分布式密码协议及公平性研究
|
摘要
分布式密码协议是一种面向多方参与的密码体制,它的目标是将各种关键控制进行分布式安全实现,在现代多用户环境下的安全通信中有着广泛的应用.公平性是分布式密码协议的非常关键的期望目标.在分布式密码协议的实际应用中往往涉及多方,故其公平性就显得尤其重要.由于分布式应用系统的安全需求和公平性问题日益突出,所以分布式密码协议及公平性的研究日趋重要.
论文主要以博弈论、通用可组合理论和双线性对技术为工具,对分布式密码协议及公平性展开研究,研究内容主要涉及可验证秘密共享协议、秘密共享体制的博弈论分析、群组通信的通用可组合机制、安全通信协议的博弈论模型及具有公平性质的秘密共享协议等.具体如下:
(1)在博弈论框架下,基于纳什均衡设计安全通信协议的计算和通信规则.首先,我们提出安全协议的扩展式博弈模型,结合通用可组合安全的思想给出安全通信协议博弈参与者集合、信息集、可行策略、行动序列、参与者函数、效用函数等定义;其次,根据博弈的纳什均衡给出安全通信协议的形式化模型,在该模型下给出协议公平性的新定义,同时通过实例说明模型的有效性;最后,基于该机制给出一个安全通信协议实验,实验数据分析表明该安全通信协议博弈机制的可行性和有效性.
(2)在通用可组合框架下研究群组通信问题.首先,我们在UC框架下分别提出群组通信的理想函数、基于身份签密的理想函数和群密钥分发的理想函数.其次,我们构造了UC安全的基于身份签密协议.同时,我们证明基于身份的签密协议安全实现其理想函数当且仅当相应的基于身份的签密协议IDSC是安全的.最后,利用基于身份的签密协议,提出一种群组通信机制,该机制在混合模型下能安全实现群组通信的理想函数.
(3)在基于椭圆曲线上的双线性对技术,构造一种可验证秘密共享方案.该方案的信息率为2/3,与Pederson的方案(Crypto91)及相关方案相比,该方案在相同的安全级别下具有较高的信息率,从而提高了秘密共享协议的效率.同时,理论上证明该案是信息论安全的.最后,经分析表明,该方案具有更高的安全性和有效性,能更好地满足应用需求.
(4)提出理性第三方的概念,在秘密共享中任何理性的参与者都可以充当“可信中心”来分发秘密信息,这样使秘密共享体制更具普适性.基于博弈论对秘密分发协议进行分析,将其抽象为n个二人博弈.证明在这些博弈中,理性秘密分发者总是选择欺骗各参与者以获得更大的收益,同时提出解决该问题的理性秘密分发机制.最后,基于健忘传输协议提出秘密重构机制,有效解决秘密重构过程中各参与者不合作的问题.
(5)研究秘密共享方案的公平性问题.秘密共享公平性是指在秘密共享的秘密重构阶段,要么每个参加秘密重构的参与者都获得重构的秘密,要么都未得到所重构的秘密.我们利用一种新的方法实现了秘密公平重构.首先从概率的角度给出秘密共享公平性的定义.根据该定义,提出公平秘密共享协议,包括秘密分发协议和秘密重构协议;在三种不同攻击类型下证明协议的公平性和安全性,且协议的安全性不依赖于任何困难性假设.所提方案是Shamir秘密共享方案的扩展,在公平性实现方法上,是Dov Gordon等(STOC2008)公平性方法的扩展.理论分析表明所提公平方案是有效的.
The distributed cryptographic protocol is a cryptosystem of multiparty-oriented par-ticipation. Its goal is to perform various kinds of key controls securely by distribution. Now it is widely used in the multi-user secure communication on Internet. The fairness is one of the key requirements of distributed cryptographic protocol. It is more and more significant to study the distributed cryptographic protocol and fairness, for increasingly urgent secure requirement and fair problem in the distributed application system.
This thesis studies the distributed cryptographic protocol and its fairness based on the game theory, the universally composable security theory and the bilinear pairing, mainly including the verifiable secret sharing, the game-theoretic analysis for the secret shar-ing, the universally composable mechanism for group communication, the game-theoretic mechanism for cryptographic protocol and secret sharing scheme with fairness. The de-tails are as follows:
(1) The rational version of the classical secure communication problem is studied. The goal is to design a general procedure for secure communication among some rational participants. We propose a game theory based formal model for secure communi-cation secure protocols, including the player set, information set, available action, action sequence, player function, and utility function using the idea from universally composable security. Secure protocols can be concurrently run within this rational model. Moreover, the novel notion of fairness is presented according to Nash equi-librium of the communication game and condition of equivalence for fair protocol is given. Analysis shows that our mechanism is effective.
(2) The group communication is analyzed within the universally composable security framework. We first propose the group communication model, identity-based sign-cry tion model and group key distribution model in the UC framework by design-ing the secure authenticated group communication ideal functionality, the identity-based signcryption ideal functionality and the group key distribution ideal func-tionality, respectively. Then, we construct a UC secure identity-based signcryption protocol. Moreover, we shows that the identity-based signcryption securely realizes the ideal functionality if and only if the corresponding protocol IDSC is secure. Finally, based on the identity-based protocol, we propose a group communication scheme, which can securely realize its ideal functionality in the hybrid model.
(3) Based on the bilinear pairing on elliptic curves, a verifiable secret sharing (VSS) is constructed. The information rate of our scheme is2/3. Compared with Pederson's scheme (Crypto91) and the related schemes, our scheme is more efficient under the same security level. At the same time, the security of the scheme is proved theo-retically. The result indicates that the scheme is information-theoretically secure. Finally, the analysis shows that our scheme is more secure and effective than others, and it can be more applicable in practical situations.
(4) The concept of rational trusted party is proposed. Any rational party can play the role of the TTP to distribute the shares in the secret sharing such that it is more suitable for use. As far as we know, it is for the first time to analyze the distribution of shares with game theory in secret sharing scheme. It is formalized as n two-person games. It is proven that rational dealer always selects cheating all players to get more payoffs in these games. Simultaneously, a rational secret distribution mechanism is proposed to solve this problem. Moreover, we construct a mechanism of reconstruction of secret based on oblivious transfer protocol, which solve the problem of players' non-cooperation in the reconstruction phase.
(5) The fairness problem of secret reconstruction in a secret sharing scheme is studied. In the setting of secret sharing, one desirable property is fairness, which guarantees that if there is a player getting the secret in the recovery phase, then each player participating in the reconstruction process does too. We propose a new approach to achieve the fairness of secret sharing. We first define the fairness of secret sharing probabilistically. Based on this definition, a fair secret sharing scheme is proposed, its security and fairness are shown against three different attack types and do not depend upon any unproven intractability assumption. Our scheme is an extension of Shamir's secret sharing scheme and the approach of fairness of Dov Gordon et al.(STOC2008). Theoretical analysis shows that our proposed scheme is more efficient.
