Digital signature, providing integrity, authentication and non-repudiation, is an important cryptographic technology. It is one of the core technologies of information security and is also the key technology in the field of secure electronic business and electronic government affair. Digital signature schemes with special properties not only play an important role in the information secrurity field, but also find wide application in the areas of elcetronic commerce. This dissertation is about the design and security of proxy signature, verifiably encrypted signature, certificateless signature and signcryption. It consists of the following five aspects:1. The security of the Fu-Kou-Xiao's proxy signature scheme with proxy signer's privacy anonymity is analyzed, and it is shown that the scheme does not possess the property of strong unforgeability. A forgery attack is given. Using this attack, a malicious original signer can forge a proxy signing key on behalf of the honest proxy signers without their agreements and produce valid proxy signatures. The reason that the attack can work is analyzed and an improved scheme is proposed to resist the attack.2. It conducts security analysis on proxy blind multi-signature scheme without a secure channel proposed by Lu, Cao and Zhou. The proxy secret key generation algorithm of their scheme is insecure, therefore, their scheme is not secure against the original signer's forgery attack. Moreover, the dissertation proposes four improved proxy key generation algorithms to resist this kind of attack.3. It carries out the security analysis of verifiably encrypted signature schemes proposed recently. The conclusion is that althoure these schemes are probaly secure in the single-user model, however, they are vulnerable to key substitution attack in multi-user setting, where an adversary can generate new keys satisfying legitimate verifiably encrypted signatures created by the legitimate users. A concrete instance of fair exchange of ditital signature protocol is given to show that this kind of attack can breach the firness when they are used in fair exchange in multi-user setting.4. It analyzes the security of the three existing provable secure certificateless signature schemes secure in the standard model. The results show that the three schemes have a common security weakness that an adversary, obtaining a signature on a message and replacing the public key of a signer, can forge valid signatures on the same message under the replaced public key. Although the harmfulness of this kind attack is not as severe as that of forgery attack or key replacement attack, a secure certificateless signature should overcome this weakness. By the deep analysis of the existing schemes, A new provably secure certificateless signature scheme in the standard model based on Waters'signature scheme is proposec. The advantages of the new scheme over the previous schemes are higher security, higher computational efficiency and shorter system parameters.5. It analyzes the security of a series of identity based signcryption schemes proposed recently, and show their security weakness. These schemes do not satisfy the chosen ciphertext security or do not satisfy unforgeability. A new identity based signcryption scheme is proposed based on identity-based signature scheme due to Paterson and Schuldt. The proposed scheme is probably secure in the standard model and can overcome the weakness of the existing schemes. |