指定驗證者簽章之研究

以作者查詢圖書館館藏

、以作者查詢臺灣博碩士

、以作者查詢全國書目

、勘誤回報

、線上人數：23

、訪客IP：18.117.94.142

姓名

黃友鍊(You-Lian Huang) 查詢紙本館藏

畢業系所

資訊工程學系

論文名稱

指定驗證者簽章之研究
(On the Research of Designated Verifier Signature Schemes)

相關論文

★ 多種數位代理簽章之設計	★ 小額電子支付系統之研究
★ 實體密碼攻擊法之研究	★ 商業性金鑰恢復與金鑰託管機制之研究
★ AES資料加密標準之實體密碼分析研究	★ 電子競標系統之研究
★ 針對堆疊滿溢攻擊之動態程式區段保護機制	★ 通用型數域篩選因數分解法之參數探討
★ 於8051單晶片上實作可防禦DPA攻擊之AES加密器	★ 以非確定式軟體與遮罩分割對策防禦能量攻擊之研究
★ 遮罩保護機制防禦差分能量攻擊之研究	★ AES資料加密標準之能量密碼分析研究
★ 小額電子付費系統之設計與密碼分析	★ 公平電子現金系統之研究
★ RSA公開金鑰系統之實體密碼分析研究	★ 保護行動代理人所收集資料之研究

檔案

[Endnote RIS 格式]

[Bibtex 格式]

[相關文章]

[文章引用]

[完整記錄]

[館藏目錄]

[檢視]

[下載]

本電子論文使用權限為同意立即開放。
已達開放權限電子全文僅授權使用者為學術研究之目的，進行個人非營利性質之檢索、閱讀、列印。
請遵守中華民國著作權法之相關規定，切勿任意重製、散佈、改作、轉貼、播送，以免觸法。

摘要(中)

不同於傳統數位簽章具有可公開驗證性，指定驗證者簽章只允許被指定的驗證者可以驗證簽章的正確性，確保了簽章者的隱私性而被廣泛的應用於諸多系統上。本論文的研究集中在數個指定驗證者簽章以及其變形簽章的主題上。
在授權性（Delegatability）的研究上，首先，我們對於指定驗證者簽章的授權性做分類，使其能適合不同的指定驗證者簽章系統。接下來，我們會指出兩個現存的指定驗證著簽章系統TOO系統和LSMP系統在授權性上的缺陷。
觀察到可擷取式簽章系統（Content Extraction Signature）有驗證者間共謀的缺陷存在，我們使用指定驗證者簽章的概念，提出了一個可指定驗證者的可擷取式簽章系統，解決了這個問題。
本論文的最後一部分關注的重點在建構一個新的受限制之廣義指定驗證者簽章系統（Restricted Universal Designated Verifier Signature），在指出了黃等人簽章系統的缺陷後，我們提出了一個新的建構方式以及簽章系統。

摘要(英)

Designated verifier signatures allow only a certain recipient can be convinced about the validity of a digital signature which protect the signer’’s privacy and is very useful in many applications. In this thesis, our research focus on several specific topics of DVS and it’’s variant schemes.
On the research of delegatability, first, we classify this property to fit difierent DVS variant schemes. Afterwards, two existing DVS schemes: TOO strong-DVS scheme and LSMP constant-size multi-DVS scheme are shown to be delegatable.
Observing that content extraction signatures are vulnerable on the verifier conspiracy problem. By modifying the original content extraction signature scheme with the concept of DVS, a content extraction signature scheme which can be designated to a certain recipient is proposed.
In the last part of our thesis, our objective is to construct a new restricted universal designated verifier signature. After point out the major problems of Huang et al.’’s scheme, a new restricted universal designated verifier signature scheme is proposed.

關鍵字(中)

★ 指定驗證者簽章

關鍵字(英)

★ Universal Designated Verifier Signature
★ Designated Verifier Signature
★ Restricted Universal Designated Verifier Signatu

