簽章驗證加速機制之安全性分析

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：73

、訪客IP：3.135.195.91

姓名

蔣函霏(Han-fei Chiang) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

簽章驗證加速機制之安全性分析
(Cryptanalysis on Mechanisms for Accelerating Signature Verification)

相關論文

★ 多種數位代理簽章之設計	★ 小額電子支付系統之研究
★ 實體密碼攻擊法之研究	★ 商業性金鑰恢復與金鑰託管機制之研究
★ AES資料加密標準之實體密碼分析研究	★ 電子競標系統之研究
★ 針對堆疊滿溢攻擊之動態程式區段保護機制	★ 通用型數域篩選因數分解法之參數探討
★ 於8051單晶片上實作可防禦DPA攻擊之AES加密器	★ 以非確定式軟體與遮罩分割對策防禦能量攻擊之研究
★ 遮罩保護機制防禦差分能量攻擊之研究	★ AES資料加密標準之能量密碼分析研究
★ 小額電子付費系統之設計與密碼分析	★ 公平電子現金系統之研究
★ RSA公開金鑰系統之實體密碼分析研究	★ 保護行動代理人所收集資料之研究

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

簽章驗證通常包含許多複雜且耗時之運算，為了促進驗證效率，驗證者可採取某些機制輔助，以減少驗證時之線上運算量。其中最為著名的驗證加速機制分別為批次驗證，與伺服器輔助驗證。批次驗證之概念為將簽章整批處理，期望能達到比將簽章依次處理而更佳的驗證速度。伺服器輔助驗證之概念為，將驗証者所需之部分運算量，交由一計算能力更為強大的伺服器協助計算，以減輕驗證者之運算負擔。然而此兩種機制於設計時皆須謹慎考量，以避免降低原本簽章系統之安全性。本論文分別針對批次驗證及伺服器輔助驗證，提出安全性分析並且加以深入討論，指出其安全考量上之重要性。

摘要(英)

Signature verification involves time-consuming operations. There are two mechanisms supposed to accelerate signature verification. One is batch verification, and the other is server-aided verification. Batch verification aims to verify signatures in a batch to reduce re-operations. Server-aided verification aims to delegate part of computational load to a powerful but untrusted server to ease the on-line computational burden. Both of the two mechanisms should carefully avoid violating the security guarantee of the original signature schemes. In the thesis the cryptanalysis on both batch verification and server-aided verification is provided with the security
notions.

關鍵字(中)

★ 電子簽章
★ 伺服器輔助驗證
★ 批次驗證

關鍵字(英)

★ server-aided verification
★ digital signature
★ batch verification

論文目次

1 Introduction 1
1.1 Motivation of This Work 1
1.2 Contribution 3
2 Preliminary of Digital Signatures 4
2.1 Digital Signature Schemes 4
2.1.1 PKI-Based Signature Schemes4
2.1.2 ID-Based Signature Schemes 5
2.2 A Special Mathematical Structure: Bilinear Maps 5
2.3 Efficiency Evaluation 6
3 Batch Verification 7
3.1 Related Work of Batch Verification 8
3.2 Definitions of Batch Verification 8
3.3 Generic Methods for Batch Verification 11
3.3.1 Random Subset Test 11
3.3.2 Small Exponents Test 12
3.3.3 Sparse Exponents Test 13
3.4 Batch Verification of Signatures 14
3.4.1 Cha-Cheon IBS Scheme with Batch Verification 14
3.5 Batch Screening of Signatures 16
3.5.1 Brief Review of IBS Schemes with Batch Screening 16
3.5.2 Hess IBS Scheme with Batch Screening 18
3.5.3 YCK IBS Scheme with Batch Screening 19
3.5.4 An Improper Attack against YCK Scheme 20
3.6 Cryptanalysis on CDC Batch Screener 22
3.6.1 Review of CDC IBS Scheme with Batch Screening 22
3.6.2 Insider Attack against CDC Batch Screener 23
3.6.3 Outsider Attack against CDC Batch Screener 24
3.6.4 Flaw of the Security Proof of CDC Batch Screener 26
3.7 Batch Verification and Ring Signatures 27
3.7.1 Brief Review of Ring Signatures 27
3.7.2 Construct A Ring Signature Scheme from Insecure Batch Verification 28
3.7.3 Proposed Attack against Chow-Wong Ring Signature Scheme 29
3.8 Summary 31
4 Server-Aided Verification 32
4.1 Definitions of Server-Aided Verification 33
4.2 Review of Lim-Lee SAV Protocol 34
4.3 Cryptanalysis on Yen-Laih SAV Protocol 35
4.3.1 Review of Yen-Laih’s SAV Protocol 35
4.3.2 Proposed Attack 1 37
4.3.3 Proposed Attack 2 37
4.4 Vulnerability of GL SAV Protocol with the Security Model 38
4.4.1 The Generic SAV Protocol 39
4.4.2 The ZSNS Signature Scheme with SAV Protocol 39
4.4.3 Security Argument 40
4.5 Summary 41
5 Conclusions 42
Bibliography 43

