Efficient discrete logarithm based multi-signature scheme in the plain public key model

In this paper, we provide a new multi-signature scheme that is proven secure in the plain public key model. Our scheme is practical and efficient according to computational costs, signature size and security assumptions. At first, our scheme matches the single ordinary discrete logarithm based signature scheme in terms of signing time, verification time and signature size. Secondly, our scheme requires only two rounds of interactions and each signer needs nothing more than a certified public key to produce the signature, meaning that our scheme is compatible with existing PKIs. Thirdly, our scheme has been proven secure in the random oracle model under standard discrete logarithm (DL) assumption. It outperforms a newly proposed multi-signature scheme by Bagherzandi, Cheon and Jarecki (BCJ scheme) in terms of both computational costs and signature size.     

前向安全的指定验证人代理多重签名方案

基于有限域上离散对数难解问题和强RSA假设,提出了一个前向安全的指定验证人代理多重签名方案.在方案中,代理签名人不仅可以代表多个原始签名人生成指定验证人的代理多重签名,确保只有原始签名人指定的验证人可以验证代理多重签名的有效性;而且在该方案中,代理多重签名是前向安全的,即使代理签名人当前时段的代理多重签名密钥被泄漏,敌手也不能伪造此时段之前的代理多重签名,以前所产生的代理多重签名依然有效.     

一种改进的代理多重签名方案

周等人提出的一种代理多重签名方案由于执行效率高、实现相对简单,因而有着广泛的应用.通过对该方案进行安全性分析,指出该方案容易受到内外两种伪造攻击,因此在安全性上有所欠缺,同时文中给出了相应的攻击方法.最后提出一种新的改进方案,通过加入公钥验证和签名参数处理机制,从而能够有效抵抗内外两种伪造攻击.     

Group signature schemes with forward secure properties

A group signature scheme allows a group member to sign messages anonymously on behalf of the group. However, in the case of a dispute, the identity of a signature can be revealed by a designated entity. We introduce a forward secure schemes into group signature schemes. When the group public key remains fixed, a group signing key evolves over time. Because the signing key of a group member is evolving at time, the possibility of the signing key being exposed is decreased. We propose a forward secure group signature scheme based on Ateniese and Camenisch et al.’s group signature scheme. The security is analyzed and the comparisons between our scheme with other group signature schemes are made.     

ID-based cryptography using symmetric primitives

A general method for deriving an identity-based public key cryptosystem from a one-way function is described. We construct both ID-based signature schemes and ID-based encryption schemes. We use a general technique which is applied to multi-signature versions of the one-time signature scheme of Lamport and to a public key encryption scheme based on a symmetric block cipher which we present. We make use of one-way functions and block designs with properties related to cover-free families to optimise the efficiency of our schemes.      

Distributed Ring Signatures from General Dual Access Structures

In a distributed ring signature scheme, a subset of users cooperate to compute a distributed anonymous signature on a message, on behalf of a family of possible signing subsets. The receiver can verify that the signature comes from a subset of the ring, but he cannot know which subset has actually signed. In this work we use the concept of dual access structures to construct a distributed ring signature scheme which works with vector space families of possible signing subsets. The length of each signature is linear on the number of involved users, which is desirable for some families with many possible signing subsets. The scheme achieves the desired properties of correctness, anonymity and unforgeability. We analyze in detail the case in which our scheme runs in an identity-based scenario, where public keys of the users can be derived from their identities. This fact avoids the necessity of digital certificates, and therefore allows more efficient implementations of such systems. But our scheme can be extended to work in more general scenarios, where users can have different types of keys. Javier Herranz: The work of this author was carried out during the tenure of an ERCIM fellowship. Germán Sáez: The work of this author is partially supported by Spanish Ministerio de Educacíon y Ciencia under project TIC 2003-00866     

Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'98

In 1 Matsumoto and Imai developed a new public key scheme, called C*, for enciphering or signing. (This scheme is completely different from and should not be mistaken with another scheme of Matsumoto and Imai developed in 1983 in 7 and broken in 1984 in 8). No attacks have been published as yet for this scheme. However, in this paper, we will see that—for almost all keys—almost every cleartext can be found from its ciphertext after only approximately m ² n ⁴ log n computations, where m is the degree of the chosen field K and mn is the number of bits of text. Moreover, for absolutely all keys that give a practical size for the messages, it will be possible to find almost all cleartexts from the corresponding ciphertexts after a feasible computation. Thus the algorithm of 1 is insecure.     

