摘要
门限密码学提供了一种安全、实用的密钥共享方法 .门限签名是门限密码学的重要组成部分 ,然而 ,对于 RSA的模数 n =pq,剩余环 Zφ( n) 不是域 ,其中的元素未必可逆 ,同时 ,φ(n)是秘密参数 ,不允许签名参与者知晓 ,因而他们无法进行模φ(n)阀算术 ,这给在 Zφ( n) 上建立秘密共享方案以及建立门限 RSA密码体制带来了困难 .文中提出一种新的技巧以克服上述困难 .首先 ,文中引进一个安全的 hash函数 ,然后建立一个特殊形状的 RSA签名体制 ,最后将两者结合起来得到一个新的门限 RSA签名方案 ,与以前的方案不同 ,该方案无须在任何代数结构 (比如 Zφ( n) )中对任何元素求逆 ,从而也无须对任何代数结构作扩张 。
Threshold cryptography provides a way in which the secret key of an organization or a company can be shared practically. Threshold signatures are part of the threshold cryptography. Solutions for the case of the RSA scheme are especially important because of its widespread use. However, for RSA modulus n=pq , the ring Z φ(n) is not a field, an element in it may not have inverse. At the same time, since φ(n) is a secret parameter that the signature participants should not know, the participants can not do the arithmetic modulo φ(n) . These problems cause some difficulties in setting up secret sharing schemes over Z φ(n) , then in setting up threshold RSA signature schemes. This paper presents a new technique to overcome the difficulties mentioned above. At first, it introduces a safe hash function; then sets up a RSA signature scheme with a particular form. Finally, combining the above two points, a new threshold RSA signature scheme is got. Differing from the previous methods, these methods need not to invert any element in any structure (such as Z φ(n) ), and then no algebraic extensions are needed for any structures, which provides us some convenience in implementation.
出处
《计算机学报》
EI
CSCD
北大核心
2000年第5期449-453,共5页
Chinese Journal of Computers
基金
山东省自然科学基金!( Z99G0 1)
国家"八六三"高技术研究发展计划!( 863 -3 0 6-ZT0 6-0 1-4 )
关键词
密码体制
RSA
数字签名
门限密码学
threshold scheme, cryptosystem, RSA, digital signature, share
