The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme...The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme is presented. The new scheme isunforgeable and robustagainst any adaptive adversary if the base Guillou-Quisquater signature scheme is unforgeable underthe chosen message attack and computing the discrete logarithm modulo a prime is hard This schemecan also achieve optimal resilience. However, the new scheme does not need the assumption that N isthe product of two safe primes. The basie signature scheme underlying the new scheme is exactlyGuillou-Quisqualtr signature scheme, and the additional strong computation assumption introduced bythe first threshold Guillou-Quisquater scheme is weaken.展开更多
Due to forward-secure-digital-signature's capability of effectively reducing loss caused by exposure of secret keys and significant in-application benefits of blind signature aiming at protecting senders' privacy, t...Due to forward-secure-digital-signature's capability of effectively reducing loss caused by exposure of secret keys and significant in-application benefits of blind signature aiming at protecting senders' privacy, they have been hot spots for decades in the field of cryptography. Illuminated by the integration of forward secure digital signature and blind signature, based on the variants of E1Gamal and assumption of difficulty in solving the discrete logarithm problem in galois field, a forward-secure weak blind signature scheme and a forward-secure strong blind signature scheme are proposed and their security is analyzed thoroughly in this paper. It turns out that forward security, blindness and aptitude of resisting forging attack demonstrated by these two schemes benefit a lot theoretically and practically.展开更多
An identity-based verifiably committed signature scheme (IB-VCS) was proposed, which is proved secure in the standard model (i.e., without random oracles). It enjoys the setup-free property and stand-alone property, b...An identity-based verifiably committed signature scheme (IB-VCS) was proposed, which is proved secure in the standard model (i.e., without random oracles). It enjoys the setup-free property and stand-alone property, both of which make an exchange protocol more practical. The scheme is unconditionally secure against the cheating signer, its security against the cheating verifier is reduced to the computational Diffie-Hellman (CDH) problem in the underlying group, it is secure against the cheating trusted third party if the underlying Paterson Schuldt's identity based signature (IBS) scheme is secure, which is proven true based on the CDH assumption in the standard model.展开更多
Ju et al. proposed a certificateless signature scheme with instantaneous revocation by introducing security mediator (SEM) mechanism. This article presents a detailed cryptoanalysis of this scheme and shows that, in...Ju et al. proposed a certificateless signature scheme with instantaneous revocation by introducing security mediator (SEM) mechanism. This article presents a detailed cryptoanalysis of this scheme and shows that, in their proposed scheme, once a valid signature has been produced, the signer can recover his private key information and the instantaneous revocation property will be damaged. Furthermore, an improved mediated signature scheme, which can eliminate these disadvantages, is proposed, and security proof of the improved scheme under elliptic curve factorization problem (ECFP) assumption and bilinear computational diffie-hellman problem (BCDH) assumption is also proposed.展开更多
Based on the GDH signature (short signature scheme) a probabilistic signature scheme is proposed in this paper with security proof.Then a new threshold proxy signature from bilinear pairings is proposed as well by us ...Based on the GDH signature (short signature scheme) a probabilistic signature scheme is proposed in this paper with security proof.Then a new threshold proxy signature from bilinear pairings is proposed as well by us ing the new probabilistic signature scheme and the properties of the Gap Diffie-Hellman (GDH)group (where the Computational Diffie-Hellman problem is hard but the Decisional Diffie-Hellman problem is easy to solve).Our constructions are based on the recently proposed GDH signature scheme of Bonel et al.s article.Bilinear pairings could be built from Weil pairing or Tate pairing.So most our constructions would be simpler,but still with high security.The proposed threshold proxy signature is the first one which is built from bilinear pairings.At the end of this paper security and performance of the threshold proxy signature scheme is also analyzed.展开更多
