Subliminal channels still exist in Schnorr signature, which presents a severe challenge to information security. In this paper, we formalize the notion and security model of subliminal-free signature, and propose a subliminal-free construction of Schnorr signature. In the proposed scheme, an honest-but-curious warden is introduced to help the signer to generate a signature on a given message, but it is disallowed to sign messages independently. Hence, the signing rights of the signer are guaranteed. In particular, our scheme can completely close the subliminal channels existing in the random session keys of Schnorr signature scheme under the intractability assumption of the discrete logarithm problem. Also, the proposed scheme is proved to be existentially unforgeable under the computational Diffie-Hellman assumption in the random oracle model. Performance experiments indicate that the proposed scheme is efficient and practical.
為了持續優化網站功能與使用者體驗,本網站將Cookies分析技術用於網站營運、分析和個人化服務之目的。
若您繼續瀏覽本網站,即表示您同意本網站使用Cookies。