臺灣博碩士論文加值系統

在資訊科技的發達與網際網路的普及之下，人們逐漸仰賴資訊數位化的便利與快速，而數位簽章的產生與應用在標榜匿名的網路世界中，可輕易的達成確認通訊雙方身分與資料來源的任務，如網路購物、電子郵件的收發或網路報稅，近年來還有學者提出將秘密資訊隱藏在數位簽章內來進行通訊的數位簽章系統，這樣的簽章就外表而言與一般的簽章並無不同，但對於某些知情的人來說，卻可以得到一些潛藏於簽章內的秘密資訊，這種秘密資訊傳遞的方式即稱為潛隱通道。
潛隱通道的概念是學者Simmons首先提出來的，之後陸續有許多具潛隱通道之數位簽章系統的論文也被一一提出，針對目前已發表的相關研究中，每個潛隱接收者皆只能取得一個潛隱訊息，當應用於具有階層架構之企業或組織上時，越高階層的使用者在可以取得隸屬於其階層之下所有使用者之文件訊息的同時，卻必須維護更多把的秘密金匙，因而造成很大的不方便；故吾人依據潛隱訊息傳送方式的不同，區分為明文與密文格式，提出兩種整合階層架構與潛隱通道之數位簽章系統，此系統的特色在於每個使用者可依其職位來取得數量不等之潛隱訊息，且只需保有一把秘密金匙；另外由於密碼學技術在Bilinear pairing的應用上越趨廣泛，特別是在數位簽章系統的發展上，所以吾人亦提出一個植基於Bilinear pairing之潛隱通道系統，其架構在學者Hess所提出以ID為基礎之數位簽章系統上，相較於學者Zhang、Lee與Kim所提出的植基於bilinear pairing之潛隱通道系統，吾人的系統具有較高的效率。

With the development of Internet and information technology, people gradually depend on the convenience and speediness brought by the digital information. However, in the anonymous Internet, it is very easy to achieve the authentication of identities and the source of the information by digital signatures. Like Internet shopping, e-mail or the tax statement in the Internet, some researchers proposed digital signature systems that can embed the secret messages for secret communication. This kind of the digital signature looks like the same as the general digital signature. But some authorized receivers can get secret messages from the digital signature. The way that transmits messages confidentially is named subliminal channel.
The concept of subliminal channel is first proposed by Simmons. After that, many researches of digital signature with subliminal channels have been proposed. In these researches, each subliminal receiver can only get one subliminal message. It is inconvenient for a hierarchical company or organization because that a chief has to maintain many secret keys to ensure that he can get all his subordinates’ information. Therefore, according to the form of the transmitted subliminal messages, plaintext or ciphertext, we will combine the concepts of user hierarchy and subliminal channel, and propose two digital signature schemes with subliminal channels. The schemes’ feature is that the subliminal receivers can get different number of subliminal messages in accordance with the positions of the users, and everyone just needs to keep one secret key. Besides, the bilinear pairing has been found many kinds of applications in cryptography, especially the digital signature systems. So we also propose a subliminal channel based on the bilinear pairing in Hess’s ID-based signature scheme. Compare with Zhang-Lee-Kim subliminal channel scheme based on the bilinear pairing, our proposed scheme is more efficient.

