代理盲签名方案的研究与设计
|
摘要
计算机网络的普及给人们的日常生活带来了极大的便利,把我们带入到一个信息化的社会。随着计算机网络技术的发展,信息安全问题日益突出。数字签名技术保证了传输信息的真实性。但是简单模拟手写签名的一般数字签名已经不能满足实际应用的需求,根据各种各样的应用背景,许多具有特殊性质的数字签名方案应运而生,代理盲签名就是其中典型的一种。代理盲签名作为代理签名和盲签名结合在电子商务中有着重要的作用。
本论文针对代理盲签名体制进行了分析和研究,主要工作如下:
1.通过对一种基于身份的代理盲签名方案的分析,指出该方案不具有不可追踪性,代理签名人可以将盲消息的签名和消息签名联系起来。在此基础上提出一种改进的基于身份的代理盲签名方案,克服了原方案的安全缺陷,并保留已有方案的其它优点,具有一定的实用价值。
2.将代理盲签名和无证书签名方案相结合,构造出了无证书代理盲签名方案,使签名避免了基于证书密码系统的证书管理问题和基于身份的密钥托管问题,能够防止不可信的密钥管理机构伪造签名。并对构造出的方案进行安全性分析,分析结果表明新方案不仅具有代理盲签名所有的性质,而且还具有很高的效率。
3.构造出一种具有消息恢复指定接收人的代理盲签名方案,指定接收人能够直接从签名中恢复消息,从而减少了系统的通信量,使得通信效率高。并且从对方案的安全性分析结果表明,构造出的方案具有较高的安全性,具有一定的实用价值。
最后,总结了本文的工作,并展望代理盲签名体制的研究和发展。
The popularization of computer network has brought great convenience topeople's daily life, and takes us into an informational society. With the developmentof computer network technology, the information security problems have becomeincreasingly prominent. The technology of digital signature ensures the authenticityof information transmission. However, the general signature, which is a simplesimulation of handwritten signature, can not meet the practical need any more, underthe various application backgrounds, many digital signature schemes with specialproperties have emerged, and proxy blind signature is a typical one. As thecombination of proxy signature and blind signature, proxy blind signature plays animportant role in electronic commerce.
In this thesis, proxy blind signature schemes are analyzed and studied, the mainresults are described as follows.
Firstly, a kind of identity-based proxy blind signature scheme is analyzed, and itis found that the scheme can’t satisfy the unlinkability property. The proxy signercould make a linkage between a message signature and the corresponding blindmessage signature. An improved identity-based proxy blind signature scheme isproposed, which can resolve the security problems existing in the original scheme,and retains the merits of the original scheme. It has some application value.
Secondly, combining proxy blind signature with certificateless signature scheme,a certificateless proxy blind signature scheme is proposed. This scheme can overcomethe problem of the certificate management in the certificate-based public keycryptosystem and the inherent key escrow problem in the identity-based public keycryptosystem, being able to prevent forging signatures by un-trusted key managementagencies. A security analysis of the scheme is given, the following analysis show thatthis scheme not only has all the properties of proxy blind signature, but also with abetter performance.
Thirdly, a proxy blind signature scheme with designated message recoveryreceiver was constructed. The designated receiver can recover messages from signature directly, enabling a reduction of system’s communication and animprovement in the communication efficiency. The results of safety analysis showedthat the scheme possessed higher security feature and gained a certain practical valueconsequently.
At the end of this paper, we summarize the whole of the thesis and theprospective developing of proxy blind signature scheme in the future.