參考文獻

[1] M. Bellare, J. Garay, and T. Rabin, “Fast batch verification for modular exponentiation and digital signatures,” Advances in Cryptology – Eurocrypt ’98,
LNCS 1403, pp. 236–250, Springer-Verlag, 1998.
[2] D. Boneh, B. Lynn, and H. Shacham, “Short signature form weil pairing,” Proc. of Asiacrypt ’01, LNCS 2248, pp. 514–532, Springer-Verlag, 2001.
[3] J. Camenisch, S. Hohenberger, and M. Ø. Pedersen, “Batch verification of Short Signatures,” Advances in Cryptology – Eurocrypt ’07, LNCS 4515, pp. 246–263,
Springer-Verlag, 2007.
[4] T. Cao, D. Lin and R. Xue, “Security analysis of some batch verifying signatures from pairings,” International Journal of Network Security, vol.3, no.2, pp.112–117, 2006.
[5] J. Cha and J. Cheon, “An ID-based signature from gap-Diffie-Hellman groups,” Public Key Cryptography – PKC'03, LNCS 2567, pp. 18–30, Springer-Verlag, 2003.
[6] J. H. Cheon and D. H. Lee, “Use of sparse and/or complex exponents in batch verification of exponentiations,” IEEE Trans. on Computers, vol. 55, no.12,
pp. 1536–1542, 2006.
[7] J. H. Cheon and J. H. Yi, “Fast batch verification of multiple signatures,”Public Key Cryptography – PKC ’07, LNCS 4450, pp. 442–457, , Springer-Verlag, 2007.
[8] S. S. M. Chow and D. S. Wong, “Anonymous identification and designated-verifiers signatures from insecure batch verification,” Public Key Infrastructure
– EuroPKI ’07, LNCS 4482, pp. 203–219, Springer-Verlag, 2007.
[9] S.S.M. Chow, S.M. Yiu, and L. C.K. Hui, “Efficient identity based ring signature,”Proc. of ACNS’05, LNCS 3531, Springer-Verlag, pp. 499-512, 2005.
[10] S. Cui, P. Duan and C. W. Chan, “An efficient identity-based signature scheme with batch verifications,” Proc. of the First International Conference on Scalable
Information Systems – INFOSCALE ’06, vol. 152, ACM press, 2006.
[11] M. Dijk, D. Clarke, B. Gassend, G. E. Suh, S. Devadas, “Speeding up exponentiation using an untrusted computational resource,” Technical Report. Memo 469, MIT CSAIL Computation Structures Group, 2003. (Also appear in
Designs, Codes and Cryptography, 2006.)
[12] A. Fiat, “Batch RSA,” Advances in Cryptology – Crypto ’89, LNCS 435, pp.175–185, Springer-Verlag, 1990.
[13] M. Girault and D. Lefranc, “Server-aided verification: Theory and practice,”Proc. of Asiacrypt ’05, LNCS 3788, Springer-Verlag, pp. 605-623, 2005.
[14] M. Girault, G. Poupard, and J. Stern, “Some modes of use of the GPS identification scheme,” 3rd Nessie Conference, Springer-Verlag, 2002.
[15] J. Herranz and G. Saez, “New identity-based ring signature schemes,” Proc. of ICICS’04, LNCS 3269, Springer-Verlag, pp. 27-39, 2004.
[16] F. Hess, “Efficient identity based signature schemes based on pairings,” Selected Areas in Cryptography – SAC ’02, LNCS 2595, pp. 310 – 324, Springer-Verlag, 2002.
[17] S. Hohenberger and A. Lysyanskaya, “How to securely outsource cryptographic computations,” Theory of Cryptography, Second Theory of Cryptography Conference,
LNCS 3378, Springer-Verlag, pp. 264V282, 2005.
[18] C. H. Lim and P. J. Lee, “Server (prover/signer)-aided verification of identity proofs and signatures,” Eurocrypt ’95, LNCS 921, Springer-Verlag, pp. 64V78,
1995.
[19] T. Matsumoto, K. Kato and H. Imai, “Speeding up secret computations with insecure auxiliary devices,” Proc. of CRYPTO ’88, LNCS 403, Springer-Verlag, pp. 497-506, 1988.
[20] S. Mitsunari, R. Sakai, and M. Kasahara, “A new traitor tracing,” IEICE Trans. Fundamentals, vol. E85-A, no. 2, pp. 481–484, 2002.
[21] D. Naccache, D. M’raihi, S. Vaudenay, and D. Raphaeli, “Can D.S.A. be improved? complexity trade-offs with the digital signature standard,” Advances in Cryptology – Eurocrypt ’94, LNCS 950, pp. 77–85, Springer-Verlag, 1994.
[22] R. Rivest, A. Shamir, and Y. Tauman, “How to leak a secret,” Asiacrypt’01, LNCS 2248, Springer-Verlag, pp. 552-565, 2001.
[23] A. Shamir, “Identity-based cryptosystems and signature schemes,” Advances in Cryptology – Crypto ’84, LNCS 196, pp. 47–53, Springer-Verlag, 1985.
[24] S. M. Yen and C. S. Laih, “Server-aided honest computation for cryptographic applications,” Computers Math. Applic., 26(12), pp. 61-64, 1993.
[25] S.M. Yen and C.S. Laih, “Improved digital signature suitable for batch verification,”IEEE Trans. on Computers, vol. 44, no. 7, pp. 957–959, 1995.
[26] H. Yoon, J. H. Cheon, and Y. Kim, “Batch verifications with ID-based signatures,”Information Security and Cryptology – ICISC ’04, LNCS 3506, pp.233–248, Springer-Verlag, 2005.
[27] F. Zhang and K. Kim, “Efficient ID-based blind signature and proxy signature from bilinear pairings,” Proc. of ACISP ’03, LNCS 2727, pp. 312–323, Springer-
Verlag, 2003.
[28] F. Zhang, R. Safavi-Naini, and W. Susilo, “Efficient verifiably encrypted signature and partially blind signature from bilinear pairings,” Proc. of Indocrypt
’03, LNCS 2904, pp. 191–204, Springer-Verlag, 2003.
[29] F. Zhang, R. Safavi-Naini, and W. Susilo, “An efficient signature scheme from bilinear pairings and its applications,” Public Key Cryptography – PKC ’04,LNCS 2947, pp. 277–290, Springer-Verlag, 2004.

指導教授

顏嵩銘(Sung-ming Yen)

審核日期

2008-7-22

推文