The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme...The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme is presented. The new scheme isunforgeable and robustagainst any adaptive adversary if the base Guillou-Quisquater signature scheme is unforgeable underthe chosen message attack and computing the discrete logarithm modulo a prime is hard This schemecan also achieve optimal resilience. However, the new scheme does not need the assumption that N isthe product of two safe primes. The basie signature scheme underlying the new scheme is exactlyGuillou-Quisqualtr signature scheme, and the additional strong computation assumption introduced bythe first threshold Guillou-Quisquater scheme is weaken.展开更多
The short secret key characteristic of elliptic curve cryptosystem (ECC) are integrated with the ( t, n ) threshold method to create a practical threshold group signature scheme characterized by simultaneous signi...The short secret key characteristic of elliptic curve cryptosystem (ECC) are integrated with the ( t, n ) threshold method to create a practical threshold group signature scheme characterized by simultaneous signing. The scheme not only meets the requirements of anonymity and traceability of group signature but also can withstand Tseng and Wang's conspiracy attack. It allows the group manager to add new members and delete old members according to actual application, while the system parameters have a little change. Cryptanalysis result shows that the scheme is efficient and secure.展开更多
Digital signature scheme is a very important research field in computer security and modern cryptography. A (k, n) threshold digital signature scheme is proposed by integrating digital signature scheme with Shamir sec...Digital signature scheme is a very important research field in computer security and modern cryptography. A (k, n) threshold digital signature scheme is proposed by integrating digital signature scheme with Shamir secret sharing scheme. It can realize group-oriented digital signature, and its security is based on the difficulty in computing discrete logarithm and quadratic residue on some special conditions. In this scheme, effective digital signature can not be generated by anyk?1 or fewer legal users, or only by signature executive. In addition, this scheme can identify any legal user who presents incorrect partial digital signature to disrupt correct signature, or any illegal user who forges digital signature. A method of extending this scheme to an Abelian group such as elliptical curve group is also discussed. The extended scheme can provide rapider computing speed and stronger security in the case of using shorter key. Key words threshold scheme - digital signature - discrete logarithm - quadratic residuc - threshold digital signature CLC number TP 309. 7 Foundation item: Supported the National Nature Science Foundation of China, Hubei Province (90104005, 2002 AB0039)Biography: FEI Ru-chun (1964-), male, Ph. D candidate, Associated professor, research direction: information security and cryptography.展开更多
In this present paper, we propose a new proxy blind signature scheme, which is publicly verifiable distributed. The algorithm uses the idea of secret sharing schemes to distribute original signer's ability and the po...In this present paper, we propose a new proxy blind signature scheme, which is publicly verifiable distributed. The algorithm uses the idea of secret sharing schemes to distribute original signer's ability and the power of the proxy signer, and ensure the property of publicly verifiable secret sharing schemes. A new concept "verifiable time period" is also introduced to reduce the time cost in the period of verifications and increases the efficiency of our scheme.展开更多
In this paper, a new restrictive blind signature scheme is proposed. Compared with Brands restrictive blind signature scheme, our scheme is even more restrictive and efficient. And our scheme is proved secure, too. ...In this paper, a new restrictive blind signature scheme is proposed. Compared with Brands restrictive blind signature scheme, our scheme is even more restrictive and efficient. And our scheme is proved secure, too. A new withdrawal protocol of electronic cash system is designed by using our restrictive blind signature scheme, which is more efficient than the withdrawal protocol and is more appropriate for adopting pre processing and post processing.展开更多
Due to forward-secure-digital-signature’s capability of effectively reducing loss caused by exposure of secret keys and significant in-application benefits of blind signature aiming at protecting senders’ privacy,th...Due to forward-secure-digital-signature’s capability of effectively reducing loss caused by exposure of secret keys and significant in-application benefits of blind signature aiming at protecting senders’ privacy,they have been hot spots for decades in the field of cryptography.Illuminated by the integration of forward secure digital signature and blind signature,based on the variants of ElGamal and assumption of difficulty in solving the discrete logarithm problem in galois field,a forward-secure weak blind signature scheme and a forward-secure strong blind signature scheme are proposed and their security is analyzed thoroughly in this paper.It turns out that forward security,blindness and aptitude of resisting forging attack demonstrated by these two schemes benefit a lot theoretically and practically.展开更多
