一个安全的门限代理签名方案

针对现有的门限代理签名方案中所存在的合谋攻击,提出了一个安全的门限代理签名方案。合谋攻击是指在不知道任何有效的门限代理签名的情况下, 恶意代理成员人数大于或等于门限值时, 他们能合谋重新构造代理群的秘密多项式函数, 得到代理群的秘密参数, 从而可以伪造其他代理成员的代理签名。提出的新方案不仅能满足门限代理签名的性质,而且能抵抗合谋攻击。另外,该方案能根据原始签名人的需要,撤消代理签名人的代理签名权。     

LHL门限签名方案安全性分析

门限签名是群签名的推广,它在电子商务、身份认证以及信息安全领域有着广泛的应用。门限签名的重要安全要求是防伪造性。LHL门限签名方案是一个不需要可信中心的门限签名方案。根据一种针对它的合谋攻击方法,对LHL方案的安全性进行了分析、研究和探索,发现在LHL方案中通过伪造签名实施攻击无法通过部分签名的验证,同时对LHL签名方案的不足之处进行了一些改进,使其能够兼具匿名性与可追踪性。     

基于超椭圆曲线密码体制的门限签名方案

文中提出一种基于超椭圆曲线密码体制的门限签名方案,具有安全性高、通信量小、抗合谋攻击和身份可追查等优点,特别适用于解决电子商务和资源受限制网络的安全性问题.     

一种门限代理签名方案的分析与改进

C-Y Yang等人提出了一个安全性基于求解离散对数困难性的门限代理签名方案,该方案具有较少的通信量及较高的计算效率。基于数论知识分析该方案存在缺陷：不满足不可伪造性和不可否认性,提出了改进方案将代理密钥以门限的方式在成员间共享,使得每个成员的子代理密钥都包含个体随机数,其他成员无法获知某成员的子代理密钥。改进方案的安全性基于求解离散对数的困难性,能抵御密钥替换攻击,具备不可伪造性和不可否认性。     

一个新的具有指定接收者(t,n)门限签名加密方案

提出了一个具有指定接收考验证的签名加密方案。该方案是数字签名与公钥密码体制的有机集成。与普通数字签名方案相比，除了具有认证性、数据完整性外还具有保密性和接收方的隐私性。然后又利用门限方案首次构造了一个（t,n)门限签名加密方案。该(t,n)门限签名方案具有数据传输安全、顽健性、通信代价更小、执行效率更高等特点。     

基于RSA与离散对数的门限群签名方案

基于RSA的因式分解和离散对数问题,文中提出了一种安全性高,具有良好特性的(t,n)门限群签名方案。其安全性是基于求离散对数和RSA大整数因式分解的困难。方案不仅具有可追踪性和防止群内成员共谋获得系统秘密参数,而且还具有签名验证简单且计算量少,签名的匿名性和防冒充性等优点。     

一个安全有效的RSA门限签名体制

提出一种新的RSA门限签名体制,具有如下性质：（1）利用知识证明构造子签名方案,从而子签名是安全的;（2）组签名的安全性是基于RSA问题及离散对数问题;（3）可以对签名者的身份进行追踪。     

两种有效的多签名方案

本文提出两种有效的ＲＳＡ多签名方案，一种是Ｏｋａｍｏｔｏ方案「６」的改进型，一种是Ｋｉｅｓｌｅｒ－Ｈａｒｎ方案「３」的改进型。     

两种多重签名方案的密码分析

对两种多重签名方案进行了深入的研究,提出了一种伪造攻击方法。在第一种方案中,该攻击使得群体中任一成员都能在不经其他成员同意的条件下代表整个群体生成有效签名,这说明该方案是不安全的。在第二种方案中,这种攻击使得指定的合成者能获取任何签名者的秘密密钥,从而可以生成有效门限签名,因此这个方案也是不安全的。分析了攻击成功的原因,为同行设计安全的新方案提供了有效借鉴。     

一种新的基于身份的门限签名方案

 门限签名能够分散签名权力,比普通单人签名具有更高的安全性.目前大多数门限签名都是随机预言模型下可证明安全的.本文利用椭圆曲线上的双线性对,以Paterson签名方案为基础,提出了一种无随机预言的基于身份的门限签名方案.该方案需要一个可信任的私钥生成中心来生成和管理私钥.在标准模型下对该方案进行了安全性证明,表明该方案是健壮的,并且能够抵抗适应性选择消息攻击.     