論文目次

1 Introduction 2
1.1 Motivation of the Research . . . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Our Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.3 Organization of the Thesis . . . . . . . . . . . . . . . . . . . . . . . . 4
2 Designated Verifier and Universal Designated Verifier Signatures 6
2.1 Introduction to Designated Verifier Signatures . . . . . . . . . . . . . 6
2.1.1 Related works . . . . . . . . . . . . . . . . . . . . . . . . . . . 7
2.1.2 Definitions and security properties . . . . . . . . . . . . . . . 7
2.1.3 Trapdoor hash functions . . . . . . . . . . . . . . . . . . . . . 9
2.2 Previous Designated Verifier Signature Schemes . . . . . . . . . . . . 10
2.2.1 SKM strong DVS scheme . . . . . . . . . . . . . . . . . . . . . 10
2.2.2 HSMZ short DVS scheme . . . . . . . . . . . . . . . . . . . . 11
2.3 Introduction to Universal Designated Verifier Signatures . . . . . . . 12
2.3.1 Related works . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.3.2 Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
2.4 Previous Universal Designated Verifier Signature Schemes . . . . . . . 14
2.4.1 SBWP the first UDVS scheme . . . . . . . . . . . . . . . . . . 14
2.4.2 Steinfeld et al's SchUDV 2 scheme . . . . . . . . . . . . . . . 15
3 Non-Delegatability of Two Delegated Verifier Signatures Schemes 18
3.1 Introduction to the Non-Delegatability . . . . . . . . . . . . . . . . . 18
3.2 Classification of the Non-Delegatability . . . . . . . . . . . . . . . . . 19
3.3 On the Non-Delegatability of Two Designated Verifier Signature Schemes 21
3.3.1 TOO strong-DVS scheme . . . . . . . . . . . . . . . . . . . . 21
3.3.2 LSMP constant-size multi-DVS scheme . . . . . . . . . . . . . 22
3.3.3 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23
4 Designated Verifier Content Extraction Signature 26
4.1 Introduction to Content Extraction Signature . . . . . . . . . . . . . 26
4.2 Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27
4.2.1 Document model . . . . . . . . . . . . . . . . . . . . . . . . . 27
4.2.2 Definition of content extraction signature . . . . . . . . . . . . 28
4.3 Previous CES Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . 28
4.4 Conspiracy Issue of Content Extraction Signature . . . . . . . . . . . 29
4.5 The Proposed Designated Verifier Content Extraction Signature Scheme 30
4.6 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
5 A New Restrict Universal Designated Verifier Signature Scheme 33
5.1 Introduction to Restrict Universal Designated Verifier Signature . . . 33
5.1.1 Restriction: how to achieve? . . . . . . . . . . . . . . . . . . . 33
5.1.2 Related works . . . . . . . . . . . . . . . . . . . . . . . . . . . 34
5.2 Formal Definition of Restrict Universal Designated Verifier Signature
Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
5.2.1 Algorithms . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35
5.2.2 Restrict property . . . . . . . . . . . . . . . . . . . . . . . . . 36
5.3 Security Issue of Huang et al.'s Restrict Universal Designated Verifie
Signature Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
5.3.1 Review of huang et al.’s RUDVS scheme . . . . . . . . . . . . 3
5.3.2 On the weakness of Huang et al.'s RUDVS scheme . . . . . . . 3
5.4 A New RUDVS Scheme . . . . . . . . . . . . . . . . . . . . . . . . . 39
5.4.1 The basic construction . . . . . . . . . . . . . . . . . . . . . . 39
5.4.2 Signature-reusing issue of the basic construction . . . . . . . . 40
5.4.3 A concrete RUDVS scheme . . . . . . . . . . . . . . . . . . . 41
5.4.4 Security analysis of the proposed RUDVS scheme . . . . . . . 43
5.5 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
6 Conclusions 47
6.1 Brief Review of Main Contributions . . . . . . . . . . . . . . . . . . . 47
6.2 Future Works . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48
7 Bibliography · · · · · · · · · · · · · · · · · · · · · · · 50

