論文使用權限 Thesis access permission:校內立即公開,校外一年後公開 off campus withheld
開放時間 Available:
校內 Campus: 已公開 available
校外 Off-campus: 已公開 available
博碩士論文 etd-0719111-174117 詳細資訊
Title page for etd-0719111-174117
論文名稱 Title |
可證明安全之隨機化盲簽章機制與應用 Provably Secure Randomized Blind Signature Scheme and Its Application |
||
系所名稱 Department |
|||
畢業學年期 Year, semester |
語文別 Language |
||
學位類別 Degree |
頁數 Number of pages |
115 |
|
研究生 Author |
|||
指導教授 Advisor |
|||
召集委員 Convenor |
|||
口試委員 Advisory Committee |
|||
口試日期 Date of Exam |
2010-07-08 |
繳交日期 Date of Submission |
2011-07-19 |
關鍵字 Keywords |
抗暴力脅迫、密碼學、盲簽章、資訊安全、電子投票 Information Security, Blind Signatures, Cryptography, Uncoercibility, Electronic Voting |
||
統計 Statistics |
本論文已被瀏覽 5726 次,被下載 703 次 The thesis/dissertation has been browsed 5726 times, has been downloaded 703 times. |
中文摘要 |
隨著科技進步的推波助瀾,人類的生活模式紛紛順應這股洪流,投向數位化的懷抱;若談到當前最受到世界矚目的一項電子化應用,則非電子投票莫屬;毫無疑問,選舉為民主社會中最為重要的表徵,而投票則是民主的具體實踐行為,因此格外備受各界關注,同時電子投票也被認為是邁向高度開發國家的一個關鍵性指標。簡而言之,電子投票的特色與優勢在於導入科技以節省傳統紙張投票中所需要的人力、物力,並且能夠在短時間之內完成投開票,縮短時間上的消耗。毫無疑問,一個電子投票系統必須滿足各項投票行為所需之安全特性,以保證投票過程的正當性及結果的正確性;這些特性包含抗暴力脅迫、投票者匿名性與選票可驗證性等。但由於電子化的影響,使得電子投票也衍生出一些額外問題尚待解決;買賣票甚至有心人士的暴力脅迫即為當中最為棘手的問題,由於在電子投票系統中為了讓投票者足以確認投票過程的正確性,因而通常會讓投票者持有“收據”, 而這個收據則會導致暴力脅迫與買賣票成功的可能性增加。因此在本論文中,我們分析了植基於盲簽章之電子投票系統中可能導致暴力脅迫與買賣票成功\\\的四項因素,並發現了具隨機化之盲簽章技術則是解決暴力脅迫這個問題的必要條件之一; 意即若所採用的盲簽章不具隨機化的特性,則暴力脅迫就無法避免。承襲與延伸上述的研究成果,我們將提出兩個植基於不同密碼底層之隨機化盲簽章協定並分別針對其所需之安全特性進行理論證明;而所提出的隨機化盲簽章機制均能協助電子投票系統,使其滿足抗暴力脅迫與抗買賣票的特性。 |
Abstract |
Due to resource-saving and efficiency consideration, electronic voting (e-voting) gradually replaces traditional paper-based voting in some developed countries. An anonymous e-voting system that can be used in elections with large electorates must meet various security requirements, such as anonymity, uncoercibility, tally correctness, unrecastability, verifiability, and so on. Especially, the uncoercibility property is an essential property which can greatly reduce the possibility of coercion and bribe. Since each voter can obtain one and only one voting receipt in an electronic voting system, coercers or bribers can enforce legal voters to show their voting receipts to identify whether the enforced voters follow their will or not. It turns out that the coercion and bribe will succeed more easily in digital environments than that in traditional paper-based voting. In this dissertation, we analyze four possible scenarios leading to coercion and discover that the randomization property is necessary to blind-signature-based e-voting systems against coercion. Based on this result, we extend our research and come up with two provably secure randomized blind signature schemes from different cryptographic primitives, which can be adopted as key techniques for an electronic voting system against coercion and bribery. |
目次 Table of Contents |
英文審定書. . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . i 中文審定書. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ii 誌謝. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . iii 英文摘要. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . v 中文摘要. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . vi 1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 1.1 Coercion and Bribery Issues in Electronic Voting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 3 1.2 Dissertation Orientation and Organization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 5 2 Preliminary and Motivation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . 7 2.1 Prerequisites of Electronic Voting Systems .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. .. . 7 2.2 Previous Solutions to Coercion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10 2.2.1 Receipt Freeness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10 2.3 Analysis of Possible Coercions in Electronic Voting Systems . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . 13 2.4 Some Generic Ideas Against Coercion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . 