Since the end of the 1990s,cryptosystems implemented on smart cards have had to deal with two main categories of attacks:side-channel attacks and fault injection attacks.Countermeasures have been developed and validat...Since the end of the 1990s,cryptosystems implemented on smart cards have had to deal with two main categories of attacks:side-channel attacks and fault injection attacks.Countermeasures have been developed and validated against these two types of attacks,taking into account a well-defined attacker model.This work focuses on small vulnerabilities and countermeasures related to the Elliptic Curve Digital Signature Algorithm(ECDSA)algorithm.The work done in this paper focuses on protecting the ECDSA algorithm against fault-injection attacks.More precisely,we are interested in the countermeasures of scalar multiplication in the body of the elliptic curves to protect against attacks concerning only a few bits of secret may be sufficient to recover the private key.ECDSA can be implemented in different ways,in software or via dedicated hardware or a mix of both.Many different architectures are therefore possible to implement an ECDSA-based system.For this reason,this work focuses mainly on the hardware implementation of the digital signature ECDSA.In addition,the proposed ECDSA architecture with and without fault detection for the scalar multiplication have been implemented on Xilinxfield programmable gate arrays(FPGA)platform(Virtex-5).Our implementation results have been compared and discussed.Our area,frequency,area overhead and frequency degradation have been compared and it is shown that the proposed architecture of ECDSA with fault detection for the scalar multiplication allows a trade-off between the hardware overhead and the security of the ECDSA.展开更多
With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smar...With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.展开更多
To realize delegation between different users in a mixed cryptosystem,a proxy signature scheme for ID-based original signers and certificated-based proxy signers(PSS-ID-CER)is defined.Using the bilinear properties o...To realize delegation between different users in a mixed cryptosystem,a proxy signature scheme for ID-based original signers and certificated-based proxy signers(PSS-ID-CER)is defined.Using the bilinear properties of the pairings and the characters of key generations of certificate-based cryptosystems and ID-based cryptosystems,a construction for such a scheme is also presented.To prove the security of the proposed scheme,a general security model for this scheme under adaptive chosen-PKG,chosen-ID,chosen-delegation,chosen-ProxySigner-public-key,chosen-proxy-key and chosen-message attack is defined.The proposed scheme is provably secure under the random oracle model and the hardness assumption of computational Diffie-Hellman problem.展开更多
In this paper, a scheme which can be used in multi-user quantum digital signature is proposed. The scheme of signature and verification is based on the characters of GHZ (Greenberger-Horne-Zeilinger) states and cont...In this paper, a scheme which can be used in multi-user quantum digital signature is proposed. The scheme of signature and verification is based on the characters of GHZ (Greenberger-Horne-Zeilinger) states and controlled quantum teleportation. Different from the digital signatures based on computational complexity, this scheme is unconditional secure, and compared to the former presented quantum signature scheme, it does not rely on an arbitrator to verify the signature and realize a message can be signed by multi-user together.展开更多
An identity-based proxy blind signature scheme from bilinear pairings isintroduced, which combines the advantages of proxy signature and blind signature. Furthermore, ourscheme can prevent the original signer from gen...An identity-based proxy blind signature scheme from bilinear pairings isintroduced, which combines the advantages of proxy signature and blind signature. Furthermore, ourscheme can prevent the original signer from generating the proxy blind signature, thus the profitsof the proxy signer are guaranteed. We introduce bilinear pairings to minimize computationaloverhead and to improve the related performance of our scheme. In addition, the proxy blindsignature presented is non-repudiable and it fulfills perfectly the security requirements of a proxyblind signature.展开更多
Digital signature has recently played an increasingly important role in cyberspace security.Most of them are based on the public key cryptography.Public key cryptography is a mainstream cryptographic algorithm system ...Digital signature has recently played an increasingly important role in cyberspace security.Most of them are based on the public key cryptography.Public key cryptography is a mainstream cryptographic algorithm system that has been widely used in cyberspace security in recent years.The most classic public key cryptography algorithm is RSA and its difficulty is based on the large integer decomposition problem.In 2017,ISRSAC was proposed by M.Thangaval.ISRSAC has made security improvements to the RSA algorithm by increasing the complexity in factoring the value of modulus‘n’.A digital signature algorithm based on ISRSAC algorithm was completed in this paper,and furthermore,a proxy signature algorithm based on ISRSAC and two kinds of multi-signature algorithms were presented,which include sequential multi-signature and broadcasting multi-signature.展开更多
Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer's extracted fingerpr...Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer's extracted fingerprint features match his stored template. To resist being tampered on public channel, the user's message and the signed message are encrypted by the signer's public key and the user's public key, respectively. In the other signature system, the keys are generated by combining the signer's fingerprint features, check bits, and a rememberable key, and there are no matching process and keys stored on the smart card. Additionally, there is generally more than one public key in this system, that is, there exist some pseudo public keys except a real one.展开更多
Ring signature and proxy signature are of vital importance to secure electronic commerce. Recently, the bilinear pairing such as Well pairing or Tate pairing on elliptic curves and hyperelliptic curves is playing an i...Ring signature and proxy signature are of vital importance to secure electronic commerce. Recently, the bilinear pairing such as Well pairing or Tate pairing on elliptic curves and hyperelliptic curves is playing an important role in security solutions. Several ID-based signature schemes have been put forward, many of which are based on bilinear pairings. In key management and moderate security demand scenarios, ID-based public key cryptosystem is more preferable than other public key infrastructure based systems. In this paper, an improved ID-based proxy ring signature scheme from bilinear pairings is proposed which combines the advantages of proxy signature and of ring signatures. Our scheme can guarantee the profits of the proxy signer via preventing the original signer form generating the proxy ring signature. Furthermore, bilinear pairings are introduced to minimize the computation overhead and to improve the related performance of our scheme. In contrast with Zhang's scheme, our scheme is a computational efficiency improvement for signature verification because the computational cost of bilinear pairings required is reduced from O(n) to O( 1 ). In addition, the proxy ring signature presented in this paper can perfectly satisfy all the security requirements of proxy ring signature, i. e. signer-ambiguity, non-forgeability, verification, non-deniability and distinguishability.展开更多
Lack of efficiency in the initial key generation process is a serious shortcoming of Merkle tree signature scheme with a large number of possible signatures. Based on two kinds of Merkle trees, a new tree type signatu...Lack of efficiency in the initial key generation process is a serious shortcoming of Merkle tree signature scheme with a large number of possible signatures. Based on two kinds of Merkle trees, a new tree type signature scheme is constructed, and it is provably existentially unforgeable under adaptive chosen message attack. By decentralizing the initial key generation process of the original scheme within the signature process, a large Merkle tree with 6.87×10^10 possible signatures can be initialized in 590 milliseconds. Storing some small Merkle trees in hard disk and memory can speed up Merkle tree signature scheme. Mekle tree signature schemes are fit for trusted computing platform in most scenarios.展开更多
ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we...ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we prove that our new scheme is secure against existential delegation forgery with the assumption that Hess's scheme-1 is existential unforgeable, and that our new scheme is secure against existential proxy multi-signature forgery under the hardness assumption of the computational Diffie-Hellman problem.展开更多
Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or ...Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or acquired optimized performance. To achieve the goals of both proven security and high efficiency, this paper proposed an efficient identity-based proxy signature scheme. The scheme is constructed from bilinear pairing and proved secure in the random oracle model, using the oracle replay attack technique introduced by Pointehval and Stern. The analysis shows that the scheme needs less computation costs and has a shorter signature than the other schemes.展开更多