參考文獻

[1] David Chaum and Hans Van Antwerpen, "Undeniable signatures," Advances in Cryptology - CRYPTO '89, LNCS 435, pp. 212-216, springer, 1990.
[2] David Chaum, "Zero-knowledge undeniable signatures," Advances in Cryptology - EUROCRYPT '90, LNCS473, pp. 458-464, Springer, 1991.
[3] D. Boneh, B. Lynn, and H. Shacham, "Short Signatures from the Weil pairing," Advances in Cryptology - Asiacrypt '01, LNCS 2248, pp. 514-532, Springer, 2001.
[4] B. Boneh and X. Boyen, "Short Signature Without Random Oracles," Proc. of Public Key Cryptography 2004 - PKC 2004, LNCS 2947, pp.277-290, Springer, 2004.
[5] M. Klonowski, P. Kubiak, M. Kutylowsiki, and A. Lauks, "How to Protect Signature from Being Shown to a Third Party," In Tust and Privacy in Digital Business - TrustBus 2006, Lect. Notes Comput. Sci., vol. 4083, pp. 192–202, Springer, 2006.
[6] Ronald L. Rivest, Adi Shamir, and Yael Tauman, "How to leak a secret," Advance in Cryptology - ASIACRYPT '01, LNCS 2248, pp. 552-565, Springer, 2001.
[7] A.shamir and Y. Tauman, "improved Online/Offine Signature schemes," Advance in Cryptology - CRYPTO '01, LNCS 2139, pp. 355-367, Springer, 2001.
[8] G. Brassard, D. chaum, C. Crepeau, "Minimum Disclosure Proofs of Knowledge," Joural of Computer and System Sciences, Vol. 37, No. 2, pp. 156-189.
[9] H. Krawczyk and T. Radin, "Chameleon Signatures, In Network and Distributed Systems Security Symposium - NDSS 2000, Internet Society, pp. 143-154.
[10] G. Ateniese, and B. de Medeiros, "Identity-based chameleon hash and applications," In Financial Cryptography - FC '04, LNCS 3110, pp. 164-180, Springer, 2004.
[11] X. Chen, F. Zhang, and K. Kim, "Chameleon Hashing without Key Exposure," In Information Security Conference - ISC '04, LNCS 3225, pp. 87-98, Springer, 2004.
[12] R. Steinfeld, L. Bull, and Y. Zheng, "Content Extraction Signatures," In In ternational Conference on Information Security and Cryptology - ICISC 2001, LNCS 2288, pp. 285–304, Springer, 2001
[13] L. Bull, P. Stanski, and D. M. Squire, "Content Extraction Signatures Using XML Digital Signatures and Custom Transforms On-Demand," Proceedings of the 12th international conference on World Wide Web - WWW '03, ACM Press, pp. 170–177
[14] M. Jakobsson, K. Sako, and R. Impagliazzo, "Designated Verifier Proofs an Their Applications, Advances in Cryptology - EUROCRYPT '96, LNCS 1070, pp. 143–154, Springer, 1996.
[15] S. Saeednia, S. Kremer, and O. Markowitch, “An Efficient Strong Designated Verifier Signature Scheme," Proc. of 6th International Conference on Information Security and Cryptology - ICISC 2003, LNCS 2971, pp. 40–54, Springer, 2003.
[16] W. Susilo, F. Zhang, and Y. Mu, "Identity-Based Strong Designated Verifier Signature Schemes," Proc. of 9th Australasian Conference on Information Security and Privacy - ACISP 2004, LNCS 3108, pp. 313–324, Springer, 2004.
[17] F. Laguillaumie and D. Vergnaud, "Designated Verifier Signature: Anonymity and Efficient Construction From Any Biliner Map," Proc. of 4th Confernce on Security in Communication Network - SCN 2004, LNCS 3352, pp. 495–507, Springer, 2004.
[18] H. Lipmaa, G. Wang, and F. Bao, "Designated Verifier Signature Schemes Attacks, New Security Notions and a New Construction," Proc. of 32nd International Colloquium on Automata, Language and Programming - ICALP 2005, LNCS 3580, pp. 459–471, Springer, 2005.
[19] R. Tso, T. Okamoto, and E. Okamoto, "Practical Strong Designated Verifier Signature Schemes Based on Double Discrete Logarithms," Proc. of SKLOIS Conference on Information Security and Cryptology - CISC 2005, LNCS 3822, pp. 113–127, Springer, 2005.
[20] Y. Li, H. Lipmaa, and D. Pei, "On the Delegatability of Four Designated Verifier Signatures," Proc. of 7th International Conference on Information and Communications Security - ICICS 2005, LNCS 3783, pp. 61–71, Springer, 2005.
[21] K. Phani Kumar, G. Shailaja, and A. Saxena "Identity Based Strong Designated Verifier Signature Scheme," IACR ePrint Report 2006/134, 2006.
[22] X.Y. Huang, W. Susilo, Y. Mu, and F.T. Zhang, "Short (Identity-Based Strong Designated Verifier Signature Schemes," Proc. of 2ed Information Security Practice and Experience - ISPEC 2006, LNCS 3903, pp. 214–225, Springer, 2006.
[23] X.Y. Huang, W. Susilo, Y. Mu and F.T. Zhang, "Short Designated Verifier Signature Scheme and Its Identity-based Variant," International Joural of Network Security - IJNS 2006, Vol. 42, No. 1, pp. 71-74, 2006.
