【作者】 王玲玲；

【导师】 张国印；

【作者基本信息】 哈尔滨工程大学 ， 检测技术与自动化装置， 2008， 博士

【摘要】 数字签名作为保证信息完整性和进行身份认证的重要工具,己成为信息安全领域的一项关键技术。在现实环境中,为适应不同应用的需要,产生了许多特种签名方案,如:群签名、环签名、盲签名、代理签名、门限签名等。其中,环签名以其可以实现签名人完全匿名性的特性,成为近年密码学界的研究热点。近来,随着对环签名研究的不断深入,基于环签名的应用也日益涌现。在环签名研究取得许多重要成果的同时,仍有许多公开问题急待解决,如:环签名大小与环成员个数成正比的问题,环签名中存在的密钥泄露问题等。本文以解决这些问题为切入,以提高效率和结合应用为出发点,对简短环签名、前向安全环签名、关联环签名、可否认环签名和环签密进行了研究。本文首先综述了环签名的研究进展。以环签名的发展为线索,从环签名的基本概念、环签名的分类(包括门限环签名、关联环签名、可撤销匿名的环签名、可否认的环签名等)、环签名的应用等方面进行了研究。并总结了环签名领域存在的问题及进一步的研究方向。在对已有环签名方案进行了系统研究的基础上,采用单向累加器技术提出了可证安全的简短环签名方案,并将其用于构造高效的多方同时生效签名协议。该方案解决了环签名中存在的签名长度与环成员个数线性成正比的公开问题。为了解决环签名存在的密钥泄露问题,采用了前向安全理论,并基于环Z_n上圆锥曲线的性质,如明文嵌入、阶的计算、点的运算及在圆锥曲线中逆元计算十分容易等,构造了前向安全的环签名方案。此外,基于双线性对,构造了在标准模型下可证安全的前向安全环签名方案。在将环签名与群签名比较研究之后,构造了简短的关联环签名方案,并提出了基于该方案的公平电子现金协议。此外,首次采用关联环签名和盲环签名设计了公平的多银行电子现金协议。该协议既可以避免基于群签名的电子现金协议存在的成员撤销问题,还可以追踪重复花费者的身份,保护发币银行的匿名性,防止银行间的不正当竞争。采用简短环签名方案,并结合基于身份的Chameleon哈希函数,构造了安全、高效的可否认环签名方案。与已有的可否认环认证方案相比,该方案是唯一一个既满足可否认环认证需求,且签名大小不依赖于环成员个数的方案。利用无证书密码系统的优点,提出了一种可验证的无证书环签密方案模型,并基于双线性对构造了具体方案。该方案使用无证书密码系统生成用户密钥,在达到数据保密性和认证性的同时,消息的发送者可以完全匿名地发送消息,并且在需要证实签密人身份的时候,可以公开验证其身份。最后,总结论文工作,提出了需继续研究的问题。更多还原

【Abstract】 Digital signature is one of the great tools in information security. In order to adapt to different application environments, many specific signature schemes have been proposed, such as group signature, blind signature, proxy signature, threshold signature, ring signature and the like. As a widely used signature scheme, ring signature achieves the property of unconditional anonymity for signers. And it has become the focus of the cryptography research. With the in-depth study of ring signature, a variety of ring signature schemes and the applications are put forward recently. However, there exist many problems to be solved. For instance, the problem of the signature size depending on the group size, the problem of key exposure and the problem of whether the ring signature can be used to construct other protocols instead of the group signature, etc. This dissertation aims to propose new schemes to solve the problems mentioned above, and to apply the ring signature to some applications.The achievements in the field of ring signature and its applications are surveyed first. The concept, sorts and applications of ring signature are studied. Then, some problems and open problem in this field are concluded. After studying the proposed ring signature schemes, a provably secure short ring signature based on one-way accumulator is proposed, which is also used to construct multi-party concurrent signatures. This is a solution to the problem of the signature size depending on the group size.With the purpose of solving the key exposure problem, the forward-secure theory is adopted. And a forward-secure ring signature scheme based on conic curve over Z_n is presented, which is easier to accomplish for embedding plaintext, computing element order and points in curves, and speeding up the inverse operation. In addition, new forward-secure ring signature scheme based on bilinear pairings is also proposed, which is proved to be secure in standard model. After comparing the ring signature with group signatures, a short linkable ring signature scheme is presented. A new fair e-cash protocol based on the proposed scheme is also given. That provides a solution for member revocation problem of existing e-cash protocol based on group signatures. Moreover, a new multi-bank e-cash system by using blind ring signatures and linkable ring signatures is presented, by which the client anonymity control and bank anonymity control are achieved respectively.An identity-based deniable ring signature scheme based on the short ring signature in the dissertation is given. In the scheme, an identity-based chameleon hash function is adopted. It can be concluded that the scheme is the only scheme which satisfies the requirements of the deniable ring authentication and the constant-size signature.A new model of verifiable certificateless ring signcryption schemes (VCRSS) is proposed. It is an important cryptographic primitive for private and anonymous communication. An efficient VCRSS scheme based on bilinear pairing is also given. In anonymous communications, the scheme allows the message sender to send the message anonymously, while the confidentiality and authenticity of the message are realized at the same time. If necessary, the real sender can prove his/her identity. The scheme does not require the use of any certificate to ensure the authenticity of public keys, and the the problem of key escrow is eliminated.Finally, the work of the dissertation is concluded.更多还原