並存簽章——安全性概念、分析、與建構議題

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：15

、訪客IP：3.140.185.147

姓名

黃煥中(Huanzhong Huang) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

並存簽章——安全性概念、分析、與建構議題
(Concurrent Signatures: Security Notions, Analysis, and Construction Issues)

相關論文

★ 多種數位代理簽章之設計	★ 小額電子支付系統之研究
★ 實體密碼攻擊法之研究	★ 商業性金鑰恢復與金鑰託管機制之研究
★ AES資料加密標準之實體密碼分析研究	★ 電子競標系統之研究
★ 針對堆疊滿溢攻擊之動態程式區段保護機制	★ 通用型數域篩選因數分解法之參數探討
★ 於8051單晶片上實作可防禦DPA攻擊之AES加密器	★ 以非確定式軟體與遮罩分割對策防禦能量攻擊之研究
★ 遮罩保護機制防禦差分能量攻擊之研究	★ AES資料加密標準之能量密碼分析研究
★ 小額電子付費系統之設計與密碼分析	★ 公平電子現金系統之研究
★ RSA公開金鑰系統之實體密碼分析研究	★ 保護行動代理人所收集資料之研究

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

並存簽章(Concurrent Signatures)的概念由公平交換簽章(Fair
Exchange of Signatures)的概念衍生而來，其目標在於，為互不信任但需公平地交換簽章的兩人，提供(相較於以往)更具可行性的解法。
並存簽章的實際系統，最初乃是根基於環簽章(Ring Signatures)的
概念上；環簽章所擁有的種種性質，使得這兩個概念有著相當完美的
配合。然而，這往往不會是唯一的可能；根基於與環簽章相異概念的
並存簽章系統，亦有被公開發表。
在本論文中，對於上述根基於不同建構方式的並存簽章系統，我
們提出了詳實的分析，指出了其中的謬誤，與可能具有的潛在危險。
此外，由詳實分析作為出發點的延伸性研究，諸如尚未被強調的重要
安全性概念，以及對於並存簽章系統是否可根基於某概念的建構議題
上，我們亦作了進一步的探討

摘要(英)

The notion of concurrent signatures, which is evolved from the notion of fair exchange of digital signatures, is aimed to provide an (even more) practical solution to the problem of fair exchange of signatures between parties that are mutually distrustful.
Concurrent signature schemes are originally based on the notion of ring signatures; features of a ring signature seems perfectly match the notion of concurrent signatures. Nevertheless, this cannot be the only case; concrete schemes based on other ways of construction have also been published.
In this thesis, analysis of concurrent signature schemes that are based on different approaches is conducted. Moreover, extended investigation regarding implicit but important security notions of concurrent signatures which were never stressed before, as well as the possibility of taking a particular way to construct a concurrent signature scheme have also been made.

關鍵字(中)

★ 並存簽章

關鍵字(英)