Ring signature enables the members to sign anonymously without a manager, it has many online applications, such as e-voting, e-money, whistle blowing etc. As a promising post-quantum candidate, lattice-based cryptogra...Ring signature enables the members to sign anonymously without a manager, it has many online applications, such as e-voting, e-money, whistle blowing etc. As a promising post-quantum candidate, lattice-based cryptography attracts much attention recently. Several efficient lattice-based ring signatures have been naturally constructed from lattice basis delegation, but all of them have large verification key sizes. Our observation finds that a new concept called the split- small integer solution (SIS) problem introduced by Nguyen et al. at PKC'I 5 is excellent in reducing the public key sizes of lattice-based ring signature schemes from basis delegation. In this research, we first define an extended concept called the extended split-SIS problem, and then prove that the hardness of the extended problem is as hard as the approximating shortest independent vectors problem (SIVP) problem within certain polynomial factor. Moreover, we present an improved ring signature and prove that it is anonymous and unforgeable against the insider corruption. Finally, we give two other improved existing ring signature schemes from lattices. In the end, we show the comparison with the original scheme in terms of the verification key sizes. Our research data illustrate that the public key sizes of the proposed schemes are reduced significantly.展开更多
A new practical method is introduced to transform the stateful transitive signature scheme to stateless one with-out the loss of security.According to the approach,two concrete stateless transitive signature schemes b...A new practical method is introduced to transform the stateful transitive signature scheme to stateless one with-out the loss of security.According to the approach,two concrete stateless transitive signature schemes based on Factoringand RSA are presented respectively.Under the assumption of the hardness of factoring and one-more-RSA-inversion prob-lem,both two schemes are secure under the adaptive chosen-message attacks in random oracle model.展开更多
Proxy signature schemes enable an entity to del- egate its signing rights to any other party, called proxy signer. As a variant of proxy signature primitive, proxy multi- signature allows a group of original signers t...Proxy signature schemes enable an entity to del- egate its signing rights to any other party, called proxy signer. As a variant of proxy signature primitive, proxy multi- signature allows a group of original signers to delegate their signing capabilities to a single proxy signer in such a way that the proxy signer can sign a message on behalf of the group of original signers. We propose a concrete ID-based proxy multi-signature scheme from bilinear pairings. The proposed scheme is existential unforgeable against adaptively chosen message and given ID-attack in random oracle model under the computational Diltie-Hellman (CDH) assumption. The fascinating property of new scheme is that the size of a proxy multi-signature is independent of the number of original sign- ers. Furthermore the proposed scheme is simple and com- putationally more efficient than other ID-based proxy multi- signature schemes.展开更多
The idea behind a (t, n) threshold blind signature is that a user can ask at least t out of n players of a group to cooperate to generate a signature for a message without revealing its content. This paper first prese...The idea behind a (t, n) threshold blind signature is that a user can ask at least t out of n players of a group to cooperate to generate a signature for a message without revealing its content. This paper first presents a new blind signature scheme from Weil pairing on elliptic curves. Based on this scheme, a threshold blind signature scheme is proposed. It is efficient and has the security properties of robustness and unforgeability. In the proposed scheme, the group manger is introduced to take the role of distributing the group secret key to each player. However, he cannot forge the players to generate partial blind signatures (Each partial blind signature depends on not only the secret key of the player, but also a random number the player picks). Compared with a threshold signature with a trusted third party, its advantage is obvious; Compared with a threshold signature without a trusted third party, it is more simple and efficient.展开更多
Threshold blind signature is playing an important role in cryptography as well as in practical applications such as e-cash and e-voting systems, etc. In this paper, we present an efficient and practical threshold bind...Threshold blind signature is playing an important role in cryptography as well as in practical applications such as e-cash and e-voting systems, etc. In this paper, we present an efficient and practical threshold bind signature from Weil pairing on super-singular elliptic curves or hyper-elliptic curves over finite field and prove that our scheme is provably secure in the random oracle model.展开更多
