门限与代理数字签名方案研究
发布时间:2018-07-22 14:29
【摘要】:通过使用数字签名技术,可以防止网络传输信息的伪造、抵赖和篡改等问题。本文对数字签名领域中的门限签名方案、门限代理签名方案和多代理多签名方案进行了深入的研究,并将数字签名技术应用到移动自组网中。本文主要的研究工作和创新体现在如下几个方面:(1)对门限签名方案的研究。提出了一种成员可以动态添加和删除的门限签名方案和一种成员协商的门限签名方案。①基于有限域上的离散对数困难问题,提出了一种成员可以动态添加和删除的门限签名方案。从生成系统参数和密钥产生阶段、部分签名的产生和验证阶段以及最终签名的产生和验证阶段三方面综合分析,证明该方案计算量较少。②基于离散对数和秘密共享思想,提出一种无密钥分配中心的门限签名方案。签名组成员共同协商,生成每个成员的子秘密,成员生成自己的部分签名后发送给SC (Signature Combiner),SC对收到的部分签名进行验证,如果部分签名合法,SC将部分签名合成为最终签名。从正确性、安全性和效率三方面分析,证明了所提方案的安全性。(2)对门限代理签名方案的研究。提出一个签名不可否认的门限代理签名方案。系统初始化阶段,采用零知识证明的方法对签名者提供的公钥进行验证,避免公钥替换攻击。原始签名人只需计算一个公共的代理份额,将它广播给代理群,根据原始签名人分配的代理份额,代理签名人生成自己的代理秘密份额,并生成代理子签名。由签名合成者生成最终的代理签名。代理签名验证阶段,需要用到代理签名人的公钥,代理签名人不能否认对消息的签名。应用将敌手分为三类的安全模型,模拟各类敌手伪造签名的过程,证明了所提方案的安全性。(3)对多代理多签名方案的研究。提出了原始签名人指定不同代理群的多代理多签名(Multi-Proxy Multi-Signature, MPMS)方案和门限多代理多签名(Threshold Multi-Proxy Multi-Signature, TMPMS)方案。①提出一种基于双线性对的MPMS方案。文中给出MPMS方案的形式化定义和安全模型,并提出一种原始签名人可以指定不同代理群的MPMS方案。为证明方案的安全性,文中对现有的安全模型进行改进,在计算Diffie-Hellman问题困难的基础上,验证所提方案是安全的。②对TMPMS方案进行研究,提出一种基于离散对数的TMPMS方案。文中给出TMPMS方案的形式化定义和安全模型,方案中原始签名人可以指定不同的代理群,每个代理群的门限值可以不相同。在有限域上的离散对数困难问题的基础上,证明了所提方案的安全性。(4)数字签名在移动自组网中的应用。针对移动自组网无中心控制、拓扑结构动态变化等特点,将数字签名技术应用在移动自组网中,提出一个不依赖密钥管理中心的、无需安全信道的密钥管理方案。节点密钥的初始分配和更新都是在节点相互协商后生成,不需要密钥管理中心的协助。节点对要传送的秘密信息,先进行加密,然后生成密文的数字签名,实现了秘密信息在公共信道上的传输。
[Abstract]:By using digital signature technology, we can prevent the forgery, repudiation and tampering of the network transmission information. This paper studies the threshold signature scheme, the threshold proxy signature scheme and the multi proxy multi signature scheme in the digital signature field, and applies the digital signature technique to the mobile ad hoc network. The main research of this paper is the paper. The work and innovation are embodied in the following aspects: (1) the study of threshold signature schemes. A threshold signature scheme which can dynamically add and delete members and a threshold signature scheme for member negotiation is proposed. (1) a threshold for dynamic addition and deletion of members is proposed based on the discrete logarithmic difficulties on the finite field. Signature scheme. From three aspects of generation and key generation of the system, the generation and verification stage of the partial signature and the generation and verification stage of the final signature, it is proved that the scheme has less computational complexity. 2. Based on the discrete logarithm and secret sharing idea, a threshold signature scheme is proposed for the non key key allocation center. The members jointly negotiate, generate the subsecret of each member, the member generates its own partial signature and sends it to SC (Signature Combiner), and SC validates the partial signature received. If part of the signature is legitimate, SC syntheses the part of the signature to the final signature. The security of the proposed scheme is proved from three aspects of correctness, security and efficiency. (2) research on the threshold proxy signature scheme. A signature undeniable threshold proxy signature scheme is proposed. In the system initialization phase, a zero knowledge proof method is used to verify the public key provided by the signer and avoid the public key replacement attack. The original signer only needs to compute a public proxy share and broadcast it to the proxy group. According to the agent share allocated by the original signer, the proxy signer generates its own secret share and generates the proxy signature. The signature synthesizer generates the final proxy signature. The proxy signature verification stage requires the public key of the proxy signer, the proxy signer can not recognize the signature of the message. The application will divide the enemy hands into three categories. The security model, simulating the process of forgery of signatures by all kinds of opponents, proves the security of the proposed scheme. (3) the study of multi proxy and multi signature schemes. The Multi-Proxy Multi-Signature, MPMS scheme and Threshold Multi-Proxy Multi-Signature for the original signers with different proxy groups are proposed. (TMPMS) scheme. (1) a MPMS scheme based on bilinear pairing is proposed. In this paper, the formal definition and security model of MPMS scheme are given, and a MPMS scheme with different agent groups can be specified by the original signer. In order to prove the security of the scheme, the existing security model is improved in this paper, and it is difficult to calculate the Diffie-Hellman problem. On the basis, the proposed scheme is safe. Secondly, the TMPMS scheme is studied and a TMPMS scheme based on the discrete logarithm is proposed. The formal definition and security model of the TMPMS scheme are given in this paper. The original signer can specify different proxy groups in the scheme, and the threshold value of each agent group can be different. On the basis of several difficult problems, the security of the proposed scheme is proved. (4) the application of digital signature in the mobile ad hoc network. The digital signature technology is applied to the mobile ad hoc network for the characteristics of the mobile ad hoc network without central control and the dynamic topology of the topology. A key without key management center and no key for the secure channel is proposed. The initial distribution and update of the node key are generated after the nodes are negotiated with each other, without the assistance of the key management center. The node encrypts the secret information to be transmitted first, then generates the digital signature of the ciphertext, and realizes the transmission of the secret information on the public channel.
