代理签名及其在电子商务中的应用研究
|
摘要
本文对代理签名及其在电子商务中的应用做了研究。首先简介了数字签名,代理签名以及电子商务安全;其次介绍了一些常用的普通数字签名体制,并对其安全性进行了研究;接着系统介绍了代理签名体制,引入代理签名概念、分类及需要满足的安全性质,并深入研究了一些典型的代理签名方案,分析它们具有的安全性质;最后研究了代理签名在电子商务中的应用。本论文的主要研究成果有:
1.根据代理签名所应该满足的不可伪造性,可识别性,防止滥用等性质,对K.Zhang代理签名方案,指定接收者的代理签名方案,以及代理签名人隐私保护的强代理签名方案提出了一些攻击方法,并给出了相应的改进方案,使其能够防止原始签名人伪造代理签名的攻击,在原方案基础上提高了签名安全性和实用性;
2.提出了基于代理签名的安全电子支付协议及其安全性分析,从而使得用户可以找代理人为其在网上寻找和购买一些特殊的商品或服务。
This thesis mainly discusses proxy signature and its applications in e-commerce. Firstly, we introduce digital signature, proxy signature, and e-commerce security simply. Next, we introduce some common digital signature schemes which are the base of proxy signature. And the security properties of them are discussed. Then, we introduce proxy signature systematically, including the notion and class of proxy signature as well as its security properties. Some typical proxy signature schemes are studied deeply. And their security properties are analyzed. Lastly, we study the applications of proxy signature in e-commerce. Then main results of this thesis are as follows:
1). Based on the security properties, such as strong unforgeability, strong identifiability and prevention of misuse, which are needed by proxy signature, we present some terrible attacks on K.Zhang’s proxy signature, designated-receiver proxy signature scheme and Shum and Wei’s proxy signature scheme with proxy signer privacy protection, improved schemes on these schemes are proposed. The improved schemes can resist the serious attacks which we have discovered. The new schemes keep the merits of the original schemes, with the improved security and practicability.
2). A secure e-payment protocol based on proxy signature is proposed. From this protocol, customers can make proxy search and buy special products or services on behalf of them.
1.根据代理签名所应该满足的不可伪造性,可识别性,防止滥用等性质,对K.Zhang代理签名方案,指定接收者的代理签名方案,以及代理签名人隐私保护的强代理签名方案提出了一些攻击方法,并给出了相应的改进方案,使其能够防止原始签名人伪造代理签名的攻击,在原方案基础上提高了签名安全性和实用性;
2.提出了基于代理签名的安全电子支付协议及其安全性分析,从而使得用户可以找代理人为其在网上寻找和购买一些特殊的商品或服务。
This thesis mainly discusses proxy signature and its applications in e-commerce. Firstly, we introduce digital signature, proxy signature, and e-commerce security simply. Next, we introduce some common digital signature schemes which are the base of proxy signature. And the security properties of them are discussed. Then, we introduce proxy signature systematically, including the notion and class of proxy signature as well as its security properties. Some typical proxy signature schemes are studied deeply. And their security properties are analyzed. Lastly, we study the applications of proxy signature in e-commerce. Then main results of this thesis are as follows:
1). Based on the security properties, such as strong unforgeability, strong identifiability and prevention of misuse, which are needed by proxy signature, we present some terrible attacks on K.Zhang’s proxy signature, designated-receiver proxy signature scheme and Shum and Wei’s proxy signature scheme with proxy signer privacy protection, improved schemes on these schemes are proposed. The improved schemes can resist the serious attacks which we have discovered. The new schemes keep the merits of the original schemes, with the improved security and practicability.
2). A secure e-payment protocol based on proxy signature is proposed. From this protocol, customers can make proxy search and buy special products or services on behalf of them.
引文
[1] Diffie, W. and Hellman, M., "New directions in cryptography", IEEE Transactions on Information Theory, November 1976, Vol.IT-22, No.6, pp.644-654.
[2] Rivest, R. L., Shamir, A., and Adleman, L. M., “On digital signatures and public key cryptosystems”, MIT Laboratory for Computer Science, Technical Report, MIT/LCS/TR-212, Jan 1979.
[3] Rabin, M., “Digital Signatures and Public-Key Functions as Intractable as Factorization,” MIT Lab of Computer Science, Technical Report, MIT/LCS/TR-212, Jan 1979.