Group signature schemes are fundamental cryptographic tools. A group signature scheme allows members of a group to anonymously sign misuse, the anonymity messages. To counter can be revoked by the group manager. The g...Group signature schemes are fundamental cryptographic tools. A group signature scheme allows members of a group to anonymously sign misuse, the anonymity messages. To counter can be revoked by the group manager. The group joining operation is a critical component of group signature scheme, the framing attack can be prevented by group joining processes. This paper presents an efficient group signature scheme with a simple joining protocol that is based on a "single message and signature response" interaction between the prospective user and the group manager. The security of our group signature is based on the Discrete Logarithm assumption and Decisional Linear Diffie- Hellman assumption. The formal security proof of our scheme is given in the random oracle model. Our scheme is also a very efficient short group signature scheme with efficient concurrent join.展开更多
Recently, Tseng et al. proposed authenticated encryption scheme with message recovery using self-certified public keys. Hwang et al. proposed an attack to show that the Tseng et al.'s scheme was not secure. And Hwang...Recently, Tseng et al. proposed authenticated encryption scheme with message recovery using self-certified public keys. Hwang et al. proposed an attack to show that the Tseng et al.'s scheme was not secure. And Hwang et al. proposed an improved scheme and claimed to that the new scheme satisfy the security requirement. However, we will show that the improved signature proposed by Hwang et al. is still insecure.展开更多
Network coding can improve the information transmission efficiency and reduces the network resource consumption,so it is a very good platform for information transmission.Certificateless proxy signatures are widely ap...Network coding can improve the information transmission efficiency and reduces the network resource consumption,so it is a very good platform for information transmission.Certificateless proxy signatures are widely applied in information security fields.However,certificateless proxy signatures based on classical number theory are not suitable for the network coding environment and cannot resist the quantum computing attacks.In view of this,we construct certificateless network coding proxy signatures from lattice(LCL-NCPS).LCL-NCPS is new multi-source signature scheme which has the characteristics of anti-quantum,antipollution and anti-forgery.In LCL-NCPS,each source node user can output a message vector to intermediate node and sink node,and the message vectors from different source nodes will be linearly combined to achieve the aim of improving the network transmission rate and network robustness.In terms of efficiency analysis of space dimension,LCL-NCPS can obtain the lower computation complexity by reducing the dimension of proxy key.In terms of efficiency analysis of time dimension,LCL-NCPS has higher computation efficiency in signature and verification.展开更多
文摘The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme is presented. The new scheme isunforgeable and robustagainst any adaptive adversary if the base Guillou-Quisquater signature scheme is unforgeable underthe chosen message attack and computing the discrete logarithm modulo a prime is hard This schemecan also achieve optimal resilience. However, the new scheme does not need the assumption that N isthe product of two safe primes. The basie signature scheme underlying the new scheme is exactlyGuillou-Quisqualtr signature scheme, and the additional strong computation assumption introduced bythe first threshold Guillou-Quisquater scheme is weaken.
基金This work was supported by the National Natural Science Foundation of China for Grant 60673127, the National High Technology Research and Development Program of China (863 Program) for Grant 2007AA01Z404, the Science & Technology Pillar Program of Jiangsu Province for Grant BE2008135, the Electronic Development Foundation of the Ministry of Information Industry, Funding of Jiangsu Innovation Program for Graduate Education for Grant CX10B112Z, Funding for Outstanding Doctoral Dissertation in NUAA for Grant BCXJ10-07, Research Funding of Nanjing University of Aeronautics and Astronautics for Grant NS2010101 and Jiangsu Province Postdoctoral Science Foundation. We wish to thank the above support, under which the present work is possible.
文摘Due to forward-secure-digital-signature's capability of effectively reducing loss caused by exposure of secret keys and significant in-application benefits of blind signature aiming at protecting senders' privacy, they have been hot spots for decades in the field of cryptography. Illuminated by the integration of forward secure digital signature and blind signature, based on the variants of E1Gamal and assumption of difficulty in solving the discrete logarithm problem in galois field, a forward-secure weak blind signature scheme and a forward-secure strong blind signature scheme are proposed and their security is analyzed thoroughly in this paper. It turns out that forward security, blindness and aptitude of resisting forging attack demonstrated by these two schemes benefit a lot theoretically and practically.
