dc.description.abstract | In this thesis, our researches focus on some digital signature schemes and signcryption schemes with privacy. Ordinary digital signature schemes do not protect the privacy of signature signers or recipients since they are public-verifiable. To enhance privacy of signature, several signature schemes are introduced. For the privacy of signer, designated verifier signature is a well-known primitive which provides rigorous definitions and properties. For the privacy of signature recipient, nominative signature provides a solution.
On the observation that most existing designated verifier signature schemes can not provide non-repudiation, our objective is to design a new strong DVS construction. With the help of chameleon signature and Diffie-Hellman key, the new DVS construction is proposed. This generic construction satisfies all required properties
of designated verifier signature, including a secure disavowal protocol. Moreover, the proposed construction is simple and does not suffer from the weakness of signing right delegatability.
In the research of nominative signature, the major work is on the security analysis of one introduced scheme and its cryptanalysis. After reconsidering the security of the introduced scheme and the claim of its cryptanalysis, we conclude that the cryptanalysis is incompletely correct; meanwhile, the previous schemes are not as strong as being claimed. Moreover, we adopt the concept of signature screening for the introduced scheme to precisely defines what scenario it can be applied for.
Except for the privacy of signature, a intuitive approach to protect messages is through encryption. In many cases, messages may need to be signed and encrypted simultaneously. For the consideration of efficiency, signcryption was introduced. In this vein of research, our goal is to provide a countermeasure for the weakness of
previous signcryption schemes. That is most existing signcryption schemes based on discrete-logarithm are not semantic secure. The reason is that the hash computing of signature scheme leaks information about the encrypted message. As response to this weakness, we propose our countermeasure by concatenating a message with a
random value. By the method the output of hash computing is indistinguishable to a third party, hence the confidentiality of message can be preserved. | en_US |