15 2.5 The Significance of Randomization . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . 19 2.5.1 Chaum’s Blind Signature Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 19 2.5.2 Coercion in Blind-signature-based E-Voting Protocol . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . .. . . . .. . . . . . 20 2.5.3 Remark . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24 3 The Generic Concept of E-Voting System with Uncoercibility . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . .. . .. . . . . . . 25 3.1 Generic Randomized Blind Signature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . .. . . . . . . . 25 3.2 An Uncoercible Anonymous E-Voting System Based on Generic Representation . . . . . . . .. .. . . . . . . . . . 29 3.2.1 The Ways Against Coercion and Bribery . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . .. . . 33 3.3 Property Examination . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 4 Fast Randomization Schemes for Chaum’s Blind Signatures . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . 45 4.1 The Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . 45 4.1.1 The Message-Free Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48 4.2 Formal Proofs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . .. . . . . . . . 48 4.2.1 Correctness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . 48 4.2.2 Unlinkability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. .. . . . 49 4.2.3 Unforgeability and Randomization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . 53 4.3 Performance Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . 65 4.4 Extension: An Uncoercible Anonymous E-Voting System Based on FRCBS . . . . . . . . . . . . . . . . . . . . . . . .70 5 Randomized Blind Signature Scheme Based on Bilinear Pairing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .74 5.1 Bilinear Maps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74 5.2 The Proposed Scheme . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . .. . . . . . . 75 5.3 Formal Proofs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . .. . . . . . .78 5.3.1 Correctness . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . .. . . .. . 78 5.3.2 Unlinkability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .78 5.3.3 Unforgeability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . .. .82 5.3.4 Randomization . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . 89 5.4 Performance and Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92 5.4.1 Performance Analysis . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . .. . . . . . 92 5.4.2 Security Analysis . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 93 6 Concluding Remark . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . 96 Reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98 |
參考文獻 References |
[1] M. Abe and T. Okamto, Provably secure partially blind signatures, Advances in Cryptology-Crypto’00, Lecture Notes in Computer Science, vol. 1880, Springer, Berlin, pp. 271-286, 2000. [2] R. Ara’ujo, R. F. Cust’odio, and J. van de G., A Verifiable Voting Protocol based on Farnel, IAVoSS Workshop On Trustworthy Elections (WOTE’07), 2007. [3] M. Bellare, C. Namprempre, D. Pointcheval, and M. Semanko, The One-More-RSA-Inversion Problems and the Security of Chaum’s Blind Signature Scheme, Journal of Cryptology, vol. 16, no. 3, Springer-Verlag, pp. 185-215, 2003. [4] M. Bellare and P. Rogaway, Random oracles are practical: A paradigm for designing efficient protocols, The Proceedings of the 1st ACM Conference on Computer and Communications Security, pp. 62-73, 1993. [5] J. Benaloh and D. Tuinstra, Receipt-free secret-ballot elections, Proc. 26th Symposium on Theory of Computing (STOC’94), pp. 544-553, 1994. [6] A. Boldyreva, Threshold Signatures, Multisignatures and Blind Signatures Based on the Gap-Diffie-Hellman-Group Signature Scheme, Proceeding