An identity-based verifiably committed signature scheme (IB-VCS) was proposed, which is proved secure in the standard model (i.e., without random oracles). It enjoys the setup-free property and stand-alone property, b...An identity-based verifiably committed signature scheme (IB-VCS) was proposed, which is proved secure in the standard model (i.e., without random oracles). It enjoys the setup-free property and stand-alone property, both of which make an exchange protocol more practical. The scheme is unconditionally secure against the cheating signer, its security against the cheating verifier is reduced to the computational Diffie-Hellman (CDH) problem in the underlying group, it is secure against the cheating trusted third party if the underlying Paterson Schuldt's identity based signature (IBS) scheme is secure, which is proven true based on the CDH assumption in the standard model.展开更多
1 Introduction Identity privacy concerns hinder data sharing by casting doubt on the safeguarding of personal information,eroding trust,and impeding the willingness of individuals and organizations to exchange their d...1 Introduction Identity privacy concerns hinder data sharing by casting doubt on the safeguarding of personal information,eroding trust,and impeding the willingness of individuals and organizations to exchange their data[1,2].The traceable ring signatures(TRSs)addresses the contradiction between identity privacy and regulation[3],no scheme has been developed thus far that is based on SM2,the Chinese cryptographic public key algorithm standard,without relying on centralized trust.展开更多
The idea behind a (t, n) threshold blind signature is that a user can ask at least t out of n players of a group to cooperate to generate a signature for a message without revealing its content. This paper first prese...The idea behind a (t, n) threshold blind signature is that a user can ask at least t out of n players of a group to cooperate to generate a signature for a message without revealing its content. This paper first presents a new blind signature scheme from Weil pairing on elliptic curves. Based on this scheme, a threshold blind signature scheme is proposed. It is efficient and has the security properties of robustness and unforgeability. In the proposed scheme, the group manger is introduced to take the role of distributing the group secret key to each player. However, he cannot forge the players to generate partial blind signatures (Each partial blind signature depends on not only the secret key of the player, but also a random number the player picks). Compared with a threshold signature with a trusted third party, its advantage is obvious; Compared with a threshold signature without a trusted third party, it is more simple and efficient.展开更多
Threshold blind signature is playing an important role in cryptography as well as in practical applications such as e-cash and e-voting systems, etc. In this paper, we present an efficient and practical threshold bind...Threshold blind signature is playing an important role in cryptography as well as in practical applications such as e-cash and e-voting systems, etc. In this paper, we present an efficient and practical threshold bind signature from Weil pairing on super-singular elliptic curves or hyper-elliptic curves over finite field and prove that our scheme is provably secure in the random oracle model.展开更多
Aggregate signatures are a useful primitive which allows aggregating many signatures on different messages computed by different users into a single and constant-length signature and adapts to Mobile Ad hoc NETwork (M...Aggregate signatures are a useful primitive which allows aggregating many signatures on different messages computed by different users into a single and constant-length signature and adapts to Mobile Ad hoc NETwork (MANETs) very much. Jumin Song, et al. presented an ID-based aggregate signature, applied it to MANETs and proposed a secure routing scheme. In this work, we analyze Jumin Song, et al.’s aggregate signature scheme and find some limitations on its batch verification. In addition, in this work, we apply Craig Gentry, et al.’s ID-based aggregate signature to on-demand routing pro-tocol to present a secure routing scheme. Our scheme not only provides sound authentication and a secure routing protocol in ad hoc networks, but also meets the nature of MANETs.展开更多
Group signature schemes are fundamental cryptographic tools.A group signature scheme allows members of a group to anonymously sign messages.To counter misuse,the anonymity can be revoked by the group manager.The group...Group signature schemes are fundamental cryptographic tools.A group signature scheme allows members of a group to anonymously sign messages.To counter misuse,the anonymity can be revoked by the group manager.The group joining operation is a critical component of group signature scheme,the framing attack can be prevented by group joining processes.This paper presents an efficient group signature scheme with a simple joining protocol that is based on a "single message and signature response" interaction between the prospective user and the group manager.The security of our group signature is based on the Discrete Logarithm assumption and Decisional Linear DiffieHellman assumption.The formal security proof of our scheme is given in the random oracle model.Our scheme is also a very efficient short group signature scheme with efficient concurrent join.展开更多
The secure issues of APK are very important in Android applications.In order to solve potential secure problems and copyrights issues in redevelopment of APK files,in this paper we propose a new APK redevelopment mech...The secure issues of APK are very important in Android applications.In order to solve potential secure problems and copyrights issues in redevelopment of APK files,in this paper we propose a new APK redevelopment mechanism(APK-SAN).By exploring sanitizable signature technology,APK-SAN allows the original developer to authorize specified modifier who can redevelop the designated source code of APK files.Our scheme does not require interactions between the developer and modifiers.It can reduce the communication overhead and computational overhead for developers.Especially,the signature of redeveloped APK files is valid and maintains the copyrights.The proposed APK-SAN signature can effectively protect the security of the redeveloped APK files and copyrights of the developer and modifier.展开更多
