(54.236.58.220) 您好!臺灣時間:2021/03/09 16:53
字體大小: 字級放大   字級縮小   預設字形  
回查詢結果

詳目顯示:::

我願授權國圖
: 
twitterline
研究生:陳彥成
研究生(外文):Yen-Cheng Chen
論文名稱:不可否認簽章及其應用之研究
論文名稱(外文):The Study of Undeniable Signatures and Their Applications
指導教授:王智弘王智弘引用關係陳建源陳建源引用關係
指導教授(外文):Chih-Hung WangChien-Yuan Chen
學位類別:碩士
校院名稱:義守大學
系所名稱:資訊工程學系
學門:工程學門
學類:電資工程學類
論文種類:學術論文
論文出版年:2002
畢業學年度:90
語文別:英文
論文頁數:76
中文關鍵詞:不可否認簽章指定證實者簽章限制驗證者非線上公平付款系統電子會議系統代理驗證簽章
外文關鍵詞:Undeniable SignatureDesignated Confirmer SignatureLimited VerifiersOff-line Fair PaymentElectronic Conference SystemProxy Confirmation Signature
相關次數:
  • 被引用被引用:1
  • 點閱點閱:916
  • 評分評分:系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔系統版面圖檔
  • 下載下載:28
  • 收藏至我的研究室書目清單書目收藏:2
1989年Chaum 等人提出了不可否認簽章的概念,不可否認簽章不同於一般傳統數位簽章的地方在於,不可否認簽章的驗證者必須直接透過與原簽章者合作才能確認簽章的正確性;也就是說任何簽章的接受者無法說服其他人相信簽章的正確性。之後出現了兩種不可否認簽章的替代架構:可轉換不可否認簽章[BCDP91]與指定證實者不可否認簽章[Cha94],克服了原始不可否認簽章中,如果原簽章者臨時不在或者拒絕合作來協助驗證簽章的缺點。但是這兩種新的架構卻無法達到限制驗證者的目的,因為一旦這個簽章轉變成可自我驗證的簽章 (由簽章者或者證實者來轉換)之後 , 任何人都能夠確信簽章的正確。
本論文首先提出一個具有限制驗證者之指定證實者簽章(designated confirmer signature with limited verifiers (LVDCS)),其特色是不允許證實者任意選擇簽章的驗證者,也就是簽章者在簽章的的同時,可以預先指定哪些驗證者可以與證實者合作來驗證簽章的正確性。另外我們亦利用LVDCS的一個特性開發了兩套系統:一、具有限制追蹤之公平付款系統,除了購物者指定的對象外,任何人都無法追蹤到他的購物資訊。二、具有強固性保護參與人員機制之電子會議系統,藉由保護參與人員名單與發言內容來強化網路會議的安全性。
最後我們提出了一個新的簽章型態─代理驗證簽章機制(Proxy confirmation signature (PCS)),簽章者可以預先指定一證實者(Confirmer) ,經由簽章者授權後證實者即可擁有簽章的驗證能力;另一方面簽章者亦可以隨時取消證實者驗證簽章的能力。因此我們的代理驗證簽章機制(PCS),賦予簽章者擁有授權與取消證實者驗證簽章的能力。
The concept of undeniable signature was introduced by Chaum et al. in 1989 [CA89]. The undeniable signature is different from the ordinary digital signature that no one can directly verify the validity of the undeniable signature without the signer’s cooperation. That means, without signer’s consent, anyone cannot show the validity of the undeniable signature to others. Two alternative schemes, the convertible undeniable signature [BCDP91] and the designated confirmer signature [Cha94], can overcome the shortcomings of the original undeniable signature that a signer should become unavailable or refuse to cooperate. However, a critical problem of these two schemes is no limitation to the verifiers. Once the signature is converted to a self-authentication signature (by the signer or confirmer), anyone can be convinced that the signature is correct.
This thesis first presents a new signature scheme, called designated confirmer signature with limited verifiers (LVDCS), which disallows the confirmer arbitrarily choosing the verifiers. The signer can pre-determine some verifiers whom the confirmer can convince later. In addition we use the LVDCS to construct two applications. (1) A fair payment system with limited traceability: In this scheme, no one except some designated parties can trace the buyer’s payment behavior. (2) An electronic conference system with robust attendants protection: This scheme has two properties of concealing the attendants’ list and verifying the origination of talking.
Finally, we will propose a new type of signature, called proxy confirmation signature (PCS), that allows an additional party, called confirmer, obtaining the confirmation ability on a certain signature after signer’s delegation. In addition, signer also can revoke the confirmer’s confirmation ability at any time. That means the signer has an additional control on determining when to delegate the confirmation ability on a certain signature to the confirmer or revoke this ability.
