面向群体的数字签名体制研究
|
摘要
计算机和网络技术的发展将人类带入信息化社会,随之而来的是倍受关注的信息安全问题。现代密码学已成为信息安全技术的核心,数字签名技术是现代密码学主要研究的内容之一,它在身份识别和认证、数据完整性、抗抵赖等方面具有其它技术所无法替代的作用,在军事、电子商务和电子政务等领域均有广泛的应用。
随着数字签名技术的不断发展,人们对它的实用性提出越来越多的要求,比如,在保证安全的前提下,数字签名占用尽可能少的存储空间,密钥尽可能的短等等,在这方面人们进行了不懈的研究,但依然存在很多问题尚未解决,比如,在保证安全的前提下,如何提高群签名方案的效率,如何设计满足不同需求的群签名方案等。本文针对这些问题进行深入系统地研究,分析了目前方案的效率和某些缺陷,提出满足人们不同需求的特殊签名方案。在这一研究领域,取得如下研究成果:
(1)研究了有序多重签名机制,重点分析目前存在的多重签名机制的实现方法及缺陷。由于目前的多重签名协议不外乎采取两种方式:一是每个签名者独立地对同一消息签名,最后的签名就是他们各自签名的聚集,在这种签名中,签名的长度随着签名者的个数成倍增加,验证签名的时间也会成倍地增加,这使得此协议非常不实用;二是所有签名者联合起来生成消息m的签名,即签名者A_1首先对消息m进行签名,并把签名传送给下一个签名者A_2,A_2在对A_1的签名进行签名之前先验证A_1签名的有效性,这样直到最后一个签名者A_n为止,在这种签名中,当签名的算法比较复杂时,会使得签名的效率很低。多重签名本质上是多个人对同一消息的签名,本文分别基于背包公钥密码体制、ElGamal公钥密码体制和椭圆曲线公钥密码体制提出三种有序多重签名方案,此些方案可以成倍地提高有序多重签名方案的效率,有效地抵抗来自内部成员的欺诈行为,及时地维护签名组成员的子秘密,方便地增加或删除签名组成员。
(2)基于实际应用,本文提出一种新的签名方案——链式验证签名方案。该方案将验证参与者分为签名验证者和链式验证授权者,签名验证者只有在经过链式验证授权组中每一个成员的依次授权时,才可以验证签名的有效性,而且链式验证授权组中的任何成员(即使所有成员合谋)都不能验证签名的有效性。基于常用的公钥密码体制,如背包公钥密码体制、ElGamal公钥密码体制、椭圆曲线公钥密码体制,设计了三种具体的实现方案。这些方案可以方便地增加或删除链式验证授权者,且当链式验证授权者或签名验证者泄漏子秘密时,可以及时地维护。
(3)设计了具有不同权限的门限签名方案。现存的具有不同权限门限签名方案都是把特权集进行分组,然后对消息进行签名的思路,本文开辟了一种新的思想,把这种具有不同权限的门限签名方案推广到更一般的情况。首先,提出一种特殊的有否决权的门限签名方案,该方案利用齐次常系数线性差分方程的结构及其解的结构,给出了具有两种不同签名权限的签名者参与的门限签名协议。然后,考虑到现存的门限签名方案是把特权集进行分组,本文利用权重来衡量不同权限签名者的签名权利,把一般的(t,n)门限签名方案推广到扩展的(t,n)门限签名方案,即组签名权重达到t就可以得到合法签名。
(4)重点研究了共享验证签名协议,基于现存协议的某些缺陷,利用具有不同权限的门限签名的思路,给出了具有不同权限的共享验证签名协议。首先提出了一个新的共享验证签名方案,该方案具有一些特殊的特点;其次,给出具有两种不同验证权限的共享验证签名方案,该方案利用齐次常系数线性差分方程的结构及其解的结构,得到了具有两种不同验证权限的验证者参与的共享验证签名协议;最后,利用权重来衡量不同权限验证者的验证权利,把一般的(t,n)共享验证签名方案推广到扩展的(t,n)共享验证签名方案,即组验证权重达到t就可以验证签名的有效性。
综上所述,本论文根据面向群体的数字签名的原理和特点,分析发现了现存算法的某些缺陷,并提出一些改进方案。论文结合现有面向群体的数字签名的几种关键技术,系统深入地研究了如何提高有序多重签名的效率、设计了几种具有不同权限的门限签名方案和共享验证签名方案。论文对面向群体的数字签名体制进行了较系统深入的探讨,具有重要的理论探索意义和潜在的应用价值。
The rapid development in computer and network technologies brings in tremendous problems for information security. Cryptography is the fundation of information security, digital signature is one of the main research field of cryptography. It is vital in authentication, data integrity, non-repudiation and so on, which has been used widely in military affairs, electronic commerce, electronic government, etc.
With the rapid growth of the science and technology, more and more requires are brought forward, such as how to make the signature occupy the less store resource, the secret key as short as it can be under the ensuring security condition and so on. Lots of researchers have done abundant work in this way, but there are many questions that have not been solving, for example, how to improve the efficiency of multi-signature scheme, how to design some special signatures that can meet the user's special demands, etc. In this dissertation, we give efficiency analysis of some digital signature, and propose some special society-oriented digital signature schemes which can meet the user's special demands. In this research field, the final research achievements are as following:
(1) We study the sequential multi-signature scheme (SMSS), especially the implementation and defect of the present sequential multi-signature scheme. There are two methods in the present SMSS, one is every signer independently signs for the message, the final signature is their signature gathering. In this scheme, the length of signature will be increased by multiplying with the increasing number of the signers, which makes the scheme is not practical. The other is all signers sign for the message m cooperatively, thus the first signer A_1 signs for m and send it to the second signer A_2, A_2 verify the validity of the signature at first, then signs for the signature of the signer A_1, until the last signer A_n. In this scheme, the efficiency is very low when the signature algorithm is complex. The essence of multi-signature scheme is that some signers sign for a message. The dissertation designs three SMSS based on Knapsack algorithm, discrete logarithm and Elliptic Curve, which is different from existent SMSS, it can possess all properties of existent SMSS when it only need a signature for a message. What's more, these schemes simplify the procedures among signers, and avoid the cheating by signer efficiently, and conveniently add or delete signer, and reduce the cost of communication.
(2) We propose a new digital signature scheme----chain verification digital signature scheme based on the practical application. In this scheme, the verification participators can divide the signature verifier from the chain grantors, the signature verifier cannot verify the validity of the signature until he is authorized by all chain grantors in turn, and any chain grantor (even all chain grantors are collusive) cannot verify the validity of the signature. We respectively design three chain verification digital signature schemes based on Knapsack algorithm, discrete logarithm and Elliptic Curve. What's more, these signature schemes can conveniently add or delete chain grantor and defend the secret key of the chain grantors and signature verifier.
(3) Due to the present threshold signature schemes part different privilege groups, the dissertation extends to the more general situation. At first, the threshold signature scheme with special right is proposed, which realized threshold signature among the signers having two different sign rights by using the structures properties of constant coefficients homogeneous linear difference equation. Then we extend this situation to the more general situation, thus extended (t,n) threshold signature scheme. In the scheme, if sign weight of any subset of all signers is not less than t, the subset can gain the valid signature of the message.
(4) Analysis are made on the security threats and system flaws of present shared verification signature schemes, and an improved shared verification signature scheme is proposed, namely a shared verification signature scheme with different verification right. Firstly, a new shared verification signature scheme is proposed which has some special characters. Secondly, we propose the shared verification signature scheme, which realizes shared verification among the verifiers having two different verification rights by structures and solution structures of constant coefficients homogeneous linear difference equation. Finally we extend this situation to the more general situation, thus extended (t,n) shared verification signature scheme. In the scheme, if verification weight of any subset of all verifiers is not less than t, the subset can verify the validity signature of the message.
To sum up, the dissertation aims at the characteristic of the society-oriented digital signature scheme and flaws of present scheme, and presents improved schemes that can meet the user's special demands. By combining several key techniques of the existing the society-oriented digital signature scheme together, the dissertation researches in depth on how to improve the efficiency of the sequential multi-signature scheme, design threshold signature scheme and shared verification signature scheme that have different signing or verifying right. The dissertation researches in depth on the society-oriented digital signature scheme, it is very significative both in theory and practice.