论文主要以博弈论、通用可组合理论和双线性对技术为工具,对分布式密码协议及公平性展开研究,研究内容主要涉及可验证秘密共享协议、秘密共享体制的博弈论分析、群组通信的通用可组合机制、安全通信协议的博弈论模型及具有公平性质的秘密共享协议等.具体如下:
(1)在博弈论框架下,基于纳什均衡设计安全通信协议的计算和通信规则.首先,我们提出安全协议的扩展式博弈模型,结合通用可组合安全的思想给出安全通信协议博弈参与者集合、信息集、可行策略、行动序列、参与者函数、效用函数等定义;其次,根据博弈的纳什均衡给出安全通信协议的形式化模型,在该模型下给出协议公平性的新定义,同时通过实例说明模型的有效性;最后,基于该机制给出一个安全通信协议实验,实验数据分析表明该安全通信协议博弈机制的可行性和有效性.
(2)在通用可组合框架下研究群组通信问题.首先,我们在UC框架下分别提出群组通信的理想函数、基于身份签密的理想函数和群密钥分发的理想函数.其次,我们构造了UC安全的基于身份签密协议.同时,我们证明基于身份的签密协议安全实现其理想函数当且仅当相应的基于身份的签密协议IDSC是安全的.最后,利用基于身份的签密协议,提出一种群组通信机制,该机制在混合模型下能安全实现群组通信的理想函数.
(3)在基于椭圆曲线上的双线性对技术,构造一种可验证秘密共享方案.该方案的信息率为2/3,与Pederson的方案(Crypto91)及相关方案相比,该方案在相同的安全级别下具有较高的信息率,从而提高了秘密共享协议的效率.同时,理论上证明该案是信息论安全的.最后,经分析表明,该方案具有更高的安全性和有效性,能更好地满足应用需求.
(4)提出理性第三方的概念,在秘密共享中任何理性的参与者都可以充当“可信中心”来分发秘密信息,这样使秘密共享体制更具普适性.基于博弈论对秘密分发协议进行分析,将其抽象为n个二人博弈.证明在这些博弈中,理性秘密分发者总是选择欺骗各参与者以获得更大的收益,同时提出解决该问题的理性秘密分发机制.最后,基于健忘传输协议提出秘密重构机制,有效解决秘密重构过程中各参与者不合作的问题.
(5)研究秘密共享方案的公平性问题.秘密共享公平性是指在秘密共享的秘密重构阶段,要么每个参加秘密重构的参与者都获得重构的秘密,要么都未得到所重构的秘密.我们利用一种新的方法实现了秘密公平重构.首先从概率的角度给出秘密共享公平性的定义.根据该定义,提出公平秘密共享协议,包括秘密分发协议和秘密重构协议;在三种不同攻击类型下证明协议的公平性和安全性,且协议的安全性不依赖于任何困难性假设.所提方案是Shamir秘密共享方案的扩展,在公平性实现方法上,是Dov Gordon等(STOC2008)公平性方法的扩展.理论分析表明所提公平方案是有效的.
The distributed cryptographic protocol is a cryptosystem of multiparty-oriented par-ticipation. Its goal is to perform various kinds of key controls securely by distribution. Now it is widely used in the multi-user secure communication on Internet. The fairness is one of the key requirements of distributed cryptographic protocol. It is more and more significant to study the distributed cryptographic protocol and fairness, for increasingly urgent secure requirement and fair problem in the distributed application system.
This thesis studies the distributed cryptographic protocol and its fairness based on the game theory, the universally composable security theory and the bilinear pairing, mainly including the verifiable secret sharing, the game-theoretic analysis for the secret shar-ing, the universally composable mechanism for group communication, the game-theoretic mechanism for cryptographic protocol and secret sharing scheme with fairness. The de-tails are as follows:
(1) The rational version of the classical secure communication problem is studied. The goal is to design a general procedure for secure communication among some rational participants. We propose a game theory based formal model for secure communi-cation secure protocols, including the player set, information set, available action, action sequence, player function, and utility function using the idea from universally composable security. Secure protocols can be concurrently run within this rational model. Moreover, the novel notion of fairness is presented according to Nash equi-librium of the communication game and condition of equivalence for fair protocol is given. Analysis shows that our mechanism is effective.
(2) The group communication is analyzed within the universally composable security framework. We first propose the group communication model, identity-based sign-cry tion model and group key distribution model in the UC framework by design-ing the secure authenticated group communication ideal functionality, the identity-based signcryption ideal functionality and the group key distribution ideal func-tionality, respectively. Then, we construct a UC secure identity-based signcryption protocol. Moreover, we shows that the identity-based signcryption securely realizes the ideal functionality if and only if the corresponding protocol IDSC is secure. Finally, based on the identity-based protocol, we propose a group communication scheme, which can securely realize its ideal functionality in the hybrid model.
(3) Based on the bilinear pairing on elliptic curves, a verifiable secret sharing (VSS) is constructed. The information rate of our scheme is2/3. Compared with Pederson's scheme (Crypto91) and the related schemes, our scheme is more efficient under the same security level. At the same time, the security of the scheme is proved theo-retically. The result indicates that the scheme is information-theoretically secure. Finally, the analysis shows that our scheme is more secure and effective than others, and it can be more applicable in practical situations.
(4) The concept of rational trusted party is proposed. Any rational party can play the role of the TTP to distribute the shares in the secret sharing such that it is more suitable for use. As far as we know, it is for the first time to analyze the distribution of shares with game theory in secret sharing scheme. It is formalized as n two-person games. It is proven that rational dealer always selects cheating all players to get more payoffs in these games. Simultaneously, a rational secret distribution mechanism is proposed to solve this problem. Moreover, we construct a mechanism of reconstruction of secret based on oblivious transfer protocol, which solve the problem of players' non-cooperation in the reconstruction phase.
(5) The fairness problem of secret reconstruction in a secret sharing scheme is studied. In the setting of secret sharing, one desirable property is fairness, which guarantees that if there is a player getting the secret in the recovery phase, then each player participating in the reconstruction process does too. We propose a new approach to achieve the fairness of secret sharing. We first define the fairness of secret sharing probabilistically. Based on this definition, a fair secret sharing scheme is proposed, its security and fairness are shown against three different attack types and do not depend upon any unproven intractability assumption. Our scheme is an extension of Shamir's secret sharing scheme and the approach of fairness of Dov Gordon et al.(STOC2008). Theoretical analysis shows that our proposed scheme is more efficient.
引文
[1]Abraham I, Dolev D, et al. Distributed computing meets game theory:robust mechanisms for rational secret sharing and multiparty computation. Proceedings of the 25th Annual ACM Symposium on Principles of Distributed Computing. New York, USA:ACM,2006, 53-62.