[4] ELGamal, T. “A public key cryptosystem and a signature scheme based on discrete logarithms”, IEEE Trans. Information Theory, July 1985. Vol.IT-31. No.4, pp.469-472.
[5] Schnorr, C.P. “Efficient identification and signatures for smart cards,” Advances in Cryptology-CRYPTO” 89, Lecture Notes in Computer Science, 1990, Vol435, Springer-Verlag, pp.239-252.
[6] National Institute of Standards and Technology, NIST FIPS PUB 186, “Digital Signature Standard”, U.S. Department of Commerce, May 1994.
[7] Okamoto, T., “A digital multi-signature scheme using bijective public-key cryptosystems”, ACM Trans. On Computer Sciences,1988, Vol.6, No.8, pp.432-441.
[8] Fiat, A. and Shamir, A., “How to prove yourself: Practical solutions to identification and signature problems”. Advances in Cryptology-CRYPTO”86. 1986. Springer-Verlag. LNCS 263. pp.186-194.
[9] Nyberg, K. and Rueppel, R., “Message recovery for signature schemes based on the discrete logarithm problem”, Advances in Cryptology-EUROCRYPT’94, 1995, LNCS 950, Springer-Verlag, pp.182-193.
[10] Mambo, M., Usuda, K., and Okamoto, E., “Proxy Signatures: Delegation of the Power to Sign Messages”, IEICE TRANS. FUNDAMENTALS, 1996, September, VOL.E79-A. NO.9, pp.1338-1354.
[11] K. Zhang, “Threshold Proxy Signature Schemes”. 1997 Information Security Workshop, Japan, 1997: 191-197.
[12] Lijiang Yi, Guogiang Bai and Guozhen Xiao, “Proxy Multi-Signature Scheme: A New Type of Proxy Signature Scheme”, Electronics Letters. 2000, 36(6):pp.527-528
[13] 伊丽江,白国强,肖国镇.“代理多重签名:一类新的代理签名方案.电子学报”,2001, 29(4): pp.569-570
[14] 伊丽江,白国强,肖国镇.“代理多重签名”,计算机研究与发展.2001,38 (2): pp.204- 206
[15] Zhang, K., “Non-repudiable proxy signature schemes based on discrete logarithm problem”, manuscript, 1997.
[16] S. Kim , S. Park, and D. Won, “Proxy Signature, revisited.” Proc of ICICS’ 97, International Conference on Information and Communication Security(1997) pp.223-232.
[17] B. Lee, H. Kim, and K. Kim, “Strong Proxy Signature and its Applications.” Proc of SCIS 2001 (2001) pp.603-608.
[18] K. Shum and Victor K.Wei, “A Strong Proxy Signature Scheme with Proxy Signer Privacy Protection”, Proceedings of the Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE’02), 2002, pp.55-56.
[19] Hung-Min Sun, Bin-Tsan Hsieh, “Cryptanalysis of a strong proxy signature scheme with proxy signer privacy protection”, Proceedings of the 37th IEEE International Carnahan Conference on Security Technology, Annual 2003, pp.474-476.
[20] Hung-Min Sun, Bin-Tsan Hsieh, “On the security of some proxy signature schemes”, Available at http://eprint.iacr.org/2003/068.
[21] J.-Z. Dai, X.-H. Yang, and J.-X. Dong, “Designated-receiver proxy signature scheme for electronic commerce”, In: Proc. of IEEE International Conference on Systems, Man and Cybernetics, Oct. 5-8, 2003. IEEE, 2003.Vol.1, pp.384-389.
[22] De Rooij, P., “On the security of the Schnorr scheme using preprocessing,” Advances in Crytology-EUROCRYPT’91, 1991, pp.71-80.
[23] De Rooij, P., “On Schnorr’s preprocessing for digital signature schemes,” Advances in Cryptology-EUROCRYPT’93, 1994, pp.435-439.
[24] 伊丽江,“代理签名体制及其应用研究”,博士论文,西安电子科技大学,2000-10.
[25] 王育民,刘建伟,“通信网的安全——理论与技术”,西安电子科技大学出版社,1999.
[26] M. Mambo, K. Usuda and E. Okamoto, “Proxy Signatures for Delegating Signing Operation”, Proc. 3rd ACM Conference on Computer and Communications Security, 1996. ACM Press, 1996: pp.48-57.
[27] B. Lee, H. Kim, and K. Kim. “Secure Mobile Agent Using Strong Non-Designated Proxy Signature”, Proc. of ACISP2001,2001. LNCS 2119, Springer-Verlag, 2001: pp.474-486.