Recent developments in heterogeneous identity federation systems have heightened the need for the related trust management system.The trust management system evaluates,manages,and shares users’trust values.The servic...Recent developments in heterogeneous identity federation systems have heightened the need for the related trust management system.The trust management system evaluates,manages,and shares users’trust values.The service provider(SP)members of the federation system rely on users’trust values to determine which type and quality of service will be provided to the users.While identity federation systems have the potential to help federated users save time and energy and improve service experience,the benefits also come with significant privacy risks.So far,there has been little discussion about the privacy protection of users in heterogeneous identity federation systems.In this paper,we propose a trust value sharing scheme based on a proxy ring signature for the trust management system in heterogeneous identity federation topologies.The ring signature schemes can ensure the validity of the data and hide the original signer,thereby protecting privacy.Moreover,no group manager participating in the ring signature,which naturally matches with our decentralized heterogeneous identity federation topologies.The proxy signature can reduce the workload of the private key owner.The proposed scheme shortens the calculation time for verifying the signature and then reduces the overall time consumption in the process of trust sharing.Our studies prove that the proposed scheme is privacy-preserving,efficient,and effective.展开更多
The drawback of the first asynchronous proactive RSA scheme presented by Zhou in 2001, is that the security definition and security proof do not follow the approach of provable security. This paper presented a provabl...The drawback of the first asynchronous proactive RSA scheme presented by Zhou in 2001, is that the security definition and security proof do not follow the approach of provable security. This paper presented a provably secure asynchronous proactive RSA scheme, which includes three protocols: initial key distribution protocol, signature generation protocol and share refreshing protocol. Taken these protocols together, a complete provably secure proactive RSA scheme was obtained. And the efficiency of the scheme is approximate to that of the scheme of Zhou.展开更多
文摘The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme is presented. The new scheme isunforgeable and robustagainst any adaptive adversary if the base Guillou-Quisquater signature scheme is unforgeable underthe chosen message attack and computing the discrete logarithm modulo a prime is hard This schemecan also achieve optimal resilience. However, the new scheme does not need the assumption that N isthe product of two safe primes. The basie signature scheme underlying the new scheme is exactlyGuillou-Quisqualtr signature scheme, and the additional strong computation assumption introduced bythe first threshold Guillou-Quisquater scheme is weaken.
基金The National Natural Science Foundation of China (No60403027)
文摘The short secret key characteristic of elliptic curve cryptosystem (ECC) are integrated with the ( t, n ) threshold method to create a practical threshold group signature scheme characterized by simultaneous signing. The scheme not only meets the requirements of anonymity and traceability of group signature but also can withstand Tseng and Wang's conspiracy attack. It allows the group manager to add new members and delete old members according to actual application, while the system parameters have a little change. Cryptanalysis result shows that the scheme is efficient and secure.
文摘Digital signature scheme is a very important research field in computer security and modern cryptography. A (k, n) threshold digital signature scheme is proposed by integrating digital signature scheme with Shamir secret sharing scheme. It can realize group-oriented digital signature, and its security is based on the difficulty in computing discrete logarithm and quadratic residue on some special conditions. In this scheme, effective digital signature can not be generated by anyk?1 or fewer legal users, or only by signature executive. In addition, this scheme can identify any legal user who presents incorrect partial digital signature to disrupt correct signature, or any illegal user who forges digital signature. A method of extending this scheme to an Abelian group such as elliptical curve group is also discussed. The extended scheme can provide rapider computing speed and stronger security in the case of using shorter key. Key words threshold scheme - digital signature - discrete logarithm - quadratic residuc - threshold digital signature CLC number TP 309. 7 Foundation item: Supported the National Nature Science Foundation of China, Hubei Province (90104005, 2002 AB0039)Biography: FEI Ru-chun (1964-), male, Ph. D candidate, Associated professor, research direction: information security and cryptography.
基金Supported by the National Natural Science Foundation of China (90104035)
文摘In this present paper, we propose a new proxy blind signature scheme, which is publicly verifiable distributed. The algorithm uses the idea of secret sharing schemes to distribute original signer's ability and the power of the proxy signer, and ensure the property of publicly verifiable secret sharing schemes. A new concept "verifiable time period" is also introduced to reduce the time cost in the period of verifications and increases the efficiency of our scheme.