中文摘要 IV
ABSTRACT V
致　謝 VI
目　次 VII
圖表目錄 X
第一章　緒論 1
1.1　研究背景 1
1.2　研究動機與目的 1
1.3　章節概要 2
第二章　數位簽章系統與潛隱通道技術 4
2.1　數位簽章系統 4
2.1.1　數位簽章系統之簡介 4
2.1.2　ElGamal數位簽章系統之簡介 9
2.1.3　Hess ID-based數位簽章系統之簡介 12
2.2　潛隱通道技術之概論 15
2.2.1　資訊隱藏技術之簡介 15
2.2.2　潛隱通道技術之簡介 17
第三章　具潛隱通道之數位簽章系統之回顧 21
3.1　HARN - GONG系統架構之簡介 21
3.1.1　Harn - Gong的寬頻潛隱通道之數位簽章系統 21
3.1.2　Harn - Gong的窄頻潛隱通道之數位簽章系統 23
3.2　JAN - TSENG系統架構之簡介 24
3.2.1　Jan - Tseng的寬頻潛隱通道之數位簽章系統 24
3.2.2　Jan - Tseng的窄頻潛隱通道之數位簽章系統 26
3.3　LEE - LIN系統架構之簡介 27
3.3.1　Jan - Tseng的潛隱通道系統之弱點 27
3.3.2　Lee - Lin改良後的系統架構 28
3.4　ZHANG-LEE-KIM植基於BILINEAR PAIRING之系統架 　　構簡介 29
3.4.1　Zhang - Lee - Kim的寬頻潛隱通道系統 30
3.4.2　Zhang - Lee - Kim的窄頻潛隱通道系統 31
第四章　具潛隱通道之數位簽章系統 33
4.1　整合明文潛隱通道與階層架構之數位簽章系統 33
4.1.1　應用於樹狀架構之明文潛隱通道系統 33
4.1.2　應用於使用者階層之明文潛隱通道系統 36
4.1.3　系統架構之安全度分析 38
4.2　整合密文潛隱通道與階層架構之數位簽章系統 39
4.2.1　應用於樹狀架構之密文潛隱通道系統 39
4.2.2　應用於使用者階層之密文潛隱通道系統 41
4.2.3　系統架構之安全度分析 42
4.2.4　整合潛隱通道與階層架構之數位簽章系統之討論 43
4.3　植基於BILINEAR PAIRING之具潛隱通道之數位簽章系統 44
4.3.1　系統架構說明 45
4.3.2　系統架構之安全度分析 47
4.3.3　系統架構之討論 49
第五章　結論與未來研究方向 52
參考文獻 53

[1] “Advanced Encryption Standard (AES)”, FIPS 197, Nov. 2001.
[2] R. J Anderson and F. A.P. Petitcolas, “On The Limits of Steganography”, IEEE Journal of Selected Areas in Communication, 16(4), pp. 474-481, 1998.
[3] S.G. Akl and P.D. Taylor, “Cryptographic solution to a problem of access control in a hierarchy”, ACM Trans. On Computer System, Vol. 1, No. 3, pp. 239-247, 1983.
[4] D. Boneh and M. Franklin, “Identity-based encryption from the Weil pairing”, Advances in Cryptology-Crypto’2001, LNCS 2139, Springer-Verlag, pp. 213-229, 2001.
[5] D. Boneh, “The decision Diffie-Hellman”, In Proceedings of the Third Algorithmic Number Theory Symposium, LNCS, Springer-Verlag, Vol. 1423, pp. 48-63, 1998
[6] W. Beder, D. Gruhl and A. Lu, “Techniques for Data Hiding”, IBM Systems Journal, Vol. 35, (3 and 4), pp. 313-336, 1996.
[7] J. C. Cha and J. H. Cheon, “An identity-based signature from gap Diffie-Hellman groups”, Public Key Cryptography—PKC 2003, LNCS 2139, Springer-Verlag, pp. 18-30, 2003.
[8] “Digital Signature Standard”, Federal Information Processing Standard, Publication 186, NIST, 1994.
[9] W. Diffie and M.E. Hellman, “New Directions in Cryptography”, IEEE Transaction on Information Theory, Vol. IT-22, No. 6, pp. 644-654, Nov. 1976.
[10] T. ElGamal, “A Public-Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms”, IEEE Trans. on Information Theory, Vol. IT-31, No. 4, pp. 469-472, 1985.
[11] F. Hess, “Efficient identity based signature schemes based on pairings”, Proc. 9th Workshop in Selected Areas in Cryptography—SAC 2002, LNCS, Springer-Verlag, pp. 310-324, 2002.
[12] L. Harn and G. Gong, “Digital Signature with a Subliminal Channel”, IEE Proc. Comput. Digit. Tech., Vol. 144, No. 6, pp. 387-389, 1997.
[13] P. Horster, M. Michels and H. Petersen, “Meta-ElGamal Signature Schemes”, Proceedings of the 2nd Annual ACM Conference on Computer and Communications Security, ACM Press, pp. 96-107, 1994.