本论文针对代理盲签名体制进行了分析和研究,主要工作如下:
1.通过对一种基于身份的代理盲签名方案的分析,指出该方案不具有不可追踪性,代理签名人可以将盲消息的签名和消息签名联系起来。在此基础上提出一种改进的基于身份的代理盲签名方案,克服了原方案的安全缺陷,并保留已有方案的其它优点,具有一定的实用价值。
2.将代理盲签名和无证书签名方案相结合,构造出了无证书代理盲签名方案,使签名避免了基于证书密码系统的证书管理问题和基于身份的密钥托管问题,能够防止不可信的密钥管理机构伪造签名。并对构造出的方案进行安全性分析,分析结果表明新方案不仅具有代理盲签名所有的性质,而且还具有很高的效率。
3.构造出一种具有消息恢复指定接收人的代理盲签名方案,指定接收人能够直接从签名中恢复消息,从而减少了系统的通信量,使得通信效率高。并且从对方案的安全性分析结果表明,构造出的方案具有较高的安全性,具有一定的实用价值。
最后,总结了本文的工作,并展望代理盲签名体制的研究和发展。
The popularization of computer network has brought great convenience topeople's daily life, and takes us into an informational society. With the developmentof computer network technology, the information security problems have becomeincreasingly prominent. The technology of digital signature ensures the authenticityof information transmission. However, the general signature, which is a simplesimulation of handwritten signature, can not meet the practical need any more, underthe various application backgrounds, many digital signature schemes with specialproperties have emerged, and proxy blind signature is a typical one. As thecombination of proxy signature and blind signature, proxy blind signature plays animportant role in electronic commerce.
In this thesis, proxy blind signature schemes are analyzed and studied, the mainresults are described as follows.
Firstly, a kind of identity-based proxy blind signature scheme is analyzed, and itis found that the scheme can’t satisfy the unlinkability property. The proxy signercould make a linkage between a message signature and the corresponding blindmessage signature. An improved identity-based proxy blind signature scheme isproposed, which can resolve the security problems existing in the original scheme,and retains the merits of the original scheme. It has some application value.
Secondly, combining proxy blind signature with certificateless signature scheme,a certificateless proxy blind signature scheme is proposed. This scheme can overcomethe problem of the certificate management in the certificate-based public keycryptosystem and the inherent key escrow problem in the identity-based public keycryptosystem, being able to prevent forging signatures by un-trusted key managementagencies. A security analysis of the scheme is given, the following analysis show thatthis scheme not only has all the properties of proxy blind signature, but also with abetter performance.
Thirdly, a proxy blind signature scheme with designated message recoveryreceiver was constructed. The designated receiver can recover messages from signature directly, enabling a reduction of system’s communication and animprovement in the communication efficiency. The results of safety analysis showedthat the scheme possessed higher security feature and gained a certain practical valueconsequently.
At the end of this paper, we summarize the whole of the thesis and theprospective developing of proxy blind signature scheme in the future.
引文
[1] Diffie Hellman M. News directions in cryptography[J]. IEEE Transactions onInformation Theory,1976,22(6):644-654