文摘In this paper, a new restrictive blind signature scheme is proposed. Compared with Brands restrictive blind signature scheme, our scheme is even more restrictive and efficient. And our scheme is proved secure, too. A new withdrawal protocol of electronic cash system is designed by using our restrictive blind signature scheme, which is more efficient than the withdrawal protocol and is more appropriate for adopting pre processing and post processing.
基金This work was supported by the National Natural Science Foundation of China for Grant 60673127, the National High Technology Research and Development Program of China (863 Program) for Grant 2007AA01Z404, the Science & Technology Pillar Program of Jiangsu Province for Grant BE2008135, the Electronic Development Foundation of the Ministry of Information Industry, Funding of Jiangsu Innovation Program for Graduate Education for Grant CX10B112Z, Funding for Outstanding Doctoral Dissertation in NUAA for Grant BCXJ10-07, Research Funding of Nanjing University of Aeronautics and Astronautics for Grant NS2010101 and Jiangsu Province Postdoctoral Science Foundation. We wish to thank the above support, under which the present work is possible.
文摘Due to forward-secure-digital-signature’s capability of effectively reducing loss caused by exposure of secret keys and significant in-application benefits of blind signature aiming at protecting senders’ privacy,they have been hot spots for decades in the field of cryptography.Illuminated by the integration of forward secure digital signature and blind signature,based on the variants of ElGamal and assumption of difficulty in solving the discrete logarithm problem in galois field,a forward-secure weak blind signature scheme and a forward-secure strong blind signature scheme are proposed and their security is analyzed thoroughly in this paper.It turns out that forward security,blindness and aptitude of resisting forging attack demonstrated by these two schemes benefit a lot theoretically and practically.
基金The National Hi-Tech Research and Development Program (863) of China (No. 2005AA145110)The Pudong New Area Technology Innovation Public Service Platform of China (No. PDP2005-04)
文摘An identity-based verifiably committed signature scheme (IB-VCS) was proposed, which is proved secure in the standard model (i.e., without random oracles). It enjoys the setup-free property and stand-alone property, both of which make an exchange protocol more practical. The scheme is unconditionally secure against the cheating signer, its security against the cheating verifier is reduced to the computational Diffie-Hellman (CDH) problem in the underlying group, it is secure against the cheating trusted third party if the underlying Paterson Schuldt's identity based signature (IBS) scheme is secure, which is proven true based on the CDH assumption in the standard model.
基金supported in part by the National Key R&D Program of China (No.2021YFB2700600)the Finance Science and Technology Project of Hainan Province (No.ZDKJ2020009)+5 种基金the Hainan Province Science and Technology Special Fund (No.GHYF2022010)the National Natural Science Foundation of China (Grant Nos.62163011,62072092,62072093 and U1708262)the Fundamental Research Funds for the Central Universities (No.N2023020)the Natural Science Foundation of Hebei Province (No.F2020501013)the China Postdoctoral Science Foundation (No.2019M653568)the Key Research and Development Project of Hebei Province (No.20310702D).
文摘1 Introduction Identity privacy concerns hinder data sharing by casting doubt on the safeguarding of personal information,eroding trust,and impeding the willingness of individuals and organizations to exchange their data[1,2].The traceable ring signatures(TRSs)addresses the contradiction between identity privacy and regulation[3],no scheme has been developed thus far that is based on SM2,the Chinese cryptographic public key algorithm standard,without relying on centralized trust.
基金Supported by the National 973 Project of China(No.G1999035803)the National Natural Science Foundation of China (No.60373104)the National 863 Project of China (No.2002AA143021)
文摘The idea behind a (t, n) threshold blind signature is that a user can ask at least t out of n players of a group to cooperate to generate a signature for a message without revealing its content. This paper first presents a new blind signature scheme from Weil pairing on elliptic curves. Based on this scheme, a threshold blind signature scheme is proposed. It is efficient and has the security properties of robustness and unforgeability. In the proposed scheme, the group manger is introduced to take the role of distributing the group secret key to each player. However, he cannot forge the players to generate partial blind signatures (Each partial blind signature depends on not only the secret key of the player, but also a random number the player picks). Compared with a threshold signature with a trusted third party, its advantage is obvious; Compared with a threshold signature without a trusted third party, it is more simple and efficient.