对一种高效群签名方案的安全性分析

分析了张健红等人提出的高效群签名方案的安全性缺陷，撤销中心不能够打开一个有效的群签名，因此，群签名是不可跟踪的；其次，给出了对该群签名的一种联合攻击，群管理员和撤销中心合谋后可以任意产生有效的群签名并把它强加给任一群成员。分析结果表明，该群签名方案是不安全的。     

Security analysis and improvement of two attribute-based signature schemes

In order to overcome the drawbacks of current attribute-based signature (ABS) schemes in terms of security,efficiency and signing policy,Ma,et al.and Cao,et al.respectively proposed a threshold ABS with single attribute au-thority and a multi-authority ABS with signing policy supporting AND,OR,threshold gates,and presented the security proof of their schemes under computational Diffie-Hellman assumption.Both schemes were demonstrated have security pitfalls by presenting specified attacks against them.Specifically,their schemes are all vulnerable to forgery attack.Thus,they are not feasible for practical applications.In addition,the cause of the flaws in these ABS schemes are presented,as well as an improvement of Ma et al.'s scheme.     

Identity-based threshold signature and mediated proxy signature schemes

Proxy signature schemes allow an original signer to delegate his signing rights to a proxy signer. However, many proxy signature schemes have the defect which is the inability to solve the proxy revocation problem. In this article, we firstly propose an identity-based threshold signature scheme and show that it has the properties of unforgeability and robustness. In our threshold signature scheme, we adopt such a method that the private key associated with an identity rather than the master key is shared. Then, based on the threshold signature scheme, an identity-based mediated proxy signature scheme is proposed where a security mediator (SEM) is introduced to help a proxy signer to generate valid proxy signatures, examine whether a proxy signer signs according to the warrant, and check the revocation of a proxy signer. It is shown that the proposed scheme satisfies all the security requirements of a secure proxy signature. Moreover, a proxy signer must cooperate with the SEM to generate a valid proxy signature, which makes the new scheme have an effective and fast proxy revocation .     

Cryptanalysis of a certificateless signature scheme without pairings

Certificateless cryptography is an attractive paradigm for public key cryptography as it does not require certificates in traditional public key cryptography and, at the same time, solves the inherent key escrow problem in identity‐based cryptography. Recently, an efficient certificateless signature scheme without using pairings was proposed by He, Chen and Zhang. They claimed that it is provably secure under the discrete logarithm assumption in the random oracle model. However, in this paper, we show that their scheme is insecure against a type II adversary who can access to the master secret key of the system. Copyright © 2012 John Wiley & Sons, Ltd.     

改进的指定接收者签名方案

提出了两个新的指定接收者签名方案。内部攻击者要伪造签名，等价于伪造Schnorr签名，外部攻击者要验证签名，等价于解Diffie-Hellman问题。二者的计算复杂度均比Cao-Li-Li方案和Zhang-Cai-Xian方案更小，第一个方案保持了Cao-Li-Li方案中同时有保密性和认证性的优点，又克服了Cao-Li-Li方案中利用冗余信息来验证签名的不足。以他们为基础，还构造了两个高效的共享验证签名方案。     

两个基于身份的数字签名方案的安全性改进

分析了文献[1]提出的两个基于用户身份的数字签名方案，发现其一般签名方案存在安全性缺陷，在此基础上建立了多重签名方案，但此方案也是不安全的。本文给出了改进的签名和多重签名方案。     

Further improvement of a certificateless signature scheme without pairing

Recently, He et al. proposed an efficient certificateless signature (CLS) scheme without pairings and demonstrated their scheme to be provably secure in the random oracle model. Unfortunately, Tian and Huang and Tsai et al. pointed out that the scheme cannot withstand a Type II adversary's attack. Tsai et al. also proposed an improved scheme to enhance security. However, the schemes of He et al. and Tsai et al. are not real CLS schemes because the user's public key is used to generate its partial private key. Besides, He et al. and Tsai et al. just demonstrated that their schemes are secure against the normal adversary in the random oracle model. In this paper, we propose a real CLS scheme and demonstrate that our scheme is secure against the super adversary. Security analysis and performance analysis show that our scheme could enhance security and increase computational cost slightly. Copyright © 2012 John Wiley & Sons, Ltd.