[2] Chaum D. B1ind signature for untraceable payments[A]. Proc. Crypto’82[C].New York: Plenum Press,1983,199-203
[3] Mambo M, Usuda K, Okamoto E. Proxy signature:delegating of the power tosign messages[J]. IEICE Trans. Fundamentals,1996, E79–A (9):1338-1354
[4] Mambo M, Usuda K, Okamoto E. Proxy signature for delegating signingoperation[C]. Proc.3rd ACM Conference on computer and communicationsecurity.1996,48-57
[5] Lin W D, Jan J K. A secutity personal learning tools using a proxy blindsignature scheme[C]. Proceedings of International Conference on ChineseLanguage Computing. USA: Chinese Language Computer Society KnowledgeSystems Institute,2000,273-277
[6] Tan Z, Liu Z, Tang C. Digital proxy blind signature schemes based on DLP andECDLP[J]. MM Research Preprints,2002,21(7):212-217
[7]谭作文.基于离散对数的代理盲签名[J].软件学报,2003,14(11):1931-1935
[8]王蜀洪,王贵林,鲍丰等.对一个基于离散对数代理盲签名的密码分析[J].软件学报,2005,16(5):911-915
[9] Awasthi AK, Lal S. Proxy blind signature scheme[J]. JFCR Transaction onCryptology,2005,2(1):5-11
[10]柳菊霞,苏靖枫.基于离散对数的代理盲签名方案[J].计算机工程与应用,2010,46(25):94-96
[11]秦宝东.对两种基于离散对数代理盲签名的分析[J].计算机工程与应用,2009,45(3):104-105
[12]王天银,蔡晓秋,张建中.基于双线性对的新型代理盲签名方案[J].计算机应用研究,2007,33(2):130-132
[13]李锋,郭艾侠,赵秀凤.基于辫群的代理盲签名方案[J].计算机应用研究,2010,27(7):2641-2643
[14]谷利泽,张胜,杨义先.代理盲签名方案及其在电子货币中的应用[J].计算机工程,2005,31(16):11-13
[15]王国瞻,亢保元,成林.一个代理盲签名方案的分析[J].计算机工程,2010,36(3):134-136
[16]张席,杭欢花.前向安全的代理盲签名方案[J].计算机工程与应用,2010,46(24):101-103
[17]黄辉,秦静,李丽.一个改进的代理盲签名方案[J].计算机应用,2007,27(6):1539-1542
[18]陈逢林,胡万宝.基于超椭圆曲线的代理盲签名方案[J].计算机应用,2010,30(5):1224-1227
[19]张建中,王洁,刘勤喜.新的代理盲签名方案及其在电子现金中的应用[J],计算机应用研究,2009,26(1):347-350
[20] Shamir A. Identity-based cryptosystems and signature schemes[C]. Advances inCryptology-CRYPTO’84,LNCS196. Berlin: Sping-Verlag,1984,47-53
[21]李素娟,张福泰.基于ID的代理盲签名[J].计算机工程,2006,32(17):0203-0205
[22] Zheng Dong. ID-based prosy blind signature[C]. Proc.of ANNA’04.[S.I.]:IEEEPress,2004
[23] Lang W M. A new efficient ID-based proxy blind signature scheme[C]. Proc.ofISSC’04.[S.I.]: IEEE Press,2004
[24]张学军,王育民.高效的基于身份的代理盲签名[J].计算机应用,2006,26(11):2586-2588
[25]蔡光兴,陈华.一种新的基于身份的代理盲签名方案[J].计算机工程,2007,35(9):145-148
[26]农强,吴顺祥.一种基于身份的代理盲签名方案的分析与改进[J].计算机应用,2008,28(8):1940-1943
[27]张学军.基于身份的代理盲签名方案的分析与改进[J].计算及工程,2009,35(23):122-124
[28]张妮,奚雪峰,陆卫忠等.基于身份的代理盲签名方案分析与改进[J],计算机工程,2010,36(16):110-113
[29]张学军.2个改进的基于身份的代理盲签名[J],计算机工程,2009,35(3):015-018
[30] Al-Riyami S, Paterson K G. Certificateless Public Key Cryptography [C]Asiacrypt2003, LNCS2894. Berlin:Springer-Verlag,2003,452-473
[31] Gorantla M C. Saxena A. An efficient certificateless signature scheme [C]//Proc.of the CIS’05. Berlin, Germany: Springer-Verlag,2005,110-116
[32] Chen Xiaofeng, Zhang Fangguo, Kim K. A new ID-based group signaturescheme from Bilinear Parings[C]. Proc.of WISA’03. Berlin, Germany:Springer-Verlag,2003,585-592
[33]刘景伟,孙蓉,马文平.高效的基于ID的无证书签名方案[J].通信学,2008,29(2):87-94
[34]屈娟,张建中.具有消息恢复的指定接收者的代理盲签名方案[J].计算机工程与应用,2008,44(33):110-111