文摘Threshold blind signature is playing an important role in cryptography as well as in practical applications such as e-cash and e-voting systems, etc. In this paper, we present an efficient and practical threshold bind signature from Weil pairing on super-singular elliptic curves or hyper-elliptic curves over finite field and prove that our scheme is provably secure in the random oracle model.
文摘Aggregate signatures are a useful primitive which allows aggregating many signatures on different messages computed by different users into a single and constant-length signature and adapts to Mobile Ad hoc NETwork (MANETs) very much. Jumin Song, et al. presented an ID-based aggregate signature, applied it to MANETs and proposed a secure routing scheme. In this work, we analyze Jumin Song, et al.’s aggregate signature scheme and find some limitations on its batch verification. In addition, in this work, we apply Craig Gentry, et al.’s ID-based aggregate signature to on-demand routing pro-tocol to present a secure routing scheme. Our scheme not only provides sound authentication and a secure routing protocol in ad hoc networks, but also meets the nature of MANETs.
基金This paper is supported by the National Natural Science Foundation of China under Grant No. 61072140, 61373171 the Program of Introducing Talents of Discipline to Universities NO. B08038 the Specialized Research Fund for the Doctoral Program of Higher Education No. 20100203110003.
文摘Group signature schemes are fundamental cryptographic tools.A group signature scheme allows members of a group to anonymously sign messages.To counter misuse,the anonymity can be revoked by the group manager.The group joining operation is a critical component of group signature scheme,the framing attack can be prevented by group joining processes.This paper presents an efficient group signature scheme with a simple joining protocol that is based on a "single message and signature response" interaction between the prospective user and the group manager.The security of our group signature is based on the Discrete Logarithm assumption and Decisional Linear DiffieHellman assumption.The formal security proof of our scheme is given in the random oracle model.Our scheme is also a very efficient short group signature scheme with efficient concurrent join.
基金This work was supported by the National Natural Science Foundation of China(No.61662004,61772437,61702427)National Natural Science Foundation of Guangxi(No.2016GXNSFAA380215)+1 种基金Sichuan Youth Science and Technique Foundation(No.2017JQ0048)EU ICT COST CryptoAction(No.IC1306).
文摘The secure issues of APK are very important in Android applications.In order to solve potential secure problems and copyrights issues in redevelopment of APK files,in this paper we propose a new APK redevelopment mechanism(APK-SAN).By exploring sanitizable signature technology,APK-SAN allows the original developer to authorize specified modifier who can redevelop the designated source code of APK files.Our scheme does not require interactions between the developer and modifiers.It can reduce the communication overhead and computational overhead for developers.Especially,the signature of redeveloped APK files is valid and maintains the copyrights.The proposed APK-SAN signature can effectively protect the security of the redeveloped APK files and copyrights of the developer and modifier.
基金This work is supported by the National Key Research and Development Project of China(No.2017YFB0802302)the Key Research and Development Project of Sichuan Province(Nos.20ZDYF2324,2019ZYD027,2018TJPT0012)+1 种基金the Science and Technology Support Project of Sichuan Province(Nos.2018GZ0204,2016FZ0112)the Science and Technology Project of Chengdu(No.2017-RK00-00103-ZF).
文摘Recent developments in heterogeneous identity federation systems have heightened the need for the related trust management system.The trust management system evaluates,manages,and shares users’trust values.The service provider(SP)members of the federation system rely on users’trust values to determine which type and quality of service will be provided to the users.While identity federation systems have the potential to help federated users save time and energy and improve service experience,the benefits also come with significant privacy risks.So far,there has been little discussion about the privacy protection of users in heterogeneous identity federation systems.In this paper,we propose a trust value sharing scheme based on a proxy ring signature for the trust management system in heterogeneous identity federation topologies.The ring signature schemes can ensure the validity of the data and hide the original signer,thereby protecting privacy.Moreover,no group manager participating in the ring signature,which naturally matches with our decentralized heterogeneous identity federation topologies.The proxy signature can reduce the workload of the private key owner.The proposed scheme shortens the calculation time for verifying the signature and then reduces the overall time consumption in the process of trust sharing.Our studies prove that the proposed scheme is privacy-preserving,efficient,and effective.
文摘The drawback of the first asynchronous proactive RSA scheme presented by Zhou in 2001, is that the security definition and security proof do not follow the approach of provable security. This paper presented a provably secure asynchronous proactive RSA scheme, which includes three protocols: initial key distribution protocol, signature generation protocol and share refreshing protocol. Taken these protocols together, a complete provably secure proactive RSA scheme was obtained. And the efficiency of the scheme is approximate to that of the scheme of Zhou.