Cryptanalysis of RGB,a mixed multivariate signature scheme

Public-Key Cryptography (PKC) based on multivariate quadratic equations is one of the most promising alternatives for classical PKC after the eventual coming of quantum computers. Recently, Shen and Tang proposed a new MQ-signature scheme, RGB, based on three types of variables, Red(r), Green(g) and Blue(b). They claimed that signing for RGB is faster than that of UOV and Rainbow. At ACISP 2016, Tang et al. implemented RGB on S5PV210 and MT6582 microprocessors at 64, 80, 96, 118 and 128-bit security levels for practical use. Their results are much more efficient than other MQ-signature schemes, so RGB is very appealing for resource-limited devices. We show that RGB with their suggested parameters at 64, 80, 96, 118 and 128 security levels are entirely broken by key recovery attacks using good keys. From a practical point of view, we are able to break their parameters at 64, 80, 96, 118 and 128 security levels in less than 0.48 seconds, 1.7 seconds, 90.68 seconds, 11 minutes and 6.82 hours, respectively. Consequently, we show that signing and the key sizes for RGB with secure parameter sets are much slower and larger than those of UOV and Rainbow.     

Calculations of Riemann Problems for 2-D Scalar Conservation Laws by Second Order Accurate MmB Scheme

1.IntroductionTheinitialVaueproblemfor2-DscalarconservationlawisDefinetheregionny=Io,T)xH',thentheweakformandentroPyconditionofproblem(1)(2)areWeallknowthatin[1],existenceanduinquenessofsoluti0ntoproblem(1)(2)havebeenobtainedbyusing'(3)and(4),andinI2],thetwodimensionalmemannproblemf0r(1)(2)hasbeensolvedanalyticallyundertheassumptionf,,g,(f"/g"),/0.TherearemmpnumericaJmeth0dsforsolvinginitialvalueproblemsofonedimensionalconserVaionlawsandpracticalproblems-Foralllineardmerencescheme8,thereex…     

Improved T − ψ nodal finite element schemes for eddy current problems

The aim of this paper is to propose improved T − ψ finite element schemes for eddy current problems in the three-dimensional bounded domain with a simply-connected conductor. In order to utilize nodal finite elements in space discretization, we decompose the magnetic field into summation of a vector potential and the gradient of a scalar potential in the conductor; while in the nonconducting domain, we only deal with the gradient of the scalar potential. As distinguished from the traditional coupled scheme with both vector and scalar potentials solved in a discretizing equation system, the proposed decoupled scheme is presented to solve them in two separate equation systems, which avoids solving a saddle-point equation system like the traditional coupled scheme and leads to an important saving in computational effort. The simulation results and the data comparison of TEAM Workshop Benchmark Problem 7 between the coupled and decoupled schemes show the validity and efficiency of the decoupled one.     

Analysis of scattering properties of embedded particles by applying the discrete sources method

A numerical scheme based on the discrete sources method is constructed for the mathematical simulation of the scattering properties of nanoparticles embedded in a substrate. Both differential and integral scattering characteristics of particles embedded to various degrees are analyzed. It is shown that embedded particles can be distinguished from those lying on the substrate by using P-polarized external excitation waves incident at two different angles.     

普通高校公共数学课程分类分层模式优化研究

公共数学课程对实现高校的人才培养目标起着十分重要的作用.本文遵循因材施教的原则,科学设计了公共数学课程体系,采用一种新的教学模式———分类分层教学.提出了分层教学方法、教学内容、考核模式、分层教学管理的改革实施方案,使基础课程更加具有针对性.     

高等数学课程分层次教学理念的思考和举措

高等数学课程是高校所有专业的基础课程之一,对实现高校的人才培养目标起着十分重要的作用.本文遵循因材施教的原则,科学设计了分层次教学模式,对于开展分层次教学的意义和理论依据作了阐述,提出了分层次教学模式的组织与实施,并就教学内容、教学方法、考核模式的改革给出相应的实施方案.     