Due to the rapid growth of online transactions on the Internet, authentication, non-repudiation and integrity are very essential security requirements for a secure transaction. To achieve these security goals, digital...Due to the rapid growth of online transactions on the Internet, authentication, non-repudiation and integrity are very essential security requirements for a secure transaction. To achieve these security goals, digital signature is the most efficient cryptographic primitive. Many authors have proposed this scheme and prove their security and evaluate the efficiency. In our paper, we present comprehensive study of conventional digital signature schemes based on RSA, DSA and ECDSA (Elliptic Curve Digital Signature Algorithm) and the improved version of these scheme.展开更多
Visual cryptography is a cryptographic technique which emerges in the information security domain in recent years. Each of the sharing sub-keys may be a stochastic noise image or a significative image with no informat...Visual cryptography is a cryptographic technique which emerges in the information security domain in recent years. Each of the sharing sub-keys may be a stochastic noise image or a significative image with no information on the original key. But a mass of sub-keys have to be saved actually, which faces the problem of inconvenient discrimination and management. This paper presents a visual cryptography scheme based on the digital signature for image discrimination and management, applying the digital signature and the time-stamp technology to the visual cryptography scheme. The scheme both solves the problem on the storage and management of the sharing sub-keys, increases the verification of image contents, thus enhances the validity of storage and management without security effect.展开更多
The paper proposes a new sequential digital multi-signature scheme based on Knapsack public-key cryptosystem,which is different from the existing scheme.The advantages of this scheme over the existing schemes are that...The paper proposes a new sequential digital multi-signature scheme based on Knapsack public-key cryptosystem,which is different from the existing scheme.The advantages of this scheme over the existing schemes are that it simplifies the signature generation process and speeds up the signature verification process.What’s more,the scheme reduces the cost of communication and redundancy operation, and improves efficiency,and can avoid cheating by signer efficiently,so the scheme has very broad application prospects.展开更多
Objective Focusing on the s ecurity problem of authentication and confidentiality in the context of computer networks, a digital signature scheme was proposed based on the public key crypt osystem. Methods Firstly...Objective Focusing on the s ecurity problem of authentication and confidentiality in the context of computer networks, a digital signature scheme was proposed based on the public key crypt osystem. Methods Firstly, the course of digital signature based on the public key cryptosystem was given. Then, RSA and ELGamal schemes were de scribed respectively. They were the basis of the proposed scheme. Generalized EL Gamal type signature schemes were listed. After comparing with each other, one s cheme, whose Signature equation was (m+r)x=j+s modΦ(p) , was adopted in the des igning. Results Based on two well-known cryptographic assumpti ons, the factorization and the discrete logarithms, a digital signature scheme w as presented. It must be required that s' was not equal to p'q' in the signing p rocedure, because attackers could forge the signatures with high probabilities i f the discrete logarithms modulo a large prime were solvable. The variable publi c key “e” is used instead of the invariable parameter “3” in Harn's signatu re scheme to enhance the security. One generalized ELGamal type scheme made the proposed scheme escape one multiplicative inverse operation in the signing proce dure and one modular exponentiation in the verification procedure. Concl usion The presented scheme obtains the security that Harn's scheme was originally claimed. It is secure if the factorization and the discrete logarithm s are simultaneously unsolvable.展开更多
Based on the analysis of elliptic curve digital signature algorithm(ECDSA),aiming at multilevel proxy signature in which the original signer delegates the digital signature authority to several proxies and its secur...Based on the analysis of elliptic curve digital signature algorithm(ECDSA),aiming at multilevel proxy signature in which the original signer delegates the digital signature authority to several proxies and its security demands, a new multilevel proxy signature scheme based on elliptic curve discrete logarithm problem (ECDLP) is presented and its security are proved.展开更多
Fair exchange of digital signatures is an important tool for signing digital contracts, e-payment and other electronic commerce actions. An ID-based scheme of fair exchange of digital signature is proposed in this pap...Fair exchange of digital signatures is an important tool for signing digital contracts, e-payment and other electronic commerce actions. An ID-based scheme of fair exchange of digital signature is proposed in this paper. The protocol relies on a trusted third party, but is "optimistic", in that the third party is only needed in cases where one player attempts to cheat or simply crashes. The proposed scheme has properties of short signature, low computation and verification cost. It can realize exchange of digital signatures fairly and effic, iently. A key feature of our scheme is that it is identity-based, which needs no certificates and has a simple key management. To our best knowledge, this is the first identity based scheme of fair exchange of digital signatures.展开更多
