論文使用權限 Thesis access permission:自定論文開放時間 user define
開放時間 Available:
校內 Campus: 已公開 available
校外 Off-campus: 已公開 available
博碩士論文 etd-0620116-130154 詳細資訊
Title page for etd-0620116-130154
論文名稱 Title |
於標準模型中具最高安全等級之免憑證簽章機制 Certificateless Signature Scheme Achieving Highest-Level Security in the Standard Model |
||
系所名稱 Department |
|||
畢業學年期 Year, semester |
語文別 Language |
||
學位類別 Degree |
頁數 Number of pages |
65 |
|
研究生 Author |
|||
指導教授 Advisor |
|||
召集委員 Convenor |
|||
口試委員 Advisory Committee |
|||
口試日期 Date of Exam |
2016-06-22 |
繳交日期 Date of Submission |
2016-07-21 |
關鍵字 Keywords |
免憑證簽章機制、金鑰代管問題、Girault安全等級、不可否認性、標準模型 Key Escrow Problems, The Standard Model, Girault's Security, Non-Repudiation, Certificateless Signatures |
||
統計 Statistics |
本論文已被瀏覽 5665 次,被下載 23 次 The thesis/dissertation has been browsed 5665 times, has been downloaded 23 times. |
中文摘要 |
在1984年, Shamir 提出基於使用者身份的密碼系統概念, 在此密碼系統中不需要對使用者公鑰做憑證,因為使用者的身份就是公鑰,使用者的身份可以是任意的字串組合,例如,電子郵件地址、電話號碼等。在現行的做法中,使用者的私鑰由一金鑰產生中心(Key Generation Center, KGC)產生, 因此KGC知道所有使用者的秘密, 一旦KGC的資料被竊取, 所有使用者的祕密將會全部洩漏。隨後,為了解決上述的問題,Al-Riyami 和 Paterson 在2003年提出的免憑證公開金鑰密碼系統(Certificateless Public Key Cryptography, CL-PKC), 此密碼系統不僅不需要對任何用戶的公鑰做憑證, 同時也解決了金鑰代管問題(Key Escrow Problems)。在這之後,免憑證公開金鑰密碼系統被廣泛應用在許多領域。而在1991年,Girault 針對可信任第三方定義了三種信任等級,其信任等級愈高,則代表該密碼系統之安全等級愈高。近年來,有許多的學者針對免憑證公開密碼系統的安全性進行證明及定義,而我們發現在標準模型下,目前的免憑證簽章系統皆無針對 Giault 所定義之最高的安全等級完成證明。有鑑於此,我們提出了一個免憑證簽章機制及其在安全標準模型之證明,且證明此簽章機制達到了Girault 的最高安全等級。 |
Abstract |
In order to overcome the key escrow problem, Al Riyami and Paterson introduced the concept of certificateless public key cryptography (CL-PKC) in 2003. CL-PKC requires neither public key certification nor the key escrow problem. After that, CL-PKC has been widely applied. In 1991, Girault defined three security levels of the key generation center (KGC), which the higher level of KGC means the stronger security of the system. Recently, lots of certificateless signature schemes and their security models have been presented. However, there is no certificateless signature scheme proposed in the literature that achieves the property of Girault's level-3 security without random oracles. In view of aforementioned issues, we propose a new construction of certificateless signature scheme that is provably secure in the standard model and satisfies Girault's level-3 security under the hardness of generalized computational Diffie-Hellman (GCDH) and many Diffie-Hellman (Many-DH) problems. |
目次 Table of Contents |
Contents 論文審定書i Acknowledgments iv 摘要v Abstract vi List of Figures ix List of Tables x Chapter 1 Introduction 1 1.1 Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2 1.2 Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 Chapter 2 Preliminaries 4 2.1 Bilinear Mapping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.2 Mathematical Assumptions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 2.2.1 Generalized Computational Diffie-Hellman (GCDH) Assumption . . . 4 2.2.2 Many Diffie-Hellman Assumption (A Simplified Version) . . . . . . . . 5 2.3 Girault’s Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.4 Generic Construction of Certificateless Signature Scheme . . . . . . . . . . . . 6 Chapter 3 Related Works 8 3.1 Liu et al.’s CLS scheme [8] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 3.2 Fan et al.’s CLS scheme [4] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 3.3 Tsai et al.’s CLS scheme [15] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.4 Yuan et al.’s CLS scheme [22] . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15 3.5 Chen et al.’s CLS scheme [2] . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17 Chapter 4 Our Construction 19 4.1 The Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 4.1.1 Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 4.1.2 Set-Secret-Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 4.1.3 Set-Public-Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 4.1.4 Partial-Private-Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20 4.1.5 Set-Private-Key . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 4.1.6 Sign . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 21 4.1.7 Verify . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 4.2 Correctness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 Chapter 5 Security Proof 23 5.1 Security Model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 5.1.1 The Unforgeability Game I . . . . . . . . . . . . . . . . . . . . . . . . . 23 5.1.2 The Unforgeability Game II . . . . . . . . . . . . . . . . . . . . . . . . . 24 5.1.3 The Unforgeability Game III . . . . . . . . . . . . . . . . . . . . . . . . 25 5.2 Security Proof . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 5.2.1 Security Against Type I Adversaries . . . . . . . . . . . . . . . . . . . . 27 5.2.2 Security Against Type II Adversaries . . . . . . . . . . . . . . . . . . . . 34 5.2.3 Security Against Type III Adversaries . . . . . . . . . . . . . . . . . . . 39 Chapter 6 Comparison 48 Chapter 7 Conclusion 50 Bibliography 51 |