随着数字签名技术的不断发展,人们对它的实用性提出越来越多的要求,比如,在保证安全的前提下,数字签名占用尽可能少的存储空间,密钥尽可能的短等等,在这方面人们进行了不懈的研究,但依然存在很多问题尚未解决,比如,在保证安全的前提下,如何提高群签名方案的效率,如何设计满足不同需求的群签名方案等。本文针对这些问题进行深入系统地研究,分析了目前方案的效率和某些缺陷,提出满足人们不同需求的特殊签名方案。在这一研究领域,取得如下研究成果:
(1)研究了有序多重签名机制,重点分析目前存在的多重签名机制的实现方法及缺陷。由于目前的多重签名协议不外乎采取两种方式:一是每个签名者独立地对同一消息签名,最后的签名就是他们各自签名的聚集,在这种签名中,签名的长度随着签名者的个数成倍增加,验证签名的时间也会成倍地增加,这使得此协议非常不实用;二是所有签名者联合起来生成消息m的签名,即签名者A_1首先对消息m进行签名,并把签名传送给下一个签名者A_2,A_2在对A_1的签名进行签名之前先验证A_1签名的有效性,这样直到最后一个签名者A_n为止,在这种签名中,当签名的算法比较复杂时,会使得签名的效率很低。多重签名本质上是多个人对同一消息的签名,本文分别基于背包公钥密码体制、ElGamal公钥密码体制和椭圆曲线公钥密码体制提出三种有序多重签名方案,此些方案可以成倍地提高有序多重签名方案的效率,有效地抵抗来自内部成员的欺诈行为,及时地维护签名组成员的子秘密,方便地增加或删除签名组成员。
(2)基于实际应用,本文提出一种新的签名方案——链式验证签名方案。该方案将验证参与者分为签名验证者和链式验证授权者,签名验证者只有在经过链式验证授权组中每一个成员的依次授权时,才可以验证签名的有效性,而且链式验证授权组中的任何成员(即使所有成员合谋)都不能验证签名的有效性。基于常用的公钥密码体制,如背包公钥密码体制、ElGamal公钥密码体制、椭圆曲线公钥密码体制,设计了三种具体的实现方案。这些方案可以方便地增加或删除链式验证授权者,且当链式验证授权者或签名验证者泄漏子秘密时,可以及时地维护。
(3)设计了具有不同权限的门限签名方案。现存的具有不同权限门限签名方案都是把特权集进行分组,然后对消息进行签名的思路,本文开辟了一种新的思想,把这种具有不同权限的门限签名方案推广到更一般的情况。首先,提出一种特殊的有否决权的门限签名方案,该方案利用齐次常系数线性差分方程的结构及其解的结构,给出了具有两种不同签名权限的签名者参与的门限签名协议。然后,考虑到现存的门限签名方案是把特权集进行分组,本文利用权重来衡量不同权限签名者的签名权利,把一般的(t,n)门限签名方案推广到扩展的(t,n)门限签名方案,即组签名权重达到t就可以得到合法签名。
(4)重点研究了共享验证签名协议,基于现存协议的某些缺陷,利用具有不同权限的门限签名的思路,给出了具有不同权限的共享验证签名协议。首先提出了一个新的共享验证签名方案,该方案具有一些特殊的特点;其次,给出具有两种不同验证权限的共享验证签名方案,该方案利用齐次常系数线性差分方程的结构及其解的结构,得到了具有两种不同验证权限的验证者参与的共享验证签名协议;最后,利用权重来衡量不同权限验证者的验证权利,把一般的(t,n)共享验证签名方案推广到扩展的(t,n)共享验证签名方案,即组验证权重达到t就可以验证签名的有效性。
综上所述,本论文根据面向群体的数字签名的原理和特点,分析发现了现存算法的某些缺陷,并提出一些改进方案。论文结合现有面向群体的数字签名的几种关键技术,系统深入地研究了如何提高有序多重签名的效率、设计了几种具有不同权限的门限签名方案和共享验证签名方案。论文对面向群体的数字签名体制进行了较系统深入的探讨,具有重要的理论探索意义和潜在的应用价值。
The rapid development in computer and network technologies brings in tremendous problems for information security. Cryptography is the fundation of information security, digital signature is one of the main research field of cryptography. It is vital in authentication, data integrity, non-repudiation and so on, which has been used widely in military affairs, electronic commerce, electronic government, etc.
With the rapid growth of the science and technology, more and more requires are brought forward, such as how to make the signature occupy the less store resource, the secret key as short as it can be under the ensuring security condition and so on. Lots of researchers have done abundant work in this way, but there are many questions that have not been solving, for example, how to improve the efficiency of multi-signature scheme, how to design some special signatures that can meet the user's special demands, etc. In this dissertation, we give efficiency analysis of some digital signature, and propose some special society-oriented digital signature schemes which can meet the user's special demands. In this research field, the final research achievements are as following:
(1) We study the sequential multi-signature scheme (SMSS), especially the implementation and defect of the present sequential multi-signature scheme. There are two methods in the present SMSS, one is every signer independently signs for the message, the final signature is their signature gathering. In this scheme, the length of signature will be increased by multiplying with the increasing number of the signers, which makes the scheme is not practical. The other is all signers sign for the message m cooperatively, thus the first signer A_1 signs for m and send it to the second signer A_2, A_2 verify the validity of the signature at first, then signs for the signature of the signer A_1, until the last signer A_n. In this scheme, the efficiency is very low when the signature algorithm is complex. The essence of multi-signature scheme is that some signers sign for a message. The dissertation designs three SMSS based on Knapsack algorithm, discrete logarithm and Elliptic Curve, which is different from existent SMSS, it can possess all properties of existent SMSS when it only need a signature for a message. What's more, these schemes simplify the procedures among signers, and avoid the cheating by signer efficiently, and conveniently add or delete signer, and reduce the cost of communication.
(2) We propose a new digital signature scheme----chain verification digital signature scheme based on the practical application. In this scheme, the verification participators can divide the signature verifier from the chain grantors, the signature verifier cannot verify the validity of the signature until he is authorized by all chain grantors in turn, and any chain grantor (even all chain grantors are collusive) cannot verify the validity of the signature. We respectively design three chain verification digital signature schemes based on Knapsack algorithm, discrete logarithm and Elliptic Curve. What's more, these signature schemes can conveniently add or delete chain grantor and defend the secret key of the chain grantors and signature verifier.
(3) Due to the present threshold signature schemes part different privilege groups, the dissertation extends to the more general situation. At first, the threshold signature scheme with special right is proposed, which realized threshold signature among the signers having two different sign rights by using the structures properties of constant coefficients homogeneous linear difference equation. Then we extend this situation to the more general situation, thus extended (t,n) threshold signature scheme. In the scheme, if sign weight of any subset of all signers is not less than t, the subset can gain the valid signature of the message.
(4) Analysis are made on the security threats and system flaws of present shared verification signature schemes, and an improved shared verification signature scheme is proposed, namely a shared verification signature scheme with different verification right. Firstly, a new shared verification signature scheme is proposed which has some special characters. Secondly, we propose the shared verification signature scheme, which realizes shared verification among the verifiers having two different verification rights by structures and solution structures of constant coefficients homogeneous linear difference equation. Finally we extend this situation to the more general situation, thus extended (t,n) shared verification signature scheme. In the scheme, if verification weight of any subset of all verifiers is not less than t, the subset can verify the validity signature of the message.
To sum up, the dissertation aims at the characteristic of the society-oriented digital signature scheme and flaws of present scheme, and presents improved schemes that can meet the user's special demands. By combining several key techniques of the existing the society-oriented digital signature scheme together, the dissertation researches in depth on how to improve the efficiency of the sequential multi-signature scheme, design threshold signature scheme and shared verification signature scheme that have different signing or verifying right. The dissertation researches in depth on the society-oriented digital signature scheme, it is very significative both in theory and practice.
引文
[1] Goldreich O. Foundations of Cryptography-Fragments of a Book. 2nd Version, 1998.
[2] Shannon C E. Communication Theory of Secrecy System. Bell. Syst. Tech. J., 1949, Vol. 28, pp. 656-715.
[3] Kahn D. The Story of Secret Writing. New York: Macmillan, 1967.
[4] Diffie W, Hellman M E. New Direction in Cryptography. IEEE Transactions on Information Theory, 1976, Vol. IT-22(6), pp. 644-654.
[5] Rivest R L, Shamir A, Adleman L. A Method for Obtaining Digital Signatures and Public Key Cryptosystems. Communications of the ACM, 1978, Vol. 21(2), pp. 120-126.
[6] National Bureau of Stardands. Data Encryption Standard. FIPS PUB 46, National Bureau of Stardands, Washington, D. C. Jan., 1977.
[7] Daemen J, Rijmen V. The Design of Rijindael: AES-the Advance Encryption Standard. Berlin: Springer Verlag, 2002.
[8] Desmedt Y, Frankel Y. Shared Generation of Authentication and Signature. Advances in Cryptology-CRYPTO, 1987, pp. 457-469.
[9] Boaz Tsaban. Fast Generators for the Diffie-Hellman Key Agreement Protocol and Malicious Standards. Information Processing Letters, 2006, Vol. 99(4), pp. 145-148.
[10] Shamir A. How to Share a Secret. Communications of the ACM, 1979, Vol. 229(11), pp. 612-613.
[11] Franklin M, Haber S. Joint Encryption and Message-Efficient Secure Computation. Cryptology-Proceeding of CRYPTO, Springer-Verlag, LNCS, 1994, Vol. 773, pp. 266-277.
