Fundamentals, E79-A(9),1996:1338-1353.
[52]J. Leiwo, C. Hanle, P. Homburg, A.S. Tanenbaum. Disallowing unauthorized state changes of distributed shared objects. In in Information Security for Global Information Infrastruc-tures (SEC'00),2000:381-390.
[53]A. Bakker, M. Steen, A. S. Tanenbaum. A law-abiding peer-to-peer network for free-software distribution, In Proc. IEEE International Sympposium on Network Computing and Applications (NCA'01),2001:60-67.
[54]H. V. Park, L. Y. Lee. A Digital Nominative Proxy Signalure. Scheme for Mobile Commu-nication. In International Conference on Information and Communications Security (ICICS 2001), LNCS 2229, Springer-Verlag, Berlin,2001:451-455.
[55]I. Foster, C. Kesselman, G. Tsudik, S. Tuecke. A security architecture for computational grids. Proceedings of the 5th ACM conference on Computer and communications security (CCS),1998:83-92.
[56]B. Alomair, K. Sampigethaya, R. Poovendran. Efficient Generic Forward-Secure Signatures and Proxy Signatures, in EuroPKI, LNCS 5057, Springer-Verlag, Berlin,2008:166-181.
[57]A. Boldyreva, A. Palacio, B. Warinschi. Secure Proxy Signature Schemes for Delegation of Signing Rights, IACR ePrint Archive, available at http://eprint.iacr.org/2003/096,2003.
[58]S. Kim, S. Park, D. Won. Proxy signatures, revisited, in International Conference on In-formation and Communications Security (ICICS'97), LNCS 1334, Spinger-Verlag, Berlin, 1997:223-232.
[59]B. Lee, H. Kim, K. Kim. Secure Mobile Agent Using Strong Non-designated Proxy Signa-ture, in ACISP, LNCS 2119, Springer-Verlag, Berlin,2001:474-486.
[60]T. Malkin, S. Obana, M. Yung. The Hierarchy of Key Evolving Signatures and a Character-ization of Proxy Signatures, in Advances in Cryptology-EUROCRYPT 2004, LNCS 3027, Springer-Verlag, Berlin,2004:306-322.
[61]K. Zhang. Threshold Proxy Signature Schemes, Proceedings of the First International Workshop on Information Security,1997:282-290.
[62]W. D. Lin, J. K. Jan. A security personal learning tools using a proxy blind signature scheme, Proceedings of International Conference on Chinese Language Computing, Illi-nois, USA, July 2000:273-277.
[63]J. Li, T. H. Yuen, X. F. Chen, et al. Proxy Ring Signature:Formal Definitions, Efficient Construction and New Variant, Proc. International Conferene of Computational Intelligence and Security (CIS'06), vol.2,2006:1259-1264.
[64]H. Kim, J. Baek, B. Lee and K. Kim. Secret computation with secrets for mobile agent using one-time proxy signature. Proceedings of Symposium on Cryptography and Information Security, (SCIS'01),2001:845-850.
[65]F. Zhang and K. Kim. Efficient ID-Based Blind Signature and Proxy Signature from Bilin-ear Pairings, in Australasian Conference on Information Security and Privacy (ACISP'03), LNCS 2727, Springer-Verlag, Berlin,2003:218-219.
[66]J. Xu, Z. Zhang, and D. Feng. ID-Based Proxy Signature Using Bilinear Pairings, in Par-allel and Distributed Processing and Applications-ISPA 2005 Workshops, LNCS 3559, Springer-Verlag, Berlin,2005:359-367.
[67]K. A. Shim. An Identity-Based Proxy Signature Scheme from Pairings, International Con-ference on Information and Communications Security (ICICS'06), LNCS 4307, Springer-Verlag, Berlin,2006:60-71.
[68]X. Li, K. Chen, L. Sun. Certificateless signature and proxy signature schemes from bilinear pairings. Lithuanian Mathematical Journal 45(1),2005:95-103.
[69]Awasthil A K, Lal S. A new proxy ring signature scheme. Proceeding of RMS 2004, Agra, INDIA,29-33. Available:http://arxiv.org/abs/cs/0410010v1.
[70]F. G. Zhang, R. Safavi-Naini, C. Y. Lin. Some New Proxy Signature Schemes from Pairings, Progress on Cryptography:25 Years of Cryptography in China. In:Kluwer International Series in Engineering and Computer Science, vol.769,2004:59-66.
