Delegateable signatures based on non-interactive witness indistinguishable and non-interactive witness hiding proofs

A delegateable signature scheme （DSS） which was first introduced by Barak is mainly based on the non-interactive zero-knowledge proof （NIZK） for preventing the signing verifier from telling which witness （i.e., restricted subset） is being used. However, the scheme is not significantly efficient due to the difficulty of constructing NIZK. We first show that a non-interactive witness indistinguishable （NlWl） proof system and a non-interactive witness hiding （NIWH） proof system are easier and more efficient proof models than NIZK in some cases. Furthermore, the witnesses em- ployed in these two protocols （NlWl and NIWT） cannot also be distinguished by the verifiers. Combined with the E-protocol, we then construct NlWl and NIWH proofs for any NP statement under the existence of one-way functions and show that each proof is different from those under the existence of trapdoor permutations, Finally, based on our NlWl and NIWH proofs, we construct delegateable signature schemes under the existence of one-way functions, which are more efficient than Barak＇s scheme under the existence of trapdoor permutations.

通用可组合的组密钥交换协议

该文提出了一个通用可组合框架下的组密钥交换理想函数,并在防篡改硬件令牌的基础上,利用部分隔离状态下证据不可区分知识证明,设计了一个组密钥交换协议,安全地实现了这个理想函数。和采用CRS模型的协议相比,降低了把整个信任集中于一处带来的风险。提出的组密钥交换协议经过证明具有AKE安全,并且能够抵抗适应性敌手攻击和恶意参与者攻击。

标准模型下基于身份的混淆乐观公平交换方案

为防止签名验证者利用部分签名取得不公平的优势,Huang等人提出混淆乐观公平交换(Ambiguous Optimistic Fair Exchange,AOFE)方案及其一般构造方法,但是其构造方法没有考虑真实的用户环境.在基于IBC(Identity-Based Cryptography)的用户环境下,文章提出基于身份的混淆乐观公平交换(ID-AOFE)方案构造方法、方案实例、及其选择身份安全模型.提出的ID-AOFE构造方法对Huang等人的AOFE方案进行了简化,采用具有信息提取功能的证据不可区分证明算法替换原方案模型中的基于标签加解密和零知识证明算法.ID-AOFE安全模型以Huang等人的AOFE安全模型为基础,融合了选择身份安全模型,并对ID-AOFE方案的安全性进行了归纳和重新定义.在选择身份安全模型下,提出的ID-AOFE方案实例的公平性被规约到经典密码原语的安全性.此外,文章探讨了ID-AOFE方案的消息交互模型,就争端解决的方案和过程进行了重点分析.