基于身份数字签名方案的研究

【作者】 陈玲玲；

【导师】 亢保元；

【作者基本信息】 中南大学 ， 应用数学， 2008， 硕士

【摘要】 信息社会正被计算机网络及通信技术的迅猛发展推向一个新的高级阶段,政府、军事、文教、商业、金融等社会生活的各个领域都深受其影响。大量在网络中存储和传输的数据需要保护,如个人的医疗记录、信用卡账号、登陆网络的口令、或者企业的战略报告、销售预测、技术残兵的细节、研究成果、人员的档案等。这些数据在储存和传输过程中都有可能被盗用、暴露、篡改和伪造。随着人们对网络环境和网络信息资源的依赖程度日渐加深,信息安全已成为了信息科学领域的一门新兴学科,它的核心技术是密码学,其中公钥密码由于其具有传统密码无法比拟的一些优势,特别是在密钥管理方面,正扮演着越来越重要的角色。数字签名技术作为最近几年来公钥密码的一个重要应用,是安全电子商务和安全电子政务的关键技术。数字签名技术是提供认证性、完整性和不可否认性的重要技术,是信息安全的核心技术之一。基于身份的密码系统不存在传统的由CA颁发公钥证书所带来的存储和管理开销的问题。采用椭圆曲线上双线性映射技术的基于身份数字签名成为近几年密码学界的热点研究问题。本文的主要研究内容涉及公钥密码系统中基于身份的数字签名,包括基于身份的代理签名和盲签名以及代理盲签名等。本文的主要成果有:1.分析了两个经典的基于身份的数字签名算法的效率和安全性,指出了其中一个方案的安全缺陷,并给出了改进方案。总结了目前关于基于身份的数字签名存在的一些尚未解决的问题。2.分析了最近提出的一个基于身份无可信中心的数字签名方案,探讨了其效率和安全性。在基于身份公钥加密系统中引入代理签名和盲签名的概念,利用双线性群对上计算Diffie-Hellman难题和离散对数难题的假设,借助双线性映射提出了基于身份无可信中心的代理签名和盲签名方案,并对此方案的安全性及计算效率进行了详细讨论,证明它能够满足强不可伪造以及不可否认性,并与前人方案作比较。3.分析了由李素娟等提出的《基于ID的代理盲签名》,指出了该方案的安全缺陷,并对其进行了改进。进一步,提出了一个新的基于身份的代理盲签名方案,和同类方案进行比较,证明了本文提出的方案更加安全高效。更多还原

【Abstract】 Information society is being pushed onto a new advanced level by computer network and communication technologies, which have made great effects on government, military affairs, culture education, and finance, etc. In a large number of network storage and transmission of data in need of protection, such as personal medical records, credit card account numbers, passwords landing network, or corporate strategy report, forecast sales, technical details Canbing, research, personnel files, and so on. These data may be stolen, exposed, tampering and forgery in the proess of storage and transmission. As the network environment and network information resources to deepen the growing dependence, Information has become an important resource in our society, information security is one of the rising subjects in information science and its core of technology is cryptology. In cryptological area, public-key cryptosystem because of its unmatched advantages compared with the traditional cryptoystem, especially in key management, is playing an increasingly important role. As a new branch of public-key cryptosystem, digital signature is a key technology of the secure B2B(Business to Business)and government affair in recent years.Digital signature, which can provide authentication, integrity and non-repudiation, is a key technique of information security. Compared with the Certificated Authority based (CA-based) cryptography, Identity-based (ID-based) signature can simplify the key management procedure from the view point of the efficiency and convenience. Identity based signature using pairing technology on elliptical curves has become one of the pop research problems. The main research of this thesis for identity-based signature in public-key cryptography includes identity-based proxy signature, blind signature, proxy blind signature and so on. The main contributions are as follows:1. Discuss two classic ID-based signature schemes in detail. And compare their computation efficiency. Present the security proof for ID-based signature. Point out Some open problems in ID-based signature.2. Discuss one ID-based signature scheme without trusted Private Key Generator (PKG) which was proposed resently, analysis it effective and security. The author introduces the concept of proxy signature and blind signature into Identity-Based encryption system. Then the author proposed two new efficient identity-based signature schemes: proxy signature and blind signature without a trusted party by using the bilinear pairing defined on Diffie-Hellman problems and Discrete Logarithm problem.. After detailedly discussing on its arithmetic security and efficiency, these new schemes were proved to be strong unforgettable and undeniable with comparison with other schemes.3. Analyzes a scheme proposed by Lee’s "ID-Based Proxy Blind Signature Scheme" ,it pointed out the the existence of security flaws and improved. Furtuer, the author propose a new scheme which can satisfy all security for proxy blind signature’s requirements,this paper proves that the safety scheme more efficient than the existing ones.更多还原