Hierarchical identity-based signature (HIBS) has wide applications in the large network. However,the existing works cannot solve the trade-off between the security and efficiency. The main challenge at present is to...Hierarchical identity-based signature (HIBS) has wide applications in the large network. However,the existing works cannot solve the trade-off between the security and efficiency. The main challenge at present is to construct a high efficient and strong secure HIBS with a low computation cost. In this paper,a new construction of HIBS scheme is proposed. The new scheme achieves the adaptive security which is a strong security in the identity-based cryptography. But our scheme has short public parameters and the private keys size shrinks as the hierarchy depth increases. The signature size is a constant and the cost of verification only requires four bilinear pairings,which are independent of hierarchy depth. Furthermore,under the q-strong computational diffie-Hellman problem (q-SDH) assumption,the scheme is provably secure against existential forgery for adaptive chosen message and identity attack in the standard model.展开更多
An identity-based multisignature scheme and an identity-based aggregate signature scheme are proposed in this paper. They are both from m-torsion groups on super-singular elliptic curves or hyper-elliptic curves and b...An identity-based multisignature scheme and an identity-based aggregate signature scheme are proposed in this paper. They are both from m-torsion groups on super-singular elliptic curves or hyper-elliptic curves and based on the recently proposed identity-based signature scheme of Cha and Cheon. Due to the sound properties of m-torsion groups and the base scheme, it turns out that our schemes are very simple and efficient. Both schemes are proven to be secure against adaptive chosen message attack in the random oracle model under the normal security notions with the assumption that the Computational Diffie-Hellman problem is hard in the m-torsion groups.展开更多
In proxy signature schemes,the proxy signer B is permitted to produce a signature on behalf of the original signer A. However,exposure of proxy signing keys can be the most devastating attack on a proxy signature sche...In proxy signature schemes,the proxy signer B is permitted to produce a signature on behalf of the original signer A. However,exposure of proxy signing keys can be the most devastating attack on a proxy signature scheme since any adversary can sign messages on behalf of the proxy signer. In this paper,we applied Dodis,et al.’s key-insulation mechanism and proposed an Identity-Based (ID-based) Key-Insulated Proxy Signature (IBKIPS) scheme with secure key-updates. The proposed scheme is strong key-insulated and perfectly key-insulated. Our scheme also supports unbounded period numbers and random-access key-updates.展开更多
In a strong designated verifier proxy signature scheme, a proxy signer can generate proxy signature on behalf of an original signer, but only the designated verifier can verify the validity of the proxy signature. In ...In a strong designated verifier proxy signature scheme, a proxy signer can generate proxy signature on behalf of an original signer, but only the designated verifier can verify the validity of the proxy signature. In this paper, we first define the security requirements for strong designated verifier proxy signature schemes. And then we construct an identity-based strong designated verifier proxy signature scheme. We argue that the proposed scheme satisfies all of the security requirements.展开更多
Identity-based (ID-based) ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are const...Identity-based (ID-based) ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are constructed from bilinear pairings, a powerful but computationally expensive primitive. Hence, ID-based ring signature without pairing is of great interest in the field of cryptography. In this paper, the authors firstly propose an ID-based ring signature scheme based on quadratic residues. The proposed scheme is proved to be existentially unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the hardness of factoring. The proposed scheme is more efficient than those which are constructed from bilinear pairings.展开更多
In opportunistic Networks,compromised nodes can attack social context-based routing protocols by publishing false social attributes information.To solve this problem,we propose a security scheme based on the identity-...In opportunistic Networks,compromised nodes can attack social context-based routing protocols by publishing false social attributes information.To solve this problem,we propose a security scheme based on the identity-based threshold signature which allows mobile nodes to jointly generate and distribute the secrets for social attributes in a totally self-organized way without the need of any centralized authority.New joining nodes can reconstruct their own social attribute signatures by getting enough partial signature services from encounter opportunities with the initial nodes.Mobile nodes need to testify whether the neighbors can provide valid attribute signatures for their routing advertisements in order to resist potential routing attacks.Simulation results show that:by implementing our security scheme,the network delivery probability of the social context-based routing protocol can be effectively improved when there are large numbers of compromised nodes in opportunistic networks.展开更多