[71]F. G. Zhang, S. N. Reihaneh, and C. Y. Lin. New proxy signature, proxy blind signature and proxy ring signature schemes from bilinear pairings. Cryptology ePrint Archive, Report 2003/104.
[72]W. M. Lang, Z. K. Yang, W. Q. Cheng, et al. A New ID-Based Proxy Ring Signature Scheme Journal of Harbin Institute of Technology,6(2),2004:10-15.
[73]W. M. Lang, Z. K. Yang, W. Q. Cheng, et al. An improved identity-based proxy ring signa-ture scheme. High Technology Letters,11(1),2005:17-19.
[74]W. Q. Cheng, W. M. Lang, Z. K. Yang, et al. An Identity-Based Proxy Ring Sig-nature Scheme from Bilinear Pairings, Proc.9th IEEE Symposium on Computers and Comm.(ISCC'04), vol.1,2004:424-429.
[75]H. Q. WANG, L. J. Zhang, J. X. Zhao. Feasibility analysis of two identity-based proxy ring siganture schemes. High Technology Letters,13(2),2007:207-209.
[76]A. K. Awasthi, Sunder Lal. ID-based Ring Signature and Proxy Ring Signature Schemes from Bilinear Pairings. International Journal of Network Security, Vol.4, No.2,2007: 187-192.
[77]D. Boneh, M. K. Franklin. Identity-based encryption from the Weil pairing. In J. Kilian, editor, CRYPTO 2001, volume 2139 of LNCS, Springer,2001:213-229.
[78]A. Lysyanskaya. Unique signatures and verifiable random functions from the DH-DDH separation. In CRYPTO 2002, volume 2442 of LNCS, Springer 2002:597-612.
[79]C. Cocks. An Identity Based Encryption Scheme Based on Quadratic Residues. Cryptogra-phy and Coding Lecture Notes in Computer Science, LNCS2260, Berlin:Springer-Verlag, 2001:360-364.
[80]Z. C. Chai, Z. F. Cao, X. L. DONG. Identity-based signature scheme based on quadratic residues, Science in China Series F,50(3),2007:373-380,
[81]K. G. Paterson, J. C. N. Schuldt. Efficient Identity-based Signatures Secure in the Stan-dard Model, L. Batten and R. Safavi-Naini (Eds.):Australasian Conference on Information Security and Privacy (ACISP'06), LNCS 4058,2006:207-222.
[82]B. Waters. Efficient identity-based encryption without random oracles. In Ronald Cramer, editor, EUROCRYPT 2005, LNCS 3494, Springer,2005:114-127.
[83]J. Herranz, G. Sdez. Forking Lemmas for Ring Signature Schemes. Proceedings of IN-DOCRYPT, LNCS 2904, Berlin:Springer-Verlag,2003:266-279.
[84]P. S. L. M. Barreto, B. Lynn, M. Scott. On the Selection of Pairing-Friendly Groups, SAC
2004, LNCS 3006, Berlin:Springer-Verlag,2004:17-25.
[85]F. Brandt. How to obtain full privacy in auctions, International Journal of Information Se-curity,5(4),2005:201-216.
[86]F. Brandt, T. Sandholm. Efficient Privacy-Preserving Protocols for Multi-unit Auctions, In Financial Cryptography and Data Security:9th International Conference, FC 2005, Roseau, The Commonwealth Of Dominica:Springer-Verlag GmbH, LNCS 3570,2005:298-312.
[87]K. Suzuki, K. Kobayashi, H. Morita. Efficient Sealed-Bid Auction Using Hash Chain, Pro-ceedings of the Third International Conference on Information Security and Cryptology (ICISC), LNCS 2015,2000:183-191.
[88]K. Suzuki, M. Yokoo. Secure generalized Vickrey auction using homomorphic encryption, In Proc. of 7th FC Conference, LNCS 2742, Springer,2003:239-249.
[89]M. Abe, K. Suzuki. M+1-st Price Auction Using Homomorphic Encryption, Public Key Cryptography (PKC'02), LNCS 2274,2002:115-124.
[90]A. Juels, M. Szydlo. A Two-Server, Sealed-Bid Auction Protocol, Financial Cryptography, LNCS 2357,2002:72-86.
[91]M. K. Franklin, M. K. Reiter, K. Jernigan. The Design and Implementation of a Secure Auction Service, IEEE Trans. Software Eng.,22(5),1996:302-312.
[92]Multi-round Anonymous Auction Protocols, IEICE Transactions on Information and Sys-tem, Vol.E82-D No.4,1999:769-777.