Signcryption schemes with threshold unsigncryption,and applications

The goal of a signcryption scheme is to achieve the same functionalities as encryption and signature together, but in a more efficient way than encrypting and signing separately. To increase security and reliability in some applications, the unsigncryption phase can be distributed among a group of users, through a (t, n)-threshold process. In this work we consider this task of threshold unsigncryption, which has received very few attention from the cryptographic literature up to now (maybe surprisingly, due to its potential applications). First we describe in detail the security requirements that a scheme for such a task should satisfy: existential unforgeability and indistinguishability, under insider chosen message/ciphertext attacks, in a multi-user setting. Then we show that generic constructions of signcryption schemes (by combining encryption and signature schemes) do not offer this level of security in the scenario of threshold unsigncryption. For this reason, we propose two new protocols for threshold unsigncryption, which we prove to be secure, one in the random oracle model and one in the standard model. The two proposed schemes enjoy an additional property that can be very useful. Namely, the unsigncryption protocol can be divided in two phases: a first one where the authenticity of the ciphertext is verified, maybe by a single party; and a second one where the ciphertext is decrypted by a subset of t receivers, without using the identity of the sender. As a consequence, the schemes can be used in applications requiring some level of anonymity, such as electronic auctions.     

求带释放时间的半导体煅烧排序的最短交付时间的一个高效PTAS

本文研究一个目标是最小化最大交付时间的能分批处理的非中断单机排序问题．这个问题来源于半导体制造过程中对芯片煅烧工序的排序．煅烧炉可以看成一个能同时最多加工B（〈n）个工件的处理机．此外，每个工件有一个可以允许其加工的释放时间和一个完成加工后的额外交付时间．该问题就是将工件分批后再依批次的排序加工，使得所有工件都交付后所需的时间最短．我们设计了一个用时O（f（l／ε）n^5/2）的多项式时间近似方案，其中关于1／ε的指数函数厂（1／ε）对固定的ε是个常数.     

The solution of the unloading wave problem

The solution of Rakhmatulin's problem of an unloading wave for a linear strengthening scheme is extended to the case of large values of the maximum pressures. Two versions of the solution of this problem are also presented as they apply to the non-linear “stress-strain” diagram of elastoplastic materials: when this diagram is approximated by any number of linear sections and when, in the region of maximum stresses or an infinitely distant region, corresponding to the elastic limit, a rectilinear deformation section can be distinguished.     

Categorical abstract algebraic logic categorical algebraization of first-order logic without terms

An algebraization of multi-signature first-order logic without terms is presented. Rather than following the traditional method of choosing a type of algebras and constructing an appropriate variety, as is done in the case of cylindric and polyadic algebras, a new categorical algebraization method is used: The substitutions of formulas of one signature for relation symbols in another are treated in the object language. This enables the automatic generation via an adjunction of an algebraic theory. The algebras of this theory are then used to algebraize first-order logic.Partially supported by National Science Foundation grant CCR - 9593168     

A CELL-CENTERED ALE METHOD WITH HLLC-2D RIEMANN SOLVER IN 2D CYLINDRICAL GEOMETRY

This paper presents a second-order direct arbitrary Lagrangian Eulerian (ALE) method for compressible flow in two-dimensional cylindrical geometry.This algorithm has half-face fluxes and a nodal velocity solver,which can ensure the compatibility between edge fluxes and the nodal flow intrinsically.In two-dimensional cylindrical geometry,the control vol-ume scheme and the area-weighted scheme are used respectively,which are distinguished by the discretizations for the source term in the momentum equation.The two-dimensional second-order extensions of these schemes are constructed by employing the monotone up-wind scheme of conservation law (MUSCL) on unstructured meshes.Numerical results are provided to assess the robustness and accuracy of these new schemes.     

Principally Unimodular Skew-Symmetric Matrices

principally unimodular (PU) if every principal submatrix has determinant 0 or ±1. Let A be a symmetric (0, 1)-matrix, with a zero diagonal. A PU-orientation of A is a skew-symmetric signing of A that is PU. If A′ is a PU-orientation of A, then, by a certain decomposition of A, we can construct every PU-orientation of A from A′. This construction is based on the fact that the PU-orientations of indecomposable matrices are unique up to negation and multiplication of certain rows and corresponding columns by −1. This generalizes the well-known result of Camion, that if a (0, 1)-matrix can be signed to be totally unimodular then the signing is unique up to multiplying certain rows and columns by −1. Camion's result is an easy but crucial step in proving Tutte's famous excluded minor characterization of totally unimodular matrices. Received: May 17, 1996