基金The National Hi-Tech Research and Development Program (863) of China (No. 2005AA145110)The Pudong New Area Technology Innovation Public Service Platform of China (No. PDP2005-04)
文摘An identity-based verifiably committed signature scheme (IB-VCS) was proposed, which is proved secure in the standard model (i.e., without random oracles). It enjoys the setup-free property and stand-alone property, both of which make an exchange protocol more practical. The scheme is unconditionally secure against the cheating signer, its security against the cheating verifier is reduced to the computational Diffie-Hellman (CDH) problem in the underlying group, it is secure against the cheating trusted third party if the underlying Paterson Schuldt's identity based signature (IBS) scheme is secure, which is proven true based on the CDH assumption in the standard model.
基金Program for New Century Excellent Talents in University and the National Natural Science Foundation of China (60373104, 90604009).
文摘Ju et al. proposed a certificateless signature scheme with instantaneous revocation by introducing security mediator (SEM) mechanism. This article presents a detailed cryptoanalysis of this scheme and shows that, in their proposed scheme, once a valid signature has been produced, the signer can recover his private key information and the instantaneous revocation property will be damaged. Furthermore, an improved mediated signature scheme, which can eliminate these disadvantages, is proposed, and security proof of the improved scheme under elliptic curve factorization problem (ECFP) assumption and bilinear computational diffie-hellman problem (BCDH) assumption is also proposed.
文摘Based on the GDH signature (short signature scheme) a probabilistic signature scheme is proposed in this paper with security proof.Then a new threshold proxy signature from bilinear pairings is proposed as well by us ing the new probabilistic signature scheme and the properties of the Gap Diffie-Hellman (GDH)group (where the Computational Diffie-Hellman problem is hard but the Decisional Diffie-Hellman problem is easy to solve).Our constructions are based on the recently proposed GDH signature scheme of Bonel et al.s article.Bilinear pairings could be built from Weil pairing or Tate pairing.So most our constructions would be simpler,but still with high security.The proposed threshold proxy signature is the first one which is built from bilinear pairings.At the end of this paper security and performance of the threshold proxy signature scheme is also analyzed.
基金supported by the National Natural Science Foundations of China (61472309, 61572390, 61303198, 61402353)the 111 Project (B08038)+1 种基金National Natural Science Foundations of Ningbo (201601HJ-B01382)Research Program of Anhui Education Committee (KJ2016A626, KJ2016A627)
文摘Ring signature enables the members to sign anonymously without a manager, it has many online applications, such as e-voting, e-money, whistle blowing etc. As a promising post-quantum candidate, lattice-based cryptography attracts much attention recently. Several efficient lattice-based ring signatures have been naturally constructed from lattice basis delegation, but all of them have large verification key sizes. Our observation finds that a new concept called the split- small integer solution (SIS) problem introduced by Nguyen et al. at PKC'I 5 is excellent in reducing the public key sizes of lattice-based ring signature schemes from basis delegation. In this research, we first define an extended concept called the extended split-SIS problem, and then prove that the hardness of the extended problem is as hard as the approximating shortest independent vectors problem (SIVP) problem within certain polynomial factor. Moreover, we present an improved ring signature and prove that it is anonymous and unforgeable against the insider corruption. Finally, we give two other improved existing ring signature schemes from lattices. In the end, we show the comparison with the original scheme in terms of the verification key sizes. Our research data illustrate that the public key sizes of the proposed schemes are reduced significantly.
文摘A new practical method is introduced to transform the stateful transitive signature scheme to stateless one with-out the loss of security.According to the approach,two concrete stateless transitive signature schemes based on Factoringand RSA are presented respectively.Under the assumption of the hardness of factoring and one-more-RSA-inversion prob-lem,both two schemes are secure under the adaptive chosen-message attacks in random oracle model.
