Today companies and organizations are using the Web as the main informationdissemination means both at internal and external level. Information dissemination often takes theform of XML documents that are made availabl...Today companies and organizations are using the Web as the main informationdissemination means both at internal and external level. Information dissemination often takes theform of XML documents that are made available at Web servers, or that are actively broadcasted byWeb servers to interested clients. These documents often contain information at different degrees ofsensitivity, therefore a strong XML security platform and mechanism is needed. In this paper wedeveloped CIT/XML security platform and take a close look to syntax and processing of CIT/digitalsignature model, CIT/encryption model, CIT/smart card crypto and SPKI interface security models.Security services such as authentication, integrity and confidentiality to XML documents and non-XMLdocuments, which exchanged among various servers, are provided.展开更多
Multi-proxy signature schemes allow the original signer to delegate his/her signing power to n proxy signers such that all proxy signers must corporately generate a valid proxy signature on behalf of the original sign...Multi-proxy signature schemes allow the original signer to delegate his/her signing power to n proxy signers such that all proxy signers must corporately generate a valid proxy signature on behalf of the original signer. We first propose a multi-proxy signature scheme based on discrete logarithms and then adapt it to the elliptic curve cryptosystem. With the integration of self-certified public-key systems and the message recovery signature schemes,our proposed schemes have the following advan-tages:(1) They do not require the signing message to be transmitted,since the verifier can recover it from the signature;(2) The authentication of the public keys,verification of the signature,and recovery of the message can be simultaneously carried out in a single logical step;(3) No certificate is needed for validating the public keys. Further,the elliptic curve variant with short key lengths especially suits the cryptographic applications with limited computing power and storage space,e.g.,smart cards. As compared with the previous work that was implemented with the certificate-based public-key systems,the proposed schemes give better performance in terms of communication bandwidth and computation efforts.展开更多
文摘Today companies and organizations are using the Web as the main informationdissemination means both at internal and external level. Information dissemination often takes theform of XML documents that are made available at Web servers, or that are actively broadcasted byWeb servers to interested clients. These documents often contain information at different degrees ofsensitivity, therefore a strong XML security platform and mechanism is needed. In this paper wedeveloped CIT/XML security platform and take a close look to syntax and processing of CIT/digitalsignature model, CIT/encryption model, CIT/smart card crypto and SPKI interface security models.Security services such as authentication, integrity and confidentiality to XML documents and non-XMLdocuments, which exchanged among various servers, are provided.
基金Project (No. 94-2213-E-182-019) supported by the National Science Council, Taiwan, China
文摘Multi-proxy signature schemes allow the original signer to delegate his/her signing power to n proxy signers such that all proxy signers must corporately generate a valid proxy signature on behalf of the original signer. We first propose a multi-proxy signature scheme based on discrete logarithms and then adapt it to the elliptic curve cryptosystem. With the integration of self-certified public-key systems and the message recovery signature schemes,our proposed schemes have the following advan-tages:(1) They do not require the signing message to be transmitted,since the verifier can recover it from the signature;(2) The authentication of the public keys,verification of the signature,and recovery of the message can be simultaneously carried out in a single logical step;(3) No certificate is needed for validating the public keys. Further,the elliptic curve variant with short key lengths especially suits the cryptographic applications with limited computing power and storage space,e.g.,smart cards. As compared with the previous work that was implemented with the certificate-based public-key systems,the proposed schemes give better performance in terms of communication bandwidth and computation efforts.
