一种基于身份的代理多重签名方案

结合基于身份的密码体制和代理多重签名，使用双线性映射，构造了一种基于身份的代理多重签名方案．分析表明，该方案可有效地抵御对代理签名的伪造攻击，满足代理签名所要求的安全特性．     

Provable Security of ID-Based Proxy Multi-Signature Schemes

In the last couple of years, D-based cryptography has got fruitful achievements. Proxy multi-signature allows a designated person, called a proxy signer, to sign on behalf of two or more original signers. In this paper, we present a general security model for ID-based proxy multi-signature （ID-PMS） schemes. Then, we show how to construct a secure ID-PMS scheme from a secure ID-based signature scheme, and prove that the security of the construction can be reduced to the security of the original ID-based signature scheme.     

Another ID-Based Proxy Signature Scheme and Its Extension

So fur, the security of many proxy signatures has seldom been considered in a formal way and most of them cannot satisfy nonepudiation. In this work, a novel ID-based （Identity-based） proxy signature scheme is proposed by combining the proxy signature with ID-based public cryptography, and they formalize the notion of security for ID-based proxy signature schemes. And show that the security of the proposed scheme is secure. Compured with other proxy signature schemes, it does not need a secure channel. Thus, it is particularly suitable for the unreliable network computation environment. Finally, they extend proposed scheme to a proxy multi-signature which has the following advantages （1） the size of proxy multi- signature is independent of the number of delegating users; （2） the computation cost of proxy multi-signature only need two Weil paring.     

一个新的无可信PKG的基于身份的数字签名方案

为克服基于身份的签名体制中的密钥管理问题,给出一个新的无可信PKG的基于身份的签名方案。在离散对数问题(DLP)和计算Diffie-Hellman问题(CDHP)困难假设下,它可抵抗适应性选择消息和ID攻击的签名存在性伪造。     

安全高效无证书有序多重签名方案

无证书密码体制(certificateless cryptography,CLC)将用户私钥拆分为部分私钥和秘密值,其中部分私钥由密钥生成中心(key generator center,KGC)生成,而秘密值由用户自己选定,从而解决了基于身份密码体制所固有的密钥托管问题.此外,由于用户公钥由秘密值决定,无需认证中心(certificate authority,CA)对用户的公钥证书进行管理,解决了传统密码体制的证书管理问题.有序多重签名可用于电子政务和电子商务系统实现公文的逐级审批发布,提高认证效率.将有序多重签名和无证书密码相结合,提出一种安全高效的无证书有序多重签名方案,多重签名的长度及验证时间均与签名者个数无关,是紧致的无证书有序多重签名方案.方案使用较少的双线性对且只有一个签名消息,具有较高的计算效率和通信效率.证明了方案在随机预言模型(random oracle model,ROM)下具有不可伪造性.     

一种基于身份无可信中心的代理盲签名方案

分析了几个基于身份的代理签名和盲签名,指出它们具有无条件信任私钥产生中心（PKG,Private Key Generator）的共同点．但在实际环境中这个假设并不总是成立．文章结合代理签名和盲签名,利用双线性映射中离散对数难解的特点,在已有基于身份无可信中心签名的基础上,构造了一类基于身份无可信中心的代理盲签名方案．分析表明,提出的代理盲签名是安全有效的．     

一个新的具有前向安全有代理的多重数字签名方案

文章在研究有代理的多重数字签名的基础上,将前向安全的概念引人在有代理多重数字签名中,提出了一个具有前向安全性的有代理多重数字签名方案,在这种多重签名中,允许部分签名人委托其代理人进行签名．同时该方案能实现即使所有签名人的签名密钥被泄露,攻击者也无法伪造前阶段签名,以前所产生的有代理多重数字签名依然有效．     

一个基于分级身份的密码系统

提出一个基于分级身份的密码系统:包括分级的基于身份的加密和签名方案。在随机预言模型下,新的基于分级身份的加密和签名方案都是可证明安全的,同时在标准模型下,基于分级身份的加密方案是在给定身份攻击下可证明安全的。基于给出的基于分级身份的加密方案,首次提出了分级代理解密的概念,并且给出了安全模型和构造方法。     

一类增强的代理多重签名体制

在代理多重签名体制中，多个原始签名人可以分别将签名权力委托给各自的代理签名人，再由这些代理签名人联合生成一个代表所有原始签名人的数字签名．文中对现有的这种代理多重签名体制进行分析、改进，利用带委任状的部分代理机制，构造出更安全有效的方案．安全分析表明：新方案生成的代理签名包含代理签名人的真正信息，克服了抵赖问题；可以在委任状中限制代理签名人的签名能力，或在委任状中指定合法代理签名人的集合以防止代理签名人将签名能力向其他人转移，阻止了签名能力的滥用．     