CONTENTS
摘要 I
ABSTRACT III
ACKNOWLEDGEMENT V
CONTENTS VI
LIST OF FIGURES AND TABLES VIII
CHAPTER 1 INTRODUCTION 1
1.1 RESEARCH BACKGROUND AND MOTIVATION 3
1.2 RESEARCH METHODS AND PROCEDURE 4
1.3 THESIS ORGANIZATION 8
CHAPTER 2 LITERATURE REVIEW 9
2.1 UNDENIABLE SIGNATURES 9
2.1.1 COMPARISON UNDENIABLE SIGNATURES AND DIGITAL SIGNATURES 9
2.1.2 HISTORY 10
2.1.3 CHAUM’S UNDENIABLE SIGNATURE 11
2.2 CONVERTIBLE UNDENIABLE SIGNATURES 14
2.3 DESIGNATED CONFIRMER SIGNATURES 16
2.3.1 CHAUM’S DESIGNATED CONFIRMER SIGNATURES 16
2.3.2 UNDENIABLE CONFIRMER SIGNATURE SCHEME [NMV99] 18
CHAPTER 3 DESIGNATED CONFIRMER SIGNATURES WITH LIMITED VERIFIERS 21
3.1 PRELIMINARIES 21
3.1.1 TRAP-DOOR COMMITMENT SCHEME 22
3.1.2 MESSAGE-DEPENDENT PROOF OF EQUALITY OF THE DISCRETE LOGARITHM 23
3.1.3 INTERACTIVE BI-PROOF OF EQUALITY 24
3.2 DESIGNATED CONFIRMER SIGNATURES WITH LIMITED VERIFIERS (LVDCS) 26
3.2.1 DESCRIPTION OF LVDCS 26
3.2.2 CONSTRUCTION OF LVDCS 27
3.3 SECURITY ANALYSIS 29
CHAPTER 4 APPLICATION I - FAIR PAYMENT SYSTEM 31
4.1 REVIEW OF THE FAIR EXCHANGE 31
4.2 PRELIMINARIES AND BASIC MODEL 32
4.3 CONSTRUCTION OF OUR PROTOCOL 37
4.5 SECURITY ANALYSIS 40
CHAPTER 5 APPLICATION II — CONFERENCE SYSTEM 42
5.1 REVIEW OF THE ELECTRONIC CONFERENCE SYSTEM 42
5.2 OUR CONTRIBUTIONS 44
5.3 PRELIMINARIES AND BASIC MODEL 45
5.4 CONSTRUCTION OF OUR CONFERENCE SYSTEM 48
5.5 SECURITY ANALYSIS 50
CHAPTER 6 A PROXY CONFIRMATION SIGNATURE 52
6.2 BASIC MODEL 53
6.3 CONSTRUCTION OF OUR SCHEME 55
6.4 SECURITY ANALYSIS AND DISCUSSION 58
CHAPTER 7 CONCLUSIONS 60
REFERENCES 63
LIST OF FIGURES AND TABLES
Figure 1: A concept of the designated confirmer signature with limited verifiers 5
Figure 2: A concept of proxy confirmation signature 5
Figure 3: A conference system with robust attendants protection 7
Figure 4: Thesis procedure 7
Figure 5: Comparing undeniable signatures with digital signatures 9
Figure 7: Fair payment system with limited traceability 36
Figure 8: Our new electronic conference system 47
Figure 9: Signature generating phase 53
Figure 10: Confirmation delegating phase 54
Figure 11: Revocation phase 54
Table 1. Comparisons of several undeniable signature schemes 60
[ASW96] N. Asokan, M. Schunter, and M. Waidner, "Optimistic Protocols for Multi-Party Fair Exchanges". IBM Research Report RZ 2892, IBM Zurich Research Laboratory, Zürich,1996.
[ASW97] N. Asokan, M. Schunter, and M. Waidner, "Optimistic Protocols for Fair Exchanges". Proceedings of 4th ACM Conference on Computer and Communications Security, pages 6-7, April 1-4, Zurich, Switzerland, 1997.
[ASW98] N. Asokan, V. Shoup, and M. Waidner. "Asynchronous protocols for optimistic fair exchange". In Proceedings of the IEEE Symposium on Research in Security and Privacy, pages 86--99. IEEE Computer Society Press, May 1998.
[BDM98] F. Bao, R. Deng and W. Mao, "Efficient and practical fair exchange protocols with off-line TTP". 1998 IEEE Symposium on Security and Privacy. Oakland, May 1998. pages 77--85. IEEE Compute Society.
[Blu83] M. Blum, "How to Exchange Secret Key". ACM Transactions on Computer Systems, 1983.