[35]何金妮,辛小龙.具有消息恢复的代理盲签名[J].计算机工程与应用,2010,46(35):112-114
[36]王国瞻,亢保元,成林.多重代理盲签名分析[J].计算机工程,2010,36(8):130-132
[37]胡江红,张建中.新的基于双线性对的多级强代理盲签名方案[J].计算机工程与应用,2007,43(18):123-125
[38]庄晨婕.基于身份的门限代理盲签名方案[J].计算机工程,2010,36(20):157-159
[39] Taher ElGamal. A public key cryptosystem and a signature scheme based ondiscrete logarithms [J]. IEEE Transactions on Information Theory,1985,31(4):469-472
[40] Kim s, Park S, Won D. Proxy signatures, revisited[A]. Proc ICICS’97Int. Conf.on Information and Communication Security(LNCS1334)[C]. Springer-Verlag,1997,223-232
[41]李继国,曹珍富等.代理签名的现状与进展[J].通信学报,2003,24(10):114-124
[42]祁明,Harn L.基于离散对数的若干新型代理签名方案[J].电子学报,2000,28(11):111-115
[43] Camenisch J, Piveteau J, Stadler M. Blind signatures based on discrete logarithmproblem[C]//EUROCRYPT’94. Heidelberg: Spring-Verlag,1994,428-432
[44] Fan C I, Lei C L. Efficient blind signature scheme based on quadratic residues[J].IEE Electronic Letters,1996,32(9):811-813
[45]姚亦峰,朱华飞,陈抗生.基于二元防射变换的广义ElGamal型盲签名方案[J].电子学报,2000,28(7):128-129
[46]杜伟章,陈克非.基于线性变换构造弱盲签名方案[J].计算机工程与应用,2003,39(17):38-40
[47]赵昌安,张方国.双线性对有效计算研究进展[J].软件学报,2009,20(10):3001-3009
[48]黄伟华.半群作用问题在密码学中的应用[D].西安:西安电子科技大学,2008,6-7
[49] Hess F. Efficient identity based signature schemes based on pairings[A]. SAC2003LNCS.2595[C]. Berlin: Springer-Verlag,2003,310-324
[50]陈虎,宋如顺.无证书代理签名和代理盲签名方案[J].计算机工程与应用,2009,45(10):92-97
[51] NYBERG K, RUEPPEL L R. A new signature scheme based on the DSA givingmessage recovery[A].1st ACM Conference on Computer and CommunicationSecurity[C]. ACM Press,1993,58-61
[2] Chaum D. B1ind signature for untraceable payments[A]. Proc. Crypto’82[C].New York: Plenum Press,1983,199-203
[3] Mambo M, Usuda K, Okamoto E. Proxy signature:delegating of the power tosign messages[J]. IEICE Trans. Fundamentals,1996, E79–A (9):1338-1354
[4] Mambo M, Usuda K, Okamoto E. Proxy signature for delegating signingoperation[C]. Proc.3rd ACM Conference on computer and communicationsecurity.1996,48-57
[5] Lin W D, Jan J K. A secutity personal learning tools using a proxy blindsignature scheme[C]. Proceedings of International Conference on ChineseLanguage Computing. USA: Chinese Language Computer Society KnowledgeSystems Institute,2000,273-277
[6] Tan Z, Liu Z, Tang C. Digital proxy blind signature schemes based on DLP andECDLP[J]. MM Research Preprints,2002,21(7):212-217
[7]谭作文.基于离散对数的代理盲签名[J].软件学报,2003,14(11):1931-1935
[8]王蜀洪,王贵林,鲍丰等.对一个基于离散对数代理盲签名的密码分析[J].软件学报,2005,16(5):911-915
[9] Awasthi AK, Lal S. Proxy blind signature scheme[J]. JFCR Transaction onCryptology,2005,2(1):5-11
[10]柳菊霞,苏靖枫.基于离散对数的代理盲签名方案[J].计算机工程与应用,2010,46(25):94-96
[11]秦宝东.对两种基于离散对数代理盲签名的分析[J].计算机工程与应用,2009,45(3):104-105
[12]王天银,蔡晓秋,张建中.基于双线性对的新型代理盲签名方案[J].计算机应用研究,2007,33(2):130-132
[13]李锋,郭艾侠,赵秀凤.基于辫群的代理盲签名方案[J].计算机应用研究,2010,27(7):2641-2643
[14]谷利泽,张胜,杨义先.代理盲签名方案及其在电子货币中的应用[J].计算机工程,2005,31(16):11-13
[15]王国瞻,亢保元,成林.一个代理盲签名方案的分析[J].计算机工程,2010,36(3):134-136
[16]张席,杭欢花.前向安全的代理盲签名方案[J].计算机工程与应用,2010,46(24):101-103
[17]黄辉,秦静,李丽.一个改进的代理盲签名方案[J].计算机应用,2007,27(6):1539-1542