★ concurrent signatures

論文目次

1 Introduction 1
1.1 Motivation of the Research . . . . . . . . . . . . . . . . . . . . . . . . 1
1.2 Our Results . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
1.3 Organization of the Thesis . . . . . . . . . . . . . . . . . . . . . . . . 5
2 Concurrent Signatures, Revisited 6
2.1 Formal Definitions of a Concurrent Signature Scheme . . . . . . . . . 6
2.1.1 Concurrent Signature Algorithms . . . . . . . . . . . . . . . . 6
2.1.2 Concurrent Signature Protocol . . . . . . . . . . . . . . . . . . 7
2.1.3 Security Model . . . . . . . . . . . . . . . . . . . . . . . . . . 9
2.2 The CKP Concurrent Signature Scheme . . . . . . . . . . . . . . . . 10
2.3 Remarks on the CKP Concurrent Signature Scheme . . . . . . . . . . 11
2.4 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
3 Implicit Security Notions of Concurrent Signatures 13
3.1 Promises of Signatures: From Ambiguous to Binding . . . . . . . . . 13
3.1.1 Schnorr Promises of Signatures . . . . . . . . . . . . . . . . . 14
3.1.2 Schnorr-like Promises of Signatures . . . . . . . . . . . . . . . 15
3.2 Nguyen’s Concurrent Signature Scheme . . . . . . . . . . . . . . . . . 16
3.2.1 Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
3.2.2 Protocol . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18
3.2.3 Security Model . . . . . . . . . . . . . . . . . . . . . . . . . . 19
3.3 Analysis of Nguyen’s Concurrent Signature Scheme . . . . . . . . . . 20
3.3.1 Fairness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21
3.3.2 Anonymity . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22
3.3.3 Unlinkability . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
3.4 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25
4 On the Possibility of Constructing a Concurrent Signature Scheme
from a Conditional Signature Scheme 26
4.1 Definition of a Conditional Signature Scheme . . . . . . . . . . . . . . 26
4.2 Chen-Yen Concurrent Signature Scheme . . . . . . . . . . . . . . . . 27
4.3 Chen-Yen Conditional Signature Scheme and Its Analysis . . . . . . . 30
4.3.1 The Chen-Yen Conditional Signature Scheme . . . . . . . . . 30
4.3.2 The Schnorr-like Signature Scheme . . . . . . . . . . . . . . . 31
4.3.3 Concluding Remarks on the Chen-Yen Conditional/Concurrent
Signature Scheme . . . . . . . . . . . . . . . . . . . . . . . . . 31
4.4 Further Investigation . . . . . . . . . . . . . . . . . . . . . . . . . . . 32
4.4.1 Conditional Signature Schemes with Condition Recoverability 33
4.4.2 Impossibility of Conditional Signature Schemes Being Condition
Recoverable . . . . . . . . . . . . . . . . . . . . . . . . . 33
4.4.3 Discussion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
4.5 Chapter Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
5 Conclusion 37
5.1 Brief Review of Main Results . . . . . . . . . . . . . . . . . . . . . . 37
5.2 Open Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38
Bibliography 39