[2]Aho, Ullman J. The design and analysis of computer algorithms. Reading, MA:Addison-Wesley,1974.
[3]Anderson R, Moore T. The economics of information security:A survey and open ques-tions. Science 27 October 2006,314(5799):610-613.
[4]Asharov G, Lindell Y, et al. Utility dependence in correct and fair rational secret sharing. CRYPTO2009. Heidelberg:Springer,2009,559-576.
[5]Asmuth C, Bloom J. A modular approach to key safeguarding. IEEE Trans. Information Theory,1983,29(2):208-210.
[6]Asokan N, Schunter M and Waidner M. Optimistic Protocols for Fair Exchange,1998.
[7]Asokan N, Shoup V and Waidner M. Optimistic fair exchange of digital signatures. IEEE J. Selected Areas in Comm,2000,18(4):593-610
[8]Beaver D. Foundations of secure interactive computing.1991.
[9]Ben-Or M, Goldwasser S and Wigderson A. Completeness theorems for non-cryptographic fault-tolerant distributed computation,1988.
[10]Blakley G. R. Safeguarding cryptographic keys. In:Proceedings of the National Computer Conference, AFIPS,1979, (48):313-317
[11]Blum M. How to exchange (secret) keys,1983.
[12]Brandt F, Sandholm T. Correctness and pricvacy in distributed mechanisms. Proceedings of the Agent-Mediated Electronic CommerceWorkshop, New York (2004).
[13]Bonch D, Noar M. Timed Commitments,2000.
[14]Boneh D, Franklin M. Identity based encryption from the Weil pairing. Extended Abstract in Crypto 2001.2001,586-615.
[15]Boneh D, Lynn B and Shacham H. Short signatures from the Weil Pairing. Proceedings of Asiacrypt 2001.
[16]Buttyan L, Hubaux J. Toward a formal model of fair exchange-a game theoretic approach, Technical Report EPFL SSC/1999/039, Laboratory of Computer Communications and Applications, Swiss Federal Institute of Technology-Lausanne(1999).
[17]Buttyan L, Hubaux J. Rational exchange-A formal model based on game theory,2nd International Workshop on Electronic Commerce, Heidelberg, Germany,2001,16-17.
[18]Caballero Gil P, Herandez Goya C and Bruno Castaneda C. A rational approach to cryp-tographic protocols. Mathematical and Computer Modeling. Volume 46, Issues 1-2, July 2007, Pages 80-87.
[19]Cachin C, Camenisch J. Optimistic fair secure computation,2000.
[20]Canetti R. Security and composition of multiparty cryptographic protocols.2000.
[21]Canetti R. Universally composable security:A new paradigm for cryptographic protocols. A revised version (2005) is available at IACR Eprint Archive, http://eprint.iacr.org/ 2000/067.
[22]Chadha R, Mitchell J C, et al. Contract signing, optimism and advantage, Proceedings of CONCUR2003. Lecture Notes in Computer Science 2761, Springer-Verlag,2003,366-382.
[23]Chan C W, Chang C C.A scheme for threshold multi-secret sharing. Applied Mathematics and Computation,2005,166(1):1-14.
[24]Chang T Y, Hwang M S, et al. An improvement on the LinWu (t, n) threshold verifiable multi-secret sharing scheme. Applied Mathematics and Computation,2005,163(1):169-178.
[25]Chor B, Goldwasser S, et al. Verifiable secret sharing and achieving simultaneity in the presence of faults. In:Proc.26th IEEE Symposium on Foundations of Computer Sciences (FOCS'85). Los Angeles:IEEE Computer Society,1985,383-395.
[26]Chaum D, Crepeau C and Damgard I. Multiparty unconditionally secure protocols (ex-tended abstract). In:Proc.20th ACM Symp. On the Theory of Computing,1988.11-19.
[27]Chen X, Tian Y L, Li X H, and Ma J F. Trusted routing based on identity-based threshold signature for opportunistic networks. China Communications,2011,8(4):132-140.
[28]Cleve R. Limits on the security of coin flips when half the processors are faulty. In 18th STOC,1986,364-369.
[29]Damgard I B. Practical and provably secure release of a secret and exchange of signatures, 1995.
[30]Diffie W, Hellman M E. New directions in cryptography. IEEE Transactions on Information Theory,1976,22 (6):644-654.
[31]Dodis Y, Halevi S andRabin T. A cryptographic solution to a game theo-retic problem. Proceedings of CRYPTO'2000, Lecture Notes in Computer Science 1880, Springer,2000, 112-131.
[32]Dodis Y, Rabin T. Cryptography and game theory. In N. Nisan, T. Roughgarden, E. Tardos, and V. Vazirani, editors, Algorithmic Game Theory. Cambridge Uni-versity Press, 2007,181-207
[33]Dov Gordon S, Katz J. Rational secret sharing, revisited. Security and Cryptography for Networks,2006,229-241.
[34]Dov Gordon S. Hazay C and Katz J. Complete fairness in secure two-party computation. In STOC'08,2008,17-26.
[35]Dov Gordon S. Katz J. Complete fairness in multi-party computation without an honest majority. Theory of Cryptography,2009,5444:19-35.
[36]Dov Gordon S, Katz J. Partial fairness in secure two-party computation. In EUROCRYPT 2010, Springer-Verlag,2010,6110:157-176
[37]Dov Gordon S, Ishai Y, et al. On complete primitives for fairness. In TCC2010, IEEE, 2010,91-108.
[38]Feldman P. A practical scheme for non-interactive verifiable secret sharing. In Proc.28th IEEE Symposium on Foundations of Computer Science (FOCS'87), IEEE Computer Society,1987,427-437.
[39]Feng T, Li F H, Ma J F, et al. A new approach for UC security concurrent deniable authentication. Sci China Inf Sci,2008,51:352-367.
[40]Fiat A, Naor M. Broadcast encryption, in:CRYPTO1993,1993,773:480-491.
[41]Fischer M,Wright R. An application of game-theoretic techniques to cryptography, Ad-vances in Computational Complexity Theory, DIMACS Series in Discrete Mathematics and Theoretical Computer Science Volume 13, American Mathematical Society,1993,99-118.
[42]Fitzi M, Gottesman D, et al. Detectable Byzantine agreement secure against faulty ma-jorities,2002.
[43]Fuchsbauer G, Katz J and Naccache D. Effcient rational secret sharing in standard com-munication networks. TCC 2010, LNCS 5978,2010,419-436.
[44]Fudenberg D, Tirole J. Game theory. MIT Press,1992.
[45]Fujisaki E, Okamoto T. A practical and provably secure scheme for publicly verifiable secret sharing and its applications. In Advances in Cryptology-EUROCRYPT'98, volume 1403 of Lecture Notes in Computer Science, pages 32-46, Berlin,1998. Springer-Verlag.