A (t, n) threshold signature scheme distributes the secret key and hence the signing ability to n players in a way that any set of t+1 or more honest players can collaborate to sign, while any set of t players cannot....A (t, n) threshold signature scheme distributes the secret key and hence the signing ability to n players in a way that any set of t+1 or more honest players can collaborate to sign, while any set of t players cannot. In this paper we propose an iden- tity-based threshold signature (IBTHS) scheme from bilinear pairings. The signing phase of our scheme is non-interactive, meaning that the signing players do not need to talk to each other. We prove our scheme secure (i.e., unforgeable and robust) in the standard model (i.e., without random oracles). No earlier proposed IBTHS scheme achieved even one of the features of being non-interactive (in the signing phase) and secure in the standard model.展开更多
In this paper, we present an improved identity-based society oriented signature scheme with anonymous signers, which satisfies: (1) when members leave or join an organization, the public verification key and the si...In this paper, we present an improved identity-based society oriented signature scheme with anonymous signers, which satisfies: (1) when members leave or join an organization, the public verification key and the signature verification procedure are unchanged; (2) a user participates in several organizations at the same time, her secret key is only related with her identity. However, no previous schemes have these two properties.展开更多
Fair exchange of digital signatures is an important tool for signing digital contracts, e-payment and other electronic commerce actions. An ID-based scheme of fair exchange of digital signature is proposed in this pap...Fair exchange of digital signatures is an important tool for signing digital contracts, e-payment and other electronic commerce actions. An ID-based scheme of fair exchange of digital signature is proposed in this paper. The protocol relies on a trusted third party, but is "optimistic", in that the third party is only needed in cases where one player attempts to cheat or simply crashes. The proposed scheme has properties of short signature, low computation and verification cost. It can realize exchange of digital signatures fairly and effic, iently. A key feature of our scheme is that it is identity-based, which needs no certificates and has a simple key management. To our best knowledge, this is the first identity based scheme of fair exchange of digital signatures.展开更多
Recently, proxy ring signature schemes have been shown to be useful in various applications, such as electronic polling, electronic payment, etc. Although many proxy ring signature schemes have been pro-posed, there a...Recently, proxy ring signature schemes have been shown to be useful in various applications, such as electronic polling, electronic payment, etc. Although many proxy ring signature schemes have been pro-posed, there are only two identity-based proxy ring signature schemes have been proposed until now, i. e., Cheng's scheme and Lang's scheme. It's unlucky that the two identity-based proxy ring signature schemes are unfeasible. This paper points out the reasons why the two identity-based proxy ring signature schemes are unfeasible. In order to design feasible and efficient identity-based proxy ring signature schemes from bilinear pairings, we have to search for other methods.展开更多
In 2006, Bao et al proposed an identlty-based threshold proxy signature scheme with known signers. In this paper, we show that Bao et al's scheme is vulnerable to the forgery attack. An adversary can forge a valid th...In 2006, Bao et al proposed an identlty-based threshold proxy signature scheme with known signers. In this paper, we show that Bao et al's scheme is vulnerable to the forgery attack. An adversary can forge a valid threshold proxy signature for any message with knowing a previously valid threshold proxy signature. In addition, their scheme also suffers from the weakness that the proxy signers might change the threshold value. That is, the proxy signers can arbitrarily modify the threshold strategy without being detected by the original signer or verifiers, which might violate the original signer's intent. Furthermore, we propose an improved scheme that remedies the weaknesses of Bao et al's scheme. The improved scheme satisfies all secure requirements for threshold proxy signature.展开更多