[28] 杨义先,孙伟,钮心忻. “现代密码新理论”,科学出版社,2002: pp.143-158.
[29] V. Varadharajan, P. Allen, and S. Black. “An Analysis of the Proxy Problem in Distributed Systems”, Proc. 1991 IEEE Computer Society Symposium on Research in Security and Privacy, 1991: pp.255-275.
[30] B. C. Neuman. “Proxy-Based Authorization and Accounting for Distributed Systems”, Proc. 13th International Conference on Distributed Computing Systems, 1993: pp.283-291.
[31] Li Jiguo, Cao Zhenfu and Zhang Yichen. “Improvement of M-U-O and K-P-W Proxy Signature Schemes”, Journal of Harbin Institute of Technology. 2002.9(2): pp.145-148.
[32] 李继国,“代理签名和代理签密方案的设计与安全性分析”,博士学位论文,哈尔滨工业大学,2003.10.1
[33] 胡向东等,“应用密码学教程”,电子工业出版社,2005.1
[34] H Kim, J Baek, B Lee et al. “Computing with secrets for mobile agent using one-time proxy signature”, In: SCIS’2001: pp.845-850.
[35] 杨伟强,徐秋亮,“典型代理签名方案的分析与改进”,计算机工程与应用,2004.9: pp.152-154.
[36] 吉文峰,吴秀贤,金贤珠,元东豪.“移动通信环境下适用于电子商务的Proxy-Signcryption 方式”,信息安全与通信保密.2002, (4): pp.4246
[37] Byoungcheon Lee, Heesun Kim, and Kwangjo Kim, “Secure Mobile Agent Using Strong Non-designated Proxy Signature”, ACISP 2001, LNCS 2119, pp.474-486.
[38] 郭晶晶,李腊元,“基于 SET 协议的电子商务支付系统的研究”,计算机工程,2001.3.
[39] 罗新星,江景佼,张军,“电子支付系统的安全性研究及其设计”,武汉理工大学学报,2003.1. [40 书缘工作室编著,“电子商务安全”,北京:人民邮电出版社,2001.6.
[41] 王长林,“不可否认签名与代理签名的应用研究”,硕士学位论文,西安电子科技大学,2003.1.
[42] Visa, MasterCard. Secure Electronic Transaction, Book1: Business Description [M].1997
[43] 陈福生,唐韶华,胥布工,“SET 协议中电子支付系统的交易消息流的分析”,计算机应用研究,2000.
[44] H. Kim, J. Baek, B. Lee, and K. Kim, “Secure Computation with Secrets for Mobile Agent using One-time Proxy Signature”, Proc. of SCIS2001, 2001, pp.845-850.
[45] R. Otomura, M. Soshi, and A. Miyaji, “On Digital Signature Schemes for Mobile Agent”, Proc. of SCIS2001, 2001, pp.851-855.
[46] D. Pointcheval and J. Stern, “Security Proofs for Signatures”, Advances in Cryptology: Eurocryt’96, 1996, Springer, pp.387-398.
[47] J.-Y. Lee, J. H. Cheon, and S. Kim, “An analysis of proxy signatures: Is a secure channel necessary?”, In: Topics in Cryptology- CT-RSA 2003, Springer-Verlag, 2003, LNCS 2612, pp.68-79.
[48] F Bao, R H Deng, W Mao, “Efficient and practical fair exchange protocols with off-line TTP”, In: Proceedings of 1998 IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Press, 1998, pp.77~85.
[49] Asokan N, Shoup V, Waider M, “Optimistic fair exchange of Digital signatures”, In: Advances in Cryptology-Proceedings of EUROCRYPT98.LNCS1403, Berlin: Springer-Verlag, 1998. pp.591~606.
[50] H. Wang et al. (Eds.) “Optimistic Fair Exchange Based on Publicly Verifiable Secret Sharing”, ACISP 2004, Springer-Verlag Berlin Heidelberg 2004. LNCS 3108, pp. 74~85.
[51] Guillou, L., and Quisquater, J., “Method and apparatus for authenticating accreditations for authenticating and signing messages”, USA patent #5,140,634, Aug.1992.
[2] Rivest, R. L., Shamir, A., and Adleman, L. M., “On digital signatures and public key cryptosystems”, MIT Laboratory for Computer Science, Technical Report, MIT/LCS/TR-212, Jan 1979.