[12] Kim H J, Lim J I, Lee D H. Efficient and Secure Member Deletion in Group Signature Schemes. ICISC, Springer-Verlag, LNCS, 2000, Vol. 2015, pp. 150-161.
[13] ElGamal T. A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithm. IEEE Trans. Inf. Theory, 1985, Vol. IT-31, pp. 469-472.
[14] Lin P C, Chang C C. Security Enhancement for Digital Signature Schemes with Fault Tolerance in RSA. Information Sciences, 2007, Vol. 177(9), pp. 4031-4039.
[15] Harn L. Public Key Cryptosystem Design Based on Factoring and Discrete Logarithms. IEE Proc, Comput. Gigit. Tech., 1984, Vol. 141(3), pp. 193-195.
[16] Laih C S, Kuo W C. New Signature Scheme Basen on Factoring and Discrete Logarithms. IEICE Trnas. Fundamentals, 1997, Vol. E80-A, pp. 46-53.
[17] Rabin M V. Digitalized Signature and Public Key Functions as Intractable as Factorization. Technical report, MIT/LCS/TR212, MIT Lab., 1979.
[18] Nyany D, Song J. Fast Digital Signature Scheme Based on the Quadratic Residue Problem. Electronics Letter, 1997, Vol. 33(11), pp. 205-206.
[19] Itakura K, Nakamura K. A Public Key Cryptosystem Suitable for Digital Signature. NEC Res. and Develop. 1983, Vol. 71, pp. 1-8.
[20] Hardjono T, Zheng Y. A Practical Digital Multisignature Scheme Based on Discrete Logarithms. Advances in Cryptology-Auscrypto, Springer-Verlag, 1993, pp. 16-21.
[21] Nyberg K, Rueppel R A. Message Recovery for Signature Schemes Based on the Discrete Logarithm Problem. Designs Codes and Cryptography, 1996, Vol. 7, pp. 61-81.
[22] Chaum D, Heyst Evan. Group Signatures. Advances in Cryptology-Eurocrypt. Berlin: Springer-Verlag, 1991, pp. 257-265.
[23] Camenisch J, Stadler M. Efficient Group Signature Schemes for Large Groups. Advance in Crypto, Springer-Verlag, 1997, Vol. 1296, pp. 410-424.
[24] Ateniexe G, Tsudic G. Some Open Issues and New Directions in Group Signatures. Financial Cryptography Conference. Lecture Notes in Computer Science, 1999, Vol. 1648, pp. 196-211.
[25] Bresson E, Stern J. Efficient Revocation in Group Signatures. Public Key Cryptography, Berlin: Springer-Verlag, 2001, pp. 190-206.
[26] Ateniese G, Tsudic G, Song D. Quasi-Efficient Revocation of Group Signature. The Financial Cryptography, Bermuda, 2002.
[27] Camenisch J, Lysyanskaya A. Dynamic Accumulators and Application to Efficient Recovation of Anonymous Credentials. Proc of Crypto 2002. Berlin: Springer-Verlag, 2002, pp. 61-76.
[28] Dawn Xiaodong Song. A Practical Forward Secure Group Signature Schemes. ACM, CCS, New York: ACM Press, 2001, pp. 225-234.
[29] Zhang J, Wu Q, Wang Y. A Novel Efficient Group Signature Scheme with Forward Security.Proc of Int Conf on Information and Communications Security(ICICS'03)Berlin:Springer-Verlag,2003,pp.292-300.
[30]陈少真,李大兴.有效取消的向前安全群签名体制.计算机学报,2006,Vol.29(6),pp.998-1003.
[31]Atenuse G,Tsudik G.Group Signature a La Carte.The 10~(th)Annual ACM-SIAM,Symposium on Discrete Algorithms,SODA,1999.
[32]Lee W B,Chang C C.Authenticate Encryption Scheme without Using a One-Way Function.Electronic Letter,1998,Vol.31(19),pp.1656-1657.
[33]Okalnoto T.Digital Multisignature Scheme Using Bijective Public Key Cryptosystem.ACM Transaction on Computer Systems,1988,Vol.6(4),pp.432-441.
[34]Ohta K,Okamoto T.A Digital Multisignature Scheme Based on the Fiat-Shamir Scheme.Advances in Cryptology Asiacrypt,Lncs,Springer-Verlag,1991,pp.139-148.
[35]Harn L,Kiesler T.New Scheme for Digital Multisignatures.Electronics Letters,1989,Vol.25(15),pp.1002-1003.
[36]卢建朱,陈火炎,林飞.ElGamal多重数字签名方案.北京邮电大学学报,1999,Vol.22(2),pp.30-34.
[37]Harn L,Kiesler T.New Digital Signature Based on Discrete Logarithm.Electronics Letters,1994,Vol.30(5),pp.396-398.
[38]Harn L.Public-Key Cryptosystem Design Based on Factoring and Discrete Logarithms.IEEE Proc Compute Digital Tech,1994,Vol.141(3),pp.193-195.
[39]Wu T,Chou S.Two-Based Multisignature Protocols for Sequential and Broadcasting Architecture.Computer Communication,1996,Vol.19(9-10),pp.851-856.
[40]谭凯军,诸鸿文,顾尚杰.基于数字签名方案DSS/DSA的几种应用方案.计算机研究与发展,1999,Vol.36(5),pp.632-637.
[41]卢建朱,陈火炎,林飞.ElGamal型多重数字签名算法及其安全性.计算机研究与发展,1999,Vol.37(11),pp.1335-1339.
[42]张键红,韦永壮,王育民.基于RSA的多重数字签名.通信学报,2003,Vol.24(8),pp.150-154.[43]Harn L,Lin C Y,Wu T C.Structured Multisignature Algorithms.Computers and Digital Techniques,2004,Vol.151,pp.231-234.
[44]Wang Y L,Wang L H.A New Type of Digital Multisignature.Computer Supported Cooperative Work in Design,2005,Vol.2,pp.750-754.
[45]Aboud S J.An Efficient Digital Multisignature Scheme.Information and Communication Technologies,2006,Vol.2,pp.3298-3303.
[46]Mambo M,Usuda K,Okamoto E.Proxy Signatures for Delegating Signing Operation.3~(rd)ACM Conference on Computer and Communications Security.ACM Press,1996,pp.48-57.
[47]Kim S J,Park S J,Won D H.Proxy Signature,Revisited.ICICS,Lncs,New York:Springer-Verlag,1997,Vol.1334,pp.223-232.
[48]Boldyreva A,Palacio A,Warinschi B.Secure Proxy Signature Schemes for Delegation of Signing Rights.Cryptology E-Print Archive,Report 2003/096[R].Available at http://eprint.iacr.org/2003.
[49]Malkin T,Obana S,Yung M.The Hierarchy of Key Evolving Signatures and a Characterization of Proxy Signatures.Advances in Cryptology Eurocrypt,Lncs,Springer,2004,Vol.3027,pp.306-322.
[50]Tan Z W,Liu Z J,Wang M S.On the Security of some Nonrepudiable Threshold Proxy Signature Schemes.ISPEC,Lecture Notes in Computer Science,Springer-Verlag,2005,Vol.3439,pp.374-385.
[51]薛庆水.新型代理签名方案的设计、分析及其实现.上海:上海交通大学,2005.
[52]Chai Z C,Cao Z F,Lu R X.An Efficient Provable Secure ID-Based Proxy Signature Scheme Based on CDH Assumption.Journal of Shanghai Jiaotong University(Science),2006,Vol.11(3),pp.271-278.
[53]Desmedt Y,Frankel Y.Shared Generation of Authentication and Signature.Advance in Cryptology-Crypto'91,Springer-Verlag,1991,pp.457-469.
[54]张玉清,肖国镇.计算机密码学及其应用.北京:国防工业出版社,2001.
[55]Li C,Hwang T,Lee N.Remark on the Threshold RSA Signature Scheme.Stinson D R ed.Advances in Cryptology-Crypto'93 Proceedings,Berlin:Springer-Verlag,1993,pp.413-419.
[56]Wang C T,Lin C H,Chang C C.Threshold Signature Schemes with Traceable Signers in Group Communications.Computer Communications,1998,Vol.21(8),pp. 771-776.
[57]徐秋亮,郑志华.强健有效的门限RSA数字签名方案.密码学进展—China-Crypto'2000,科学出版社,2000,pp.138-142.
[58]费如纯,王丽娜,于戈.基于离散对数和二次剩余的门限数字签名体制.通信学报,2002,Vol.5,pp.65-69.
[59]王贵林,卿斯汉.几个门限群签名方案的弱点.软件学报,2000,Vol.11(10),pp.1326-1332.
[60]Lu R X,Lin X D,Cao Z F,Shao J,Liang X H.New(t,n)Threshold Directed Signature Scheme with Provable Security.Information Science,2008,Vol.178(3),pp.756-765.