[46]Garay J A, Jakobsson M and MacKenzie P D. Abuse-free optimistic contract signing, Proceedings of CRYPTO'99, Lecture Notes in Computer Science 1666, Springer,2000, 449-466.
[47]Garay, Pomerance. Timed fair exchange of standard signatures,2003.
[48]Goldreich O, Micali S and Wigderson A. How to play any mental game. In:Proc.19th ACM Symp. On the Theory of Computing.1987,218-229.
[49]Goldreich O, Micali S and Wigderson A. How to solve any protocol problem,1987.
[50]Goldwasser S, Levin L. Fair computation of general functions in presence of immoral majority. In Advances in Cryptology-CRYPTO'90 volume 537 of LNCS. Springer-Verlag, 1990.
[51]Goldwasser S, Levin L. Fair Computation of General Functions,1991.
[52]Goldwasser S, Lindell Y. Secure computation without agreement,2002.
[53]Gossner O. Repeated games played by cryptographically sophisticated players, Technical Report Paper 9836, Catholique de Louvain-Center for Operations Research and Economic-s,1999.
[54]Halpern J, Teague V. Rational secret sharing and multiparty computation:extended abstract. Proceedings of the 36th Annual ACM Symposium on Theory of Computing. New York, USA:ACM,2004,623-632
[55]Harm L. Efficient sharing (Broadcasting) of multiple secrets. IEE Proc Comput Digital Tech.,1995,142(3):237-240.
[56]Harn L, Lin C. Detection and identification of cheaters in (t, n) secret sharing scheme. Designs, Codes and Cryptography,2009,52(1):15-24.
[57]He J, Dawson E. How to fairly reconstruct a shared secret. Proceedings of the International Conference on Cryptography:Policy and Algorithms,1995,115-124.
[58]Hwang R J, Chang C C. An on-line secret sharing scheme for multi-secrets. Computer Communications,1998,21(13):1170-1176.
[59]Hwang R J, Chang C C. An improved threshold scheme based on modular arithmetic. Journal of Information Science and Engineering,1999,15(5):691-699.
[60]Hur J, Park C and Yoon H. Chosen ciphertext secure authenticated group communica-tion using identity-based signcryption. Computers and Mathematics with Applications, 2010,60(2):362-375.
[61]Ito M, Saito A and Nishizeki T. Secret sharing scheme realizing general access structure. IEEE Globcom'87, Tokyo Japan,1987:99-102.
[62]Izmalkov S, Micali S and Lepinski M. Rational secure computation and ideal mechanis-m design. In Foundations of Computer Science,2005. FOCS 2005.46th Annual IEEE Symposium on,2005,585-594.
[63]Jiang Q, Ma J F, Li G S, and Yang L. An enhanced authentication scheme with anonymity for roaming service in global mobility networks. Wireless Personal Communications,2012, DOI:10.1007/s11277-012-0535-4.
[64]Ji W J, Ma J F, Ma Z, and Tian Y L. Tree-based proactive routing protocol for wireless Mesh network, China. Communications,2012,9(1):25-33.
[65]Jou X. A one round protocol for tripartite Diffie-Hellman. Proceedings of ANTS 4.2000, 1838:385-394.
[66]Katz J. Bridging game theory and cryptography:Recent results and future directions. In 5th Theory of Cryptography Conference (TCC2008), volume 4948 of LNCS, Springer, 2008,251-272.
[67]Kol G, Naor M. Games for exchanging information. In Proceedings of the 40th annual ACM symposium on Theory of computing,2008,423-432.
[68]Kol G, Naor M. Cryptography and game theory:Designing protocols for exchanging information. In:Canetti, R. (ed.) TCC 2008. LNCS, vol.4948,320-339. Springer, Heidel-berg (2008).
[69]Kremer S, Raskin J F. Game analysis of abuse-free contract signing, Computer Security Foundations Workshop, Canada,2002.
[70]Lee Y C, Laih C S. A V-fainess (t, n) secret sharing Scheme. In IEE Proceeding Comouters and Digital Techniques, Vol.144, No.1,1997, pages 23-27.
[71]Lin H Y, Harn L. Fair reconstruction of a secret. Information Processing Letters,1995, 55:45-47.
[72]Lin X.-J, Wu C.-K and Liu F. Analysis of an authenticated identity-based multicast scheme, IET Communications,2008,2(7):935-937.
[73]Lysyanskaya A, Triandopoulos N. Rationality and adversarial behavior in multiparty com-putation. Advances in Cryptology-CRYPTO 2006,2006,180-197.
[74]Maleka S, Amjed S and Pandu Rangan C. The deterministic protocol for rational secret sharing. In:SSN 2008:The 4th International Workshop on Security in Systems and Networks.
[75]Maleka S, Shareef A and Pandu Rangan C. Rational secret sharing with repeated games, ISPEC 2008, LNCS 4991,2008,334-346.
[76]Malone Lee J. Identity-based signcrytion. Avalable online:http://www.signcryption.org/ publications/pdffiles/MaloneLee-eprint2002-098.pdf.
[77]Micali S, Rogaway P. Secure computation,1991.
[78]Micali S. Certified E-mail with invisible post offices-or-a low-cost, low-congestion, and low-liability certified E-mail system,1997.
[79]Mtompa H. How to share a secret with cheaters. Journal of Cryptology,1988,1(2):133-138.
[80]Morillo P, et al. Some trends for future research in distributed cryptography, http://www-mat.upc.es/grup-de-cripto/.
[81]Mu Y, Susilo W, et al. Identity-based authenticated broadcast encryption and distributed authenticated encryption, in:ASIAN, in:LNCS,2004,3321:169-181.
[82]Osborne M. An introduction to game theory. Oxfor:Oxford University Press,2004
[83]Ong S J, Parkes D V, et al. Fairness with an honest minority and a rational majority, TCC 2009, LNCS 5444,2009,36-53.
[84]Pedersen T P. Non-interactive and information-theoretic secure verifiable secret sharing. In Advances in Cryptology-CRYPTO'91, volume 576 of Lecture Notes in Computer Science, Berlin, Springer-Verlag,1992,129-140
[85]Pedersen T P. Distributed provers and verifiable secret sharing based on the discrete log-arithm problem. PhD thesis, Aarhus University, Computer Science Department, Aarhus, Denmark, March 1992.
[86]Peng C G, Li X. An identity-based threshold signcryption scheme with semantic security. CIS 2005,3802, Berlin:Springer-Verlag,2005,173-179.
[87]Peng C G, Li X. Threshold signcryption scheme based on elliptic curve cryptosystem and verifiable secret sharing. WCNM 2005.1136-1139. IEEE Communication Society,2005.
