跳到主要內容

簡易檢索 / 詳目顯示

回結果列表
研究生: 王建鋐
Jian-Hong Wang
論文名稱: 具次數限制的代理簽章之研究
Research of Proxy Signature with Restricted Times of Delegation
指導教授: 顏嵩銘
Sung-Ming Yen
口試委員:
學位類別: 碩士
Master
系所名稱: 資訊電機學院 - 資訊工程學系
Department of Computer Science & Information Engineering
論文出版年: 2013
畢業學年度: 101
語文別: 英文
論文頁數: 43
中文關鍵詞: 代理簽章次數限制懲罰能力代理撤銷RSA代理簽章
外文關鍵詞: Proxy sigature, Restricted delegation, Penalty capability, Proxy revocation, RSA-based proxy signature
相關次數: 點閱:16下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 代理簽章為數位簽章的一種應用,目的在於將原始簽章者自身的簽署能力轉交給代理人。然而現今的代理簽章系統大多仍無法限制代理人能夠簽署的代理簽章數量。也就是說,不懷好意的代理人可以在代理期間內毫無節制產生正確的代理簽章,這會使原始簽章者受到重大的損失。而解決的方案便是使用具次數限制的代理簽章。利用次數限制機制中的懲罰能力讓代理人嚴謹且認真的做好代理人的角色。

    而在我們研究過程中找出Choi等人及Hong等人的具次數限制的代理簽章,其分別設計在Schnorr及DSA簽章系統上。但在我們研究分析中發現到彼此都存在缺陷,故在此篇論文中我們會提出證明說明其缺陷。而我們藉由改善Hong等人的方法設計一個基於Schnorr簽章系統的具次數限制的代理簽章。

    目前多數具次數限制的代理簽章皆以離散對數難題所建立的系統為主。而基於分解因數難題的代理簽章系統,至今卻沒有一個具有限制次數的能力。故本篇我們也提出一個具次數限制的RSA代理簽章。而我們的方法,除了具備了基本的代理簽章安全需求之外,也比Hong等人的具次數限制的DSA代理簽章來的有效率。

    Proxy signature, a type of digital signature, allows the original signer to authorize the proxy signer to sign documents on behalf of the original signer and this practical function becomes useful for many applications.

    However, unlimited delegation of signing capability might lead to security concern. If a proxy signer generates inappropriate proxy signatures with bad intention during the delegation period, the original signer may suffer great losses. To address the aforementioned issue, Choi et al. proposed a modified Schnorr signature scheme with restricted signing capability and recently Hong et al. proposed a multiple-times proxy signature scheme based on the DSA scheme.

    In this paper, we point out that Choi et al.'s scheme fails to satisfy strong unforgeability of the ordinary proxy signature scheme. We also demonstrate a security flaw of Hong et al.'s scheme. In addition to pointing out the flaws of these schemes, we further improve Hong et al.'s method. And we think that his method is also applicable to Schnorr signature scheme. Hence, we propose Schnorr-based proxy signature scheme with restricted times of delegation by the improved Hong et al.'s method.

    The above schemes are based on the discrete logarithm problem. The related research based on the factoring large integer problem has not been proposed. Hence, in this thesis, we propose an RSA-based proxy signature with restricted times of delegation. In addition to satisfying all the basic security requirements, our scheme is more efficient than Hong et al.'s scheme in the signing and verification phases.

    1 Introduction 1 1.1 Motivation of the Research . . . . . . . . . . . . . . . . . . . . . . . . 1 1.2 Overview of the Thesis . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2 Preliminary 5 2.1 Review of Proxy Signature . . . . . . . . . . . . . . . . . . . . . . . . 5 2.1.1 Types of Delegation for Proxy Signature . . . . . . . . . . . . 5 2.1.2 Basic Security Requirements of Proxy Signature Scheme . . . 6 2.2 Introduction to Trapdoor Hash Function . . . . . . . . . . . . . . . . 7 3 DLP-based Proxy Signature with Restricted Times of Delegation 10 3.1 Review of Yen's Scheme . . . . . . . . . . . . . . . . . . . . . . . . . 11 3.2 Review of Choi et al.'s Scheme . . . . . . . . . . . . . . . . . . . . . . 12 3.2.1 Weakness of Choi et al.'s Scheme . . . . . . . . . . . . . . . . 13 3.3 Review of Hong et al.'s Scheme . . . . . . . . . . . . . . . . . . . . . 14 3.3.1 Weakness of Hong et al.'s Scheme and Proposed Improved Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 3.4 Proposed Schnorr-based Proxy Signature Scheme . . . . . . . . . . . 17 3.4.1 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . 18 4 Proposed RSA-based Proxy Signature with Restricted Times of Delegation 21 4.1 Review of Mehta et al.'s One-time Proxy Signature . . . . . . . . . . 21 4.2 Proposed RSA-based Proxy Signature Scheme . . . . . . . . . . . . . 22 4.2.1 Security Analysis and Performance Evaluation . . . . . . . . . 24 5 Conclusions 27

