Current techniques for transforming unforgeable signature schemes (the forged message has never been signed) to strongly unforgeable ones (the forged message could have been signed) require supplementary component...Current techniques for transforming unforgeable signature schemes (the forged message has never been signed) to strongly unforgeable ones (the forged message could have been signed) require supplementary components to be added onto the original key pairs of the schemes. In addition, some of them can only be applied to a certain type of signature schemes. In this paper, we propose a new generic transformation technique which converts any unforgeable signature scheme into a strongly unforgeable one without modifying any component in the original key pair. This makes our technique especially compatible for practical use. Our technique is based on strong one-time signature schemes. We show that they can be constructed efficiently from any one-time signature scheme that is based on one-way functions. The performance of our technique also compares favorably with that of current ones. Besides, it is shown in this paper that our transformation can further be applied to schemes satisfying only a weak variant of unforgeability without any further modification. Furthermore, our technique can also be used for constructing strongly unforgeable signature schemes in other cryptographic settings which include certificateless signature, identity-based signature, and several others. To the best of our knowledge, similar extent of versatility is not known to be supported by any of those comparable techniques. Finally and of independent interest, we show that our generic transformation technique can be modified to an on-line/off-line signature scheme, which possesses a very efficient signing process.展开更多
Based on the definition of tamper evidence, the authors define a new notion of tamper evidence forward secure signature scheme (TE-FSig), and propose a general method to build a TE-FSig scheme. Based on this method,...Based on the definition of tamper evidence, the authors define a new notion of tamper evidence forward secure signature scheme (TE-FSig), and propose a general method to build a TE-FSig scheme. Based on this method, they also give out a concrete instance. A TE-FSig scheme is constructed by the standard signature scheme, forward secures signature scheme and the aggregate signature scheme. It has an additional property of tamper evidence besides the property of forward secure, which can detect the time period when the key is exposed. In the standard model, the scheme constructed in the paper is proved to satisfy the prop- erties of forward secure, strong forward tamper-evidence secure, and strongly unforgeable under the chosen-message attack.展开更多
With the rapid development of electronic information technology,digital signature has become an indispensable part of our lives.Traditional public key certificate cryptosystems cannot overcome the limitations of certi...With the rapid development of electronic information technology,digital signature has become an indispensable part of our lives.Traditional public key certificate cryptosystems cannot overcome the limitations of certificate management.Identity-based cryptosystems can avoid the certificate management issues.The development of quantum computers has brought serious challenges to traditional cryptography.Post-quantum cryptography research is imperative.At present,almost all post-quantum identity-based signature(IBS)schemes are constructed using Gaussian sampling or trapdoor technologies.However,these two technologies have a great impact on computational efficiency.To overcome this problem,we construct an IBS scheme on lattices by employing Lyubashevsky’s signature scheme.Based on the shortest vector problem on lattices,our scheme does not use Gaussian sampling or trapdoor technologies.In the random oracle model,it is proved that our scheme is strongly unforgeable against adaptive chosen messages and identity attacks.The security level of our scheme is strongly unforgeable,which is a higher level than the existential unforgeability of other schemes.Compared with other efficient schemes,our scheme has advantages in computation complexity and security.展开更多
基金The first two authors are supported by a grant from City University of Hong Kong(Grant No.7001844)The third author is supported by 2nd stage of Brain Korea 21 Project sponsored by the Ministry of Education and Human Resources Development, KoreaThe fourth author is supported by National Natural Science Foundation of China(Grant No.60573054).
文摘Current techniques for transforming unforgeable signature schemes (the forged message has never been signed) to strongly unforgeable ones (the forged message could have been signed) require supplementary components to be added onto the original key pairs of the schemes. In addition, some of them can only be applied to a certain type of signature schemes. In this paper, we propose a new generic transformation technique which converts any unforgeable signature scheme into a strongly unforgeable one without modifying any component in the original key pair. This makes our technique especially compatible for practical use. Our technique is based on strong one-time signature schemes. We show that they can be constructed efficiently from any one-time signature scheme that is based on one-way functions. The performance of our technique also compares favorably with that of current ones. Besides, it is shown in this paper that our transformation can further be applied to schemes satisfying only a weak variant of unforgeability without any further modification. Furthermore, our technique can also be used for constructing strongly unforgeable signature schemes in other cryptographic settings which include certificateless signature, identity-based signature, and several others. To the best of our knowledge, similar extent of versatility is not known to be supported by any of those comparable techniques. Finally and of independent interest, we show that our generic transformation technique can be modified to an on-line/off-line signature scheme, which possesses a very efficient signing process.
基金the Natural Science Foundation of Shandong Province (Y2007G37)
文摘Based on the definition of tamper evidence, the authors define a new notion of tamper evidence forward secure signature scheme (TE-FSig), and propose a general method to build a TE-FSig scheme. Based on this method, they also give out a concrete instance. A TE-FSig scheme is constructed by the standard signature scheme, forward secures signature scheme and the aggregate signature scheme. It has an additional property of tamper evidence besides the property of forward secure, which can detect the time period when the key is exposed. In the standard model, the scheme constructed in the paper is proved to satisfy the prop- erties of forward secure, strong forward tamper-evidence secure, and strongly unforgeable under the chosen-message attack.
基金Project supported by the National Natural Science Foundation of China(Nos.61672412 and 61972457)the National Cryptography Development Fund of China(No.MMJJ20170104)the Young and Middle-Aged Teacher Education Research Project of Fujian Province,China(Nos.JT180308 and JAT190372)。
文摘With the rapid development of electronic information technology,digital signature has become an indispensable part of our lives.Traditional public key certificate cryptosystems cannot overcome the limitations of certificate management.Identity-based cryptosystems can avoid the certificate management issues.The development of quantum computers has brought serious challenges to traditional cryptography.Post-quantum cryptography research is imperative.At present,almost all post-quantum identity-based signature(IBS)schemes are constructed using Gaussian sampling or trapdoor technologies.However,these two technologies have a great impact on computational efficiency.To overcome this problem,we construct an IBS scheme on lattices by employing Lyubashevsky’s signature scheme.Based on the shortest vector problem on lattices,our scheme does not use Gaussian sampling or trapdoor technologies.In the random oracle model,it is proved that our scheme is strongly unforgeable against adaptive chosen messages and identity attacks.The security level of our scheme is strongly unforgeable,which is a higher level than the existential unforgeability of other schemes.Compared with other efficient schemes,our scheme has advantages in computation complexity and security.