[88]Pfitzmann B, Waidner M. A model for asynchronous reactive systems and its application to secure message transmission,2001.
[89]Pinkas. Fair secure two-party computation,2003.
[90]Rabin T, Ben-Or M. Veriable secret sharing and multiparty protocols with honest majority, 1989.
[91]Sandholm T, Wang X. (Im)possibility of safe exchange mechanism design. Proceedings of National Conference on Artificial Intelligence,2002,338-344.
[92]Schoenmakers B. A simple publicly verifiable secret sharing scheme and its application to electronic voting. In:M. Wiener ed., Advances in Cryptology-Crypto:99 Proceedings, LNCS 1666. Berlin:Springer-Verlag,1999,148-164.
[93]Shamir A. How to share a secret. Communications of the ACM,1979,22(11):612-613.
[94]Shannon C E. Communication theory of secrecy systems. Bell System Technical Journal, 1949,28 (4):656-715.
[95]Shi R, H, Zhong H, Huang L S. A (t,n)-threshold verified multi-secret sharing scheme based on ECDLP. Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computting.2007,9-13.
[96]Stadler M. Publicly verifiable secret sharing. In Advances in Cryptology-EUROCRYPT'96, Berlin, Springer-Verlag,1996,1070:190-199.
[97]Tian Y L, Peng C G, et al. A practical publicly verifiable secret sharing scheme based on bilinear pairing. Proceedings of the 2nd International of Conference on Anti-counterfeiting, Security, and Identification (2008ASID). Guiyang, China.2008,71-75
[98]Tian Y L, Ma J F, et al. One-time rational secret sharing scheme based on Bayesian game. Wuhan University Joural of Natural Sciences,2011,16(5):430-434.
[99]Tian Y L, Peng C G and Ma J F. Publicly verifiable secret sharing scheme using bilinear pairings. International Journal of Network Security,2012,14(1):116-122.
[100]Tompa M, Woll H. How to share a secret with cheaters. J. of Cryptology,1988,133-138.
[101]Wang L, Wu C.-K, Efficient identity-based multicast scheme from bilinear pairing, IEE Proceedings. Communications,2005,152(6):877-882.
[102]Wang S J, Tsai Y R and Shen J J. Dynamic threshold multi-secret sharing scheme us-ing elliptic curve and bilinear paring.2008 Second International Conference on Future Generation Communication and Networking.2008.405-410.
[103]Yao A C. Protocols for secure computations. In:Proc.23rd IEEE Symp. On the Foun-dation of Computer Science, IEEE,1982,160-164.
[104]Zhang F, Ma J F and Moon S J. Universally composable anonymous Hash certification model. Sci China Ser F-Inf Sci,2007,50:440-455.
[105]Zhang J W, Ma J F and Moon S J. Universally composable secure TNC model and EAP-TNC protocol in IF-T. Sci China Inf Sci,2010,53:465-482.
[106]Zhang J W. Ma J F and Moon S J. Universally composable one-time signature and broad-cast authentication. Sci China Inf Sci,2010,53:567-580.
[107]Zhang Z F. Rational secret sharing as extensive game. Avalable online:http://eprint.iacr. org/2010/184.
[108]Zhang Z F. Unconditionally secure rational secret sharing in standard communication networks. Avalable online:http://eprint.iacr.org/2010/462.
[109]陈晶,杜瑞颖,王丽娜,田在荣.网络环境下一种基于概率密度的信任博弈模型.电子学报,2010,38(2):427-433.
[110]陈曦.机会网络安全路由与密钥管理方案研究.西安:博士学位论文,西安电科技大学,2012.
[111]Douglas R. Stinson密码学原理与实践(第二版).北京:电子工业出版社,2003.
[112]冯涛,马建峰.无线传感器网络密钥种子管理和分配模型及应用.计算机研究与发展,2008,45(1):146-153.
[113]李大伟,杨庚,俞昌国.理性参与者秘密共享方案研究综述.南京邮电大学学报(自然科学版),2010,30(2):89-94.
[114]李慧贤,庞辽军.基于双线性变换的可证明安全的秘密共享方案.通信学报,2008,29(10):45-49.
[115]刘木兰.张志芳.密钥共享与安全多方计算.北京:电子工业出版社,2008.
[116]罗文俊,李祥.多方安全矩阵乘积协议及应用.计算机学报,2005,28(7):1230-1235.
[117]姜奇,马建峰,李光松,马卓.基于WAPI的WLAN与3G网络安全融合.计算机学报,2010,33(9):1675-1685.
[118]姜奇,马建峰,李光松,刘宏月.基于身份的异构无线网络匿名漫游协议.通信学报,2010,31(10):138-145.
[119]姜奇.异构无线网络中匿名漫游研究.西安:博士学位论文,西安电科技大学,2011.
[120]毛文波著;王继林,武前红等译;工益民,姜正涛审校.现代密码学理论与实践.北京:电子工业出版社,2004.
[121]彭长根.面向群体的数字签名、签密和签约的理论和应用研究.贵阳:贵州大学博士学位论文,2007.
[122]彭长根,李祥,罗文俊.一种面向群组通信的通用门限签密方案.电子学报,2007,35(1):64-67.
[123]卿斯汉,李改成.多方公平交换协议的形式化分析和设计.中国科学E辑,2006,36(6):598-616.
[124]沈昌祥,张焕国,冯登国等.信息安全综述.中国科学E辑,2007,37(2):129-150.
[125]田有亮,彭长根.基于双线性对的可验证秘密共享方案.计算机应用,2007,27(B12):125-127.
[126]田有亮,彭长根.基于双线性对的可验证秘密共享方案及其应用.计算机工程,2009,35(10):158-161.
[127]田有亮,马建峰,彭长根.基于双线性Diffie-Hellman(?)司题的可验证秘密共享方案.2009年中国密码学会议.广州:科学出版社,2009,170-179.
[128]田有亮.基于双线性对的分布式密码系统与应用研究.贵阳:硕士学位论文,贵州大学,2009.
[129]田有亮,马建峰,彭长根,姬文江.秘密共享体制的博弈论分析.电子学报,2011,39(12):2790-2795.
[130]田有亮,马建峰,彭长根,陈曦.椭圆曲线上的信息论安全的可验证秘密共享方案.通信学报,2011,32(12):96-102.
[131]王磊,祝跃飞.分布式密码的体系结构和研究内容.电子与信息学报,2005,27(1):146-149.
[132]徐海霞,李宝.分布式密钥分发方案的安全性证明.软件学报,2005,16(4):570-576.
[133]张俊伟.密码协议的可组合安全.西安:博士学位论文,西安电子科技大学,2010.
[134]张志芳,刘木兰.理性密钥共享的扩展博弈模型.中国科学:信息科学,2012,42:32-46.
[135]朱建明Srinivasan Raghunathan基于博弈论的信息安全技术评价模型.计算机学报,2009,32(4):828-834.