In this paper, two improved digital signature schemes are presented based on the design of directed signature scheme. The peculiarity of the system is that only if the scheme is specific recipient, the signature is au...In this paper, two improved digital signature schemes are presented based on the design of directed signature scheme. The peculiarity of the system is that only if the scheme is specific recipient, the signature is authenticated. Since the scheme adds the screen of some information parameters, the difficulty of deciphered keys and the security of digital signature system are increased.展开更多
In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this pape...In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature (ID-PMS) schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.展开更多
Key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest private key generator (PKG) can forge the signature of any user, meanwhile, the user can deny the signature actually si...Key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest private key generator (PKG) can forge the signature of any user, meanwhile, the user can deny the signature actually signed by him/herself. To avoid the keyescrow problem, an ID-based signature scheme was presented without trusted PKG. The exact proof of security was presented to demonstrate that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other signature schemes, the proposed scheme is more efficient.展开更多
基金The funding was provided by the Deanship of Scientific Research at King Khalid University through Research Group Project[grant number RGP.1/157/42].
文摘Since the end of the 1990s,cryptosystems implemented on smart cards have had to deal with two main categories of attacks:side-channel attacks and fault injection attacks.Countermeasures have been developed and validated against these two types of attacks,taking into account a well-defined attacker model.This work focuses on small vulnerabilities and countermeasures related to the Elliptic Curve Digital Signature Algorithm(ECDSA)algorithm.The work done in this paper focuses on protecting the ECDSA algorithm against fault-injection attacks.More precisely,we are interested in the countermeasures of scalar multiplication in the body of the elliptic curves to protect against attacks concerning only a few bits of secret may be sufficient to recover the private key.ECDSA can be implemented in different ways,in software or via dedicated hardware or a mix of both.Many different architectures are therefore possible to implement an ECDSA-based system.For this reason,this work focuses mainly on the hardware implementation of the digital signature ECDSA.In addition,the proposed ECDSA architecture with and without fault detection for the scalar multiplication have been implemented on Xilinxfield programmable gate arrays(FPGA)platform(Virtex-5).Our implementation results have been compared and discussed.Our area,frequency,area overhead and frequency degradation have been compared and it is shown that the proposed architecture of ECDSA with fault detection for the scalar multiplication allows a trade-off between the hardware overhead and the security of the ECDSA.
基金This work was supported in part by the National Natural Science Foundation of China(Nos.62072074,62076054,62027827,62002047)the Sichuan Science and Technology Innovation Platform and Talent Plan(Nos.2020JDJQ0020,2022JDJQ0039)+2 种基金the Sichuan Science and Technology Support Plan(Nos.2020YFSY0010,2022YFQ0045,2022YFS0220,2023YFG0148,2021YFG0131)the YIBIN Science and Technology Support Plan(No.2021CG003)the Medico-Engineering Cooperation Funds from University of Electronic Science and Technology of China(Nos.ZYGX2021YGLH212,ZYGX2022YGRH012).
文摘With the continuous expansion of the Industrial Internet of Things(IIoT),more andmore organisations are placing large amounts of data in the cloud to reduce overheads.However,the channel between cloud servers and smart equipment is not trustworthy,so the issue of data authenticity needs to be addressed.The SM2 digital signature algorithm can provide an authentication mechanism for data to solve such problems.Unfortunately,it still suffers from the problem of key exposure.In order to address this concern,this study first introduces a key-insulated scheme,SM2-KI-SIGN,based on the SM2 algorithm.This scheme boasts strong key insulation and secure keyupdates.Our scheme uses the elliptic curve algorithm,which is not only more efficient but also more suitable for IIoT-cloud environments.Finally,the security proof of SM2-KI-SIGN is given under the Elliptic Curve Discrete Logarithm(ECDL)assumption in the random oracle.