[24] Y. Li, W. Susilo, Y. Mu, and D. Pei, "Designated Verifier Signature: Definition Framework and New Constructions," Proc. of 4th International Conference on Ubiquitous Intelligence and Computing - UIC 2007, LNCS 4611, pp. 1191–1200, Springer, 2007.
[25] R. Steinfeld, L. Bull, H. Wang, and J. Piperzyk "Universal Designated-Verifier Signatures," Advances in Cryptology - Asiacrypt '03, LNCS 2894, pp. 523–542, Springer, 2003.
[26] R. Steinfeld, H. Wang, and J. Pieprzyk, "Efficient Extension of Standar Schnorr/RSA Signature into Universal Designated-Verifier Signature," Proc. of Public Key Cryptography 2004 - PKC 2004, LNCS 2497, pp. 86–100, Springer, 2004.
[27] C.Y. Ng, W. Susilo and Y. Mu "Universal Designated Multi Verifier Signature Schemes," Proc. of The 11st International Conference on Parallel and Distributed Systems - ICPADS2005, IEEE Press, Vol. 2, pp. 305–309, 2005.
[28] J. Baek, R. Safavi-Naini, and W. Susilo, "Universal Designated Verifier Signature Proof(or How to Efficiently Prove the Knowledge of a Signature)," Advances in Cryptology - Asiacrypt '05, LNCS 3788, pp. 644–661, Springer, 2005.
[29] R. Zhang, J. Furukawa, and H. Imai, "Short Signature and Universal Designated Verifier Signature Without Random Oracles," Proc. of Applied Cryptography and Network Security - ACNS 2005, LNCS 3531, pp. 483–498, Springer, 2005.
[30] F.G. Zhang, W. Susilo, Y. Mu, and X.F. Chen, "Identity-based Universal Designated Verifier Signatures," Proc. of First International Workshop on Security in Ubiquitous Computing Systems - SecUbiq 2005, LNCS 3823, pp. 825–834, Springer, 2005.
[31] X.Y. Huang, W. Susilo, Y. Mu and W. Wu, "Universal Designated Verifier Signature without Delegatability," Proc. of 8th International Conference on Information and Communications Security - ICICS 2006, LNCS 4307, pp. 479-498, Springer, 2006.
[32] G. Shailaja, K. Phani Kumar, and A. Saxena, "Universal Designated Multi Verifier Signature without Random Oracles," Proc. of 9th International Conference on Information Technology - ICIT 2006, IEEE Press, pp. 168–171, 2006.
[33] D. Vergnaud, "New Extensions of Pairing-based Signatures into Universal Designated Verifier Signatures," Proc. of 33rd International Colloquium on Automata, Languages and Programming - ICALP 2006, LNCS 4052, pp. 58–69, Springer, 2006.
[34] X.Y. Huang, W. Susilo, Y. Mu, and W. Wu, "Secure Universal Designated Verifier Signature without Random Oracles," International Journal of Information Security, 2007.
[35] X. Huang, W. Susilo, Y. Mu, and F. Zhang, "Restricted Universal Designated Verifier Signature," Proc. of 3rd International Conference on Ubiquitous Intelligence and Computing - UIC 2006, LNCS 4159, pp. 874–882, Springer, 2006.
[36] F. Laguillaumie and D. Vergnaud, "On the Soundness of Restricted Universal Designated Verifier Signatures and Dedicated Signature," Proc. of Information Security Conference - ISC 2007, LNCS 4779, pp. 175–188, Springer, 2007.
[37] F. Laguillaumie and D. Vergnaud, "Multi-Designated Verifier Signatures, Proc. of Information and Communication Security - ICICS 2004, LNCS 3269, pp. 495-507, Springer, 2004.
[38] C. Ma, and D. He, "A New Chameleon Multi-Signature Based on Bilinear Pairing," Proc. of Grid and Cooperative Computing - GCC 2004, LNCS 3252, pp. 329–334, Springer, 2004.
[39] Sherman S.M. Chow, "Identity-based Strong Multi-Designated Verifiers Signatures," Proc. of 3rd European PKI Workshop: Research and Applications - EuroPKI 2006, LNCS 4043, pp. 257-259, Springer, 2006.
[40] S. Lal and V. Verma, “Some Identity Based Strong Bi-Designated Verifier Signature Schemes," IACR ePrint Report 2007/193, 2007.
[41] Stefan Brands, "Untraceable Off-Line Cash in Wallets with Observers, Advances in Cryptology - CRYPTO '93, LNCS 773, pp. 302-318, Springer, 1994.
[42] Yair Frankel, Yiannis Tsiounis, and Moti Yung, "Indirect discourse Proofs Achieving Efficient Fair Off-Line E-Cash System," Proceedings of ASIACRYPT '96, pp. 286-300.
[43] Markus Jakobsson and Moti Yung, "Revokable and Versatile Electronic Money," In 3rd ACM Conference on Computer and Communications Security, pp. 76-87, 1996.
[44] Markus Jakobsson and Ari Juels, "X-Cash Executable Digital Cash, In Financial Cryptography - FC '98, LNCS, Vol. 1465, pp. 16-27, Springer, 1998.

指導教授

顏嵩銘(Sung-Ming Yen)

審核日期

2009-7-7

推文