[61]Chu C K,Tzeng W G.Optimal Resilient Threshold GQ Signature.Information Sciences,2007,Vol.177(8),pp.1834-1851.
[62]Chang T Y,Yang C C,Hwang M S.A Threshold Signature Scheme for Group Communications without a Shared Distribution Center.Future Generation Computer Systems,2004,Vol.20(6),pp.1013-1021.
[63]Wu Z S,Hsu C L.Threshold Signature Scheme Using Self-Certified Public Keys.Journal of Systems and Software,2003,Vol.67(2),pp.89-97.
[64]Ham L.Digital Signature with(t,n)Shared Verification Based on Discrete Logarithms.Electron.Lett,1993,Vol.29(24),pp.2094-2095.
[65]De S M,Quisquater J J,Vedder K.A Signature with Shared Verification Scheme.Advances in Cryptology-CRYPTO'89,Berlin:Springer-Verlag,1989,pp.253-262.[
66]Simmons G J.Anatural Taxonomy for Digital information Authentication Scheme.Advance in Cryptology-CRYPTO'87,Berlin:Springer-Verlag,1987,pp.269-288.
[67]Harn L.Comment on "Digital Signature with(t,n)Shared Verification Based on Discrete Logarithms"[and reply].Electron Lett,1995,Vol.31(3),pp.176-177.
[68]施荣华,基于离散对数的(t,n)门限共享验证签名方案.计算机研究与发展,2000,Vol.37(3):pp.319-323.
[69]Wang M,Zhu Q,Qing L.Shared Verification Signature for Generalized Subsets of Receiving Group.Communications and Information,2005,Vol.2(10),pp.1318-1321.
[70]Jia X Y,Luo S S,Yuan C W.A New Signature Scheme with Shared Verification.The Joumal of China Universities of Posts and Telecommunications.2006,Vol.13(2),pp.66-69.
[71]许春香,牛志华,肖国镇.没有可信机构的矢量空间秘密共享.多重签名方案.西安电子科技大学学报,2005,Vol.3(02),pp.225-228.
[72]冯登国,裴定一.密码学引导.北京,科学出版社,1999.
[73]胡磊,王鹏.应用密码学手册.北京,电子工业出版社,2005.
[74]章照止.破译一个新的背包公钥密码系统.系统科学与数学,1991,Vol.11(1),pp.91-94
[75]Chor B,Rivest R L.Knapsack-Typt Public-Key Cryptosystem Based on Arithmetic in Finite Fields.IEEE Trans.Information Theory,1988,Vol.34(5),pp.901-909.
[76]Brickell E F,Odlyzko A M.Cryptanalysis:A Survey of Recent Results.Proc.IEEE.1988,Vol.76(4),pp.89-97.
[77]Vaudenay S.Cryptanalysis of the Chor-Rivest Cryptosystem.Advances in Cryptology Crypto'98,Sana-Barbara,California,Lecture Notes in Computer Science,1998,Vol.1426,pp.243-256.
[78]周玉洁,冯登国.公开密钥密码算法及其快速实现.国防工业出版社,北京,2002,pp.13-17.
[79]胡向东,魏琴芳.应用密码学教程.电子工业出版社,北京,2005,pp.51-53.
[80]Itakura K,Makamura K.A Public Key Cryptosystem Suitable for Digital MultiSignature.NEC Res and Develop,1983,Vol.71(10),pp.1-8.
[81]Harm L,Kielser T.New Scheme for Digital Multi-Signature.Electronic Leter,1989,Vol.25(15),pp.1002-1003.
[82]Okamoto T.A Digital Multi-Signature Scheme Using Bijective Public Key Cryptosystems.ACM Trans Computer System,1988,Vol.6(8),pp.432-44.
[83]Boyd C.Multi-Signature Based on Zero Knowledge Schemes.Electronic Letter,1991,Vol.27(22),pp.2002-2004.
[84]Hardjono T,Zheng Y.A Practical Digital Multi-Signature Scheme Based on Discrete Logarithm.Advances in Cryptology-AUSCRPTO'92,Springer-Verlag 1993,LNCS,Vol.876,pp.16-21.
[85]Wu T,C Chou S L.Two ID-Based Multi-Signature Protocols for Sequential and Broadcasting Architecture.Computer Communications,1996,Vol.19,pp.851-856.
[86]HongqYang C S.Key Authentication Scheme for Cryptosysteln Based on Discrete Logarithm.Comp Comm.1996,Vol.19,pp.848-855.
[87]李子臣,杨义先.ElGamal多重数字签名方案.北京邮电大学学报,1999,Vol.22(2),pp.30-34.
[88]王晓明.一种多重数字签名方案的安全性分析.南开大学学报(自然科学版),2003,Vol.36(1),pp.33-38.
[89]杜海涛,张青坡,钮心忻,杨义先.一个新的离散对数有序多重签名方案.计算机工程与应用,2007,Vol.43(2),pp.148-150.
[90]Ham,L,Lin C Y,Wu T C.Structured Multisignature Algorithms.Computers and Digital Techniques,2004,Vol.151,pp.231-234.
[91]Wang Y L,Wang L H.A New Type of Digital Multisignature.Computer supported Cooperative Work in Design,2005,Vol.2,pp.750-754.
[92]Aboud S J.An Efficient Digital Multisignature Scheme.Information and Communi-cation Technologies,2006,vol.2,pp.3298-3303.
[93]孟涛,王建峰,孙圣和.有序多重签名体制重阈下信道通信方法的研究.电子学报,2007,Vol.35(6),pp.112-114.
[94]温晓军,刘云.一种可实现的量子有序多重数字签名方案.电子学报,2007,Vol.35(6),pp.1079-1083.
[95]Jia Xiaoyun,Luo Shoushan,Chen Ping,Yuan Chaowei.A New Sequential Digital Multi-Signature Scheme,China communications,2007,Vol.4(4),pp.66-71.
[96]Aho A,Hopcroft J,Ulhnan J.The Design and Analysis of Computer Algorithms.Addison-Wesley,Reading,MA,1974.
[97]Chang C C,Horug H J,Buechrer D J.A Cascade Exponentiation Evaluation Scheme Based on the Lernpel-Ziv-Welch Compression Algorithm.Journal of Information Science and Engineering,1995,Vol.11(3),pp.417-431.
[98]Hellman M E.The Mathematics of Public-Key Cryptography.Scientific American,1979,Vol.241(8),pp.146-157.
[99]Merkle R C,Hellman M.Hiding Information and Signatures in Trapdoor Knapsacks.IEEE Transactions on Information Theory,1978,Vol.24(5),pp.525-530.
[100]Zou W,Wu Y.COFDM:An Overview.IEEE Trans on Broadcast,1995,Vol.41(1),pp.1-8.
[101]LAN/MAN Standards Committee of the IEEE Computer Society,High-Speed Physical Layer in the 5GHz Band.IEEE Std 802.11 a,1999-09-16.
[102]卢开澄.计算机密码学.清华大学出版社,1998.
[103]ElGamal T.A Public Key Crptosystem and a Signature Scheme Based on Discrete Logarithms.IEEE Transactions on Information Theory,1985,Vol.31,pp.469-472.
[104]Miller V.Uses of Elliptic Curves in Cryptography.Advances in Cryptology-Cryp -to'85,Lncs 218,1986,pp.417-426.
[105]The Elliptic Curve Digital Signature Algorithm(ECDSA).ANSI X9.62,1998.
[106]张平,纪阳.移动泛在业务环境及其体系架构设计的挑战.北京邮电大学学报,2005,Vol.28(5),pp.1-3.
[107]袁超伟,贾晓芸,黄韬.移动泛在网络中的安全问题.中国新通信,2007,Vol.10,pp.80-82.
[108]Borje Ohlman.Ambient Network Scenarios,2004.https://bscw.ambient-networks.org/bscw/bsce.cgi/0/5635.
[109]IT security techniques-Non-repudiation-part 1:General,ISO/IEC Standard 13888-1,2004.
[110]Stewart Kowalski,Nick Edwards.A Security and Trust Framework for a Wireless World:a Cross Issue Approach,WWRF No.12,Toronto,2004.
[111]Geert Kleinhuis.Security Concepts,Requirements and Architectural Principles,Ambient Networks WP7 report 1,August 2004.
[112]Robert MOskowitz,Pekka Nikander,Petri Jokela,Thomas Henderson.Host Identity Protocol,IETF draft-ietf-hip-based-00,June 2004.
[113]Chandrasiri P,et al.Personal Security Domains.Proceedings of IWWST 2004,April 2004.http://www.cs.mdx.ac.uk/news/Archive04/May04/iwwst04.html
[114]Jun Z,Dake H.ACJT Group Blind Signature Scheme.First International Conference on Communications and Networking.ChinaCom'06,2006,pp.1-6.
[115]Wang G,Bao F,Zhou J A,et al.Security Remarks on a Group Signature Scheme with Member Deletion.Proceeding of Information and Communications Security (ICICS'3).LNCS 2836,Berlin:Spring-verlag,2003,pp.252-265.