一种改进的定向代理签名方案

在通常的代理签名方案中，任何人都可以验证代理签名的有效性。在定向代理签名方案中，由原始签名人指定一个人作为签名的接收者，以此来防止签名的滥用。当代理签名人产生签名后，只有指定的接收者可以对签名进行验证，进而接受签名。分析了Dai等定向代理签名方案，它不满足不可伪造性，即原始签名人可以成功伪造代理签名人的代理签名。为此，提出了改进的定向代理签名方案，该方案具有不可伪造性，从而有效地防止原始签名人对代理签名人进行恶意攻击，并将其推广到代理多签名方案中。     

Improvement of Identity-Based Threshold Proxy Signature Scheme with Known Signers

0 IntroductionIdentity-based (ID-based) cryptography[1]is rapidly emer-gingin recent years .The concept of the proxy signature scheme was first in-troduced by Mamboet al[2]in 1996 .The concept of thresholdproxy signature was proposed[3 ,4]. Apractical and secure (t,n) threshold proxy signature scheme should satisfy the secre-cy,the proxy protected,the unforgeability,the non-repudia-tion,the ti me constraint ,andthe known signers[5].In 2006 , Baoet al[6]proposed an ID-based thresholdproxy si…     

一个基于椭圆曲线的代理多重签名方案

本文提出了基于椭圆曲线的代理多重签名方案,并对这一方案的性能进行了分析,该方案安全性高、速度快、简单实用。     

Identity-based proxy multi-signature applicable to secure E-transaction delegations

To enhance the robustness of a proxy multi-signature scheme and improve its efficiency,a novel proxy signature paradigm is proposed referred to as identity-based proxy multi-signature(IBPMS).In this paradigm,multiple proxy signer candidates are employed to play a role of the single proxy signer in the existing model.A provably secure IBPMS scheme is presented which requires only one round broadcast operation.Performance analysis demonstrates that the new scheme outperforms the existing multi-signature schemes in robustness and communication.These properties are rendered to our IBPMS scheme as a more practical solution to secure e-transaction delegation applications of proxy signatures.     

典型代理多重签名方案的分析与改进

YBX代理多重签名方案是不安全的,攻击者在不知道原始签名者密钥的情况下,能够伪造代理签名密钥,假冒代理签名者对文件进行签名。在全面分析攻击方案的基础上,构造了一种增强的代理多重签名方案。新方案克服了YBX方案的代理转移、不具有强不可否认性等缺陷,除了具有普通签名方案的安全性外,还具有接收方可查的时控代理多重签名方案的性质。     

Cryptanalysis of the One-Time Proxy Signature Scheme Used in Mobile Agents

We cryptanalyze Kim et al ‘ s onetime proxy signature scheme used in mobile agents, and then a successful forgery is introduced. It is showed that a dishonest customer can successfully forge a va[id onetime proxy signature by impersonating the server. Furthermore, he can request the server with responsibility for the forged bidding information.     

可证安全的常数长度无证书聚合签名方案

针对无证书密码体制可以解决基于身份的公钥密码体制的密钥托管问题和基于证书的公钥密码体制的公钥认证问题,构造了无证书聚合签名的可证明安全模型,并提出了一个具体的签名长度与人数无关的聚合签名方案.基于计算性Diffie Hellman难题,在随机预言模型下,证明了提出的方案可以抵抗适应性选择消息和身份的存在性伪造攻击.     

A New Proxy Signature Scheme with Message Recovery Using Self-Certified Public Key

A proxy signature scheme with message recovery using self-certified public key is proposed, which withstands public key substitution attacks, active attacks, and forgery attacks. The proposed scheme accomplishes the tasks of public key verification, proxy signature verification, and message recovery in a logically single step. In addition, the proposed scheme satisfies all properties of strong proxy signature and does not use secure channel in the communication between the original signer and the proxy signature signer.     

A Signature Scheme with Non-Repudiation

Based on the Schnorr signature scheme, a new signature scheme with non-repudiation is proposed. In this scheme, only the signer and the designated receiver can verify the signature signed by the signer, and if necessary, both the signer and the designated receiver can prove and show the validity of the signature signed by the signer. The proof of the validity of the signature is noninteractive and transferable. To verify and prove the validity of the signature, the signer and the nominated receiver needn＇t store extra information besides the signature. At the same time, neither the signer nor the designated receiver can deny a valid signature signed. Then, there is no repudiation in this new signature scheme. According to the security analysis of this scheme, it is found the proposed scheme is secure against existential forgery on adaptive chosen message attack.     

基于椭圆曲线的代理签名方案的分析和改进

目的提高基于椭圆曲线的代理签名方案的效率和安全性。方法通过对Hwang等人的代理签名方案及其改进方案的分析和研究,针对其在代理证书绑定及秘密共享传输中存在的问题进行了改进。结果提出一个新的基于椭圆曲线的代理签名方案。结论克服了原方案的不足,实现了普通信道传输秘密,提高了其安全性。     

Hwang-多重代理多重签名方案的改进

多重代理多重签名就是由多个人组成的原始签名者组授权由多个人组成的代理签名者组对消息进行签名. 通过对Hwang-多重代理多重签名方案的研究,发现了它的弱点,即可伪造对任意消息的签名. 对此提出了改进方案,并详细分析了其安全性. 改进后方案可抵抗现在已知的攻击,更加完善.