[BCDP91] J. Boyar, D. Chaum, I. Damgard and T. Pedersen. "Convertible Undeniable Signatures". In Advances in Cryptology - proceedings of Crypto’90, Lecture Notes in Computer Science (LNCS) 537, pages 189-205, Springer-Verlag, 1991.
[BF98] C. Boyd and E. Foo, "Off-Line Fair Payment Protocols Using Convertible Signatures". In Advances in Cryptology - proceedings of Asiacrypt’98, pages 271-285, Springer-Verlag, 1998.
[BCC88] G. Brassard, D. Chaum, C. Crepeau, "Minimum Disclosure Proofs of Knowledge". Journal of Computer and System Sciences, Vol. 37, No. 2, pages 156-189, 1988.
[BP90] H. Brk and A. Pfitzmann., "Value Exchange Systems Enabling Security and Unobservability". Computers & Security, 9(8):715 721, 1990.
[BCDG87] E. F. Brickell, D. Chaum, I. B. Damgård, and van de J. Graaf, " Gradual and verifiable release of a secret". Advances in Cryptology Proceedings of Crypto ''87.
[CA89] D. Chaum and H. V. Antwerpen, "Undeniable Signature". In Advances in Cryptology - proceedings of Crypto''89, Lecture Notes in Computer Science (LNCS) 435, pages 212-217, Springer-Verlag, 1989.
[Cha90] D. Chaum, "Zero-knowledge Undeniable Signature". In Advances in Cryptology - proceedings of Eurcorypt''90, Lecture Notes in Computer Science (LNCS) 473, pages 458-464, Springer-Verlag, 1990.
[Cha94] D. Chaum, "Designated Confirmer Signatures". In Eurocrypt''94, pages 86-91, 1994.[Jak94] M. Jakobsson. Blackmailing Using Undeniable Signature. In Eurocrypt''94, pages 425-427, 1994.
[CH94] J. L. Chen and T. Hwang, "Identity-based conference key broadcast schemes with authentication". Computers and Security, (13), pp.99-105(1994).
[Che98] L. Chen, "Efficient Fair Exchange with Verifiable Confirmation of Signatures". In Advances in Cryptology - proceedings of Asiacrypt’98, pages 286-299, Springer-Verlag, 1998.
[Cle89] R. Cleve, "Controlled gradual disclosure schemes for random bits and their applications". Advances in Cryptology Proceedings of Crypto ''89.
[CM00] J. Camenisch, "Markus Michels --Confirmer Signature Schemes Secure against Adaptive Adversaries". Eurocrypt ‘2000
[Dam94] I. B. Damgard, "Practical and provably secure release of a secret and exchange of signatures". Practical and provably secure release of a secret and exchange of signatures, Advances in Cryptology: Proceedings of EUROCRYPT 93 (T. Helleseth, ed.), Lecture Notes in Computer Science, Springer-Verlag, 765 (1994), pp. 201--217.
[FR97] M. K. Franklin and M. K. Reiter, "Fair exchange with a semi-trusted third party". Proceedings of the 4th ACM Conference on Computer and Communications Security, pages 1-5, April 1-4, Zurich, Switzerland, 1997.
[FOO92] A. Fujioka, T. Okamoto, K. Ohta, "Interactive Bi-Proof Systems and Undeniable Signature Schemes". In Advances in Cryptology - proceedings of Eurocrypt''91, Lecture Notes in Computer Science, pages 243-256, Springer-Verlag, 1992.
[GKR97] R. Gennaro, H. Krawczyk, and T. Rabin. "RSA-Based Undeniable Signatures". In Advances in Cryptology - proceedings of Crypto''97, Lecture Notes in Computer Science (LNCS) 1294, pages 132-149, Springer-Verlag, 1997.
[GKR99] R. Gennaro, H. Krawczyk and T. Rabin. "Undeniable Certificates". Electronic Letters, vol. 35, no. 20, pages 1723-1724, Sep. 1999.
[HC94] T. Hwang and J. L. Chen,"Identity based conference key broadcast systems". IEE Proceedings Computers and Digital Techniques, Vol.141, No.1, 1994, pp.57-60.
[HLWK95]T. Hwang, N. Y. Lee, C. H. Wang, and M. Y. Ko "On the Security of Wu and Yeh''s Conference Key Distribution System". Computer Communications, Vol. 18, No.12, pp.978-981, Dec,1995.
[ITW82] I. Ingemarsson, D. T. Tang, and C. K. Wong, "A Conference key distribution system". IEEE Transaction on Information theory , Vol. IT-28 , No.5 ,1982 , pp.714-720 .