    [1] A. Bakker, M. V. Steen, A.S. Tanenbaum, "A Law-abiding Peer-to-peer Network for Free-software Distribution," Proc. of NCA 2001, pp.60-67, 2001.
    [2] A. K. Awasthi, S. Lal, "Proxy Blind Signature Scheme," IACR Cryptology ePrint Archive, Report 2003/072: http://eprint.iacr.org/2003/072/, 2003.
    [3] C.J. Choi, Z. Kim, K. Kim, "Schnorr Signature Scheme with Restricted Signing Capability and Its Application," Proc. of Computer Security Symp., pp.385-390, 2003.
    [4] M. L. Das, A. Saxena, V. P. Gulati, "An Ecient Proxy Signature Scheme with Revocation," Informatica, vol. 15, no. 4, pp.455-464, 2004.
    [5] T. ElGamal, "A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms," Proc. of CRYPTO 84, LNCS vol. 196, pp.10-18, 1984.
    [6] I. Foster, C. Kesselman, G. Tsudik, S. Tuecke, "A Security Architecture for Computational Grids," CCS '98 Proc. of the 5th ACM conference on Computer and communications security, pp.83-92, 1998.
    [7] L. C. Guillou, J.J. Quisquater, "A Practical Zero-Knowledge Protocol Fitted to Security Microprocessor Minimizing Both Transmission and Memory," Proc. of EUROCRYPT 88, LNCS vol. 330, pp.123-128, 1988.
    [8] X. Hong, K.F. Chen, "Secure Multiple-times Proxy Signature Scheme," Computer Standards and Interfaces, vol. 31, no. 1, pp.19-23, 2009.
    [9] S. Kim, S. Park, D. Won, "Proxy Signatures, Revisited," Proc. of ICIS '97, LNCS vol. 1334, pp.223-232, 1997.
    [10] H. Kim, J. Baek, B. Lee, K. Kim, "Secret Computation with Secrets for Mobile Agent Using One-time Proxy Signature," Proc. of SCIS 2001, 2001.
    [11] H. Krawczyk, T. Rabin, "Chameleon Signatures," Proc. of NDSS, pp.143-154, 2000.
    [12] B. Lee, H. Kim, K. Kim, "Strong Proxy Signature and Its Applications," Proc. of SCIS 2001, 2001.
    [13] E. J.L. Lu, M.S. Hwang, C.J. Huang, "A New Proxy Signature Scheme with Revocation" Applied Mathematics and Computation, vol. 161, no. 3, pp.799-806, 2005.
    [14] Z. H. Liu, Y. P. Hu, X. S. Zhang, H. Ma, "Secure Proxy Signature Scheme with Fast Revocation in the Standard Model," The Journal of China Universities of Posts and Telecommunications, vol. 16, no. 4, pp.116-124, 2009.
    [15] B. Lee, H. Kim, K. Kim, "Secure Mobile Agent Using Strong Non-designated Proxy Signature," Proc. of ACISP 2001, LNCS vol. 2119, pp.474-486, 2001.
    [16] Y.C. Liu, H.A. Wen, C.L. Lin, T. Hwang, "Proxy-protected Signature Secure Against the Undelegated Proxy Signature Attack," Computers and Electrical Engineering, vol. 33, no. 3, pp.177-185, 2007.
    [17] R. C. Merkle, "A Digital Signature Based on a Conventional Encryption Function," Proc. of CRYPTO 87, LNCS vol. 293, pp.369-378, 2006
    [18] M. Mambo, K. Usuda, E. Okamoto, "Proxy Signatures: Delegation of the Power to Sign Messages," IEICE Trans. on Fundamentals of Electronics, Communications and Computer Sciences, vol. E79-A, no. 9, pp.1338-1354, 1996.