[116]吕继强,王新梅.两个基于身份的数字签名方案的安全性改进.通信学报,2003,Vol.24(9),pp.128-131.
[117]王凤和,胡予濮,王春晓.一种基于中国剩余定理的群签名方案的攻击及其改进方案.电子与信息学报,2007,Vol.29(1),pp.182-184.
[118]Chen T S,Hsiao T,Chen T L.An Efficient Threshold Group Signature Scheme.TENCON 2004,2004 IEEE Region 10 Conference.2004,Vol.2,pp.13-16.
[119]刘颖,胡予濮,王飞,卢晓君.一个高效的基于身份的门限签名方案.西安电子科技大学学报,2006,Vol,33(2),pp.311-315.
[120]Johan V,Dawoud S,Stephen M.A Fully Distributed Proactively Secure Threshold-Mulisignature Scheme.IEEE Transaction on Parallel and Distributed Systems.20007,Vol.18,pp.652-575.
[121]Mehta M,Ham L.Efficient One-Time Proxy Signatures.Communications IEE Proceedings.2005,Vol.152(2),pp.129-133.
[122]Ham L.Digital Signature with(t,n)Shared Verification Based on Discrete Logarithms.Electron.Lett,1993,Vol.29(24),pp.2094-2095.
[123]Lee W B,Chang C C.Comment:Digital Signature with(t,n)Shared Verification Based on Discrete Logarithms.Electron.Lett,1995,Vol.31(3),pp.176-177.
[124]Wang M,Zhu Q,Qing L.Shared Verification Signature for Generalized Subsets of Receiving Group.Communications and Information.2005,Vol.2(10),pp.1318-1321.
[125]Jia X Y,Luo S S,Yuan C W.A New Signature Scheme with Shared Verification.The Journal of China Universities of Posts and Telecommunications.2006,Vol.13(2),pp.66-69.
[126]许春香,牛志华,肖国镇.没有可信机构的矢量空间秘密共享-多重签名方案.西安电子科技大学学报,2005,Vol.3(02),pp.225-228.
[127]Shi R H.A(t,n)Threshold Shared Verification Signature Scheme Based on Discrete Logarithms.Journal of computer research & development,2000,Vol.37(3),pp.319-323.
[128]Harn L,Lin C Y,Wu T C.Structured Multisignature Algorithms.Computers and Digital Techniques,2004,Vol.151,pp.231-234.
[129]Wang Y L,Wang L H.A New Type of Digital Multisignature.Computer supported Cooperative Work in Design,2005,Vol.2,pp.750-754.
[130]Jia Xiaoyun,Luo Shoushan,Chen Ping,Yuan Chaowei.A New Digital Signature Scheme.International colloquium on Information Fusion,2007.
[131]贾晓芸,罗守山,袁超伟.一种新的基于离散对数的签名方案,西安电子科技大学学报,2008,Vol.35(2),pp.351-355.
[132]周玉洁,冯登国.公开密钥密码算法及其快速实现.国防工业出版社,2002,9.
[133]王学理,裴定一.椭圆与超椭圆曲线公钥密码的理论与实现.科学出版社,2006,12.
[134]Desmedt Y,Frankel Y.Shared Generation of Authenticators and Signatures.Advances in Cryptology-CRYPTO' 91,Santa Barbara,1991,pp.457-469.
[135]徐秋亮.改进门限RSA数字签名体制.计算机学报,2000,Vol.23(5),pp.449-453.
[136]Xue Qiu-Liang,Chen Tzer-Shyong.An Efficient Threshold RSA Digital Signature Scheme.Applied Mathematics and Computation,2005,Vol.166(1),pp.25-34.
[137]石怡,登国.一类新型(tj,t,n)——群签名方案的设计与分析.编密码学进展——ChinaCrypto 2000.北京:科学出版社,2000,pp.156-159.
[138]陈伟东,冯登国.一类存在特权集的门限群签名方案.软件学报,2005,Vol.16(7),pp.1289-1295.
[139]Paul C,Scott A.Handbook of Applied Cryptography.Publishing House of Electronics Industry,2005,6.
[140]De S M,Quisquater J J,Vedder K.A Signature with Shared Verification Scheme.Advances in Cryptology-CRYPTO'89.Berlin:Springer-Verlag,1989,pp.253-262.
[141]Simmons G J.Anatural Taxonomy for Digital Information Authentication Scheme.Advance in Cryptology-CRYPTO'87.Berlin:Springer-Verlag,1987,pp.269-288.
[142]Ham L.Digital Signature with(t,n)Shared Verification Based on Discrete Logarithms.Electron Lett,1993,Vol.29(24),pp.2094-2095.
[143]Lee W B,Chang C C.Comment:Digital Signature with(t,n)Shared Verification Based on Discrete Logarithms.Electron Lett,1995,Vol.31(3),pp.176-177.
[144]施荣华.基于离散对数的(t,n)门限共享验证签名方案.计算机研究与发展, 2000,Vol.37(3),pp.319-323.
[145]张福泰,赵福祥,王育民.基于可验证秘密分享的共享验证签名方案.西安电子科学大学学报,2002,Vol.29(2),pp.210-214.
[146]Jia X Y,Luo S S,Yuan C W.A New Signature Scheme with Shared Verification.The Journal of China Universities of Posts and Telecommunications,2006,Vol.13(2),pp.66-69.
[147]Rivest R L,Shamir A,Adleman L.A Method for Obtaining Digital Signatures and Public Key Cryptosystem.Communication of ACM,1978,Vol.21,pp.120-126.
[148]Asokan N,Shoup V,Waidner M.Optimistic Fair Exchange of Digital Signatures.In EUROCRYOT'98,1998,Vol.1403,pp.591-606.
[149]蒋尔雄.数值逼近.复旦大学出版社,1996.
[150]Shamir A.How to Share a Secret.Communication ACM,1979,Vol.22(11),pp.612-613.
[151]Blakley G R.Safeguarding Cryptographic Keys.Proceedings of AFIPS 1979National Computer Conference,1979,Vol.48,pp.313-317.
[152]Asmuth C,Bloom J.A Modular Approach to Key Safeguarding.IEEE Transactions on Information Theory,1983,Vol.29,pp.208-210.
[153]Karnin E D,Green J W,Hellman M E.On Sharing Secret System.IEEE Transactions on Information Theory,1983,Vol.29,pp.35-41.
[154]Stadler M.Publicly Verifiable Secret Sharing.Advances in Cryptology,Eurocrypt'96,LNCS 1070[C].Berlin:Springer Verlag,1996,pp.190-199.
[155]Chor B,coldwasser S,Micali S,et al.Verifiable Secret Sharing and Achieving Simultaneity in the Presence of Faults.Proceedings of 26th IEEE Symposium on Foundations of Computer Science.IEEE,1985,pp.383-395.
[156]杨波,孙小蓉,王育民.基于门限方案的密钥托管.西安电子科技大学学报,1998,Vol.25(2),pp.239-241.
[157]Brickell E,Gemmell P,Kravitz D.Trustee-Based Tracing Extensions to Anonymous Cash and the Making of Anonymous Change.In Proceedings of the Sixth Annual ACM-SIAM Symposium on Discrete Algorithms,1995,pp.457-466.
[158]Camenisch J,Piveteau J M,Stadler M.An Efficient Fair Payment System. Proc.3rd ACM Conference on Computer and Communications Security,1996.
[159]Rosen K H.Elementary Number Theory and Its Applications.Addison-Wesley,MA,1993.
[160]何明星,范平志,袁丁.一个可验证的门限多秘密分享方案.电子学报,2002,Vol.30(4),pp.540-543.
[161]Ahmet M.Eskicioglu.A Prepositive Secret Sharing Scheme for Message Authentication in Broadcast Networks.2001.Available at http://www.sci.brooklyn.cuny.edu/~eskicioglu/papers/CMS2001.pdf.
[162]贾晓芸,罗守山,袁超伟.基于RSA的公开验证的多秘密分享方案.通信学报,2006,Vol.27(12A),pp.56-60.
[2] Shannon C E. Communication Theory of Secrecy System. Bell. Syst. Tech. J., 1949, Vol. 28, pp. 656-715.
[3] Kahn D. The Story of Secret Writing. New York: Macmillan, 1967.
[4] Diffie W, Hellman M E. New Direction in Cryptography. IEEE Transactions on Information Theory, 1976, Vol. IT-22(6), pp. 644-654.
[5] Rivest R L, Shamir A, Adleman L. A Method for Obtaining Digital Signatures and Public Key Cryptosystems. Communications of the ACM, 1978, Vol. 21(2), pp. 120-126.
[6] National Bureau of Stardands. Data Encryption Standard. FIPS PUB 46, National Bureau of Stardands, Washington, D. C. Jan., 1977.
