淡江大學覺生紀念圖書館 (TKU Library)
進階搜尋


下載電子全文限經由淡江IP使用) 
系統識別號 U0002-2101201416044400
中文論文名稱 可保護守法簽名者的不可鏈結同時簽密法
英文論文名稱 Unlinkable Concurrent Signcryption Scheme with Innocent Signer Protection
校院名稱 淡江大學
系所名稱(中) 資訊工程學系資訊網路與通訊碩士班
系所名稱(英) Master's Program in Networking and Communications, Department of Computer Science and Information Engineering
學年度 102
學期 1
出版年 103
研究生中文姓名 李彥賜
研究生英文姓名 Yen-Shih Lee
電子信箱 tony.t0705@msa.hinet.net
學號 600420276
學位類別 碩士
語文別 英文
口試日期 2014-01-16
論文頁數 53頁
口試委員 指導教授-黃心嘉
委員-顏嵩銘
委員-黃仁俊
委員-黃心嘉
中文關鍵字 同時簽章  不可鏈結性  擔保  簽密法  隱私保護  機密性 
英文關鍵字 Concurrent signatures  unlinkability  commitment  signcrytpion  privacy protection  confidentiality 
學科別分類 學科別應用科學資訊工程
中文摘要 同時簽章法可以分成兩類: 可鏈結的同時簽章法與不可鏈結的同時簽章法。保護個人隱私而言,不可鏈結的同時簽章法優於可鏈結的同時簽章法。然而,在可鏈結的同時簽章法下,被交換的訊息與簽章對之間的鏈結關係是明顯的,所以誠實簽名者可以在簽章有違法爭議時,用來證明其清白;相對的,不可鏈結的同時簽章法沒有任何鏈結,所以一個誠實的簽名者無法在爭議出現時,提供鏈結證據以證明他的簽章用途是合法的。為了避免這樣的缺陷,不可鏈結的同時簽章法應該有可供事後解決爭議的指定驗證者鏈結證據,在提供指定驗證者鏈結證據時,同時保有能保護隱私的不可鏈結性。此外,為了完善的隱私保護,訊息的機密性是必須具有的。本論文首先提出一個指定驗證者擔保的概念,在指定驗證者擔保的概念下,提出一個可保護守法簽名者的不可鏈結同時簽密機制。此外,本論文提出一個欺騙攻擊,指出Zhang跟Xu兩位學者的改進同時簽章法不滿足公平性,初始簽名者可透過此攻擊讓自己拿到未經同意的同時簽章,但是對應簽名者卻拿不到約定好的同時簽章。
英文摘要 Concurrent signature schemes can be classified into two classes: linkable concurrent signatures and unlinkable concurrent signatures. To protect the transaction privacy, the unlinkable concurrent signatures are better than the linkable ones. However, the unlinkable concurrent signatures cannot used as innocence clarification since no link between the exchanged message and concurrent signature pairs can be used to prove their concurrent signatures have legal and valid usages. To prevent this flaw, the concept of designated verifier commitment is proposed first. By adopting our designated verifier commitment, an unlinkable concurrent signcryption scheme with innocent signer protection is proposed to provide privacy protection and innocence classification at the same time. Moreover, our scheme efficiently provides the message confidentiality for complete privacy protection. Besides, a cheating attack is proposed to show that Zhang and Xu’s scheme is unfair, since the initial signer can obtain a concurrent signature on messages without the matching signer’s agreement while the matching signer cannot obtain his/her desired concurrent signature.
論文目次 Table of Content
Chapter 1 Introduction 1
1.1 Our Contribution 3
Chapter 2 Preliminaries 6
2.1 Hwang and Sung Confidential Deniable Authentication Protocol 6
2.2 Underlying Hard Problems 7
Chapter 3 Our Designated Verifier Commitment Scheme 8
3.1 Our Concrete Designated Verifier Commitment(DVC) Scheme 8
3.2 Security Proofs of Our DVC scheme 9
Chapter 4 Our Unlinkable Concurrent Signcryption Scheme with Innocent Signer Protection(UCSS-ISP) 17
4.1 The Concrete UCSS-ISP 17
4.2 Security Analysis of Our UCSS-ISP 23
4.3 Identification and Further Research 39
Chapter 5 Security Flaws in Zhang and Xu Improved Concurrent Signature Scheme 40
5.1 Review of Zhang and Xu Sceme 40
5.2 Cryptanalysis of Zhang and Xu Scheme 43
Chapter 6 Conclusion 45
References 46
Appendix 49
參考文獻 [1] L. Chen, C. Kudla, K.G. Paterson, “Concurrent Signatures,” Advances in Cryptology- EUROCRYPT 2004, LNCS 3207, Berlin Heidelberg: Springer-Verlag, 2004, pp. 287-305.
[2] W. Susilo, Y. Mu, F. Zhang, “Perfect Concurrent Signature Schemes,” Information and Communications Security, LNCS 3269, Berlin Heidelberg: Springer-Verlag, 2004, pp. 14-26.
[3] K. Nguyen, “Asymmetric Concurrent Signatures,” Information and Communications Security, LNCS 3783, Berlin Heidelberg: Springer-Verlag, 2005, pp. 181-193.