【学位授予单位】:东北大学
【学位级别】:博士
【学位授予年份】:2014
【分类号】:TN918.4
本文编号:2137764
[Abstract]:By using digital signature technology, we can prevent the forgery, repudiation and tampering of the network transmission information. This paper studies the threshold signature scheme, the threshold proxy signature scheme and the multi proxy multi signature scheme in the digital signature field, and applies the digital signature technique to the mobile ad hoc network. The main research of this paper is the paper. The work and innovation are embodied in the following aspects: (1) the study of threshold signature schemes. A threshold signature scheme which can dynamically add and delete members and a threshold signature scheme for member negotiation is proposed. (1) a threshold for dynamic addition and deletion of members is proposed based on the discrete logarithmic difficulties on the finite field. Signature scheme. From three aspects of generation and key generation of the system, the generation and verification stage of the partial signature and the generation and verification stage of the final signature, it is proved that the scheme has less computational complexity. 2. Based on the discrete logarithm and secret sharing idea, a threshold signature scheme is proposed for the non key key allocation center. The members jointly negotiate, generate the subsecret of each member, the member generates its own partial signature and sends it to SC (Signature Combiner), and SC validates the partial signature received. If part of the signature is legitimate, SC syntheses the part of the signature to the final signature. The security of the proposed scheme is proved from three aspects of correctness, security and efficiency. (2) research on the threshold proxy signature scheme. A signature undeniable threshold proxy signature scheme is proposed. In the system initialization phase, a zero knowledge proof method is used to verify the public key provided by the signer and avoid the public key replacement attack. The original signer only needs to compute a public proxy share and broadcast it to the proxy group. According to the agent share allocated by the original signer, the proxy signer generates its own secret share and generates the proxy signature. The signature synthesizer generates the final proxy signature. The proxy signature verification stage requires the public key of the proxy signer, the proxy signer can not recognize the signature of the message. The application will divide the enemy hands into three categories. The security model, simulating the process of forgery of signatures by all kinds of opponents, proves the security of the proposed scheme. (3) the study of multi proxy and multi signature schemes. The Multi-Proxy Multi-Signature, MPMS scheme and Threshold Multi-Proxy Multi-Signature for the original signers with different proxy groups are proposed. (TMPMS) scheme. (1) a MPMS scheme based on bilinear pairing is proposed. In this paper, the formal definition and security model of MPMS scheme are given, and a MPMS scheme with different agent groups can be specified by the original signer. In order to prove the security of the scheme, the existing security model is improved in this paper, and it is difficult to calculate the Diffie-Hellman problem. On the basis, the proposed scheme is safe. Secondly, the TMPMS scheme is studied and a TMPMS scheme based on the discrete logarithm is proposed. The formal definition and security model of the TMPMS scheme are given in this paper. The original signer can specify different proxy groups in the scheme, and the threshold value of each agent group can be different. On the basis of several difficult problems, the security of the proposed scheme is proved. (4) the application of digital signature in the mobile ad hoc network. The digital signature technology is applied to the mobile ad hoc network for the characteristics of the mobile ad hoc network without central control and the dynamic topology of the topology. A key without key management center and no key for the secure channel is proposed. The initial distribution and update of the node key are generated after the nodes are negotiated with each other, without the assistance of the key management center. The node encrypts the secret information to be transmitted first, then generates the digital signature of the ciphertext, and realizes the transmission of the secret information on the public channel.
【学位授予单位】:东北大学
【学位级别】:博士
【学位授予年份】:2014
【分类号】:TN918.4
【参考文献】
相关博士学位论文 前1条
1 邓宇乔;数字签名理论及其在数字版权管理系统中的应用研究[D];华南理工大学;2010年
,本文编号:2137764
本文链接:https://www.wllwen.com/kejilunwen/wltx/2137764.html