[7] Daemen J, Rijmen V. The Design of Rijindael: AES-the Advance Encryption Standard. Berlin: Springer Verlag, 2002.
[8] Desmedt Y, Frankel Y. Shared Generation of Authentication and Signature. Advances in Cryptology-CRYPTO, 1987, pp. 457-469.
[9] Boaz Tsaban. Fast Generators for the Diffie-Hellman Key Agreement Protocol and Malicious Standards. Information Processing Letters, 2006, Vol. 99(4), pp. 145-148.
[10] Shamir A. How to Share a Secret. Communications of the ACM, 1979, Vol. 229(11), pp. 612-613.
[11] Franklin M, Haber S. Joint Encryption and Message-Efficient Secure Computation. Cryptology-Proceeding of CRYPTO, Springer-Verlag, LNCS, 1994, Vol. 773, pp. 266-277.
[12] Kim H J, Lim J I, Lee D H. Efficient and Secure Member Deletion in Group Signature Schemes. ICISC, Springer-Verlag, LNCS, 2000, Vol. 2015, pp. 150-161.
[13] ElGamal T. A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithm. IEEE Trans. Inf. Theory, 1985, Vol. IT-31, pp. 469-472.
[14] Lin P C, Chang C C. Security Enhancement for Digital Signature Schemes with Fault Tolerance in RSA. Information Sciences, 2007, Vol. 177(9), pp. 4031-4039.
[15] Harn L. Public Key Cryptosystem Design Based on Factoring and Discrete Logarithms. IEE Proc, Comput. Gigit. Tech., 1984, Vol. 141(3), pp. 193-195.
[16] Laih C S, Kuo W C. New Signature Scheme Basen on Factoring and Discrete Logarithms. IEICE Trnas. Fundamentals, 1997, Vol. E80-A, pp. 46-53.
[17] Rabin M V. Digitalized Signature and Public Key Functions as Intractable as Factorization. Technical report, MIT/LCS/TR212, MIT Lab., 1979.
[18] Nyany D, Song J. Fast Digital Signature Scheme Based on the Quadratic Residue Problem. Electronics Letter, 1997, Vol. 33(11), pp. 205-206.
[19] Itakura K, Nakamura K. A Public Key Cryptosystem Suitable for Digital Signature. NEC Res. and Develop. 1983, Vol. 71, pp. 1-8.
[20] Hardjono T, Zheng Y. A Practical Digital Multisignature Scheme Based on Discrete Logarithms. Advances in Cryptology-Auscrypto, Springer-Verlag, 1993, pp. 16-21.
[21] Nyberg K, Rueppel R A. Message Recovery for Signature Schemes Based on the Discrete Logarithm Problem. Designs Codes and Cryptography, 1996, Vol. 7, pp. 61-81.
[22] Chaum D, Heyst Evan. Group Signatures. Advances in Cryptology-Eurocrypt. Berlin: Springer-Verlag, 1991, pp. 257-265.
[23] Camenisch J, Stadler M. Efficient Group Signature Schemes for Large Groups. Advance in Crypto, Springer-Verlag, 1997, Vol. 1296, pp. 410-424.
[24] Ateniexe G, Tsudic G. Some Open Issues and New Directions in Group Signatures. Financial Cryptography Conference. Lecture Notes in Computer Science, 1999, Vol. 1648, pp. 196-211.
[25] Bresson E, Stern J. Efficient Revocation in Group Signatures. Public Key Cryptography, Berlin: Springer-Verlag, 2001, pp. 190-206.
[26] Ateniese G, Tsudic G, Song D. Quasi-Efficient Revocation of Group Signature. The Financial Cryptography, Bermuda, 2002.
[27] Camenisch J, Lysyanskaya A. Dynamic Accumulators and Application to Efficient Recovation of Anonymous Credentials. Proc of Crypto 2002. Berlin: Springer-Verlag, 2002, pp. 61-76.
[28] Dawn Xiaodong Song. A Practical Forward Secure Group Signature Schemes. ACM, CCS, New York: ACM Press, 2001, pp. 225-234.
[29] Zhang J, Wu Q, Wang Y. A Novel Efficient Group Signature Scheme with Forward Security.Proc of Int Conf on Information and Communications Security(ICICS'03)Berlin:Springer-Verlag,2003,pp.292-300.
[30]陈少真,李大兴.有效取消的向前安全群签名体制.计算机学报,2006,Vol.29(6),pp.998-1003.
[31]Atenuse G,Tsudik G.Group Signature a La Carte.The 10~(th)Annual ACM-SIAM,Symposium on Discrete Algorithms,SODA,1999.
[32]Lee W B,Chang C C.Authenticate Encryption Scheme without Using a One-Way Function.Electronic Letter,1998,Vol.31(19),pp.1656-1657.
[33]Okalnoto T.Digital Multisignature Scheme Using Bijective Public Key Cryptosystem.ACM Transaction on Computer Systems,1988,Vol.6(4),pp.432-441.
[34]Ohta K,Okamoto T.A Digital Multisignature Scheme Based on the Fiat-Shamir Scheme.Advances in Cryptology Asiacrypt,Lncs,Springer-Verlag,1991,pp.139-148.
[35]Harn L,Kiesler T.New Scheme for Digital Multisignatures.Electronics Letters,1989,Vol.25(15),pp.1002-1003.
[36]卢建朱,陈火炎,林飞.ElGamal多重数字签名方案.北京邮电大学学报,1999,Vol.22(2),pp.30-34.
[37]Harn L,Kiesler T.New Digital Signature Based on Discrete Logarithm.Electronics Letters,1994,Vol.30(5),pp.396-398.
[38]Harn L.Public-Key Cryptosystem Design Based on Factoring and Discrete Logarithms.IEEE Proc Compute Digital Tech,1994,Vol.141(3),pp.193-195.
[39]Wu T,Chou S.Two-Based Multisignature Protocols for Sequential and Broadcasting Architecture.Computer Communication,1996,Vol.19(9-10),pp.851-856.
[40]谭凯军,诸鸿文,顾尚杰.基于数字签名方案DSS/DSA的几种应用方案.计算机研究与发展,1999,Vol.36(5),pp.632-637.
[41]卢建朱,陈火炎,林飞.ElGamal型多重数字签名算法及其安全性.计算机研究与发展,1999,Vol.37(11),pp.1335-1339.
[42]张键红,韦永壮,王育民.基于RSA的多重数字签名.通信学报,2003,Vol.24(8),pp.150-154.[43]Harn L,Lin C Y,Wu T C.Structured Multisignature Algorithms.Computers and Digital Techniques,2004,Vol.151,pp.231-234.
[44]Wang Y L,Wang L H.A New Type of Digital Multisignature.Computer Supported Cooperative Work in Design,2005,Vol.2,pp.750-754.
[45]Aboud S J.An Efficient Digital Multisignature Scheme.Information and Communication Technologies,2006,Vol.2,pp.3298-3303.
[46]Mambo M,Usuda K,Okamoto E.Proxy Signatures for Delegating Signing Operation.3~(rd)ACM Conference on Computer and Communications Security.ACM Press,1996,pp.48-57.
[47]Kim S J,Park S J,Won D H.Proxy Signature,Revisited.ICICS,Lncs,New York:Springer-Verlag,1997,Vol.1334,pp.223-232.
[48]Boldyreva A,Palacio A,Warinschi B.Secure Proxy Signature Schemes for Delegation of Signing Rights.Cryptology E-Print Archive,Report 2003/096[R].Available at http://eprint.iacr.org/2003.
[49]Malkin T,Obana S,Yung M.The Hierarchy of Key Evolving Signatures and a Characterization of Proxy Signatures.Advances in Cryptology Eurocrypt,Lncs,Springer,2004,Vol.3027,pp.306-322.
[50]Tan Z W,Liu Z J,Wang M S.On the Security of some Nonrepudiable Threshold Proxy Signature Schemes.ISPEC,Lecture Notes in Computer Science,Springer-Verlag,2005,Vol.3439,pp.374-385.
[51]薛庆水.新型代理签名方案的设计、分析及其实现.上海:上海交通大学,2005.
[52]Chai Z C,Cao Z F,Lu R X.An Efficient Provable Secure ID-Based Proxy Signature Scheme Based on CDH Assumption.Journal of Shanghai Jiaotong University(Science),2006,Vol.11(3),pp.271-278.
[53]Desmedt Y,Frankel Y.Shared Generation of Authentication and Signature.Advance in Cryptology-Crypto'91,Springer-Verlag,1991,pp.457-469.
[54]张玉清,肖国镇.计算机密码学及其应用.北京:国防工业出版社,2001.
[55]Li C,Hwang T,Lee N.Remark on the Threshold RSA Signature Scheme.Stinson D R ed.Advances in Cryptology-Crypto'93 Proceedings,Berlin:Springer-Verlag,1993,pp.413-419.
