【作者】 钟豪；

【导师】 何大可；

【作者基本信息】 西南交通大学 ， 密码学， 2008， 硕士

【摘要】 随着现代通信技术和计算机技术的迅速发展,尤其是互联网的迅猛发展,网络安全成为与互联网的生存和发展密切相关的技术。虽然现代密码学中的对称密码体制、公钥密码体制、数字签名和密钥交换技术起到了保障安全的作用,但这些算法都将数据的安全性简单的归于一个规模很小的单一密钥。一旦该密钥泄漏,整个系统就将崩溃,使得所有用此密钥加密的文件会被破解,而攻击者可利用此密钥肆意的签署任何文件,势必给密钥所有者造成非常严重的后果。因此如何在现有的密码体制和数字签名体制的基础上,构建一个更好的方案保护和管理密钥,是决定现实中系统的安全性的关键。随后密码学上出现了一批优秀的密钥管理技术。如在1993年美国提出的密钥托管理论和技术,国际化标准组织制定的X.509标准和麻省理工学院开发的Kerboros协议等。之后又出现了一种分割秘密的技术,即秘密共享技术。自1979年,Shamir提出了这种技术以来,秘密共享和门限的理论技术得到了极大的发展和应用。数字签名作为一种保障信息安全的技术,保证了信息的完整性、不可伪造性、不可否认性。将数字签名技术和秘密共享技术相结合便形成了门限签名技术,门限签名技术是普通数字签名技术的一个推广,而(t,n)门限签名是指:一个由n个成员所组成的群中任意t个成员可以产生门限签名。本文的研究内容是门限RSA签名方案的设计与实现。首先分析了当前门限RSA签名技术的研究背景和国内外的研究现状。在介绍了基本的密码学基础知识后,本文介绍了著名的Shoup门限RSA签名方案,然后重点介绍了一种基于新型秘密共享方法的高效门限RSA签名方案,在效率上进行了分析,并根据该方案的特点和量化分析结果,构造了一个具有分布式可信中心的门限签名系统,大大提高了子密钥分发的效率。本文还构造了“一种基于RSA的面向群的门限签名方案”可以实现多个独立的群之间联合进行门限签名。最后本文在选取的门限RSA签名方案的理论基础上,加上部分签名协议,采用OpenSSL开源代码库和VS2005集成开发环境,设计和实现了一个具有可信中心的门限RSA签名软件系统。更多还原

【Abstract】 With rapid development of the modern Information & Communications Technology and computer technology, especially the development of the internet, network security becomes a hotspot in IT filed to keep the survival and development of the internet. Although modern cryptography provides symmetric-key block ciphers, public-key encryption, digital signature and key exchange technology to guarantee the information safety, all those algorithms’ safety only relies on a small scale key. Once the key is leaked, the whole system would collapse and lead to the encrypted files decrypted and maliciously sign illegal files with the key by hackers which results in serious consequences. So it becomes a key problem how to build a better security protection scheme and key management system by making use of the cryptography algorithm in practice.Then there are many outstanding key management technologies, such as the theory of secret trusteeship raised by American in 1993, X.509 standard established by International Organization of Standardization and Kerberos Protocol etc. Since 1979, Shamir presents the theory of secret sharing and threshold scheme, which promotes the development and practical application of this theory.Digital signature as an information safety technology plays an important role in protecting the integrity of the data, undeniability and verifiability of information. Combining the digital signature with the secret sharing technology leads to the birth of the threshold signature technology. And the (t, n) threshold signature means that only t or more participators can produce the signature.First, the thesis analyses the research background of threshold RSA signature technology and the evolvement of the theory in the world. After introducing basic knowledge of the cryptology, this thesis introduces the famous threshold RSA signature the Shoup’s scheme, and summarizes the general problems in existing schemes. Then focus on introducing "A New RSA Threshold Group Signature Scheme Based on Modified Shamir’s Secret Sharing Solution", analyzing them in respect of efficiency, and design a distributed trusted center based on the this scheme and the quantitative analysis result, improving the efficiency of distributing sub-kyes process. Then this thesis introduces "A Threshold Signature Scheme for Multiple Groups based on RSA" scheme used to provide the threshold signature function for multiple independent groups. Finally, this thesis introduces the threshold RSA signature system with a trusted center based on the the chosen scheme and the robust and efficient sharing of RSA functions, which designed and developed by the author with the OpenSSL library and VS2005 Integrated Development Environment.更多还原