[2]Aho, Ullman J. The design and analysis of computer algorithms. Reading, MA:Addison-Wesley,1974.
[3]Anderson R, Moore T. The economics of information security:A survey and open ques-tions. Science 27 October 2006,314(5799):610-613.
[4]Asharov G, Lindell Y, et al. Utility dependence in correct and fair rational secret sharing. CRYPTO2009. Heidelberg:Springer,2009,559-576.
[5]Asmuth C, Bloom J. A modular approach to key safeguarding. IEEE Trans. Information Theory,1983,29(2):208-210.
[6]Asokan N, Schunter M and Waidner M. Optimistic Protocols for Fair Exchange,1998.
[7]Asokan N, Shoup V and Waidner M. Optimistic fair exchange of digital signatures. IEEE J. Selected Areas in Comm,2000,18(4):593-610
[8]Beaver D. Foundations of secure interactive computing.1991.
[9]Ben-Or M, Goldwasser S and Wigderson A. Completeness theorems for non-cryptographic fault-tolerant distributed computation,1988.
[10]Blakley G. R. Safeguarding cryptographic keys. In:Proceedings of the National Computer Conference, AFIPS,1979, (48):313-317
[11]Blum M. How to exchange (secret) keys,1983.
[12]Brandt F, Sandholm T. Correctness and pricvacy in distributed mechanisms. Proceedings of the Agent-Mediated Electronic CommerceWorkshop, New York (2004).
[13]Bonch D, Noar M. Timed Commitments,2000.
[14]Boneh D, Franklin M. Identity based encryption from the Weil pairing. Extended Abstract in Crypto 2001.2001,586-615.
[15]Boneh D, Lynn B and Shacham H. Short signatures from the Weil Pairing. Proceedings of Asiacrypt 2001.
[16]Buttyan L, Hubaux J. Toward a formal model of fair exchange-a game theoretic approach, Technical Report EPFL SSC/1999/039, Laboratory of Computer Communications and Applications, Swiss Federal Institute of Technology-Lausanne(1999).
[17]Buttyan L, Hubaux J. Rational exchange-A formal model based on game theory,2nd International Workshop on Electronic Commerce, Heidelberg, Germany,2001,16-17.
[18]Caballero Gil P, Herandez Goya C and Bruno Castaneda C. A rational approach to cryp-tographic protocols. Mathematical and Computer Modeling. Volume 46, Issues 1-2, July 2007, Pages 80-87.
[19]Cachin C, Camenisch J. Optimistic fair secure computation,2000.
[20]Canetti R. Security and composition of multiparty cryptographic protocols.2000.
[21]Canetti R. Universally composable security:A new paradigm for cryptographic protocols. A revised version (2005) is available at IACR Eprint Archive, http://eprint.iacr.org/ 2000/067.
[22]Chadha R, Mitchell J C, et al. Contract signing, optimism and advantage, Proceedings of CONCUR2003. Lecture Notes in Computer Science 2761, Springer-Verlag,2003,366-382.
[23]Chan C W, Chang C C.A scheme for threshold multi-secret sharing. Applied Mathematics and Computation,2005,166(1):1-14.
[24]Chang T Y, Hwang M S, et al. An improvement on the LinWu (t, n) threshold verifiable multi-secret sharing scheme. Applied Mathematics and Computation,2005,163(1):169-178.
[25]Chor B, Goldwasser S, et al. Verifiable secret sharing and achieving simultaneity in the presence of faults. In:Proc.26th IEEE Symposium on Foundations of Computer Sciences (FOCS'85). Los Angeles:IEEE Computer Society,1985,383-395.
[26]Chaum D, Crepeau C and Damgard I. Multiparty unconditionally secure protocols (ex-tended abstract). In:Proc.20th ACM Symp. On the Theory of Computing,1988.11-19.
[27]Chen X, Tian Y L, Li X H, and Ma J F. Trusted routing based on identity-based threshold signature for opportunistic networks. China Communications,2011,8(4):132-140.
[28]Cleve R. Limits on the security of coin flips when half the processors are faulty. In 18th STOC,1986,364-369.
[29]Damgard I B. Practical and provably secure release of a secret and exchange of signatures, 1995.
[30]Diffie W, Hellman M E. New directions in cryptography. IEEE Transactions on Information Theory,1976,22 (6):644-654.
[31]Dodis Y, Halevi S andRabin T. A cryptographic solution to a game theo-retic problem. Proceedings of CRYPTO'2000, Lecture Notes in Computer Science 1880, Springer,2000, 112-131.
[32]Dodis Y, Rabin T. Cryptography and game theory. In N. Nisan, T. Roughgarden, E. Tardos, and V. Vazirani, editors, Algorithmic Game Theory. Cambridge Uni-versity Press, 2007,181-207
[33]Dov Gordon S, Katz J. Rational secret sharing, revisited. Security and Cryptography for Networks,2006,229-241.
[34]Dov Gordon S. Hazay C and Katz J. Complete fairness in secure two-party computation. In STOC'08,2008,17-26.
[35]Dov Gordon S. Katz J. Complete fairness in multi-party computation without an honest majority. Theory of Cryptography,2009,5444:19-35.
[36]Dov Gordon S, Katz J. Partial fairness in secure two-party computation. In EUROCRYPT 2010, Springer-Verlag,2010,6110:157-176
[37]Dov Gordon S, Ishai Y, et al. On complete primitives for fairness. In TCC2010, IEEE, 2010,91-108.
[38]Feldman P. A practical scheme for non-interactive verifiable secret sharing. In Proc.28th IEEE Symposium on Foundations of Computer Science (FOCS'87), IEEE Computer Society,1987,427-437.
[39]Feng T, Li F H, Ma J F, et al. A new approach for UC security concurrent deniable authentication. Sci China Inf Sci,2008,51:352-367.
[40]Fiat A, Naor M. Broadcast encryption, in:CRYPTO1993,1993,773:480-491.
[41]Fischer M,Wright R. An application of game-theoretic techniques to cryptography, Ad-vances in Computational Complexity Theory, DIMACS Series in Discrete Mathematics and Theoretical Computer Science Volume 13, American Mathematical Society,1993,99-118.
[42]Fitzi M, Gottesman D, et al. Detectable Byzantine agreement secure against faulty ma-jorities,2002.
[43]Fuchsbauer G, Katz J and Naccache D. Effcient rational secret sharing in standard com-munication networks. TCC 2010, LNCS 5978,2010,419-436.
[44]Fudenberg D, Tirole J. Game theory. MIT Press,1992.
[45]Fujisaki E, Okamoto T. A practical and provably secure scheme for publicly verifiable secret sharing and its applications. In Advances in Cryptology-EUROCRYPT'98, volume 1403 of Lecture Notes in Computer Science, pages 32-46, Berlin,1998. Springer-Verlag.