An identity-based verifiably committed signature scheme (IB-VCS) was proposed, which is proved secure in the standard model (i.e., without random oracles). It enjoys the setup-free property and stand-alone property, b...An identity-based verifiably committed signature scheme (IB-VCS) was proposed, which is proved secure in the standard model (i.e., without random oracles). It enjoys the setup-free property and stand-alone property, both of which make an exchange protocol more practical. The scheme is unconditionally secure against the cheating signer, its security against the cheating verifier is reduced to the computational Diffie-Hellman (CDH) problem in the underlying group, it is secure against the cheating trusted third party if the underlying Paterson Schuldt's identity based signature (IBS) scheme is secure, which is proven true based on the CDH assumption in the standard model.展开更多
We argue that traditional identity-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we first propose new ID-based public key systems wit...We argue that traditional identity-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we first propose new ID-based public key systems without trusted PKG (Private Key Generator) from bilinear pairings. In our new ID-based systems, if the dishonest PKG impersonates an honest user to communicate with others, the user can provide a proof of treachery of the PKG afterwards, which is similar to certificate-based systems. Therefore, our systems reach the Girault’s trusted level 3. We then propose a group signature scheme under the new ID-based systems, the security and performance of which rely on the new systems. The size of the group public key and the length of the signature are independent on the numbers of the group.展开更多
In a proxy blind signature scheme, the proxy signer is allowed to generate a blind signature on behalf of the original signer. The proxy blind signature scheme is useful in several applications such as e-voting and e-...In a proxy blind signature scheme, the proxy signer is allowed to generate a blind signature on behalf of the original signer. The proxy blind signature scheme is useful in several applications such as e-voting and e-payment. In this paper, we propose an identity-based proxy blind signature scheme which combines the advantages of proxy signature and of blind signature. Our scheme fulfills peffecdy the security requirements of a proxy blind signature. Comparing the previous scheme, our scheme needs less computational overhead and is more efficient.展开更多
Ring signature and proxy signature are of vital importance to secure electronic commerce. Recently, the bilinear pairing such as Well pairing or Tate pairing on elliptic curves and hyperelliptic curves is playing an i...Ring signature and proxy signature are of vital importance to secure electronic commerce. Recently, the bilinear pairing such as Well pairing or Tate pairing on elliptic curves and hyperelliptic curves is playing an important role in security solutions. Several ID-based signature schemes have been put forward, many of which are based on bilinear pairings. In key management and moderate security demand scenarios, ID-based public key cryptosystem is more preferable than other public key infrastructure based systems. In this paper, an improved ID-based proxy ring signature scheme from bilinear pairings is proposed which combines the advantages of proxy signature and of ring signatures. Our scheme can guarantee the profits of the proxy signer via preventing the original signer form generating the proxy ring signature. Furthermore, bilinear pairings are introduced to minimize the computation overhead and to improve the related performance of our scheme. In contrast with Zhang's scheme, our scheme is a computational efficiency improvement for signature verification because the computational cost of bilinear pairings required is reduced from O(n) to O( 1 ). In addition, the proxy ring signature presented in this paper can perfectly satisfy all the security requirements of proxy ring signature, i. e. signer-ambiguity, non-forgeability, verification, non-deniability and distinguishability.展开更多
Without the assumption that the private keys are kept secure perfectly, cryptographic primitives cannot be deployed in the insecure environments where the key leakage is inevitable. In order to reduce the damage cause...Without the assumption that the private keys are kept secure perfectly, cryptographic primitives cannot be deployed in the insecure environments where the key leakage is inevitable. In order to reduce the damage caused by the key exposure in the identity-based(ID-based) signature scenarios efficiently, we propose an ID-based key-insulated signature scheme in this paper, which eliminates the expensive bilinear pairing operations. Compared with the previous work, our scheme minimizes the computation cost without any extra cost. Under the discrete logarithm(DL) assumption, a security proof of our scheme in the random oracle model has also been given.展开更多
