Research On Digital Signatures With Additional Properties

Information security is one of the most important problems in modern information society and becomes a new important subject in the information science. Digital signature, which can prove authentication, integrity and non-repudiation, is one of the key techniques of information security and plays a very important role in E-commerce and E-governance. As the deepening of digital signature research and the rapid development of E-commerce and E-governance, the standard signature, which is a simple simulacrum of handwritten signature, can not still meet the need in practice, thus making research on the digital signatures with additional properties becomes a main research direction in digital signature. In this thesis, we discuss some digital signatures with additional properties, including identity-based (simply ID-based) signature, (partially) blind signature, untransferable signature, group signature and multi-signature. The main contributions are as follows. We discuss the construct method of ID-based signatures from bilinear pairings by detailed analyzing their verification equations, thus propose fourteen ID-based signature schemes. After optimizing those schemes in efficiency, we present seven efficient ID-based signature schemes and seven Schnorr-type ID-based signature schemes with a distinct improvement both in computation efficiency and in the length of signatures. We also discuss the security of the proposed schemes and prove twelve schemes can against existential forgery on adaptively chosen message and ID attack under the random oracle model. We present a general method to construct blinding functions of discrete-logarithm-based (simply DL-based ) blind signature schemes by analyzing the algebraic form of blinding function, thus solve the problem of blinding DL-based signature schemes completely. We give a general blinding technique for the blindable schemes to obtain their corresponding blind signature schemes while give a proof for the case of unblindable. All DL-based blind signature schemes available can be obtained by our general blinding technique. We discuss the general blinding technique for ID-based signatures from bilinear pairings and propose more than seventy ID-based blind signature schemes. Efficiency analysis shows that more than forty of our schemes are more efficient than two available ID-based blind signature from bilinear pairings schemes. We also propose an ID-based partially blind signature from bilinear pairings scheme and prove it can against existential forgery on adaptively chosen message and ID attack under the random oracle model (non parallel attack). We show that a nominative signature and a nominative proxy signature are not nominative. Then we extend the concept of nominative signature to the convertible nominative signature, in which the nominee can convert given nominative signatures into universally verifiable signatures. We give a formal definition for it and propose two convertible nominative signature schemes and a convertible nominative proxy signature scheme based on our nominative signature scheme. We introduce a new concept of convertible untransferable partially blind signature, in which only the designated verifier(s) can verify and confirm the validity of given signatures and convert given signatures into universally verifiable signatures, along with a formal definition for it and a provably secure scheme that implements it. The proposed scheme has an advantage that it can issue convertible undeniable partially blind signatures, convertible directed partially blind signatures, convertible designated confirmer partially blind signatures, convertible nominative partially blind signatures, and universally verifiable partially blind signatures using the same signature issuing protocol. We also propose a convertible user designating confirmer partially blind signature scheme, a convertible undeniable partially blind signature scheme, a convertible directed partially blind signature scheme, and a convertible nominative partially blind signature scheme. We improve the Camenisch's group signature scheme by improving the 1-out-of-n signature of knowledge used in the scheme. As a result, the lengths of the signatures of the improvement is about a half that of the original. Then we show that a member deletion scheme of group signature cannot delete any group member and propose a forward-secure member deletion scheme using the Public-Key State List and the Trusted Timestamp. Thus the improper view that Certificate Revocation List approach is unsuitable for group signatures is corrected. We also introduce a new concept of the authorized group signature and propose an authorized group signature scheme to implement it. We propose a multi-signature scheme, which allows mixture use of DL and RSA-type keys. Based on the proposed multi-signature scheme, we propose an anonymous threshold subliminal channel scheme, in which the subliminal message sender is indistinguishable.