Certificateless signature and proxy signature schemes from bilinear pairings

Due to avoiding the inherent escrow of identity-based cryptography and yet not requiring certificates to guarantee the authenticity of public keys, certificateless public key cryptography has received a significant attention. Due to various applications of bilinear pairings in cryptography, numerous pairing-based encryption schemes, signature schemes, and other cryptographic primitives have been proposed. In this paper, a new certificateless signature scheme based on bilinear pairings is presented. The signing algorithm of the proposed scheme is very simple and does not require any pairing computation. Combining our signature scheme with certificateless public key cryptography yields a complete solution of certificateless public key system. As an application of the proposed signature scheme, a certificateless proxy signature scheme is also presented. We analyze both schemes from security point of view.__________Published in Lietuvos Matematikos Rinkinys, Vol. 45, No. 1, pp. 95–103, January–March, 2005.     

一种无证书的环签名方案和一个基于身份的多重签名方案

在这篇文章里,我们用双线性对构造了一种无证书的环签名方案,并证明它是无条件匿名的,且在随机预言模型中,计算性Diffie-Hellman问题是难解的,我们方案在适应性选择消息攻击下是存在性不可伪造的,它的安全性比在基于身份的公钥密码体制下高.本文首次用多线性形式构造了一个基于身份的广播多重签名方案,它的安全性是基于计算性Diffie-Hellman困难问题.     

对一个无证书盲签名方案的攻击与改进

对黄茹芬等提出的一个高效的无证书盲签名方案进行了安全性分析,指出方案不能抵抗公钥替换攻击.为此,提出了一个改进方案.改进方案在随机预言模型和计算Diffie-Hellman(CDH)问题、q-强Diffie-Hellman(q-SDH)问题及逆计算Diffie-Hellman(inv-CDH)问题困难的假设下对适应性选择消息和身份攻击是存在不可伪造的.     

两个无证书签名方案的分析与改进

无证书密码体制结合了基于身份密码体制和传统公钥密码体制的优点,受到了密码和信息安全研究者的极大关注.对梁景玲等提出的消息可恢复的无证书签名方案和侯红霞等提出的无证书短签名方案进行安全性分析,发现两个方案都不能抵抗公钥替换攻击.通过修改签名者密钥生成算法,增加对用户公钥的有效性验证,提高了梁等方案的安全性.通过在签名阶段将用户公钥绑定进HaSh函数,弥补了侯等方案的安全缺陷.     

Attack on Han et al.’s ID-based confirmer (undeniable) signature at ACM-EC’03

In ACM conference on electronic commerce (EC’03), Han et al. [Identity-based confirmer signatures from pairings over elliptic curves, in: Proceedings of ACM Conference on Electronic Commerce Citation 2003, San Diego, CA, USA, June 09–12, 2003, pp. 262–263] proposed an ID-based confirmer signature scheme using pairings (the scheme is in fact an ID-based undeniable signature scheme). In this paper, we show that this signature scheme is not secure and the signer can deny any signature, even if it is a valid signature, and any one can forge a valid confirmer signature of a signer with identity ID on an arbitrary message and confirm this signature to the verifier.     

An improved signature scheme without using one-way Hash functions

Recently, Chang et al. give a digital signature scheme, where neither one-way hash function nor message redundancy schemes are used, but Zhang et al. has shown that the scheme was forgeable, namely, any one can forge a new signature by the signer’s signature, and give two forgery attacks. To the above attacks, we give an improved signature scheme based on Chang signature scheme and analyze the security of the improved scheme.     

对一个基于身份的代理签名方案的密码学分析和改进

分析了一个在格理论框架下构建的基于身份的代理签名方案,指出方案的安全性证明存在缺陷,并没有实现其所声称的签名不可伪造性的证明,针对方案证明中存在的问题,引入新的参量,重新设定系统参数,改变相应的查询应答方式,弥补了证明缺陷,完成了签名不可伪造性的证明。     

Improvement on Hwang et al.’s generalization of proxy signature schemes based on elliptic curves

Hwang et al. proposed their generalization of proxy signature schemes based on elliptic curves. However, two attacks are proposed to show that their schemes have serious security flaws. By the first attack, an adversary can forge an illegal proxy signature that verifiers cannot actually find out the original signers of proxy signatures. The second attack is used to change proxy signatures into multi-signatures belonging to the group that actually generates the proxy signatures. To overcome these flaws, our improvement on Hwang et al.’s scheme is also proposed.     

Comment: A new blind signature based on the discrete logarithm problem for untraceability

In 2004, Lee et al. [C.C. Lee, M.S. Hwang, W.P. Yang, A new blind signature based on the discrete logarithm problem for untraceability, Appl. Math. Comput., in press] proposed a new untraceable blind signature based on DLP in order to overcome the “security limits” of Carmenisch et al.’s scheme. However, we show there are two mistakes in [C.C. Lee, M.S. Hwang, W.P. Yang, A new blind signature based on the discrete logarithm problem for untraceability, Appl. Math. Comput., in press]: 1. The Carmenisch et al.’s scheme does meet the requirement of untraceability and the cryptanalysis proposed by Lee et al. is not correct; 2. Though Lee et al.’s scheme is untraceable, the proof of its untraceability in [C.C. Lee, M.S. Hwang, W.P. Yang, A new blind signature based on the discrete logarithm problem for untraceability, Appl. Math. Comput., in press] is wrong (in this paper we also give the correct proof of its untraceability). So Lee et al.’s scheme does not have any advantage and it is unpractical since the cost of the scheme is higher compared with Carmenisch et al.’s scheme.     