Automatic signature generation approaches have been widely applied in recent traffic classification.However,they are not suitable for LightWeight Deep Packet Inspection(LW_DPI) since their generated signatures are mat...Automatic signature generation approaches have been widely applied in recent traffic classification.However,they are not suitable for LightWeight Deep Packet Inspection(LW_DPI) since their generated signatures are matched through a search of the entire application data.On the basis of LW_DPI schemes,we present two Hierarchical Clustering(HC) algorithms:HC_TCP and HC_UDP,which can generate byte signatures from TCP and UDP packet payloads respectively.In particular,HC_TCP and HC_ UDP can extract the positions of byte signatures in packet payloads.Further,in order to deal with the case in which byte signatures cannot be derived,we develop an algorithm for generating bit signatures.Compared with the LASER algorithm and Suffix Tree(ST)-based algorithm,the proposed algorithms are better in terms of both classification accuracy and speed.Moreover,the experimental results indicate that,as long as the application-protocol header exists,it is possible to automatically derive reliable and accurate signatures combined with their positions in packet payloads.展开更多
As the promising next-generation power grid,the smart grid has developed rapidly in recent years.The smart grid enables energy to be stored and delivered more efficiently and safely,but user data’s integrity protecti...As the promising next-generation power grid,the smart grid has developed rapidly in recent years.The smart grid enables energy to be stored and delivered more efficiently and safely,but user data’s integrity protection has been an important security issue in the smart grid.Although lots of digital signature protocols for the smart grid have been proposed to resolve this problem,they are vulnerable to quantum attacks.To deal with this problem,an efficient identity-based signature protocol on lattices is proposed in this paper.To improve our protocol’s efficiency,the tree of commitments is utilized.Moreover,a detailed performance evaluation of the proposed protocol is made.The performance analysis demonstrates that the potential utility of our protocol in the smart grid is huge.展开更多
针对多链式区块链采用主链最终共识机制,导致主链负载大,制约从链性能等问题,论文提出一种基于超图和MuSig2聚合签名的联盟链主从多链共识机制.首先根据超图理论,构建以横贯超图为主链,子超图为从链的联盟链主从多链架构;然后借鉴分治思...针对多链式区块链采用主链最终共识机制,导致主链负载大,制约从链性能等问题,论文提出一种基于超图和MuSig2聚合签名的联盟链主从多链共识机制.首先根据超图理论,构建以横贯超图为主链,子超图为从链的联盟链主从多链架构;然后借鉴分治思想,结合“背书-排序-验证”的共识方式,构建分层分类共识机制,通过分类处理交易降低主链负载压力;最后构建基于MuSig2聚合签名的联盟链多方背书签名方法,提升背书签名的验证效率.性能分析表明:基于MuSig2聚合签名的联盟链多方背书签名安全可靠,基于超图和MuSig2聚合签名的分层分类共识机制具有强一致性和线性时间复杂度.实验结果表明:基于MuSig2聚合签名的多方背书方法的总效率是椭圆曲线数字签名算法(Elliptic Curve Digital Signature Algorithm,ECDSA)的1.55倍,分层分类共识机制能够提升12.5%的共识效率.该机制具有较高性能,可满足企业多样化业务需求.展开更多
基金supported by the National Natural Science Foundation of China (60970119, 60803149)the National Basic Research Program of China (2007CB311201)the Fundamental Research Funds for the Central Universities
文摘Hierarchical identity-based signature (HIBS) has wide applications in the large network. However,the existing works cannot solve the trade-off between the security and efficiency. The main challenge at present is to construct a high efficient and strong secure HIBS with a low computation cost. In this paper,a new construction of HIBS scheme is proposed. The new scheme achieves the adaptive security which is a strong security in the identity-based cryptography. But our scheme has short public parameters and the private keys size shrinks as the hierarchy depth increases. The signature size is a constant and the cost of verification only requires four bilinear pairings,which are independent of hierarchy depth. Furthermore,under the q-strong computational diffie-Hellman problem (q-SDH) assumption,the scheme is provably secure against existential forgery for adaptive chosen message and identity attack in the standard model.
基金Supported by the National 973 Project of China (No.G1999035803), the National Natural Science Foundation of China (No.60373104) and the National 863 Project of China (No.2002AA143021).
文摘An identity-based multisignature scheme and an identity-based aggregate signature scheme are proposed in this paper. They are both from m-torsion groups on super-singular elliptic curves or hyper-elliptic curves and based on the recently proposed identity-based signature scheme of Cha and Cheon. Due to the sound properties of m-torsion groups and the base scheme, it turns out that our schemes are very simple and efficient. Both schemes are proven to be secure against adaptive chosen message attack in the random oracle model under the normal security notions with the assumption that the Computational Diffie-Hellman problem is hard in the m-torsion groups.
基金Supported by the National Natural Science Foundation of China (No. 60573032, 60773092, 90604036, 60873229, 60903178, 60672072, 60832003)Zhejiang Provincial Natural Science Foundation of China (No. Y106505)
文摘In proxy signature schemes,the proxy signer B is permitted to produce a signature on behalf of the original signer A. However,exposure of proxy signing keys can be the most devastating attack on a proxy signature scheme since any adversary can sign messages on behalf of the proxy signer. In this paper,we applied Dodis,et al.’s key-insulation mechanism and proposed an Identity-Based (ID-based) Key-Insulated Proxy Signature (IBKIPS) scheme with secure key-updates. The proposed scheme is strong key-insulated and perfectly key-insulated. Our scheme also supports unbounded period numbers and random-access key-updates.