[3] Rabin, M., “Digital Signatures and Public-Key Functions as Intractable as Factorization,” MIT Lab of Computer Science, Technical Report, MIT/LCS/TR-212, Jan 1979.
[4] ELGamal, T. “A public key cryptosystem and a signature scheme based on discrete logarithms”, IEEE Trans. Information Theory, July 1985. Vol.IT-31. No.4, pp.469-472.
[5] Schnorr, C.P. “Efficient identification and signatures for smart cards,” Advances in Cryptology-CRYPTO” 89, Lecture Notes in Computer Science, 1990, Vol435, Springer-Verlag, pp.239-252.
[6] National Institute of Standards and Technology, NIST FIPS PUB 186, “Digital Signature Standard”, U.S. Department of Commerce, May 1994.
[7] Okamoto, T., “A digital multi-signature scheme using bijective public-key cryptosystems”, ACM Trans. On Computer Sciences,1988, Vol.6, No.8, pp.432-441.
[8] Fiat, A. and Shamir, A., “How to prove yourself: Practical solutions to identification and signature problems”. Advances in Cryptology-CRYPTO”86. 1986. Springer-Verlag. LNCS 263. pp.186-194.
[9] Nyberg, K. and Rueppel, R., “Message recovery for signature schemes based on the discrete logarithm problem”, Advances in Cryptology-EUROCRYPT’94, 1995, LNCS 950, Springer-Verlag, pp.182-193.
[10] Mambo, M., Usuda, K., and Okamoto, E., “Proxy Signatures: Delegation of the Power to Sign Messages”, IEICE TRANS. FUNDAMENTALS, 1996, September, VOL.E79-A. NO.9, pp.1338-1354.
[11] K. Zhang, “Threshold Proxy Signature Schemes”. 1997 Information Security Workshop, Japan, 1997: 191-197.
[12] Lijiang Yi, Guogiang Bai and Guozhen Xiao, “Proxy Multi-Signature Scheme: A New Type of Proxy Signature Scheme”, Electronics Letters. 2000, 36(6):pp.527-528
[13] 伊丽江,白国强,肖国镇.“代理多重签名:一类新的代理签名方案.电子学报”,2001, 29(4): pp.569-570
[14] 伊丽江,白国强,肖国镇.“代理多重签名”,计算机研究与发展.2001,38 (2): pp.204- 206
[15] Zhang, K., “Non-repudiable proxy signature schemes based on discrete logarithm problem”, manuscript, 1997.
[16] S. Kim , S. Park, and D. Won, “Proxy Signature, revisited.” Proc of ICICS’ 97, International Conference on Information and Communication Security(1997) pp.223-232.
[17] B. Lee, H. Kim, and K. Kim, “Strong Proxy Signature and its Applications.” Proc of SCIS 2001 (2001) pp.603-608.
[18] K. Shum and Victor K.Wei, “A Strong Proxy Signature Scheme with Proxy Signer Privacy Protection”, Proceedings of the Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE’02), 2002, pp.55-56.
[19] Hung-Min Sun, Bin-Tsan Hsieh, “Cryptanalysis of a strong proxy signature scheme with proxy signer privacy protection”, Proceedings of the 37th IEEE International Carnahan Conference on Security Technology, Annual 2003, pp.474-476.
[20] Hung-Min Sun, Bin-Tsan Hsieh, “On the security of some proxy signature schemes”, Available at http://eprint.iacr.org/2003/068.
[21] J.-Z. Dai, X.-H. Yang, and J.-X. Dong, “Designated-receiver proxy signature scheme for electronic commerce”, In: Proc. of IEEE International Conference on Systems, Man and Cybernetics, Oct. 5-8, 2003. IEEE, 2003.Vol.1, pp.384-389.
[22] De Rooij, P., “On the security of the Schnorr scheme using preprocessing,” Advances in Crytology-EUROCRYPT’91, 1991, pp.71-80.
[23] De Rooij, P., “On Schnorr’s preprocessing for digital signature schemes,” Advances in Cryptology-EUROCRYPT’93, 1994, pp.435-439.
[24] 伊丽江,“代理签名体制及其应用研究”,博士论文,西安电子科技大学,2000-10.
[25] 王育民,刘建伟,“通信网的安全——理论与技术”,西安电子科技大学出版社,1999.
[26] M. Mambo, K. Usuda and E. Okamoto, “Proxy Signatures for Delegating Signing Operation”, Proc. 3rd ACM Conference on Computer and Communications Security, 1996. ACM Press, 1996: pp.48-57.