of PKC’03, LNCS 2567, pp. 31-46, 2003. [7] T. Cao, D. Lin, and R. Xue, A randomized RSA-based partially blind signature scheme for electronic cash, Computers & Security, vol. 24, no. 1, pp. 44-49, 2005. [8] C. C. Chang and J. S. Lee, An anonymous voting mechanism based on the key exchange protocol, Computers & Security, vol. 25, no. 4, pp. 307-314, 2006. [9] D. Chaum, Blind signatures for untraceable payments, Advances in Cryptology-CRYPTO’82, Springer-Verlag, pp. 199-203, 1983. [10] D. Chaum, The voting system ”PunchScan”. [11] D. Chaum, A. Fiat, and M. Naor, Untraceable electronic cash, Advances in Cryptology-CRYPTO’88, LNCS 403, Springer-Verlag, pp. 319-327, 1990. [12] D. Chaum, Untraceable electronic mail, return addresses, and digital pseudonyms, Communications of the ACM, vol. 24, no. 2, pp. 84-88, 1981. [13] D. Chaum, The dining cryptographers problem: unconditional sender and recipient untraceability, Journal of Cryptology, vol. 1, no. 1, pp. 65-75, 1988. [14] C. Y. Chen, C. C. Chang, and W. P. Yang, Hybrid method for modular exponentiation with precomputation, Electronics Letters, vol. 32, no. 6, pp. 540-541, 1996. [15] H. Y. Chien, J. K. Jan, and Y. M. Tseng, RSA-based partially blind signature with low computation, The Proceedings of the Eighth International Conference on Parallel and Distributed Systems, IEEE, pp. 385-389, 2001. [16] S. Delaune, S. Kremer, and M. Ryan, Coercion-resistance and Receipt-freeness in Electronic Voting, 19th Computer Security Foundations Workshop (CSFW), IEEE Comp. Soc. Press, 2006. [17] V. Dimitrov and T. Cooklev, Two algorithms for modular exponentiation using nonstandard arithmetics, IEICE Transactions on Fundamentals of Electronics, vol. E78-A, no. 1, pp. 82-87, 1995. [18] H. Elkamchouchi and Y. Abouelseoud, A new blind identity-based signature scheme, Proceeding of CCNS 2008, IEEE, pp. 1102-1106, 2008. [19] C. I. Fan, Y. C. Chan, and Z. K. Zhang, Robust Remote Authentication Scheme with Smart Cards, Computers & Security, vol. 24, no. 8, pp. 619-628, 2005. [20] C. I. Fan and W. K. Chen, User efficient randomized Chaum’s blind signatures, The Proceedings of Information Security, 2001 National Computer Symposium, Taiwan, pp. F036-F042, 2001. [21] C. I. Fan, W. K. Chen, and Y. S. Yeh, Randomization enhanced Chaum’s blind signature scheme, Computer Communications, vol. 23, no. 17, pp. 1677-1680, 2000. [22] C. I. Fan and C. L. Lei, Multi-recastable ticket schemes for electronic voting, IEICE Transactions on Fundamentals, vol. E81-A, no. 5, pp. 940-949, 1998. [23] C. I. Fan and C. L. Lei, An unlinkably divisible and intention attachable ticket scheme for runoff elections, Journal of Network and Computer Applications, pp. 93-107, 2002. [24] C. I. Fan, Y. H. Lin, and R. H. Hsu, Remote Password Authentication Scheme with Smart Cards and Biometrics, The Proceedings of 2006 IEEE GLOBECOM Conference, pp. 1-5, 2006. [25] C. I. Fan and W. Z. Sun, An efficient multi-receipt mechanism for uncoercibleanonymous electronic voting, Special issue on Mathematical Modeling of Voting Systems and Elections: Theory and Applications, Mathematical and Computer Modelling, vol. 48, Issues 9-10, pp. 1611-1627, 2008. [26] N. Ferguson, Single term off-line coins, Advances in Cryptology-EUROCRYPT’93, LNCS 765, pp. 318-328, 1994. [27] A. Fujioka, T. Okamoto, and K. Ohta, A practical secret voting scheme for large scale elections, Advances in Cryptology-AUSCRYPT’92, LNCS 718, Springer-Verlag, pp. 244-251, 1992. [28] M. Hirt and K. Sako, Efficient receipt-free voting based on homomorphic encryption, Advances in Cryptology-EUROCRYPT 2000, LNCS 1807, Springer-Verlag, pp. 539-556, 2000. [29] J. K. Jan and C. C. Tai, A secure electronic voting protocol with IC cards, Journal of Systems and Software, vol. 39, no. 2, pp. 93-101, 1997. [30] W. S. Juang and C. L. Lei, A collision-free secret ballot protocol for computerized general elections, Computers & Security, vol. 15, no. 4, pp. 