    [19] M. Mehta, L. Harn, "Ecient One-time Proxy Signatures," IEE Proceedings: Communications, vol. 152, pp.129-133, 2005.
    [20] NIST, "Digital Signature Standard (DSS)," Federal Information Processing Standards PUB 186-2, February 2000.
    [21] B.C. Neuman, "Proxy Based Authorization and Accounting for Distributed Systems," Proc. of the 13th International Conference on Distributed Computing Systems, pp.283-291, 1993.
    [22] T. Okamoto, M. Tada, E. Okamoto, "Extended Proxy Signatures for Smart Cards," Proc. of ISW 99 , LNCS vol. 1729, pp.247-258, 1999.
    [23] H.U. Park, I.Y. Lee, "A Digital Nominative Proxy Signature Scheme for Mobile Communication," Proc. of ICICS 2001, LNCS vol. 2229, pp.451-455, 2001.
    [24] R. L. Rivest, A. Shamir, and L. Adleman, "A Method for Obtaining Digital Signatures and Public-Key Cryptosystem," Communications of the ACM, vol. 21, no. 2, pp. 120-126, 1978.
    [25] C. P. Schnorr, "Ecient Signature Generation by Smart Cards," Journal of Cryptology, vol. 4, no. 3, pp.161-174, 1991.
    [26] Z. Shao, "Proxy Signature Schemes Based on Factoring," Information Processing Letters, vol. 85, no. 3, pp.137-143, 2003.
    [27] H. Sun, N.Y. Lee, T. Hwang, "Threshold Proxy Signatures," IEE Proceedings: Computers and Digital Techniques, vol. 146, pp.259-263, 1999.
    [28] A. Shamir, Y. Tauman, "Improved Online/Oine Signature Schemes," Proc. of CRYPTO 2001, LNCS vol.2139, pp.355-367, 2001.
    [29] H.M. Sun, "An Ecient Nonrepudiable Threshold Proxy Signature Scheme with Known Signers" Computer Communications, vol. 22, no. 8, pp.717-722, 1999.
    [30] H.M. Sun, "Design of Time-stamped Proxy Signatures with Traceable Receivers," IEE Proceedings: Computers and Digital Techniques, vol. 147, no. 6, pp.462-466, 2000.
    [31] Z. Tan, Z. Liu, C. Tang, "Digital Proxy Blind Signature Schemes Based on DLP and ECDLP," MM Research preprints, no. 21, pp.212-217, 2002.
    [32] G. Wang, F. Bao, J. Zhou, R.H. Deng, "Security Analysis of Some Proxy Signatures," Proc. of ICISC 2003, LNCS vol. 2971, pp.305-319, 2004.
    [33] H. Wang, J. Pieprzyk, "Ecient One-time Proxy Signatures," Proc. of ASIACRYPT 2003, LNCS vol. 2894, pp.507-522, 2003.
    [34] S.M. Yen, "Design and Computation of Public Key Cryptosystems," Ph.D. dissertation, Department of Electrical Engineering, National Cheng Kung University, Taiwan, Section 3.4 O -line delegation for signing signature, 1994.
    [35] K. Zhang, "Threshold Proxy Signature Schemes," Proc. of ISW '97, LNCS vol. 1396, pp.282-290, 1998.
    [36] F. Zhang, R. Safavi-Naini, C.Y. Lin, "New Proxy Signature, Proxy Blind Signature and Proxy Ring Signature Schemes from Bilinear Pairing," IACR Cryptology ePrint Archive, Report 2003/104: http://eprint.iacr.org/2003/104/, 2003.
    [37] Y. Zhou, Z. Cao, R. Lu, "Provably Secure Proxy-protected Signature Schemes Based on Factoring," Applied Mathematics and Computation, vol. 164, no. 1, pp.83-98, 2005.

    QR CODE
    :::