基金Supported by the National Natural Science Foun-dation of Chinafor Distinguished Young Scholars(60225007) the Na-tional Research Fundfor the Doctoral Programof Higher Education ofChina(20020248024) the Science and Technology Research Pro-ject of Shanghai (04DZ07067)
文摘In a strong designated verifier proxy signature scheme, a proxy signer can generate proxy signature on behalf of an original signer, but only the designated verifier can verify the validity of the proxy signature. In this paper, we first define the security requirements for strong designated verifier proxy signature schemes. And then we construct an identity-based strong designated verifier proxy signature scheme. We argue that the proposed scheme satisfies all of the security requirements.
基金Supported by the National High Technology Research and Development Program of China (No. 2006AA01Z428)the National Natural Science Foundation of China ( No. 60673075)
文摘Identity-based (ID-based) ring signature has drawn great concerns in recent years and many ID-based ring signature schemes have been proposed until now. Unfortunately, all of these ID-based ring signatures are constructed from bilinear pairings, a powerful but computationally expensive primitive. Hence, ID-based ring signature without pairing is of great interest in the field of cryptography. In this paper, the authors firstly propose an ID-based ring signature scheme based on quadratic residues. The proposed scheme is proved to be existentially unforgeable against adaptive chosen message-and-identity attack under the random oracle model, assuming the hardness of factoring. The proposed scheme is more efficient than those which are constructed from bilinear pairings.
基金the Major national S&T program under Grant No. 2011ZX03005-002National Natural Science Foundation of China under Grant No. 60872041,61072066the Fundamental Research Funds for the Central Universities under Grant No. JY10000903001,JY10000901034
文摘In opportunistic Networks,compromised nodes can attack social context-based routing protocols by publishing false social attributes information.To solve this problem,we propose a security scheme based on the identity-based threshold signature which allows mobile nodes to jointly generate and distribute the secrets for social attributes in a totally self-organized way without the need of any centralized authority.New joining nodes can reconstruct their own social attribute signatures by getting enough partial signature services from encounter opportunities with the initial nodes.Mobile nodes need to testify whether the neighbors can provide valid attribute signatures for their routing advertisements in order to resist potential routing attacks.Simulation results show that:by implementing our security scheme,the network delivery probability of the social context-based routing protocol can be effectively improved when there are large numbers of compromised nodes in opportunistic networks.
基金Project (No. 2005AA145110) supported by the Hi-Tech Research and Development Program (863) of China
文摘A (t, n) threshold signature scheme distributes the secret key and hence the signing ability to n players in a way that any set of t+1 or more honest players can collaborate to sign, while any set of t players cannot. In this paper we propose an iden- tity-based threshold signature (IBTHS) scheme from bilinear pairings. The signing phase of our scheme is non-interactive, meaning that the signing players do not need to talk to each other. We prove our scheme secure (i.e., unforgeable and robust) in the standard model (i.e., without random oracles). No earlier proposed IBTHS scheme achieved even one of the features of being non-interactive (in the signing phase) and secure in the standard model.
基金Supported by the National Natural Science Foundation of China (90604034, 10371127)
文摘In this paper, we present an improved identity-based society oriented signature scheme with anonymous signers, which satisfies: (1) when members leave or join an organization, the public verification key and the signature verification procedure are unchanged; (2) a user participates in several organizations at the same time, her secret key is only related with her identity. However, no previous schemes have these two properties.
基金Supported by the National Natural Science Foun-dation of China (60372046 ,60573043)
文摘Fair exchange of digital signatures is an important tool for signing digital contracts, e-payment and other electronic commerce actions. An ID-based scheme of fair exchange of digital signature is proposed in this paper. The protocol relies on a trusted third party, but is "optimistic", in that the third party is only needed in cases where one player attempts to cheat or simply crashes. The proposed scheme has properties of short signature, low computation and verification cost. It can realize exchange of digital signatures fairly and effic, iently. A key feature of our scheme is that it is identity-based, which needs no certificates and has a simple key management. To our best knowledge, this is the first identity based scheme of fair exchange of digital signatures.