基金The National Natural Science Foundation of China(No.60473028)the Natural Science Foundation of Zhengzhou University of Light Industry(No.2006XXJ18)the Doctor Foundation of Zhengzhou University of Light Industry(No.20080014)
文摘To realize delegation between different users in a mixed cryptosystem,a proxy signature scheme for ID-based original signers and certificated-based proxy signers(PSS-ID-CER)is defined.Using the bilinear properties of the pairings and the characters of key generations of certificate-based cryptosystems and ID-based cryptosystems,a construction for such a scheme is also presented.To prove the security of the proposed scheme,a general security model for this scheme under adaptive chosen-PKG,chosen-ID,chosen-delegation,chosen-ProxySigner-public-key,chosen-proxy-key and chosen-message attack is defined.The proposed scheme is provably secure under the random oracle model and the hardness assumption of computational Diffie-Hellman problem.
基金Supported by the National Natural Science Foundation of China (60572035, 10505005) the Foundation of Beijing Municipality Key Laboratory of Communication and Information System (JD100040513)
文摘In this paper, a scheme which can be used in multi-user quantum digital signature is proposed. The scheme of signature and verification is based on the characters of GHZ (Greenberger-Horne-Zeilinger) states and controlled quantum teleportation. Different from the digital signatures based on computational complexity, this scheme is unconditional secure, and compared to the former presented quantum signature scheme, it does not rely on an arbitrator to verify the signature and realize a message can be signed by multi-user together.
文摘An identity-based proxy blind signature scheme from bilinear pairings isintroduced, which combines the advantages of proxy signature and blind signature. Furthermore, ourscheme can prevent the original signer from generating the proxy blind signature, thus the profitsof the proxy signer are guaranteed. We introduce bilinear pairings to minimize computationaloverhead and to improve the related performance of our scheme. In addition, the proxy blindsignature presented is non-repudiable and it fulfills perfectly the security requirements of a proxyblind signature.
基金This work has been performed in National Natural Science Foundation of China(No.61772047,61372069)the Fundamental Research Funds for the Central Universities(No.328201902)+2 种基金National Defense Pre-research Foundation,SRF for ROCS,SEM(JY0600090102)111 project(No.B08038)China Civil Aviation Information Technology Research Base Funded Project(CAAC-ITRB-201705).
文摘Digital signature has recently played an increasingly important role in cyberspace security.Most of them are based on the public key cryptography.Public key cryptography is a mainstream cryptographic algorithm system that has been widely used in cyberspace security in recent years.The most classic public key cryptography algorithm is RSA and its difficulty is based on the large integer decomposition problem.In 2017,ISRSAC was proposed by M.Thangaval.ISRSAC has made security improvements to the RSA algorithm by increasing the complexity in factoring the value of modulus‘n’.A digital signature algorithm based on ISRSAC algorithm was completed in this paper,and furthermore,a proxy signature algorithm based on ISRSAC and two kinds of multi-signature algorithms were presented,which include sequential multi-signature and broadcasting multi-signature.
基金This project was supported by the National Science Foundation of China (60763009)China Postdoctoral Science Foundation (2005038041)Hainan Natural Science Foundation (80528).
文摘Two signature systems based on smart cards and fingerprint features are proposed. In one signature system, the cryptographic key is stored in the smart card and is only accessible when the signer's extracted fingerprint features match his stored template. To resist being tampered on public channel, the user's message and the signed message are encrypted by the signer's public key and the user's public key, respectively. In the other signature system, the keys are generated by combining the signer's fingerprint features, check bits, and a rememberable key, and there are no matching process and keys stored on the smart card. Additionally, there is generally more than one public key in this system, that is, there exist some pseudo public keys except a real one.
基金Sponsored by the National Natural Science Foundation of China(Grant No.90104033).