Trees and languages with periodic signature

The signature of a labelled tree (and hence of its prefix-closed branch language) is the sequence of the degrees of the nodes of the tree in the breadth-first traversal. In a previous work, we have characterised the signatures of the regular languages. Here, the trees and languages that have the simplest possible signatures, namely the periodic ones, are characterised as the sets of representations of the integers in rational base numeration systems.For any pair of co-prime integers $p$ and $q$, $p>q>1$, the language  $L_{\frac{p}{q}}$ of representations of the integers in base  $\frac{p}{q}$ looks chaotic and does not fit in the classical Chomsky hierarchy of formal languages. On the other hand, the most basic example given by  $L_{\frac{3}{2}}$, the set of representations in base  $\frac{3}{2}$, exhibits a remarkable regularity: its signature is the infinite periodic sequence: $2,1,2,1,2,1,\dots$We first show that  $L_{\frac{p}{q}}$ has a periodic signature and the period (a sequence of $q$ integers whose sum is $p$) is directly derived from the Christoffel word of slope  $\frac{p}{q}$. Conversely, we give a canonical way to label a tree generated by any periodic signature; its branch language then proves to be the set of representations of the integers in a rational base (determined by the period) and written with a non-canonical alphabet of digits. This language is very much of the same kind as a  $L_{\frac{p}{q}}$ since rational base numeration systems have the key property that, even though  $L_{\frac{p}{q}}$ is not regular, normalisation is realised by a finite letter-to-letter transducer.     

改进的基于ECDLP的无证书部分盲签名机制

对邵国金等人(四川大学学报(工程科学版),2012年第1期)提出的基于椭圆曲线离散对数难题(ECDLP)的无双线性对运算的部分盲签名方案进行安全性分析,发现方案不能抵抗公钥替换攻击.为此,提出了一个改进方案.在随机谕言模型下证明了改进方案对自适应选择消息和身份攻击是存在性不可伪造性的.将所提方案与部分现有的无证书部分盲签名方案的计算性能进行了比较,结果显示改进方案具有较高的运算效率.     

Construction of many- particle spin entangled states and signature

Using the collective rotational transformation,R _x(π we construct two types of many-particle spin entangled states in terms of the bases of angular momentum uncoupling and coupling representations. The concept of signature is introduced. The entanglement properties of a four-particle system is investigated by analyzing various subsystem reduced density matrices.     

Bifurcations and chaos in a generic management model

This paper illustrates how period-doubling bifurcations and chaotic behaviour can be internally generated in a typical management system.A company is assumed to allocate resources to its production and marketing departments in accordance with shifts in inventory and/or backlog. When order backlogs are small, additional resources are provided to the marketing department in order to recruit new customers. At the same time, resoures are removed from the production line to prevent a build-up of excessive inventories. In the face of large order backlogs, on the other hand, the company redirects resources from sales to production. Delays in adjusting production and sales create the potential for oscillatory behaviour. If reallocation of resources is strong enough, this behaviour is destabilized, and the system starts to perform self-sustained oscillations.To complete the model, we have included a feedback which represents customer's reaction to varying delivery delays. As the loss of customers in response to high delivery delays is increased, the simple limit cycle oscillation becomes unstable, and through a cascade of period-doubling bifurcations the systems develops into a chaotic state. A relatively detailed analysis of this bifurcation sequence is presented. A Poincaré section and return map are constructed for the chaotic case, and the largest Lyapunov exponent is evaluated. Finally, a parameter plane analysis of the transition to chaos is presented.     

The DH Accident and Emergency Department model: a national generic model used locally

The Department of Health (DH) Accident and Emergency (A&E) simulation model was developed by Operational Research analysts within DH to inform the national policy team of significant barriers to the national target, for England, that 98% of all A&E attendances are to be completed (discharged, transferred or admitted) within 4?hours of arrival by December 2004. This paper discusses why the model was developed, the structure of the model, and the impact when used to inform national policy development. The model was then used as a consultancy tool to aid struggling hospital trusts to improve their A&E departments. The paper discusses these experiences with particular reference to the challenges of using a ‘generic’ national model for ‘specific’ local use.     

Security of meta-He digital signature scheme based on factoring and discrete logarithms

To enhance the security of signature schemes, Pon et al., recently, investigated all eight variants of the He’s digital signature scheme. The security of the proposed schemes is based on the difficulties of simultaneously solving the factoring and discrete logarithm problems with almost the same sizes of arithmetic modulus. This paper shows that the all eight variants of the He’s digital signature scheme, as well as two more variants, are not secure if attackers can solve discrete logarithm problems. Moreover, the attackers can easily forge signatures of the most optimal signature schemes of the generalized He’ signature schemes even though they can solve neither discrete logarithm problems nor factoring.     

Reliability,signature, and relative quality functions of systems under time‐homogeneous load‐sharing models

For a coherent binary system made of binary components, we consider the assumption that the components' lifetimes are distributed according to a time‐homogeneous, load‐sharing model. Such models are characterized in terms of the so‐called multivariate conditional hazard rate functions. We aim to point out some related properties of the notions of signature, relative quality functions, and reliability functions. On this purpose, we preliminarily collect all the necessary background and review some related literature. This paper concludes with a discussion, also containing some hints for future work.     

Match twice and stitch: a new TSP tour construction heuristic

We present a new symmetric traveling salesman problem tour construction heuristic. Two sequential matchings yield a set of cycles over the given point set; these are then stitched to form a tour. Our method outperforms all previous tour construction methods, but is dominated by several tour improvement heuristics.