基金Supported by the National Natural Science Foundation of China (No.60432040).
文摘Recently, proxy ring signature schemes have been shown to be useful in various applications, such as electronic polling, electronic payment, etc. Although many proxy ring signature schemes have been pro-posed, there are only two identity-based proxy ring signature schemes have been proposed until now, i. e., Cheng's scheme and Lang's scheme. It's unlucky that the two identity-based proxy ring signature schemes are unfeasible. This paper points out the reasons why the two identity-based proxy ring signature schemes are unfeasible. In order to design feasible and efficient identity-based proxy ring signature schemes from bilinear pairings, we have to search for other methods.
基金Supported by the National Natural Science Foun-dation of China (60473029)
文摘In 2006, Bao et al proposed an identlty-based threshold proxy signature scheme with known signers. In this paper, we show that Bao et al's scheme is vulnerable to the forgery attack. An adversary can forge a valid threshold proxy signature for any message with knowing a previously valid threshold proxy signature. In addition, their scheme also suffers from the weakness that the proxy signers might change the threshold value. That is, the proxy signers can arbitrarily modify the threshold strategy without being detected by the original signer or verifiers, which might violate the original signer's intent. Furthermore, we propose an improved scheme that remedies the weaknesses of Bao et al's scheme. The improved scheme satisfies all secure requirements for threshold proxy signature.
基金The National Hi-Tech Research and Development Program (863) of China (No. 2005AA145110)The Pudong New Area Technology Innovation Public Service Platform of China (No. PDP2005-04)
文摘An identity-based verifiably committed signature scheme (IB-VCS) was proposed, which is proved secure in the standard model (i.e., without random oracles). It enjoys the setup-free property and stand-alone property, both of which make an exchange protocol more practical. The scheme is unconditionally secure against the cheating signer, its security against the cheating verifier is reduced to the computational Diffie-Hellman (CDH) problem in the underlying group, it is secure against the cheating trusted third party if the underlying Paterson Schuldt's identity based signature (IBS) scheme is secure, which is proven true based on the CDH assumption in the standard model.
基金Supported by National Natural Science Foundation of China (No.60503006 and No.60403007) and Natural Science Foundation of Guangdong, China (No. 04205407).
文摘We argue that traditional identity-based systems from pairings seem unsuitable for designing group signature schemes due to the problem of key escrow. In this paper we first propose new ID-based public key systems without trusted PKG (Private Key Generator) from bilinear pairings. In our new ID-based systems, if the dishonest PKG impersonates an honest user to communicate with others, the user can provide a proof of treachery of the PKG afterwards, which is similar to certificate-based systems. Therefore, our systems reach the Girault’s trusted level 3. We then propose a group signature scheme under the new ID-based systems, the security and performance of which rely on the new systems. The size of the group public key and the length of the signature are independent on the numbers of the group.
基金Supported by the Major Research Plan of the National Natural Science Foundation of China(90604023), the National Natural Science Foundation of China (60373059) and the National Research Foundation for the Doctoral Program of Higher Education of China(20040013007)
文摘In a proxy blind signature scheme, the proxy signer is allowed to generate a blind signature on behalf of the original signer. The proxy blind signature scheme is useful in several applications such as e-voting and e-payment. In this paper, we propose an identity-based proxy blind signature scheme which combines the advantages of proxy signature and of blind signature. Our scheme fulfills peffecdy the security requirements of a proxy blind signature. Comparing the previous scheme, our scheme needs less computational overhead and is more efficient.
基金Sponsored by the National Natural Science Foundation of China(Grant No.90104033).
文摘Ring signature and proxy signature are of vital importance to secure electronic commerce. Recently, the bilinear pairing such as Well pairing or Tate pairing on elliptic curves and hyperelliptic curves is playing an important role in security solutions. Several ID-based signature schemes have been put forward, many of which are based on bilinear pairings. In key management and moderate security demand scenarios, ID-based public key cryptosystem is more preferable than other public key infrastructure based systems. In this paper, an improved ID-based proxy ring signature scheme from bilinear pairings is proposed which combines the advantages of proxy signature and of ring signatures. Our scheme can guarantee the profits of the proxy signer via preventing the original signer form generating the proxy ring signature. Furthermore, bilinear pairings are introduced to minimize the computation overhead and to improve the related performance of our scheme. In contrast with Zhang's scheme, our scheme is a computational efficiency improvement for signature verification because the computational cost of bilinear pairings required is reduced from O(n) to O( 1 ). In addition, the proxy ring signature presented in this paper can perfectly satisfy all the security requirements of proxy ring signature, i. e. signer-ambiguity, non-forgeability, verification, non-deniability and distinguishability.