[46]Garay J A, Jakobsson M and MacKenzie P D. Abuse-free optimistic contract signing, Proceedings of CRYPTO'99, Lecture Notes in Computer Science 1666, Springer,2000, 449-466.
[47]Garay, Pomerance. Timed fair exchange of standard signatures,2003.
[48]Goldreich O, Micali S and Wigderson A. How to play any mental game. In:Proc.19th ACM Symp. On the Theory of Computing.1987,218-229.
[49]Goldreich O, Micali S and Wigderson A. How to solve any protocol problem,1987.
[50]Goldwasser S, Levin L. Fair computation of general functions in presence of immoral majority. In Advances in Cryptology-CRYPTO'90 volume 537 of LNCS. Springer-Verlag, 1990.
[51]Goldwasser S, Levin L. Fair Computation of General Functions,1991.
[52]Goldwasser S, Lindell Y. Secure computation without agreement,2002.
[53]Gossner O. Repeated games played by cryptographically sophisticated players, Technical Report Paper 9836, Catholique de Louvain-Center for Operations Research and Economic-s,1999.
[54]Halpern J, Teague V. Rational secret sharing and multiparty computation:extended abstract. Proceedings of the 36th Annual ACM Symposium on Theory of Computing. New York, USA:ACM,2004,623-632
[55]Harm L. Efficient sharing (Broadcasting) of multiple secrets. IEE Proc Comput Digital Tech.,1995,142(3):237-240.
[56]Harn L, Lin C. Detection and identification of cheaters in (t, n) secret sharing scheme. Designs, Codes and Cryptography,2009,52(1):15-24.
[57]He J, Dawson E. How to fairly reconstruct a shared secret. Proceedings of the International Conference on Cryptography:Policy and Algorithms,1995,115-124.
[58]Hwang R J, Chang C C. An on-line secret sharing scheme for multi-secrets. Computer Communications,1998,21(13):1170-1176.
[59]Hwang R J, Chang C C. An improved threshold scheme based on modular arithmetic. Journal of Information Science and Engineering,1999,15(5):691-699.
[60]Hur J, Park C and Yoon H. Chosen ciphertext secure authenticated group communica-tion using identity-based signcryption. Computers and Mathematics with Applications, 2010,60(2):362-375.
[61]Ito M, Saito A and Nishizeki T. Secret sharing scheme realizing general access structure. IEEE Globcom'87, Tokyo Japan,1987:99-102.
[62]Izmalkov S, Micali S and Lepinski M. Rational secure computation and ideal mechanis-m design. In Foundations of Computer Science,2005. FOCS 2005.46th Annual IEEE Symposium on,2005,585-594.
[63]Jiang Q, Ma J F, Li G S, and Yang L. An enhanced authentication scheme with anonymity for roaming service in global mobility networks. Wireless Personal Communications,2012, DOI:10.1007/s11277-012-0535-4.
[64]Ji W J, Ma J F, Ma Z, and Tian Y L. Tree-based proactive routing protocol for wireless Mesh network, China. Communications,2012,9(1):25-33.
[65]Jou X. A one round protocol for tripartite Diffie-Hellman. Proceedings of ANTS 4.2000, 1838:385-394.
[66]Katz J. Bridging game theory and cryptography:Recent results and future directions. In 5th Theory of Cryptography Conference (TCC2008), volume 4948 of LNCS, Springer, 2008,251-272.
[67]Kol G, Naor M. Games for exchanging information. In Proceedings of the 40th annual ACM symposium on Theory of computing,2008,423-432.
[68]Kol G, Naor M. Cryptography and game theory:Designing protocols for exchanging information. In:Canetti, R. (ed.) TCC 2008. LNCS, vol.4948,320-339. Springer, Heidel-berg (2008).
[69]Kremer S, Raskin J F. Game analysis of abuse-free contract signing, Computer Security Foundations Workshop, Canada,2002.
[70]Lee Y C, Laih C S. A V-fainess (t, n) secret sharing Scheme. In IEE Proceeding Comouters and Digital Techniques, Vol.144, No.1,1997, pages 23-27.
[71]Lin H Y, Harn L. Fair reconstruction of a secret. Information Processing Letters,1995, 55:45-47.
[72]Lin X.-J, Wu C.-K and Liu F. Analysis of an authenticated identity-based multicast scheme, IET Communications,2008,2(7):935-937.
[73]Lysyanskaya A, Triandopoulos N. Rationality and adversarial behavior in multiparty com-putation. Advances in Cryptology-CRYPTO 2006,2006,180-197.
[74]Maleka S, Amjed S and Pandu Rangan C. The deterministic protocol for rational secret sharing. In:SSN 2008:The 4th International Workshop on Security in Systems and Networks.
[75]Maleka S, Shareef A and Pandu Rangan C. Rational secret sharing with repeated games, ISPEC 2008, LNCS 4991,2008,334-346.
[76]Malone Lee J. Identity-based signcrytion. Avalable online:http://www.signcryption.org/ publications/pdffiles/MaloneLee-eprint2002-098.pdf.
[77]Micali S, Rogaway P. Secure computation,1991.
[78]Micali S. Certified E-mail with invisible post offices-or-a low-cost, low-congestion, and low-liability certified E-mail system,1997.
[79]Mtompa H. How to share a secret with cheaters. Journal of Cryptology,1988,1(2):133-138.
[80]Morillo P, et al. Some trends for future research in distributed cryptography, http://www-mat.upc.es/grup-de-cripto/.
[81]Mu Y, Susilo W, et al. Identity-based authenticated broadcast encryption and distributed authenticated encryption, in:ASIAN, in:LNCS,2004,3321:169-181.
[82]Osborne M. An introduction to game theory. Oxfor:Oxford University Press,2004
[83]Ong S J, Parkes D V, et al. Fairness with an honest minority and a rational majority, TCC 2009, LNCS 5444,2009,36-53.
[84]Pedersen T P. Non-interactive and information-theoretic secure verifiable secret sharing. In Advances in Cryptology-CRYPTO'91, volume 576 of Lecture Notes in Computer Science, Berlin, Springer-Verlag,1992,129-140
[85]Pedersen T P. Distributed provers and verifiable secret sharing based on the discrete log-arithm problem. PhD thesis, Aarhus University, Computer Science Department, Aarhus, Denmark, March 1992.
[86]Peng C G, Li X. An identity-based threshold signcryption scheme with semantic security. CIS 2005,3802, Berlin:Springer-Verlag,2005,173-179.
[87]Peng C G, Li X. Threshold signcryption scheme based on elliptic curve cryptosystem and verifiable secret sharing. WCNM 2005.1136-1139. IEEE Communication Society,2005.
[88]Pfitzmann B, Waidner M. A model for asynchronous reactive systems and its application to secure message transmission,2001.