339-348, 1996. [31] A. Juels, M. Luby, and R. Ostrovsky, Security of blind digital signatures, Advances in Cryptology-Crypto’97, LNCS 1294, Springer-Verlag, pp. 150-164, 1997. [32] W. C. Ku and S. D. Wang, A secure and practical electronic voting scheme, Computer Communications, vol. 22, no. 3, pp. 279-286, 1999. [33] N. Koblitz, A. J. Menezes, and S. A. Vanstone, The state of elliptic curve cryptography, Design, Codes and Cryptography, vol. 19, no. 2-3, pages 173-193, 2000. [34] L. Lamport, Password authentication with insecure communication, Communications of ACM, vol. 24, pp. 28-30, 1981. [35] C. L. Lei and C. I. Fan, A universal single-authority election system, IEICE Transactions on Fundamentals of Electronics, vol. E81-A, no. 10, pp. 2186-2193, 1998. [36] H. T. Liaw, A secure electronic voting protocol for general elections, Computers & Security, vol. 23, no. 2, pp. 107-119, 2004. [37] E. Magkos, M. Burmester, and V. Chrissikopoulos, Receipt-freeness in large-scale elections without untappable channels, Proc. 1st IFIP Conference on E- Commerce/E-business/E-Government, pp. 683-693, 2001. [38] A. Menezes, P. van Oorschot, and S. Vanstone, Handbook of Applied Cryptography, CRC Press LLC, 1997. [39] G. R. Michael, F. S. Paul, and M. G. David, Anonymous connections and onion routing, IEEE Journal on Selected Areas in Communication, vol. 16, no. 4, pp. 482-493, 1998. [40] D. Pointcheval and J. Stern, Provably secure blind signature schemes, Advances in Cryptology-ASIACRYPT’96, LNCS 1163, Springer-Verlag, pp. 252- 265, 1996. [41] D. Pointcheval and J. Stern, New blind signatures equivalent to factorization, The Proceedings of the 4th ACM Conference on Computer and Communication Security, pp. 92-99, 1997. [42] D. Pointcheval and J. Stern, Security arguments for digital signatures and blind signatures, Journal of Cryptology, vol. 13, no. 3, pp. 361-396, 2000. [43] D. Pointcheval and J. Setrn, Security proofs for signature schemes, Advances in Cryptology-EUROCRYPT’96, LNCS 1070, Springer-Verlag, pp. 387-398, 1996. [44] M. O. Rabin, Digitalized signatures and public-key functions as intractable as factorization, Technical Report, MIT/LCS/TR212, MIT Lab. Computer Science, Cambridge, Mass. 1979. [45] R. L. Rivest, A. Shamir, and L. Adleman, A method for obtaining digital signatures and public key cryptosystems, Communications of ACM, vol. 21, pp. 120-126, 1978. [46] R. Rivest andW. Smith, Three Voting Protocols: ThreeBallot, VAV, and Twin, Electronic Voting Technology Workshop (EVT’07), 2007. [47] P. Ryan, The Computer Ate my Vote, Newcastle University Technical Report 988, 2006. [48] G. J. Simmons, Contemporary Cryptology: The Science of Information Integrity, IEEE Press, NY, 1992. [49] Y. Yu, S. Zheng, and Y. Yang, ID-based blind signatrue and proxy blind signature without thrusted PKG, Proceeding of CSICC 2008, LNCS, pp. 821-824, 2008. [50] F. Zhang and K. Kim, ID-based blind signature and ring signature from pairings, ASIACRYPT 2002, LNCS 2501, pp. 533-547, 2002. [51] F. Zhang and K. Kim, Efficient ID-based blind signature and proxy signature from bilinear pairings, Proceeding of ACISP 2003, LNCS 2727, pp. 312-323, 2003. [52] Y. Zhang, W. Liu, W. Lou, and Y. Fang, Securing mobile ad hoc networks with certificateless public keys, IEEE Transactions on Dependable and Secure Computing, vol. 3, no. 4, pp. 386-399, 2006. [53] RFC 3766, http://rfc.net/rfc3766.html. [54] VHTi, http://www.votehere.net/vhti/document. |
電子全文 Fulltext |
本電子全文僅授權使用者為學術研究之目的,進行個人非營利性質之檢索、閱讀、列印。請遵守中華民國著作權法之相關規定,切勿任意重製、散佈、改作、轉貼、播送,以免觸法。 |
紙本論文 Printed copies |
紙本論文的公開資訊在102學年度以後相對較為完整。如果需要查詢101學年度以前的紙本論文公開資訊,請聯繫圖資處紙本論文服務櫃台。如有不便之處敬請見諒。 開放時間 available 已公開 available |
QR Code |
國立中山大學 圖書與資訊處 │ 諮詢服務:2452 論文審查小組 │ 服務信箱 │ 系統開發維運:圖資處知識創新組
Office of Library and Information Services, National Sun Yat-sen University │ Contact Us : 2452 Thesis Format Review Team , Mail │ Development and operations : Knowledge Innovation Division, LIS