文摘Ring signature and proxy signature are of vital importance to secure electronic commerce. Recently, the bilinear pairing such as Well pairing or Tate pairing on elliptic curves and hyperelliptic curves is playing an important role in security solutions. Several ID-based signature schemes have been put forward, many of which are based on bilinear pairings. In key management and moderate security demand scenarios, ID-based public key cryptosystem is more preferable than other public key infrastructure based systems. In this paper, an improved ID-based proxy ring signature scheme from bilinear pairings is proposed which combines the advantages of proxy signature and of ring signatures. Our scheme can guarantee the profits of the proxy signer via preventing the original signer form generating the proxy ring signature. Furthermore, bilinear pairings are introduced to minimize the computation overhead and to improve the related performance of our scheme. In contrast with Zhang's scheme, our scheme is a computational efficiency improvement for signature verification because the computational cost of bilinear pairings required is reduced from O(n) to O( 1 ). In addition, the proxy ring signature presented in this paper can perfectly satisfy all the security requirements of proxy ring signature, i. e. signer-ambiguity, non-forgeability, verification, non-deniability and distinguishability.
基金Supported by the National Natural Science Foun-dation of China (60403027)
文摘Lack of efficiency in the initial key generation process is a serious shortcoming of Merkle tree signature scheme with a large number of possible signatures. Based on two kinds of Merkle trees, a new tree type signature scheme is constructed, and it is provably existentially unforgeable under adaptive chosen message attack. By decentralizing the initial key generation process of the original scheme within the signature process, a large Merkle tree with 6.87×10^10 possible signatures can be initialized in 590 milliseconds. Storing some small Merkle trees in hard disk and memory can speed up Merkle tree signature scheme. Mekle tree signature schemes are fit for trusted computing platform in most scenarios.
基金Supported bythe National Key Basic Research andDevelopment Program (973 Program G1999035804),the NationalNatural Science Foundation of China (90204015 ,60473021) and theElitist Youth Foundation of Henan Province (021201400)
文摘ID-based public key cryptosystem can be a good alternative for certifieate-based public key setting. This paper provides an efficient ID-based proxy multi signature scheme from pairings. In the random oracle model, we prove that our new scheme is secure against existential delegation forgery with the assumption that Hess's scheme-1 is existential unforgeable, and that our new scheme is secure against existential proxy multi-signature forgery under the hardness assumption of the computational Diffie-Hellman problem.
基金National Natural Science Foundation of Chi-na for Distinguished Young Scholars (No.60225007)National Research Fund for theDoctoral Program of Higher Education ofChina (No.20020248024)Grant-in-Aid forScientific Research(C) (No.14540100)
文摘Identity-based proxy signature enables an entity to delegate its signing rights to another entity in identity-based cryptosystem settings. However, few existing scheme has been proved secure in a formalized model, or acquired optimized performance. To achieve the goals of both proven security and high efficiency, this paper proposed an efficient identity-based proxy signature scheme. The scheme is constructed from bilinear pairing and proved secure in the random oracle model, using the oracle replay attack technique introduced by Pointehval and Stern. The analysis shows that the scheme needs less computation costs and has a shorter signature than the other schemes.
文摘Due to the rapid growth of online transactions on the Internet, authentication, non-repudiation and integrity are very essential security requirements for a secure transaction. To achieve these security goals, digital signature is the most efficient cryptographic primitive. Many authors have proposed this scheme and prove their security and evaluate the efficiency. In our paper, we present comprehensive study of conventional digital signature schemes based on RSA, DSA and ECDSA (Elliptic Curve Digital Signature Algorithm) and the improved version of these scheme.
文摘Visual cryptography is a cryptographic technique which emerges in the information security domain in recent years. Each of the sharing sub-keys may be a stochastic noise image or a significative image with no information on the original key. But a mass of sub-keys have to be saved actually, which faces the problem of inconvenient discrimination and management. This paper presents a visual cryptography scheme based on the digital signature for image discrimination and management, applying the digital signature and the time-stamp technology to the visual cryptography scheme. The scheme both solves the problem on the storage and management of the sharing sub-keys, increases the verification of image contents, thus enhances the validity of storage and management without security effect.
