透過您的圖書館登入 IP:18.216.94.152
透過您的圖書館登入
IP:18.216.94.152
  • 精確檢索 : 冠狀病毒
  • 模糊檢索 : 冠狀病毒
  • 冠狀病毒感染
    冠狀病毒疾病
  • 查詢出版品: 冠狀病毒
進階查詢
查詢歷史
主題瀏覽
  • 學位論文

具匿名性與識別性的同時簽章法設計

Design of Concurrent Signature Schemes with Anonymity and Identification

許德煜(Te-Yu Hsu)
指導教授 : 黃心嘉
淡江大學/工學院/資訊工程學系碩士班/碩士(2007年)
https://doi.org/10.6846/TKU.2007.01004
全文下載

摘要

Chen等人利用環簽章,提出「同時簽章法」的觀念,在不需要公信的第三者以及雙方計算能力相同的假設之下,協助雙方公平地交換簽章。同時簽章法的安全特性,計有正確性、不可偽造性、公平性和模糊性。於2005年時,有別以往利用環簽章設計同時簽章法的方式,Nguyen提出新的設計同時簽章法的設計方法,名為「非對稱式同時簽章法」。基於使用者隱私權的保護,此方法強調滿足匿名性與無關聯性等新的安全特性。但匿名性對於Nguyen的方法產生識別性的問題,即交換簽章的簽章者,無法在交換簽章時,即時地驗證雙方身份與簽章,如此攻擊者就可以利用此點,戲弄交換簽章的簽章者,耗盡簽章者的計算資源;對具模糊性的同時簽章法而言,往往具有識別性,反而沒有此方面的問題,因此針對具匿名性的同時簽章法另外提出識別性。本研究將針對各類型同時簽章法進行研究,探討如何讓同時簽章法同時具有識別性與匿名性。在改良Nguyen的方法之後,滿足識別性、匿名性以及無關聯性,此三項特性無疑對使用者的隱私權提供一個良好的保障。

關鍵字

同時簽章 匿名性 識別性

並列摘要

Chen et al. proposed the concept of concurrent signature scheme based on ring signature schemes to realize the fair signature exchange protocols without trusted third parties and the same computational power assumption. Concurrent signature schemes should satisfy four security properties: correctness, unforgeability, fairness, and signer-ambiguity. In 2005, Nguyen first proposed an asymmetric concurrent signature scheme without adopting ring signatures. For the privacy protection, Nguyen’s scheme satisfies two new security properties: anonymity and unlinkability. To satisfy the anonymity property, Nguyen’s scheme has identification problem that signers cannot identify each other during the exchange protocol. So an attacker can make use of this problem to trick signers to exhaust computation resources of the signer. However, the concurrent signature schemes with signer-ambiguity do not have the identification problem. A new property, identification, is defined for the concurrent signature scheme with anonymity. In this thesis, three improved concurrent schemes are proposed to provide anonymity and identification at the same time. Among these three schemes, the improved Nguyen’s scheme satisfies identification, anonymity, and unlinkability at the same time. With the identification, anonymity, and unlinkability, the signers’ privacy suffers a good protection.

並列關鍵字

Concurrent signature anonymity identification

參考文獻

[8] R. Cleve, “Controlled Gradual Disclosure Schemes for Random Bits and their Applications,” Advances in Cryptology-CRYPTO 1989, LNCS, Vol. 435, New York: Springer-Verlag, 1990, pp.573-588.
[9] I. B. Damgård, “Practical and Provably Secure Release of a Secret and Exchange of Signatures,” Advances in Cryptology - EUROCRYPT 1993, LNCS, Vol. 765, New York: Springer-Verlag, 1994, pp. 200-217.
[10] S. Even, O. Goldreich, and A. Lempel, “A Randomized Protocol for Signing Contracts,” Communications of the ACM, 1985, Vol. 28(6), pp.637-647.
[12] M. K. Franlin and G. Tsudik, “Secure Group Barter: Multi-Party Fair Exchange with Semi-Trusted Neutral Parties,” Proc. of Financial Cryptology - EUROCRYPT 1998, LNCS, Vol. 1465, New York: Springer-Verlag, 1998, pp.90-102.
[15] O. Goldreich, “A Simple Protocol for Signing Contracts,” Advances in Cryptology-CRYPTO 1983, New York: Springer-Verlag, 1984, pp.133-136.

延伸閱讀

全文下載