摘要
针对数字签名的公平交换问题,提出了可废除并发签名机制.在签名阶段,首先由签名者选取一种特殊的keystone信息,再通过单向函数计算出keystone印记,然后使用签名者的私钥对印记进行指数运算,产生出签名者的公钥密文.在进行签名交换之后,利用公布的keystone信息再次计算出keystone印记,并对每个签名者的公钥进行指数运算,然后通过与密文的比较确定签名者身份,从而废除了并发签名的模糊性.与传统并发签名方式相比,所提机制可消除各种攻击的可能性,特别是在产生可废除并发签名时,交换双方只需要产生一个keystone,从而简化了签名交换协议.在一个实现中同时证实,基于随机预言模型在确定性Diffie-Hellman假设和离散对数假设下所提机制是安全的.
Aiming at the problem of fair exchange of digital signatures, a scheme of revocable concurrent signatures is proposed. In the step of signing, the signer chooses a piece of special information named keystone. The one-way function is then used to compute the keystone footprint, and then the encryption of the signer's public key is obtained by raising the keystone footprint to the power of his secret key. The keystone footprints are computed once more from the released keystones after the exchange of signatures, and each signer's public key is raised to the power of the keystone footprint. Then the identities of signers are recognized by comparing the results with the encryptions of the public keys produced in the step of signing, and the ambiguity of signatures can be revoked. Compared with traditional concurrent signatures schemes, the proposed scheme can avoid various attacks. Moreover, when a pair of revocable concurrent signatures is produced, only one keystone is required so that exchange protocols are simplified. It has been verified in a concrete construction that the proposed scheme is secure in the random oracle model under the decisional Diffie-Hellman assumption and the discrete logarithms assumption.
出处
《西安交通大学学报》
EI
CAS
CSCD
北大核心
2009年第12期45-49,共5页
Journal of Xi'an Jiaotong University
基金
国家高技术研究发展计划资助项目(2008AA01Z136)
西安交通大学校内基金
关键词
并发签名
签名交换
随机预言模型
concurrent signature
signatures exchange
random oracle model