[4] G. Wang, F. Bao and J. Zhou, “The Fairness of Perfect Concurrent Signatures,” The 8th International Conference on Information and Communications Security (ICICS 2006), LNCS 4307, New York: Springer-Verlag, pp. 435-451, 2006.
[5] Y.C. Chen, “On the Research of Fair Exchange Protocols and Micropayment Schemes,” Master Thesis, National Central University, Taiwan, ROC, 2006.
[6] Y. Mu, D. Wong, L. Chen, W. Susilo, and Q. Wu, “Concurrent Signature without
a Conventional Keystone,” in Proceedings of the First International Workshop on Coding and Cryptology, 2007, pp. 196-213.
[7] Z. Huang , R. Huang and X. Lin, “Perfect Concurrent Signature Protocol,” in Eighth ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, 2007, pp. 467–472.
[8] H. Z. Hwang, Concurrent Signatures: Security Notions, Analysis, and Construction Issues, Master Thesis, National Central University, Taiwan, ROC, 2008.
[9] Y. Zhang and X. Wang, “Message Substitute Attack on Concurrent Signatures Protocol and its Improvement,” in Electronic Commerce and Security (ISECS 2008), IEEE press, 2008, pp. 497-501.
[10] Y. Li, D. He, and X. Lu, “Accountability of Perfect Concurrent Signature,” in Computer and Electrical Engineering (ICCEE 2008), Dec. 2008, pp. 773-777.
[11] X. Huang and L. Wang, "A Fair Concurrent Signature Scheme Based on Identity," in High Performance Computing and Applications (HPCA 2009), LNCS 5938, Berlin Heidelberg: Springer-Verlag, 2010, pp. 198-205.
[12] Z. Huang, J. Chen, “Certificate-Based Perfect Concurrent Signatures,” in International Conference on Multimedia Information Networking and Security, 2010, pp. 526–530.
[13] H. Jiang, Q. Xu and C. Zhang, “Convertible Perfect Concurrent Signature Protocol,” in 2010 International Conference on Computational Intelligence and Security, 2010, pp. 352–356.
[14] W. Qin and N. R. Zhou, “New Concurrent Digital Signature Scheme Based on The Computational Diffie-Hellman Problem,” in The Journal of China Universities of Post and Telecommunications, Vol. 17, Issue 6, pp. 89-94, Dec. 2010.
[15] S. J. Hwang and T. Y. Hsu, “A Concurrent Signature Scheme with Anonymity and Identification,” Journal of Computers, Vol. 21, No.1, April 2010.
[16] Z. Zhang, S. Xu, “Cryptanalysis and Improvement of a Concurrent Signature Scheme Based on Identity,” in IEEE 2nd International Conference on Software Engineering and Service Science, 2011, pp. 453–456.
[17] M. Luo, C. H. Zou, J. Hu and Y. Y. Wen, “Concurrent Signcryption Using Bilinear Pairings for E-commerce,” China Communications, Vol. 8, No. 2, pp. 1-11, 2011, [On-line] Available: http://www.chinacommunications.cn/fileup/PDF/2011-8-2-001.pdf
[18] Y. Zhang and X. Wang, “Identity-Based Concurrent Signature Scheme With Improved Accountability,” in 2011 Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing, 2011, pp.514-519.
[19] C. H. Wang and C. C. Chen, “An Efficient Model of Enhancing Fairness Level in Concurrent Signatures by Using an Off-line TTP,” in 6th Joint Workshop on Information Security (JWIS2011).
[20] T. H. Yuen, D. S. Wong, W. Susilo and Q. Huang, “Concurrent Signature with Fully Negotiate Binding Control,” ProvSec2011, LNCS 6980, Berlin Heidelberg: Springer-Verlag, 2011, pp. 170-187.
[21] X. Tan, Q. Huang and D. S. Wong, “Concurrent Signature without Random Oracles,” Cryptology ePrint Archive: version-20121024:052542.
(http://eprint.iacr.org/2012/576)
[22] Y. Zheng, “Digital Signcryption or How to Achieve Cost(Signature & Encryption) << Cost(Signature) + Cost(encryption),” Advances in Cryptology — CRYPTO'97, LNCS 1294, New York: Springer-Verlag, 1997, pp. 165-179.
[23] T.P. Pedersen, “Non-interactive and information-theoretic secure verifiable secret sharing,” Advances in Cryptology-CRYPTO' 91, LNCS576, New York; Springer-Verlag, 1992, pp. 129-140.
[24] S. J. Hwang and Y. H. Sung, “Confidential Deniable Authentication Using Promised Signcryption,” Journal of Systems and Software, Vol. 84, pp. 1652-1659, 2011.
[25] C. P. Schnorr, “Efficient Identification and Signatures for Smart Cards,” Advances in Cryptology—CRYPTO’ 89, LNCS 435, Berlin Heidelberg: Springer-Verlag, 1990, pp. 239-252.
[26] D. Pointcheval and J. Stern, “Security Arguments for Digital Signatures and Blind Signatures,” Journal of Cryptography, No. 3, Vol.13, pp. 361-396, 2000.
論文使用權限
  • 同意紙本無償授權給館內讀者為學術之目的重製使用,於2014-01-24公開。
  • 同意授權瀏覽/列印電子全文服務,於2014-01-24起公開。


  • 若您有任何疑問,請與我們聯絡!
    圖書館: 請來電 (02)2621-5656 轉 2281 或 來信