数字签名的加速技术与安全性研究

发布时间：2018-04-14 06:09

本文选题：数字签名 + 服务器辅助验证签名　；参考：《电子科技大学》2014年博士论文

【摘要】：数字签名技术是信息安全的核心技术之一,不断发展的数字签名技术正逐步满足人们现实生活中的各种应用需求。相应的,人们对于数字签名的要求也在逐渐提高,对数字签名方案的效率和安全性也提出了新的要求。同时,随着无线网络和信息技术的飞速发展,越来越多的无线终端设备投入使用,这些设备往往具备有限的计算能力,而在已有的应用中,数字签名协议常常有着较重的运算量,这些运算量对于传统的计算机设备来讲不算负担,但对于类似智能卡之类的无线设备来讲,就是一个值得重视的问题。计算效率问题在一些安全性能优异或者具备特殊用途的密码协议上表现得尤为明显。因此,数字签名加速技术与安全性是具有重要意义的研究课题。针对上述问题,本文从签名验证和签名生成两方面研究如何加速数字签名,提出新的签名方案,且结合一些具有特殊用途的密码体制,分析现有典型签名方案的安全性和效率,提出相应的改进措施。具体工作包括:1.从加速签名验证的角度出发,研究了服务器辅助验证签名体制,这种签名方案中,验证者和一个计算能力强但不一定完全信任的服务器运行交互协议,将耗时运算交给服务器来完成,从而完成签名验证。本文对现有的一些服务器辅助验证签名方案进行安全性分析,并给出一种改进方案。此外,将服务器辅助验证签名与聚合签名相结合,定义服务器辅助验证聚合签名,给出安全模型,并提出一种具体方案构造,该方案加快验证速度,最后证明其安全性。2.从加速签名生成的角度出发,研究了使用变色龙哈希函数来加快数字签名的生成,具体地,我们将变色龙哈希函数用于代理签名方案,使代理签名人能快速有效地计算代理签名,降低代理签名人的计算成本,提高签名速度和效率。本文基于离散对数问题和大整数分解问题,分别提出两个结合变色龙哈希函数的代理签名方案,方案在授权阶段采用抗密钥泄露的变色龙哈希函数,代理签名人就只需找到一个变色龙哈希碰撞即可生成有效的代理签名,并给出在随机预言机模型下两个方案的安全证明。3.当前,将聚合签名与无证书签名体制相结合的签名方案纷纷提出,本文发现现有的一种无证书聚合签名方案存在安全漏洞,提出改进的无证书短签名方案,并在此基础上,构造了改进的无证书聚合签名方案,使得签名方案在签名验证阶段,既能保持对运算的计算量是一个常量,同时也是可证安全的。此外,还提出了一种新的无证书短签名方案,并在随机预言机模型下证明了方案的安全性。4.研究基于身份的环签名方案。基于身份的环签名方案由于其自身的实用性,应用非常广泛。许多方案被不断提出,这些方案以提高签名效率,加快签名速度为目标,并声称自己是安全的。本文对现有的一个方案做了安全性分析,并给出改进方案及相应的安全性证明。对现有的另外一个方案做了安全性分析,指出其同样存在安全问题。
[Abstract]:Digital signature is one of the core technology of information security, digital signature technology is gradually evolving to meet various application needs of people in real life. Accordingly, people for the requirements of digital signature is gradually increased, the efficiency and security of the digital signature scheme is also proposed new requirements. At the same time, with the rapid development of the wireless network and information technology, the wireless terminal equipment put into use more and more, these devices tend to have limited computing capability, and the existing applications, digital signature protocols often have a heavy computation, the computation burden for computer equipment is not traditional, but similar to wireless smart card the device and the like, is a problem worthy of attention. The computational efficiency problem in some excellent safety performance or have the special use of cryptographic protocols on the performance was particularly Obvious. Therefore, digital signature technology and accelerate security is a significant research topic. Aiming at the above problems, this paper studies two aspects of how to speed up the generation of digital signature from the signature verification and signature, proposed new signature schemes, and combined with special purpose code system, analysis of the existing typical signature schemes and security efficiency, put forward the corresponding improvement measures. The specific work includes: 1. from the perspective of accelerating the signature verification, the server aided verification signature, the verifier signature scheme, and a computational ability but not completely trusted server interaction protocol, will take to the server to complete the operation, so as to complete the signature this paper verified. Some of the existing server aided verification signature scheme security analysis, and gives an improved scheme. In addition, the AIDS testing service Certificate signature and aggregate signature combination, definition of server aided verification aggregate signature, given security model, and put forward a concrete project construction, the project to speed up the verification speed, finally prove the safety of.2. from accelerated signature generation perspective, studied the use of chameleon hash function to accelerate the generation of digital signature in detail, we will chameleon hash function for proxy signature scheme, the proxy signer can effectively reduce the computational cost of computing proxy signature, proxy signer's signature, improve the speed and efficiency. In this paper, the discrete logarithm problem and the integer factorization problem based, are two with chameleon hash function of the proxy signature scheme, scheme the chameleon hash function key anti leakage in the authorization stage, the proxy signer can just find a chameleon hash collision to generate a valid proxy signature The name, is given in the random oracle model two schemes to prove safety.3. at present, the signature and aggregate signature certificateless signature combination have been proposed, this paper found that the existing certificateless aggregate signature scheme of security vulnerabilities, proposed certificateless short signature scheme is improved, and on this basis. Certificateless aggregate signature scheme is constructed, the signature and signature verification, can be calculated for the operation is a constant, and is provably secure. In addition, a new certificateless short signature scheme was proposed, and the proof of identity based ring signature in security study on.4. scheme in the random oracle model. Identity based ring signature scheme because of its practicality, and is widely used. Many solutions have been proposed, the signature scheme to improve efficiency, speed up the sign Speed as the goal, and claimed to be safe. This paper makes the security analysis of an existing scheme, and gives the improvement scheme and its security proof. For another the existing scheme do safety analysis, pointed out that the same security problems.

【学位授予单位】：电子科技大学
【学位级别】：博士
【学位授予年份】：2014
【分类号】：TN918.91

【共引文献】