文摘Proxy signature schemes enable an entity to del- egate its signing rights to any other party, called proxy signer. As a variant of proxy signature primitive, proxy multi- signature allows a group of original signers to delegate their signing capabilities to a single proxy signer in such a way that the proxy signer can sign a message on behalf of the group of original signers. We propose a concrete ID-based proxy multi-signature scheme from bilinear pairings. The proposed scheme is existential unforgeable against adaptively chosen message and given ID-attack in random oracle model under the computational Diltie-Hellman (CDH) assumption. The fascinating property of new scheme is that the size of a proxy multi-signature is independent of the number of original sign- ers. Furthermore the proposed scheme is simple and com- putationally more efficient than other ID-based proxy multi- signature schemes.
基金Supported by the National 973 Project of China(No.G1999035803)the National Natural Science Foundation of China (No.60373104)the National 863 Project of China (No.2002AA143021)
文摘The idea behind a (t, n) threshold blind signature is that a user can ask at least t out of n players of a group to cooperate to generate a signature for a message without revealing its content. This paper first presents a new blind signature scheme from Weil pairing on elliptic curves. Based on this scheme, a threshold blind signature scheme is proposed. It is efficient and has the security properties of robustness and unforgeability. In the proposed scheme, the group manger is introduced to take the role of distributing the group secret key to each player. However, he cannot forge the players to generate partial blind signatures (Each partial blind signature depends on not only the secret key of the player, but also a random number the player picks). Compared with a threshold signature with a trusted third party, its advantage is obvious; Compared with a threshold signature without a trusted third party, it is more simple and efficient.
文摘Threshold blind signature is playing an important role in cryptography as well as in practical applications such as e-cash and e-voting systems, etc. In this paper, we present an efficient and practical threshold bind signature from Weil pairing on super-singular elliptic curves or hyper-elliptic curves over finite field and prove that our scheme is provably secure in the random oracle model.
基金This paper is supported by the National Natural Science Foundation of China under Grant No. 61072140, 61373171 the Program of Introducing Talents of Discipline to Universities NO. B08038 the Specialized Research Fund for the Doctoral Program of Higher Education No. 20100203110003.
文摘Group signature schemes are fundamental cryptographic tools. A group signature scheme allows members of a group to anonymously sign misuse, the anonymity messages. To counter can be revoked by the group manager. The group joining operation is a critical component of group signature scheme, the framing attack can be prevented by group joining processes. This paper presents an efficient group signature scheme with a simple joining protocol that is based on a "single message and signature response" interaction between the prospective user and the group manager. The security of our group signature is based on the Discrete Logarithm assumption and Decisional Linear Diffie- Hellman assumption. The formal security proof of our scheme is given in the random oracle model. Our scheme is also a very efficient short group signature scheme with efficient concurrent join.
基金This project is supported by National Natural Science Foundation of China(60673053 90718011)
文摘Recently, Tseng et al. proposed authenticated encryption scheme with message recovery using self-certified public keys. Hwang et al. proposed an attack to show that the Tseng et al.'s scheme was not secure. And Hwang et al. proposed an improved scheme and claimed to that the new scheme satisfy the security requirement. However, we will show that the improved signature proposed by Hwang et al. is still insecure.
基金supported by the Key Project of Natural Science Basis Research Plan of Shaanxi Province(2020JZ-54).
文摘Network coding can improve the information transmission efficiency and reduces the network resource consumption,so it is a very good platform for information transmission.Certificateless proxy signatures are widely applied in information security fields.However,certificateless proxy signatures based on classical number theory are not suitable for the network coding environment and cannot resist the quantum computing attacks.In view of this,we construct certificateless network coding proxy signatures from lattice(LCL-NCPS).LCL-NCPS is new multi-source signature scheme which has the characteristics of anti-quantum,antipollution and anti-forgery.In LCL-NCPS,each source node user can output a message vector to intermediate node and sink node,and the message vectors from different source nodes will be linearly combined to achieve the aim of improving the network transmission rate and network robustness.In terms of efficiency analysis of space dimension,LCL-NCPS can obtain the lower computation complexity by reducing the dimension of proxy key.In terms of efficiency analysis of time dimension,LCL-NCPS has higher computation efficiency in signature and verification.