[27] B. Lee, H. Kim, and K. Kim. “Secure Mobile Agent Using Strong Non-Designated Proxy Signature”, Proc. of ACISP2001,2001. LNCS 2119, Springer-Verlag, 2001: pp.474-486.
[28] 杨义先,孙伟,钮心忻. “现代密码新理论”,科学出版社,2002: pp.143-158.
[29] V. Varadharajan, P. Allen, and S. Black. “An Analysis of the Proxy Problem in Distributed Systems”, Proc. 1991 IEEE Computer Society Symposium on Research in Security and Privacy, 1991: pp.255-275.
[30] B. C. Neuman. “Proxy-Based Authorization and Accounting for Distributed Systems”, Proc. 13th International Conference on Distributed Computing Systems, 1993: pp.283-291.
[31] Li Jiguo, Cao Zhenfu and Zhang Yichen. “Improvement of M-U-O and K-P-W Proxy Signature Schemes”, Journal of Harbin Institute of Technology. 2002.9(2): pp.145-148.
[32] 李继国,“代理签名和代理签密方案的设计与安全性分析”,博士学位论文,哈尔滨工业大学,2003.10.1
[33] 胡向东等,“应用密码学教程”,电子工业出版社,2005.1
[34] H Kim, J Baek, B Lee et al. “Computing with secrets for mobile agent using one-time proxy signature”, In: SCIS’2001: pp.845-850.
[35] 杨伟强,徐秋亮,“典型代理签名方案的分析与改进”,计算机工程与应用,2004.9: pp.152-154.
[36] 吉文峰,吴秀贤,金贤珠,元东豪.“移动通信环境下适用于电子商务的Proxy-Signcryption 方式”,信息安全与通信保密.2002, (4): pp.4246
[37] Byoungcheon Lee, Heesun Kim, and Kwangjo Kim, “Secure Mobile Agent Using Strong Non-designated Proxy Signature”, ACISP 2001, LNCS 2119, pp.474-486.
[38] 郭晶晶,李腊元,“基于 SET 协议的电子商务支付系统的研究”,计算机工程,2001.3.
[39] 罗新星,江景佼,张军,“电子支付系统的安全性研究及其设计”,武汉理工大学学报,2003.1. [40 书缘工作室编著,“电子商务安全”,北京:人民邮电出版社,2001.6.
[41] 王长林,“不可否认签名与代理签名的应用研究”,硕士学位论文,西安电子科技大学,2003.1.
[42] Visa, MasterCard. Secure Electronic Transaction, Book1: Business Description [M].1997
[43] 陈福生,唐韶华,胥布工,“SET 协议中电子支付系统的交易消息流的分析”,计算机应用研究,2000.
[44] H. Kim, J. Baek, B. Lee, and K. Kim, “Secure Computation with Secrets for Mobile Agent using One-time Proxy Signature”, Proc. of SCIS2001, 2001, pp.845-850.
[45] R. Otomura, M. Soshi, and A. Miyaji, “On Digital Signature Schemes for Mobile Agent”, Proc. of SCIS2001, 2001, pp.851-855.
[46] D. Pointcheval and J. Stern, “Security Proofs for Signatures”, Advances in Cryptology: Eurocryt’96, 1996, Springer, pp.387-398.
[47] J.-Y. Lee, J. H. Cheon, and S. Kim, “An analysis of proxy signatures: Is a secure channel necessary?”, In: Topics in Cryptology- CT-RSA 2003, Springer-Verlag, 2003, LNCS 2612, pp.68-79.
[48] F Bao, R H Deng, W Mao, “Efficient and practical fair exchange protocols with off-line TTP”, In: Proceedings of 1998 IEEE Symposium on Security and Privacy. Oakland: IEEE Computer Press, 1998, pp.77~85.
[49] Asokan N, Shoup V, Waider M, “Optimistic fair exchange of Digital signatures”, In: Advances in Cryptology-Proceedings of EUROCRYPT98.LNCS1403, Berlin: Springer-Verlag, 1998. pp.591~606.
[50] H. Wang et al. (Eds.) “Optimistic Fair Exchange Based on Publicly Verifiable Secret Sharing”, ACISP 2004, Springer-Verlag Berlin Heidelberg 2004. LNCS 3108, pp. 74~85.
[51] Guillou, L., and Quisquater, J., “Method and apparatus for authenticating accreditations for authenticating and signing messages”, USA patent #5,140,634, Aug.1992.