[56]Wang C T,Lin C H,Chang C C.Threshold Signature Schemes with Traceable Signers in Group Communications.Computer Communications,1998,Vol.21(8),pp. 771-776.
[57]徐秋亮,郑志华.强健有效的门限RSA数字签名方案.密码学进展—China-Crypto'2000,科学出版社,2000,pp.138-142.
[58]费如纯,王丽娜,于戈.基于离散对数和二次剩余的门限数字签名体制.通信学报,2002,Vol.5,pp.65-69.
[59]王贵林,卿斯汉.几个门限群签名方案的弱点.软件学报,2000,Vol.11(10),pp.1326-1332.
[60]Lu R X,Lin X D,Cao Z F,Shao J,Liang X H.New(t,n)Threshold Directed Signature Scheme with Provable Security.Information Science,2008,Vol.178(3),pp.756-765.
[61]Chu C K,Tzeng W G.Optimal Resilient Threshold GQ Signature.Information Sciences,2007,Vol.177(8),pp.1834-1851.
[62]Chang T Y,Yang C C,Hwang M S.A Threshold Signature Scheme for Group Communications without a Shared Distribution Center.Future Generation Computer Systems,2004,Vol.20(6),pp.1013-1021.
[63]Wu Z S,Hsu C L.Threshold Signature Scheme Using Self-Certified Public Keys.Journal of Systems and Software,2003,Vol.67(2),pp.89-97.
[64]Ham L.Digital Signature with(t,n)Shared Verification Based on Discrete Logarithms.Electron.Lett,1993,Vol.29(24),pp.2094-2095.
[65]De S M,Quisquater J J,Vedder K.A Signature with Shared Verification Scheme.Advances in Cryptology-CRYPTO'89,Berlin:Springer-Verlag,1989,pp.253-262.[
66]Simmons G J.Anatural Taxonomy for Digital information Authentication Scheme.Advance in Cryptology-CRYPTO'87,Berlin:Springer-Verlag,1987,pp.269-288.
[67]Harn L.Comment on "Digital Signature with(t,n)Shared Verification Based on Discrete Logarithms"[and reply].Electron Lett,1995,Vol.31(3),pp.176-177.
[68]施荣华,基于离散对数的(t,n)门限共享验证签名方案.计算机研究与发展,2000,Vol.37(3):pp.319-323.
[69]Wang M,Zhu Q,Qing L.Shared Verification Signature for Generalized Subsets of Receiving Group.Communications and Information,2005,Vol.2(10),pp.1318-1321.
[70]Jia X Y,Luo S S,Yuan C W.A New Signature Scheme with Shared Verification.The Joumal of China Universities of Posts and Telecommunications.2006,Vol.13(2),pp.66-69.
[71]许春香,牛志华,肖国镇.没有可信机构的矢量空间秘密共享.多重签名方案.西安电子科技大学学报,2005,Vol.3(02),pp.225-228.
[72]冯登国,裴定一.密码学引导.北京,科学出版社,1999.
[73]胡磊,王鹏.应用密码学手册.北京,电子工业出版社,2005.
[74]章照止.破译一个新的背包公钥密码系统.系统科学与数学,1991,Vol.11(1),pp.91-94
[75]Chor B,Rivest R L.Knapsack-Typt Public-Key Cryptosystem Based on Arithmetic in Finite Fields.IEEE Trans.Information Theory,1988,Vol.34(5),pp.901-909.
[76]Brickell E F,Odlyzko A M.Cryptanalysis:A Survey of Recent Results.Proc.IEEE.1988,Vol.76(4),pp.89-97.
[77]Vaudenay S.Cryptanalysis of the Chor-Rivest Cryptosystem.Advances in Cryptology Crypto'98,Sana-Barbara,California,Lecture Notes in Computer Science,1998,Vol.1426,pp.243-256.
[78]周玉洁,冯登国.公开密钥密码算法及其快速实现.国防工业出版社,北京,2002,pp.13-17.
[79]胡向东,魏琴芳.应用密码学教程.电子工业出版社,北京,2005,pp.51-53.
[80]Itakura K,Makamura K.A Public Key Cryptosystem Suitable for Digital MultiSignature.NEC Res and Develop,1983,Vol.71(10),pp.1-8.
[81]Harm L,Kielser T.New Scheme for Digital Multi-Signature.Electronic Leter,1989,Vol.25(15),pp.1002-1003.
[82]Okamoto T.A Digital Multi-Signature Scheme Using Bijective Public Key Cryptosystems.ACM Trans Computer System,1988,Vol.6(8),pp.432-44.
[83]Boyd C.Multi-Signature Based on Zero Knowledge Schemes.Electronic Letter,1991,Vol.27(22),pp.2002-2004.
[84]Hardjono T,Zheng Y.A Practical Digital Multi-Signature Scheme Based on Discrete Logarithm.Advances in Cryptology-AUSCRPTO'92,Springer-Verlag 1993,LNCS,Vol.876,pp.16-21.
[85]Wu T,C Chou S L.Two ID-Based Multi-Signature Protocols for Sequential and Broadcasting Architecture.Computer Communications,1996,Vol.19,pp.851-856.
[86]HongqYang C S.Key Authentication Scheme for Cryptosysteln Based on Discrete Logarithm.Comp Comm.1996,Vol.19,pp.848-855.
[87]李子臣,杨义先.ElGamal多重数字签名方案.北京邮电大学学报,1999,Vol.22(2),pp.30-34.
[88]王晓明.一种多重数字签名方案的安全性分析.南开大学学报(自然科学版),2003,Vol.36(1),pp.33-38.
[89]杜海涛,张青坡,钮心忻,杨义先.一个新的离散对数有序多重签名方案.计算机工程与应用,2007,Vol.43(2),pp.148-150.
[90]Ham,L,Lin C Y,Wu T C.Structured Multisignature Algorithms.Computers and Digital Techniques,2004,Vol.151,pp.231-234.
[91]Wang Y L,Wang L H.A New Type of Digital Multisignature.Computer supported Cooperative Work in Design,2005,Vol.2,pp.750-754.
[92]Aboud S J.An Efficient Digital Multisignature Scheme.Information and Communi-cation Technologies,2006,vol.2,pp.3298-3303.
[93]孟涛,王建峰,孙圣和.有序多重签名体制重阈下信道通信方法的研究.电子学报,2007,Vol.35(6),pp.112-114.
[94]温晓军,刘云.一种可实现的量子有序多重数字签名方案.电子学报,2007,Vol.35(6),pp.1079-1083.
[95]Jia Xiaoyun,Luo Shoushan,Chen Ping,Yuan Chaowei.A New Sequential Digital Multi-Signature Scheme,China communications,2007,Vol.4(4),pp.66-71.
[96]Aho A,Hopcroft J,Ulhnan J.The Design and Analysis of Computer Algorithms.Addison-Wesley,Reading,MA,1974.
[97]Chang C C,Horug H J,Buechrer D J.A Cascade Exponentiation Evaluation Scheme Based on the Lernpel-Ziv-Welch Compression Algorithm.Journal of Information Science and Engineering,1995,Vol.11(3),pp.417-431.
[98]Hellman M E.The Mathematics of Public-Key Cryptography.Scientific American,1979,Vol.241(8),pp.146-157.
[99]Merkle R C,Hellman M.Hiding Information and Signatures in Trapdoor Knapsacks.IEEE Transactions on Information Theory,1978,Vol.24(5),pp.525-530.
[100]Zou W,Wu Y.COFDM:An Overview.IEEE Trans on Broadcast,1995,Vol.41(1),pp.1-8.
[101]LAN/MAN Standards Committee of the IEEE Computer Society,High-Speed Physical Layer in the 5GHz Band.IEEE Std 802.11 a,1999-09-16.
[102]卢开澄.计算机密码学.清华大学出版社,1998.
[103]ElGamal T.A Public Key Crptosystem and a Signature Scheme Based on Discrete Logarithms.IEEE Transactions on Information Theory,1985,Vol.31,pp.469-472.
[104]Miller V.Uses of Elliptic Curves in Cryptography.Advances in Cryptology-Cryp -to'85,Lncs 218,1986,pp.417-426.
[105]The Elliptic Curve Digital Signature Algorithm(ECDSA).ANSI X9.62,1998.
[106]张平,纪阳.移动泛在业务环境及其体系架构设计的挑战.北京邮电大学学报,2005,Vol.28(5),pp.1-3.
[107]袁超伟,贾晓芸,黄韬.移动泛在网络中的安全问题.中国新通信,2007,Vol.10,pp.80-82.
[108]Borje Ohlman.Ambient Network Scenarios,2004.https://bscw.ambient-networks.org/bscw/bsce.cgi/0/5635.
[109]IT security techniques-Non-repudiation-part 1:General,ISO/IEC Standard 13888-1,2004.
[110]Stewart Kowalski,Nick Edwards.A Security and Trust Framework for a Wireless World:a Cross Issue Approach,WWRF No.12,Toronto,2004.