[89]Pinkas. Fair secure two-party computation,2003.
[90]Rabin T, Ben-Or M. Veriable secret sharing and multiparty protocols with honest majority, 1989.
[91]Sandholm T, Wang X. (Im)possibility of safe exchange mechanism design. Proceedings of National Conference on Artificial Intelligence,2002,338-344.
[92]Schoenmakers B. A simple publicly verifiable secret sharing scheme and its application to electronic voting. In:M. Wiener ed., Advances in Cryptology-Crypto:99 Proceedings, LNCS 1666. Berlin:Springer-Verlag,1999,148-164.
[93]Shamir A. How to share a secret. Communications of the ACM,1979,22(11):612-613.
[94]Shannon C E. Communication theory of secrecy systems. Bell System Technical Journal, 1949,28 (4):656-715.
[95]Shi R, H, Zhong H, Huang L S. A (t,n)-threshold verified multi-secret sharing scheme based on ECDLP. Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computting.2007,9-13.
[96]Stadler M. Publicly verifiable secret sharing. In Advances in Cryptology-EUROCRYPT'96, Berlin, Springer-Verlag,1996,1070:190-199.
[97]Tian Y L, Peng C G, et al. A practical publicly verifiable secret sharing scheme based on bilinear pairing. Proceedings of the 2nd International of Conference on Anti-counterfeiting, Security, and Identification (2008ASID). Guiyang, China.2008,71-75
[98]Tian Y L, Ma J F, et al. One-time rational secret sharing scheme based on Bayesian game. Wuhan University Joural of Natural Sciences,2011,16(5):430-434.
[99]Tian Y L, Peng C G and Ma J F. Publicly verifiable secret sharing scheme using bilinear pairings. International Journal of Network Security,2012,14(1):116-122.
[100]Tompa M, Woll H. How to share a secret with cheaters. J. of Cryptology,1988,133-138.
[101]Wang L, Wu C.-K, Efficient identity-based multicast scheme from bilinear pairing, IEE Proceedings. Communications,2005,152(6):877-882.
[102]Wang S J, Tsai Y R and Shen J J. Dynamic threshold multi-secret sharing scheme us-ing elliptic curve and bilinear paring.2008 Second International Conference on Future Generation Communication and Networking.2008.405-410.
[103]Yao A C. Protocols for secure computations. In:Proc.23rd IEEE Symp. On the Foun-dation of Computer Science, IEEE,1982,160-164.
[104]Zhang F, Ma J F and Moon S J. Universally composable anonymous Hash certification model. Sci China Ser F-Inf Sci,2007,50:440-455.
[105]Zhang J W, Ma J F and Moon S J. Universally composable secure TNC model and EAP-TNC protocol in IF-T. Sci China Inf Sci,2010,53:465-482.
[106]Zhang J W. Ma J F and Moon S J. Universally composable one-time signature and broad-cast authentication. Sci China Inf Sci,2010,53:567-580.
[107]Zhang Z F. Rational secret sharing as extensive game. Avalable online:http://eprint.iacr. org/2010/184.
[108]Zhang Z F. Unconditionally secure rational secret sharing in standard communication networks. Avalable online:http://eprint.iacr.org/2010/462.
[109]陈晶,杜瑞颖,王丽娜,田在荣.网络环境下一种基于概率密度的信任博弈模型.电子学报,2010,38(2):427-433.
[110]陈曦.机会网络安全路由与密钥管理方案研究.西安:博士学位论文,西安电科技大学,2012.
[111]Douglas R. Stinson密码学原理与实践(第二版).北京:电子工业出版社,2003.
[112]冯涛,马建峰.无线传感器网络密钥种子管理和分配模型及应用.计算机研究与发展,2008,45(1):146-153.
[113]李大伟,杨庚,俞昌国.理性参与者秘密共享方案研究综述.南京邮电大学学报(自然科学版),2010,30(2):89-94.
[114]李慧贤,庞辽军.基于双线性变换的可证明安全的秘密共享方案.通信学报,2008,29(10):45-49.
[115]刘木兰.张志芳.密钥共享与安全多方计算.北京:电子工业出版社,2008.
[116]罗文俊,李祥.多方安全矩阵乘积协议及应用.计算机学报,2005,28(7):1230-1235.
[117]姜奇,马建峰,李光松,马卓.基于WAPI的WLAN与3G网络安全融合.计算机学报,2010,33(9):1675-1685.
[118]姜奇,马建峰,李光松,刘宏月.基于身份的异构无线网络匿名漫游协议.通信学报,2010,31(10):138-145.
[119]姜奇.异构无线网络中匿名漫游研究.西安:博士学位论文,西安电科技大学,2011.
[120]毛文波著;王继林,武前红等译;工益民,姜正涛审校.现代密码学理论与实践.北京:电子工业出版社,2004.
[121]彭长根.面向群体的数字签名、签密和签约的理论和应用研究.贵阳:贵州大学博士学位论文,2007.
[122]彭长根,李祥,罗文俊.一种面向群组通信的通用门限签密方案.电子学报,2007,35(1):64-67.
[123]卿斯汉,李改成.多方公平交换协议的形式化分析和设计.中国科学E辑,2006,36(6):598-616.
[124]沈昌祥,张焕国,冯登国等.信息安全综述.中国科学E辑,2007,37(2):129-150.
[125]田有亮,彭长根.基于双线性对的可验证秘密共享方案.计算机应用,2007,27(B12):125-127.
[126]田有亮,彭长根.基于双线性对的可验证秘密共享方案及其应用.计算机工程,2009,35(10):158-161.
[127]田有亮,马建峰,彭长根.基于双线性Diffie-Hellman(?)司题的可验证秘密共享方案.2009年中国密码学会议.广州:科学出版社,2009,170-179.
[128]田有亮.基于双线性对的分布式密码系统与应用研究.贵阳:硕士学位论文,贵州大学,2009.
[129]田有亮,马建峰,彭长根,姬文江.秘密共享体制的博弈论分析.电子学报,2011,39(12):2790-2795.
[130]田有亮,马建峰,彭长根,陈曦.椭圆曲线上的信息论安全的可验证秘密共享方案.通信学报,2011,32(12):96-102.
[131]王磊,祝跃飞.分布式密码的体系结构和研究内容.电子与信息学报,2005,27(1):146-149.
[132]徐海霞,李宝.分布式密钥分发方案的安全性证明.软件学报,2005,16(4):570-576.
[133]张俊伟.密码协议的可组合安全.西安:博士学位论文,西安电子科技大学,2010.
[134]张志芳,刘木兰.理性密钥共享的扩展博弈模型.中国科学:信息科学,2012,42:32-46.
[135]朱建明Srinivasan Raghunathan基于博弈论的信息安全技术评价模型.计算机学报,2009,32(4):828-834.