參考文獻 References |
[1] S. S. Al-Riyami and K. G. Paterson. Certificateless public key cryptography. In Advances in Cryptology, ASIACRYPT 2003, pages 452–473. Springer, 2003. [2] Y. C. Chen, R. Tso, G. Horng, C. I. Fan, and R. H. Hsu. Strongly secure certificateless signature: Cryptanalysis and improvement of two schemes. J. Inf. Sci. Eng., 31:297–314,2015. [3] H. Du and Q. Wen. Efficient and provably-secure certificateless short signature scheme from bilinear pairings. Computer Standards and Interfaces, 31:390–394, 2009. [4] C.-I. Fan, P.-H. Ho, and Y.-F. Tseng. Strongly secure certifacateless signature scheme supporting batch vertification. In Mathematical Problems in Engineering, pages 308–322. Springer, 2014. [5] C.-I. Fan, R. H. Hsu, and P.-H. Ho. Truly non-repudiation certificateless short signature scheme from bilinear pairings. J. Inf. Sci. Eng., 27:969–982, 2011. [6] M. Girault. Self-certified public keys. In Advances in Cryptology - EUROCRYPT 1991,pages 490–497, 1991. [7] X. Huang, Y. Mu, W. Susilo, D. S. Wong, and W. Wu. Certificateless signature revisited. In In Information Security and Privacy, pages 308–322. Springer Berlin Heidelberg.,2007. [8] J.-K. Liu, J. Baek, W. Susilo, and j. Zhou. Certificate-based signature schemes without pairings or random oracles. In Proceedings of the 11th International Conference (ISC 2008), pages 285–297, Taipei, Taiwan, 2008. [9] J.-K. Liu, M. H. Ho, and W. Susilo. Self-generated-certificate public key cryptography and certificateless signature/encryption scheme in the standard model. In Proceedings of the 2nd ACM symposium on Information, computer and communications security, pages 273–283. ACM, 2007. [10] A. Lysyanskaya. Unique signatures and verifiable random functions from the dh-ddh separation. In Advances in Cryptology, CRYPTO 2002, volume 2442 of Lecture Notes in Computer Science, pages 597–612. Springer, 2002. [11] R. Schoof. Elliptic curves over finite fields and the computation of square roots mod p. Mathematics of computation 44, 170:483–494, 1985. [12] K. J. Sebastien and D. Pointcheval. About the security of mti/c0 and mqv. In SCN, volume 4116 of Lecture Notes in Computer Science, pages 156–172. Springer, 2006. [13] A. Shamir. Identity-based cryptosystems and signature schemes. In Advances in Cryptology, Proceedings of CRYPTO 1984,, pages 45–53. Springer, 1984. [14] K. A. Shim and Y. R. Lee. Security pitfalls of the certificateless signature and multireceiver signcryption schemes. Fundamenta Informaticae., 112(4):365–376, 2011. [15] T.-T. Tsai, S.-S. Huang, and Y.-M. Tseng. Secure certificateless signature with revocation in the standard model. Mathematical Problems in Engineering, 2014:297–314, 2014. [16] Q. Xia, C.-X. Xu, and Y. Yu. Key replacement attack on two certificateless signature schemes without random oracles. In Key Engineering Materials, 439:1606–1611, 2010. [17] H. Xiong. Toward certificateless signcryption scheme without random oracles. IACR Cryptology ePrint Archive, 2014:162, 2014. [18] H. Xiong, Z. Guan, Z. Chen, and F. Li. An efficient certificateless aggregate signature with constant pairing computations. Information Sciences, 219:225–235, 2013. [19] H. Xiong, Z. Qin, and F. Li. An improved certificateless signature scheme secure in the standard model. Fundam. Inform., 88:193–206, 2008. [20] Y.-T. Yu, Y. Mu, G.Wang, Q. Xia, and B. Yang. Improved certificateless signature scheme provably secure in the standard model. IET Information Security, 6:102–110, 2012. [21] Y. Yuan, D. Li, L. Tian, and H. Zhu. Certificateless signcryption scheme without random oracles. In ISA, volume 5576, pages 31–40. Springer, 2009. [22] Y. Yuan and C. Wang. Certificateless signature scheme with security enhanced in the standard model. Inf. Process. Lett., 114:492–499, 2014. |
電子全文 Fulltext |
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。 |
紙本論文 Printed copies |
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。 開放時間 available 已公開 available |
QR Code |
國立中山大學 圖書與資訊處 │ 諮詢服務:2452 論文審查小組 │ 服務信箱 │ 系統開發維運:圖資處知識創新組
Office of Library and Information Services, National Sun Yat-sen University │ Contact Us : 2452 Thesis Format Review Team , Mail │ Development and operations : Knowledge Innovation Division, LIS