[Jak94] M. Jakobsson, "Blackmailing Using Undeniable Signature". In Eurocrypt’94, pages 425-427, 1994.
[JSI96] M. Jakobsson, K. Sako and R. Impagliazzo, "Designated Verifier Proofs and Their Application". In Advances in Cryptology - proceedings of EuroCrypt''96, Lecture Notes in Computer Science (LNCS) 1070, pages 143-154, Springer-Verlag, 1996.
[KO88] K. Koyama, and K. Ohta, "Identity-based Conference Key Distribution Systems". Advances in Cryptology - Crypto''87,Springs-Verlag, pp.175 - 184, 1988.
[KO89] K. Koyama, and K. Ohta, "Security of Improved Identity-based Conference Key Distribution Systems". Advances in Cryptology - Eurocrypt''88, Springs-Verlag, pp.11 - 19, 1989.
[LHL89] C. S. Laih, S. M. Yan, and J.Y. Lee ,"A New Threshold Schemes and Its Application in Designing the Conference Key Distribution Cryposystem". Information Processing Letters,Vol.32,pp.95-99,1989.
[MY92] U. M. Maurer, and Y. Yacobi, "Non-interactive Public Key Cryptography". Advances in Cryptology - Eurocrypt''91, pp. 498-507, 1992.
[MS98] M. Michels and M. Stadler. "Generic Constructions for Secure and Efficient Confirmer Signature Schemes". In Advances in Cryptology - Eurocrypt''98, Lecture Notes in Computer Science, pages 406-421, Springer-Verlag, 1998.
[NMV99] K. Nguyen, Y. Mu, and V. Varadharajan. "Undeniable Confirmer Signature". Information Security - Proceedings of Second International Workshop, ISW''99, Lecture Notes in Computer Science (LNCS) 1729, pages 235-246, Springer-Verlag, 1999.
[Oka94] T. Okamoto, "Designated Confirmer Signatures and Public-key Encryption Are Equivalent". In Advances in Cryptology - Crypto''94, Lecture Notes in Computer Science (LNCS) 839, pages 61-74, Springer-Verlag, 1994.
[Ped91] T. Pedersen, "Distributed Provers with Applications to Undeniable Signatures". In Advances in Cryptology - proceedings of Eurocrypt''91, pages 221-242, Springer-Verlag, 1991.
[Pet97] H. Petersen, "How to Convert any Digital Signature Scheme into a Group Signature Scheme". Proc. of Security Protocols Workshop''97, LNCS 1361, pages 67-78, Spring Verlag, 1997.
[PH78] S. Pohlig and M.E. Hellman, "An improved algorithm for computing logarithms over GF(p) and its cryptographic significance". IEEE Transactions on Information Theory, vol. IT-24, 1978, pp. 106-110.
[RR01] I. Ray and I. Ray, "An Anonymous Fair-Exchange E-Commerce Protocol". Proceedings of the First International Workshop on Internet Computing and E-Commerce, San Francisco, CA, April 2001.
[Sch94] B. Schneier, "A primer on authentication and digital signature". Computer Security Journal, v,10, n.2, 1994, pp. 38-40
[SS98] S. Saeednia and R. Safavi-Naini, "Efficient Identity-Based Conference Key Distribution Protocols". ACISP’98,1998.
[SK92] A. Simbo and S. Kawamura, "Cryptanalysis of Several Conference Key Distribution Schemes". Asiacrypt’91,pp.155-160.
[Ted84] T. Tedrick, "Fair Exchange of Secrets". Advances in Cryptology Proceedings of Crypto ''84
[WC01] C. H. Wang and Y. C. Chen, "Limiting Verifiers in Designated Confirmer Signatures". Proceedings of the Eleventh Information Security Conference, Tainan, R.O.C., pp. 67-73, May 3-4, 2001.
[WH97] C. H. Wang and T. Hwang, "Modified Chen-Hwang Identity-based Conference Key Broadcast Schemes with User Authentication". Computers & Security, Vol. 16, No.4, pp.339-344, 1997.
[ZG96] J. Zhou and D. Gollmann, "A fair non-repudiation protocol ". In Proceedings of IEEE Symposium on Research in Security and Privacy, pages 55-61, Oakland, CA, May 1996.
[ZG97] J. Zhou and D. Gollmann, "An Efficient Non-repudiation Protocol". Proceedings of the 1997 IEEE Computer Security Foundations Workshop (CSFW 10), (IEEE CS Press), pp. 126--132, 1997.
QRCODE
 
 
 
 
 
                                                                                                                                                                                                                                                                                                                                                                                                               
第一頁 上一頁 下一頁 最後一頁 top
系統版面圖檔 系統版面圖檔