[18]陈逢林,胡万宝.基于超椭圆曲线的代理盲签名方案[J].计算机应用,2010,30(5):1224-1227
[19]张建中,王洁,刘勤喜.新的代理盲签名方案及其在电子现金中的应用[J],计算机应用研究,2009,26(1):347-350
[20] Shamir A. Identity-based cryptosystems and signature schemes[C]. Advances inCryptology-CRYPTO’84,LNCS196. Berlin: Sping-Verlag,1984,47-53
[21]李素娟,张福泰.基于ID的代理盲签名[J].计算机工程,2006,32(17):0203-0205
[22] Zheng Dong. ID-based prosy blind signature[C]. Proc.of ANNA’04.[S.I.]:IEEEPress,2004
[23] Lang W M. A new efficient ID-based proxy blind signature scheme[C]. Proc.ofISSC’04.[S.I.]: IEEE Press,2004
[24]张学军,王育民.高效的基于身份的代理盲签名[J].计算机应用,2006,26(11):2586-2588
[25]蔡光兴,陈华.一种新的基于身份的代理盲签名方案[J].计算机工程,2007,35(9):145-148
[26]农强,吴顺祥.一种基于身份的代理盲签名方案的分析与改进[J].计算机应用,2008,28(8):1940-1943
[27]张学军.基于身份的代理盲签名方案的分析与改进[J].计算及工程,2009,35(23):122-124
[28]张妮,奚雪峰,陆卫忠等.基于身份的代理盲签名方案分析与改进[J],计算机工程,2010,36(16):110-113
[29]张学军.2个改进的基于身份的代理盲签名[J],计算机工程,2009,35(3):015-018
[30] Al-Riyami S, Paterson K G. Certificateless Public Key Cryptography [C]Asiacrypt2003, LNCS2894. Berlin:Springer-Verlag,2003,452-473
[31] Gorantla M C. Saxena A. An efficient certificateless signature scheme [C]//Proc.of the CIS’05. Berlin, Germany: Springer-Verlag,2005,110-116
[32] Chen Xiaofeng, Zhang Fangguo, Kim K. A new ID-based group signaturescheme from Bilinear Parings[C]. Proc.of WISA’03. Berlin, Germany:Springer-Verlag,2003,585-592
[33]刘景伟,孙蓉,马文平.高效的基于ID的无证书签名方案[J].通信学,2008,29(2):87-94
[34]屈娟,张建中.具有消息恢复的指定接收者的代理盲签名方案[J].计算机工程与应用,2008,44(33):110-111
[35]何金妮,辛小龙.具有消息恢复的代理盲签名[J].计算机工程与应用,2010,46(35):112-114
[36]王国瞻,亢保元,成林.多重代理盲签名分析[J].计算机工程,2010,36(8):130-132
[37]胡江红,张建中.新的基于双线性对的多级强代理盲签名方案[J].计算机工程与应用,2007,43(18):123-125
[38]庄晨婕.基于身份的门限代理盲签名方案[J].计算机工程,2010,36(20):157-159
[39] Taher ElGamal. A public key cryptosystem and a signature scheme based ondiscrete logarithms [J]. IEEE Transactions on Information Theory,1985,31(4):469-472
[40] Kim s, Park S, Won D. Proxy signatures, revisited[A]. Proc ICICS’97Int. Conf.on Information and Communication Security(LNCS1334)[C]. Springer-Verlag,1997,223-232
[41]李继国,曹珍富等.代理签名的现状与进展[J].通信学报,2003,24(10):114-124
[42]祁明,Harn L.基于离散对数的若干新型代理签名方案[J].电子学报,2000,28(11):111-115
[43] Camenisch J, Piveteau J, Stadler M. Blind signatures based on discrete logarithmproblem[C]//EUROCRYPT’94. Heidelberg: Spring-Verlag,1994,428-432
[44] Fan C I, Lei C L. Efficient blind signature scheme based on quadratic residues[J].IEE Electronic Letters,1996,32(9):811-813
[45]姚亦峰,朱华飞,陈抗生.基于二元防射变换的广义ElGamal型盲签名方案[J].电子学报,2000,28(7):128-129
[46]杜伟章,陈克非.基于线性变换构造弱盲签名方案[J].计算机工程与应用,2003,39(17):38-40
[47]赵昌安,张方国.双线性对有效计算研究进展[J].软件学报,2009,20(10):3001-3009
[48]黄伟华.半群作用问题在密码学中的应用[D].西安:西安电子科技大学,2008,6-7
[49] Hess F. Efficient identity based signature schemes based on pairings[A]. SAC2003LNCS.2595[C]. Berlin: Springer-Verlag,2003,310-324
[50]陈虎,宋如顺.无证书代理签名和代理盲签名方案[J].计算机工程与应用,2009,45(10):92-97
[51] NYBERG K, RUEPPEL L R. A new signature scheme based on the DSA givingmessage recovery[A].1st ACM Conference on Computer and CommunicationSecurity[C]. ACM Press,1993,58-61