跳到主要內容

簡易檢索 / 詳目顯示

回結果列表
研究生: 蔣函霏
Han-fei Chiang
論文名稱: 簽章驗證加速機制之安全性分析
Cryptanalysis on Mechanisms for Accelerating Signature Verification
指導教授: 顏嵩銘
Sung-ming Yen
口試委員:
學位類別: 碩士
Master
系所名稱: 資訊電機學院 - 資訊工程學系
Department of Computer Science & Information Engineering
畢業學年度: 96
語文別: 英文
論文頁數: 55
中文關鍵詞: 電子簽章伺服器輔助驗證批次驗證
外文關鍵詞: server-aided verification, digital signature, batch verification
相關次數: 點閱:11下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 簽章驗證通常包含許多複雜且耗時之運算,為了促進驗證效率,驗證者可採取某些機制輔助,以減少驗證時之線上運算量。其中最為著名的驗證加速機制分別為批次驗證,與伺服器輔助驗證。批次驗證之概念為將簽章整批處理,期望能達到比將簽章依次處理而更佳的驗證速度。伺服器輔助驗證之概念為,將驗証者所需之部分運算量,交由一計算能力更為強大的伺服器協助計算,以減輕驗證者之運算負擔。然而此兩種機制於設計時皆須謹慎考量,以避免降低原本簽章系統之安全性。本論文分別針對批次驗證及伺服器輔助驗證,提出安全性分析並且加以深入討論,指出其安全考量上之重要性。

    Signature verification involves time-consuming operations. There are two mechanisms supposed to accelerate signature verification. One is batch verification, and the other is server-aided verification. Batch verification aims to verify signatures in a batch to reduce re-operations. Server-aided verification aims to delegate part of computational load to a powerful but untrusted server to ease the on-line computational burden. Both of the two mechanisms should carefully avoid violating the security guarantee of the original signature schemes. In the thesis the cryptanalysis on both batch verification and server-aided verification is provided with the security
    notions.

    1 Introduction 1 1.1 Motivation of This Work 1 1.2 Contribution 3 2 Preliminary of Digital Signatures 4 2.1 Digital Signature Schemes 4 2.1.1 PKI-Based Signature Schemes4 2.1.2 ID-Based Signature Schemes 5 2.2 A Special Mathematical Structure: Bilinear Maps 5 2.3 Efficiency Evaluation 6 3 Batch Verification 7 3.1 Related Work of Batch Verification 8 3.2 Definitions of Batch Verification 8 3.3 Generic Methods for Batch Verification 11 3.3.1 Random Subset Test 11 3.3.2 Small Exponents Test 12 3.3.3 Sparse Exponents Test 13 3.4 Batch Verification of Signatures 14 3.4.1 Cha-Cheon IBS Scheme with Batch Verification 14 3.5 Batch Screening of Signatures 16 3.5.1 Brief Review of IBS Schemes with Batch Screening 16 3.5.2 Hess IBS Scheme with Batch Screening 18 3.5.3 YCK IBS Scheme with Batch Screening 19 3.5.4 An Improper Attack against YCK Scheme 20 3.6 Cryptanalysis on CDC Batch Screener 22 3.6.1 Review of CDC IBS Scheme with Batch Screening 22 3.6.2 Insider Attack against CDC Batch Screener 23 3.6.3 Outsider Attack against CDC Batch Screener 24 3.6.4 Flaw of the Security Proof of CDC Batch Screener 26 3.7 Batch Verification and Ring Signatures 27 3.7.1 Brief Review of Ring Signatures 27 3.7.2 Construct A Ring Signature Scheme from Insecure Batch Verification 28 3.7.3 Proposed Attack against Chow-Wong Ring Signature Scheme 29 3.8 Summary 31 4 Server-Aided Verification 32 4.1 Definitions of Server-Aided Verification 33 4.2 Review of Lim-Lee SAV Protocol 34 4.3 Cryptanalysis on Yen-Laih SAV Protocol 35 4.3.1 Review of Yen-Laih’s SAV Protocol 35 4.3.2 Proposed Attack 1 37 4.3.3 Proposed Attack 2 37 4.4 Vulnerability of GL SAV Protocol with the Security Model 38 4.4.1 The Generic SAV Protocol 39 4.4.2 The ZSNS Signature Scheme with SAV Protocol 39 4.4.3 Security Argument 40 4.5 Summary 41 5 Conclusions 42 Bibliography 43