基金supported by the National Key Lab.of Integrated Service Networks of Xidian University(No.ISN7-01)National Natural Science Foundation of China(No.60642008)
文摘The paper proposes a new sequential digital multi-signature scheme based on Knapsack public-key cryptosystem,which is different from the existing scheme.The advantages of this scheme over the existing schemes are that it simplifies the signature generation process and speeds up the signature verification process.What’s more,the scheme reduces the cost of communication and redundancy operation, and improves efficiency,and can avoid cheating by signer efficiently,so the scheme has very broad application prospects.
文摘Objective Focusing on the s ecurity problem of authentication and confidentiality in the context of computer networks, a digital signature scheme was proposed based on the public key crypt osystem. Methods Firstly, the course of digital signature based on the public key cryptosystem was given. Then, RSA and ELGamal schemes were de scribed respectively. They were the basis of the proposed scheme. Generalized EL Gamal type signature schemes were listed. After comparing with each other, one s cheme, whose Signature equation was (m+r)x=j+s modΦ(p) , was adopted in the des igning. Results Based on two well-known cryptographic assumpti ons, the factorization and the discrete logarithms, a digital signature scheme w as presented. It must be required that s' was not equal to p'q' in the signing p rocedure, because attackers could forge the signatures with high probabilities i f the discrete logarithms modulo a large prime were solvable. The variable publi c key “e” is used instead of the invariable parameter “3” in Harn's signatu re scheme to enhance the security. One generalized ELGamal type scheme made the proposed scheme escape one multiplicative inverse operation in the signing proce dure and one modular exponentiation in the verification procedure. Concl usion The presented scheme obtains the security that Harn's scheme was originally claimed. It is secure if the factorization and the discrete logarithm s are simultaneously unsolvable.
基金Supported by the National Natural Science Foun-dation of China (70471031)
文摘Based on the analysis of elliptic curve digital signature algorithm(ECDSA),aiming at multilevel proxy signature in which the original signer delegates the digital signature authority to several proxies and its security demands, a new multilevel proxy signature scheme based on elliptic curve discrete logarithm problem (ECDLP) is presented and its security are proved.
基金Supported by the National Natural Science Foun-dation of China (60372046 ,60573043)
文摘Fair exchange of digital signatures is an important tool for signing digital contracts, e-payment and other electronic commerce actions. An ID-based scheme of fair exchange of digital signature is proposed in this paper. The protocol relies on a trusted third party, but is "optimistic", in that the third party is only needed in cases where one player attempts to cheat or simply crashes. The proposed scheme has properties of short signature, low computation and verification cost. It can realize exchange of digital signatures fairly and effic, iently. A key feature of our scheme is that it is identity-based, which needs no certificates and has a simple key management. To our best knowledge, this is the first identity based scheme of fair exchange of digital signatures.
基金the Natural Science Foundation of Fujian Province (No. A0010011).
文摘In this paper, two improved digital signature schemes are presented based on the design of directed signature scheme. The peculiarity of the system is that only if the scheme is specific recipient, the signature is authenticated. Since the scheme adds the screen of some information parameters, the difficulty of deciphered keys and the security of digital signature system are increased.
基金Supported by the National Natural Science Foundation of China (60473021) and the Science Foundation of Henan Province (0511010900)
文摘In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature (ID-PMS) schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.
文摘Key escrow is an inherent disadvantage for traditional ID-based cryptosystem, i.e., the dishonest private key generator (PKG) can forge the signature of any user, meanwhile, the user can deny the signature actually signed by him/herself. To avoid the keyescrow problem, an ID-based signature scheme was presented without trusted PKG. The exact proof of security was presented to demonstrate that our scheme is secure against existential forgery on adaptively chosen message and ID attacks assuming the complexity of computational Diffie-Hellman (CDH) problem. Compared with other signature schemes, the proposed scheme is more efficient.