[93]K. Sako. An Auction Protocol Which Hides Bids of Losers, in Public Key Cryptography (PKC'00), LNCS 1751,2000:422-432.
[94]D. Rolli, M. Conrad, D. Neumann, C. Sorge. Distributed Ascending Proxy Auction:A Cryptographic Approach, Wirtschaftsinformatik,48 (1),2006:7-15.
[95]K. Sakurai, S. Miyazaki. A Bulletin-Board Based Digital Auction Scheme with Bidding Down Strategy, International Workshop on Cryptographic Techniques and E-Commerce, 1999:180-187.
[96]D. Shih, H. Huang, D. C. Yen. A secure reverse Vickrey auction scheme with bid privacy, Inf. Sci.,176(5),2006:550-564.
[97]D. Shih, C. Cheng, J. Shen. A Secure Protocol of Reverse Discriminatory Auction with Bid Privacy, in International Conference on the Management of Mobile Business (ICMB 2007), 2007:52-52.
[98]C. A. Waldspurger, T. Hogg, B. A. Huberman, J. O. Kephart, W. S. Stornetta. Spawn:A Distributed Computational Economy, IEEE Trans. Software Eng.,18(2),1992:103-117.
[99]王继林,张键红,王育民.基于环签名思想的一种类群签名方案,电子学报,32(3),2004: 408-410.
[100]H. Lipmaa, N. Asokan, V. Niemi. Secure Vickrey Auctions without Threshold Trust, In Matt Blaze, editor, Financial Cryptography 2002, LNCS 2357, Southampton Beach, Bermuda, March 11-14, Springer-Verlag.2002:85-101.
[101]Y. Watanabe, H. Imai. Reducing the round complexity of a sealed-bid auction protocol with an off-line TTP, in ACM Conference on Computer and Communications Security (CCS' 00),2000,80-86.
[102]D. Pointcheval, J. Stern. Security arguments for digital signatures and blind signatures. Journal of Cryptology,13(3),2000:361-369.
[103]D. Naccache, J. Stern. A New Public Key Cryptosystem Based on Higher Residues, in ACM Conference on Computer and Communications Security (CCS'98),1998:59-66.
[104]K. A. Shim. An Identity-Based Proxy Signature Scheme from Pairings, International Con-ference on Information and Communications Security (ICICS'06), LNCS 4307, Springer-Verlag, Berlin,2006:60-71.
[105]D. Boneh, B. Lynn and H. Shacham. Short signatures from the weil pairing, in AsiaCrypt 2001, volume 2248 of LNCS, pp.514-532. Springer; J. Cryptography,17(4),2001:297-319,
[106]J. S. Coron. On the exact security of full domain hash, Advances in Cryptology-CRYPTO 2000, LNCS 1880, Springer-Verlag,2000:229-235.
[107]C.-L. Hsu, T.-S. Wu, T.-C. Wu, New nonrepudiable threshold proxy signature scheme with known signers, Journal of Systems and Software, v.58 n.2, September 1,2001:119-124.
[108]C. L. Hsu, T. S. Wu, T. C. Wu. Improvement of threshold proxy signature scheme, Applied Mathematics and Computation,136(2-3),2003:315-321.
[109]C. L. Hsu, T. S. Wu. Self-certified threshold proxy signature schemes with message recov-ery, nonrepudiation, and traceability, Applied Mathematics and Computation,164(1),2005: 201-225.
[110]F. Li, Y. Hu. Security Analysis of the Pomykala-Barabasz Scheme, Fundamenta Informati-cae,80(4),2007:453-459.
[111]李发根.基于双线性对的签密体制研究:[博士学位论文].中国西安:西安电子科技大学,2007.
[112]辛向军.几种具有附加性质的数字签名体制的研究:[博士学位论文].中国西安:西安电子科技大学,2007.
[113]王琴.代理签名的多种扩展形式研究:[博士学位论文].中国上海:上海交通大学,2007.
[114]徐静,标准模型下可证安全的门限签名方案,计算机学报,29(9),1636-1640,2006。
[115]张乐友,胡予濮,刘振华,标准模型下基于身份的可证安全门限签名方案,西安电子科技大学学报,35(1),81-86,2008。
[116]陈虎,张福泰,宋如顺,可证安全的无证书代理签名方案,软件学报,20(3),692-701,2009。
[117]张跃宇,李晖,王育民,标准模型下基于身份的环签名方案,通信学报,29(4),40-44,2008。
[118]谭运猛,汤浩,郎为民,付雄,一种基于双线性对的高效环签名方案,微计算机信息,22(4-3),5-7,2006。