    [1] M. Bellare, J. Garay, and T. Rabin, “Fast batch verification for modular exponentiation and digital signatures,” Advances in Cryptology – Eurocrypt ’98,
    LNCS 1403, pp. 236–250, Springer-Verlag, 1998.
    [2] D. Boneh, B. Lynn, and H. Shacham, “Short signature form weil pairing,” Proc. of Asiacrypt ’01, LNCS 2248, pp. 514–532, Springer-Verlag, 2001.
    [3] J. Camenisch, S. Hohenberger, and M. Ø. Pedersen, “Batch verification of Short Signatures,” Advances in Cryptology – Eurocrypt ’07, LNCS 4515, pp. 246–263,
    Springer-Verlag, 2007.
    [4] T. Cao, D. Lin and R. Xue, “Security analysis of some batch verifying signatures from pairings,” International Journal of Network Security, vol.3, no.2, pp.112–117, 2006.
    [5] J. Cha and J. Cheon, “An ID-based signature from gap-Diffie-Hellman groups,” Public Key Cryptography – PKC''03, LNCS 2567, pp. 18–30, Springer-Verlag, 2003.
    [6] J. H. Cheon and D. H. Lee, “Use of sparse and/or complex exponents in batch verification of exponentiations,” IEEE Trans. on Computers, vol. 55, no.12,
    pp. 1536–1542, 2006.
    [7] J. H. Cheon and J. H. Yi, “Fast batch verification of multiple signatures,”Public Key Cryptography – PKC ’07, LNCS 4450, pp. 442–457, , Springer-Verlag, 2007.
    [8] S. S. M. Chow and D. S. Wong, “Anonymous identification and designated-verifiers signatures from insecure batch verification,” Public Key Infrastructure
    – EuroPKI ’07, LNCS 4482, pp. 203–219, Springer-Verlag, 2007.
    [9] S.S.M. Chow, S.M. Yiu, and L. C.K. Hui, “Efficient identity based ring signature,”Proc. of ACNS’05, LNCS 3531, Springer-Verlag, pp. 499-512, 2005.
    [10] S. Cui, P. Duan and C. W. Chan, “An efficient identity-based signature scheme with batch verifications,” Proc. of the First International Conference on Scalable
    Information Systems – INFOSCALE ’06, vol. 152, ACM press, 2006.
    [11] M. Dijk, D. Clarke, B. Gassend, G. E. Suh, S. Devadas, “Speeding up exponentiation using an untrusted computational resource,” Technical Report. Memo 469, MIT CSAIL Computation Structures Group, 2003. (Also appear in
    Designs, Codes and Cryptography, 2006.)
    [12] A. Fiat, “Batch RSA,” Advances in Cryptology – Crypto ’89, LNCS 435, pp.175–185, Springer-Verlag, 1990.
    [13] M. Girault and D. Lefranc, “Server-aided verification: Theory and practice,”Proc. of Asiacrypt ’05, LNCS 3788, Springer-Verlag, pp. 605-623, 2005.
    [14] M. Girault, G. Poupard, and J. Stern, “Some modes of use of the GPS identification scheme,” 3rd Nessie Conference, Springer-Verlag, 2002.
    [15] J. Herranz and G. Saez, “New identity-based ring signature schemes,” Proc. of ICICS’04, LNCS 3269, Springer-Verlag, pp. 27-39, 2004.
    [16] F. Hess, “Efficient identity based signature schemes based on pairings,” Selected Areas in Cryptography – SAC ’02, LNCS 2595, pp. 310 – 324, Springer-Verlag, 2002.
    [17] S. Hohenberger and A. Lysyanskaya, “How to securely outsource cryptographic computations,” Theory of Cryptography, Second Theory of Cryptography Conference,
    LNCS 3378, Springer-Verlag, pp. 264V282, 2005.
    [18] C. H. Lim and P. J. Lee, “Server (prover/signer)-aided verification of identity proofs and signatures,” Eurocrypt ’95, LNCS 921, Springer-Verlag, pp. 64V78,
    1995.
    [19] T. Matsumoto, K. Kato and H. Imai, “Speeding up secret computations with insecure auxiliary devices,” Proc. of CRYPTO ’88, LNCS 403, Springer-Verlag, pp. 497-506, 1988.
    [20] S. Mitsunari, R. Sakai, and M. Kasahara, “A new traitor tracing,” IEICE Trans. Fundamentals, vol. E85-A, no. 2, pp. 481–484, 2002.
    [21] D. Naccache, D. M’raihi, S. Vaudenay, and D. Raphaeli, “Can D.S.A. be improved? complexity trade-offs with the digital signature standard,” Advances in Cryptology – Eurocrypt ’94, LNCS 950, pp. 77–85, Springer-Verlag, 1994.
    [22] R. Rivest, A. Shamir, and Y. Tauman, “How to leak a secret,” Asiacrypt’01, LNCS 2248, Springer-Verlag, pp. 552-565, 2001.
    [23] A. Shamir, “Identity-based cryptosystems and signature schemes,” Advances in Cryptology – Crypto ’84, LNCS 196, pp. 47–53, Springer-Verlag, 1985.
    [24] S. M. Yen and C. S. Laih, “Server-aided honest computation for cryptographic applications,” Computers Math. Applic., 26(12), pp. 61-64, 1993.
    [25] S.M. Yen and C.S. Laih, “Improved digital signature suitable for batch verification,”IEEE Trans. on Computers, vol. 44, no. 7, pp. 957–959, 1995.
    [26] H. Yoon, J. H. Cheon, and Y. Kim, “Batch verifications with ID-based signatures,”Information Security and Cryptology – ICISC ’04, LNCS 3506, pp.233–248, Springer-Verlag, 2005.
    [27] F. Zhang and K. Kim, “Efficient ID-based blind signature and proxy signature from bilinear pairings,” Proc. of ACISP ’03, LNCS 2727, pp. 312–323, Springer-
    Verlag, 2003.
    [28] F. Zhang, R. Safavi-Naini, and W. Susilo, “Efficient verifiably encrypted signature and partially blind signature from bilinear pairings,” Proc. of Indocrypt
    ’03, LNCS 2904, pp. 191–204, Springer-Verlag, 2003.
    [29] F. Zhang, R. Safavi-Naini, and W. Susilo, “An efficient signature scheme from bilinear pairings and its applications,” Public Key Cryptography – PKC ’04,LNCS 2947, pp. 277–290, Springer-Verlag, 2004.

    QR CODE
    :::