[14] J.K. Jan and Y.M. Tseng, “New Digital Signature with Subliminal Channel Based on the Discrete Logarithm Problem”, Proceedings of the 1999 International Workshops on Parallel Processing, pp. 198-203, 1999.
[15] H.J. Knobloch, “A remark on the size of ElGamal-type digital signatures”, E.I.S.S.-Report 94-1, University of Karlsruhe, Germany, 5 pages, 1994.
[16] N.Y. Lee and D.R. Lin, “Robust Digital Signature Scheme with Subliminal Channels”, IEICE Trans. Fundamentals, Vol. E86-A, No. 1, pp. 187-188, 2003.
[17] N.Y. Lee and T.L. Hwang, “Comments on ‘dynamic key management schemes for access control in a hierarchy’”, Computer Communications, Vol. 22, pp. 87-89, 1999.
[18] W.P. Lu and M.K. Sundarehan, “A model for multilevel security in computer networks”, Proceedings 1988 INFCOM, New Orleans, LA, pp. 1095-1104, March 1988.
[19] R.C. Merkle, “A Fast Software One-way Hash Function”, in Journal of Cryptology, Vol. 3, No. 1, pp. 43-58, 1990.
[20] National Institute of Standards and Technology, “Data Encryption Standard”, FIPS 46-2, 1993.
[21] NIST FIPS PUB 180, “Secure Hash Standard”, National Institute of Standards and Technology, U.S. Department of Commerce, DRAFT, 1993.
[22].T. Okamoto and D. Pointcheval, “The gap-problem: a new class of problems for the security of cryptographic schemes”, Proc. of PKC''01, LNCS, Spring-Verlag, Vol. 1992, pp. 104-118, 2001.
[23] F.A.P. Petitcolas, R.J. Anderson and M.G. Kuhn, “Information Hiding — A Survey”, Proceedings of the IEEE, Vol. 87, No. 7, pp. 1062-1078, July 1999.
[24] A Shamir, “Identity-based cryptosystems and signature schemes”, Proc. of Crypto''84, LNCS, Springer-Verlag, Vol. 196, pp. 47-53, 1985.
[25] C.P. Schnorr, “FFT-Hash II, Efficient Cryptographic Hash”, in Proceeding of Eurocrypt’92, Springer Verlag, Berlin, pp. 45-54, 1993.
[26] G..J. Simmons, “The Prisoner’s Channel and the Subliminal Channel”, Proc. CRYPTO’83, pp. 51-67, 1984.
[27] G..J. Simmons, “Subliminal Communication is Easy Using the DSA”, Eurocrypt’93, pp. 218-232, 1994.
[28] G..J. Simmons, “A secure subliminal channel”, in Advances in Cryptology, Crypto’85 LNCS 218, Springer-Verlag, pp. 33-41, 1985.
[29] G..J. Simmons,, “The history of subliminal channels”, IEEE Jour. on sel. Areas Comm., Vol. 16, No. 4, pp. 452-462, 1998.
[30] R. Sakai, K. Ohgishi, and M. Kasahara, “Cryptosystems based on pairing”, SCIS 2000-C20, Okinawa, Japan, pp. 26-28, Jan. 2000.
[31] R.S. Sandhu, “Cryptographic implementation of a tree hierarchy for access control”, Information Processing Letters, 27, pp. 95-98, 1988.
[32] William Stallings, “Cryptography and Network Security Principles and Practices”, Third Edition, Prentice Hall, 2003.
[33] H.M. Tasi and C.C. Chang, “A cryptographic implementation for dynamic access control in a user hierarchy”, Computer and Security, Vol. 14, pp. 159-166, 1995.
[34] F. Zhang and K. Kim, “ID-Based Blind Signature and Ring Signature from Pairings”, Advances in Cryptology-Asiacrypt’2002, pp. 354-368, 2002.
[35] F. Zhang, B. Lee and K. Kim, “Exploring Signature Schemes with Subliminal Channel”, SCIS 2003, Itaya, Japan, Vol. 1/2, pp. 245-250, Jan. 26-29, 2003.