基金supported by the National Natural Science Foundation of China under Grant No.61003230,No.61370026,No.61103206,and No.61300191Chongqing Key Lab of Computer Network and Communication Technology under Grant No.CY-CNCL-2012-02
文摘Without the assumption that the private keys are kept secure perfectly, cryptographic primitives cannot be deployed in the insecure environments where the key leakage is inevitable. In order to reduce the damage caused by the key exposure in the identity-based(ID-based) signature scenarios efficiently, we propose an ID-based key-insulated signature scheme in this paper, which eliminates the expensive bilinear pairing operations. Compared with the previous work, our scheme minimizes the computation cost without any extra cost. Under the discrete logarithm(DL) assumption, a security proof of our scheme in the random oracle model has also been given.
基金supported by the National Key Basic Research Program of China (973 Program) under Grant No. 2011CB302605the National High Technical Research and Development Program of China (863 Program) underGrants No. 2010AA012504,No. 2011AA010705+1 种基金the National Natural Science Foundation of China under Grant No. 60903166the National Science and Technology Support Program under Grants No. 2012BAH37B00,No. 2012-BAH37B01
文摘Automatic signature generation approaches have been widely applied in recent traffic classification.However,they are not suitable for LightWeight Deep Packet Inspection(LW_DPI) since their generated signatures are matched through a search of the entire application data.On the basis of LW_DPI schemes,we present two Hierarchical Clustering(HC) algorithms:HC_TCP and HC_UDP,which can generate byte signatures from TCP and UDP packet payloads respectively.In particular,HC_TCP and HC_ UDP can extract the positions of byte signatures in packet payloads.Further,in order to deal with the case in which byte signatures cannot be derived,we develop an algorithm for generating bit signatures.Compared with the LASER algorithm and Suffix Tree(ST)-based algorithm,the proposed algorithms are better in terms of both classification accuracy and speed.Moreover,the experimental results indicate that,as long as the application-protocol header exists,it is possible to automatically derive reliable and accurate signatures combined with their positions in packet payloads.
基金supported by Science and Technology project of State Grid Customer Service Center(SGKF0000DFQT2200030)。
文摘As the promising next-generation power grid,the smart grid has developed rapidly in recent years.The smart grid enables energy to be stored and delivered more efficiently and safely,but user data’s integrity protection has been an important security issue in the smart grid.Although lots of digital signature protocols for the smart grid have been proposed to resolve this problem,they are vulnerable to quantum attacks.To deal with this problem,an efficient identity-based signature protocol on lattices is proposed in this paper.To improve our protocol’s efficiency,the tree of commitments is utilized.Moreover,a detailed performance evaluation of the proposed protocol is made.The performance analysis demonstrates that the potential utility of our protocol in the smart grid is huge.
文摘针对多链式区块链采用主链最终共识机制,导致主链负载大,制约从链性能等问题,论文提出一种基于超图和MuSig2聚合签名的联盟链主从多链共识机制.首先根据超图理论,构建以横贯超图为主链,子超图为从链的联盟链主从多链架构;然后借鉴分治思想,结合“背书-排序-验证”的共识方式,构建分层分类共识机制,通过分类处理交易降低主链负载压力;最后构建基于MuSig2聚合签名的联盟链多方背书签名方法,提升背书签名的验证效率.性能分析表明:基于MuSig2聚合签名的联盟链多方背书签名安全可靠,基于超图和MuSig2聚合签名的分层分类共识机制具有强一致性和线性时间复杂度.实验结果表明:基于MuSig2聚合签名的多方背书方法的总效率是椭圆曲线数字签名算法(Elliptic Curve Digital Signature Algorithm,ECDSA)的1.55倍,分层分类共识机制能够提升12.5%的共识效率.该机制具有较高性能,可满足企业多样化业务需求.