參考文獻

[1] M. Abe, M. Ohkubo, and K. Suzuki, “1-out-of-n Signatures from a Variety of Keys,” Advances in Cryptology – ASIACRYPT 2002, LNCS 2501, Springer,2002, pp. 415–432.
[2] M. Bellare and P. Rogaway, “Random Oracles are Practical: A Paradigm for Designing Efficient Protocols,” Proc. 1st ACM Conf. Computer and Comm. Security (CCS 1993), ACM, 1993, pp. 62–73.
[3] D. Chaum and H. van Antwerpen, “Undeniable Signatures,” Advances in Cryptology – CRYPTO ’89, LNCS 435, Springer, 1990, pp. 212–216.
[4] L. Chen, C. Kudla, and K.G. Paterson, “Concurrent Signatures,” Advances in Cryptology – EUROCRYPT 2004, LNCS 3027, Springer, 2004, pp. 287–305.
[5] Y.C. Chen and S.M. Yen, “Balanced Concurrent Signature,” Proc. Information Security Conf. 2006 (ISC 2006), pp. 25–32.
[6] T. Elgamal, “A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms,” IEEE Trans. Information Theory, vol. 31, no. 4, 1985, pp. 469–472.
[7] H. Huang, H.C. Lin, and S.M. Yen, “On the Possibility of Constructing a Concurrent Signature Scheme from a Conditional Signature Scheme,” Proc. Cryptology and Information Security Conf. 2008 (CISC 2008), pp. 97–107
[8] M. Klonowski, M. Kutylowski, A. Lauks, and F. Zag´orski, “Conditional Digital Signatures,” Trust, Privacy and Security in Digital Business (TrustBus 2005), LNCS 3592, Springer, 2005, pp. 206–215.
[9] K. Nguyen, “Asymmetric Concurrent Signatures,” Information and Comm. Security (ICICS 2005), LNCS 3783, Springer, 2005, pp. 181–193.
[10] D. Pointcheval and J. Stern, “Security Proofs for Signature Schemes,” Advances in Cryptology – EUROCRYPT ’96, LNCS 1070, Springer, 1996, pp. 387–398.
[11] D. Pointcheval and J. Stern, “Security Arguments for Digital Signatures and Blind Signatures,” J. Cryptology, vol. 13, no. 3, Springer, 2000, pp. 361–396.
[12] R.L. Rivest, A. Shamir, and Y. Tauman, “How to Leak a Secret,” Advances in Cryptology – ASIACRYPT 2001, LNCS 2248, Springer, 2001, pp. 552–565.
[13] C.P. Schnorr, “Efficient Identification and Signatures for Smart Cards,” Advances in Cryptology – CRYPTO ’89, LNCS 435, Springer, 1990, pp. 239–252.
[14] N. Asokan, V. Shoup, and M. Waidner, “Optimistic fair exchange of digital signatures,” Advances in Cryptology – EUROCRYPT 1998, Lecture Notes in Computer Science 1403, pp.591–606, Springer-Verlag, 1998.
[15] E.F. Brickell, D. Chaum, I.B. Damg°ard, and J. van de Graaf, “Gradual and verifiable release of a secret,” Advances in Cryptology – CRYPTO 1987, pp.156–166.
[16] C. Cachin and J. Camenisch, “Optimistic fair secure computation,” Advances in Cryptology – CRYPTO 2000, Lecture Notes in Computer Science 1880, pp.94–112, Springer-Verlag, 2000.
[17] S.S.M. Chow and W. Susilo, “Generic construction of (identity-based) perfect concurrent signatures,” Proc. of Information and Communications Security Conference, ICICS 2005, Lecture Notes in Computer Science 3783, pp.194–206, Springer-Verlag, 2005.
[18] R. Cleve, “Controlled gradual disclosure schemes for random bits and their applications,”Advances in Cryptology – CRYPTO 1989, Lecture Notes in Computer Science 435, pp.573–588, Springer-Verlag, 1990.
[19] I.B. Damg°ard, “Practical and provably secure release of a secret and exchange of signatures,” Advances in Cryptology – EUROCRYPT 1993, Lecture Notes in Computer Science, pp.200–217, Springer-Verlag, 1994.
[20] S. Even, O. Goldreich, and A. Lempel, “A randomized protocol for signing contracts,” Communications of the ACM, Vol.28(6), pp.637–647, Jun. 1985.
[21] M.K. Franklin and M.K. Reiter, “Fair exchange with a semi-trusted third party,” Proc. of the 4th ACM Conference on Computer and Communications Security, pp.1–5, 1997.
[22] M.K. Franklin and G. Tsudik, “Secure group barter: Multi-party fair exchange with semi-trusted neutral parties,” Proc. of Financial Cryptography Conference, FC 1998, Lecture Notes in Computer Science 1465, pp.90–102, Springer-Verlag, 1998.
[23] J.A. Garay, M. Jakobsson, and P. MacKenzie, “Abuse-free optimistic contract signing,” Advances in Cryptology – CRYPTO 1999, Lecture Notes in Computer Science 1666, pp.449–466, Springer-Verlag, 1999.
[24] O. Goldreich, “A simple protocol for signing contracts,” Advances in Cryptology – CRYPTO 1983, Lecture Notes in Computer Science, pp.133–136, Springer-Verlag, 1983.
[25] O. Goldreich, “Sending certified mail using oblivious transfer and a threshold scheme,” Technical Report, Computer Science Department, Israel Institute of Technology, 1984.
[26] B. Lee and K. Kim, “Fair exchange of digital signatures using conditional signature,”Symposium on Cryptography and Information Security, SCIS 2002, Vol.1/2, pp.179–184, 2002.
[27] B. Pfitzmann, M. Schunter, and M. Waidner, “Optimal efficiency of optimistic contract signing,” Proc. of the 7th Annual ACM Symposium on Principles of Distributed Computing, pp.113–122, 1998.
[28] W. Susilo, Y. Mu, and F. Zhang, “Perfect concurrent signature schemes,” Proc. of Information and Communications Security Conference, ICICS 2004, Lecture Notes in Computer Science 3269, pp.14–26, Springer-Verlag, 2004.

指導教授

顏嵩銘(Sung-ming Yen)

審核日期

2008-7-23

推文