[111]Geert Kleinhuis.Security Concepts,Requirements and Architectural Principles,Ambient Networks WP7 report 1,August 2004.
[112]Robert MOskowitz,Pekka Nikander,Petri Jokela,Thomas Henderson.Host Identity Protocol,IETF draft-ietf-hip-based-00,June 2004.
[113]Chandrasiri P,et al.Personal Security Domains.Proceedings of IWWST 2004,April 2004.http://www.cs.mdx.ac.uk/news/Archive04/May04/iwwst04.html
[114]Jun Z,Dake H.ACJT Group Blind Signature Scheme.First International Conference on Communications and Networking.ChinaCom'06,2006,pp.1-6.
[115]Wang G,Bao F,Zhou J A,et al.Security Remarks on a Group Signature Scheme with Member Deletion.Proceeding of Information and Communications Security (ICICS'3).LNCS 2836,Berlin:Spring-verlag,2003,pp.252-265.
[116]吕继强,王新梅.两个基于身份的数字签名方案的安全性改进.通信学报,2003,Vol.24(9),pp.128-131.
[117]王凤和,胡予濮,王春晓.一种基于中国剩余定理的群签名方案的攻击及其改进方案.电子与信息学报,2007,Vol.29(1),pp.182-184.
[118]Chen T S,Hsiao T,Chen T L.An Efficient Threshold Group Signature Scheme.TENCON 2004,2004 IEEE Region 10 Conference.2004,Vol.2,pp.13-16.
[119]刘颖,胡予濮,王飞,卢晓君.一个高效的基于身份的门限签名方案.西安电子科技大学学报,2006,Vol,33(2),pp.311-315.
[120]Johan V,Dawoud S,Stephen M.A Fully Distributed Proactively Secure Threshold-Mulisignature Scheme.IEEE Transaction on Parallel and Distributed Systems.20007,Vol.18,pp.652-575.
[121]Mehta M,Ham L.Efficient One-Time Proxy Signatures.Communications IEE Proceedings.2005,Vol.152(2),pp.129-133.
[122]Ham L.Digital Signature with(t,n)Shared Verification Based on Discrete Logarithms.Electron.Lett,1993,Vol.29(24),pp.2094-2095.
[123]Lee W B,Chang C C.Comment:Digital Signature with(t,n)Shared Verification Based on Discrete Logarithms.Electron.Lett,1995,Vol.31(3),pp.176-177.
[124]Wang M,Zhu Q,Qing L.Shared Verification Signature for Generalized Subsets of Receiving Group.Communications and Information.2005,Vol.2(10),pp.1318-1321.
[125]Jia X Y,Luo S S,Yuan C W.A New Signature Scheme with Shared Verification.The Journal of China Universities of Posts and Telecommunications.2006,Vol.13(2),pp.66-69.
[126]许春香,牛志华,肖国镇.没有可信机构的矢量空间秘密共享-多重签名方案.西安电子科技大学学报,2005,Vol.3(02),pp.225-228.
[127]Shi R H.A(t,n)Threshold Shared Verification Signature Scheme Based on Discrete Logarithms.Journal of computer research & development,2000,Vol.37(3),pp.319-323.
[128]Harn L,Lin C Y,Wu T C.Structured Multisignature Algorithms.Computers and Digital Techniques,2004,Vol.151,pp.231-234.
[129]Wang Y L,Wang L H.A New Type of Digital Multisignature.Computer supported Cooperative Work in Design,2005,Vol.2,pp.750-754.
[130]Jia Xiaoyun,Luo Shoushan,Chen Ping,Yuan Chaowei.A New Digital Signature Scheme.International colloquium on Information Fusion,2007.
[131]贾晓芸,罗守山,袁超伟.一种新的基于离散对数的签名方案,西安电子科技大学学报,2008,Vol.35(2),pp.351-355.
[132]周玉洁,冯登国.公开密钥密码算法及其快速实现.国防工业出版社,2002,9.
[133]王学理,裴定一.椭圆与超椭圆曲线公钥密码的理论与实现.科学出版社,2006,12.
[134]Desmedt Y,Frankel Y.Shared Generation of Authenticators and Signatures.Advances in Cryptology-CRYPTO' 91,Santa Barbara,1991,pp.457-469.
[135]徐秋亮.改进门限RSA数字签名体制.计算机学报,2000,Vol.23(5),pp.449-453.
[136]Xue Qiu-Liang,Chen Tzer-Shyong.An Efficient Threshold RSA Digital Signature Scheme.Applied Mathematics and Computation,2005,Vol.166(1),pp.25-34.
[137]石怡,登国.一类新型(tj,t,n)——群签名方案的设计与分析.编密码学进展——ChinaCrypto 2000.北京:科学出版社,2000,pp.156-159.
[138]陈伟东,冯登国.一类存在特权集的门限群签名方案.软件学报,2005,Vol.16(7),pp.1289-1295.
[139]Paul C,Scott A.Handbook of Applied Cryptography.Publishing House of Electronics Industry,2005,6.
[140]De S M,Quisquater J J,Vedder K.A Signature with Shared Verification Scheme.Advances in Cryptology-CRYPTO'89.Berlin:Springer-Verlag,1989,pp.253-262.
[141]Simmons G J.Anatural Taxonomy for Digital Information Authentication Scheme.Advance in Cryptology-CRYPTO'87.Berlin:Springer-Verlag,1987,pp.269-288.
[142]Ham L.Digital Signature with(t,n)Shared Verification Based on Discrete Logarithms.Electron Lett,1993,Vol.29(24),pp.2094-2095.
[143]Lee W B,Chang C C.Comment:Digital Signature with(t,n)Shared Verification Based on Discrete Logarithms.Electron Lett,1995,Vol.31(3),pp.176-177.
[144]施荣华.基于离散对数的(t,n)门限共享验证签名方案.计算机研究与发展, 2000,Vol.37(3),pp.319-323.
[145]张福泰,赵福祥,王育民.基于可验证秘密分享的共享验证签名方案.西安电子科学大学学报,2002,Vol.29(2),pp.210-214.
[146]Jia X Y,Luo S S,Yuan C W.A New Signature Scheme with Shared Verification.The Journal of China Universities of Posts and Telecommunications,2006,Vol.13(2),pp.66-69.
[147]Rivest R L,Shamir A,Adleman L.A Method for Obtaining Digital Signatures and Public Key Cryptosystem.Communication of ACM,1978,Vol.21,pp.120-126.
[148]Asokan N,Shoup V,Waidner M.Optimistic Fair Exchange of Digital Signatures.In EUROCRYOT'98,1998,Vol.1403,pp.591-606.
[149]蒋尔雄.数值逼近.复旦大学出版社,1996.
[150]Shamir A.How to Share a Secret.Communication ACM,1979,Vol.22(11),pp.612-613.
[151]Blakley G R.Safeguarding Cryptographic Keys.Proceedings of AFIPS 1979National Computer Conference,1979,Vol.48,pp.313-317.
[152]Asmuth C,Bloom J.A Modular Approach to Key Safeguarding.IEEE Transactions on Information Theory,1983,Vol.29,pp.208-210.
[153]Karnin E D,Green J W,Hellman M E.On Sharing Secret System.IEEE Transactions on Information Theory,1983,Vol.29,pp.35-41.
[154]Stadler M.Publicly Verifiable Secret Sharing.Advances in Cryptology,Eurocrypt'96,LNCS 1070[C].Berlin:Springer Verlag,1996,pp.190-199.
[155]Chor B,coldwasser S,Micali S,et al.Verifiable Secret Sharing and Achieving Simultaneity in the Presence of Faults.Proceedings of 26th IEEE Symposium on Foundations of Computer Science.IEEE,1985,pp.383-395.
[156]杨波,孙小蓉,王育民.基于门限方案的密钥托管.西安电子科技大学学报,1998,Vol.25(2),pp.239-241.
[157]Brickell E,Gemmell P,Kravitz D.Trustee-Based Tracing Extensions to Anonymous Cash and the Making of Anonymous Change.In Proceedings of the Sixth Annual ACM-SIAM Symposium on Discrete Algorithms,1995,pp.457-466.
[158]Camenisch J,Piveteau J M,Stadler M.An Efficient Fair Payment System. Proc.3rd ACM Conference on Computer and Communications Security,1996.
[159]Rosen K H.Elementary Number Theory and Its Applications.Addison-Wesley,MA,1993.
[160]何明星,范平志,袁丁.一个可验证的门限多秘密分享方案.电子学报,2002,Vol.30(4),pp.540-543.
[161]Ahmet M.Eskicioglu.A Prepositive Secret Sharing Scheme for Message Authentication in Broadcast Networks.2001.Available at http://www.sci.brooklyn.cuny.edu/~eskicioglu/papers/CMS2001.pdf.
[162]贾晓芸,罗守山,袁超伟.基于RSA的公开验证的多秘密分享方案.通信学报,2006,Vol.27(12A),pp.56-60.