Research On Some Digital Signatures With Additional Properties

Digital signatures with additional properties play the important roles ininformation security, and they are widely used in E-commerce, E-government andother fields. In this paper, we discuss some key problems of proxy signatures, blindsignatures, nominative signatures and some basic signatures. The main contributionsare as follows.(1) The Inverse Bilinear Pairing Operation Problem (IBPOP) is proposed, whichis proved to be neither easier than the computing Diffie-Hellman problem (CDHP) norharder than the discrete logarithm problem on the groups (G₁, G₂) for the bilinearpairing. Based on collusion attack algorithm with qs tractors problem (qs-CAAP) andIBPOP, two randomized certificate-based signature schemes from pairings areproposed respectively. In each proposed scheme there is only one pairing operation.The former can be used to construct an efficient randomized verifiably encryptedsignature or the optimistic fair exchange protocol.(2) We fred that in the proxy signature scheme with privacy protection proposedby Dai et al. the original signer and the blind signature receiver can conspire to changethe message to be signed and forge a valid proxy signature, and the proxy signer canmisuse the proxy signing power. An improved scheme is proposed, which not onlyovercomes the security drawbacks of the old scheme but also has the same othersecurity properties as that of Dai et al.(3) A proxy signature scheme based on the chameleon hash function is proposed,in which the proxy signer need not generate the proxy-signing key. At the same time,based on the signature signed by the original signer which can be public, the proxysigner can generate a proxy signature by finding a collision to the given chameleonhash value.(4) A new type of proxy signature is proposed, which can realize the proxysigning power between the identity-based original signer and certificate-based proxysigner. A security model corresponding to the proposed scheme is present too. Ourscheme is proved to be secure in Random Oracle Model under the hardness assumptionof CDHP.(5) We find that in the partial blind signature scheme proposed by Zhang et al. theadversary can get rid of the partial blind property of the signature, and the adversarycan forge the embedding parameter in the signature. An improved scheme is proposed, which not only overcomes the security drawbacks of the old scheme but also has thesame other security requirements as that of Zhang et al.(6) A new identity-based blind signature scheme from pairings is proposed, inwhich there is only one pairing operation. Then, compared with the schemes proposedby Zhang and Kim in Asiacrypt2002 and ACISP 2003(in each of their schemes thereare at least two pairing operations), our scheme is more efficient.(7) Based on Susilo and Huang's security analysis to nominative signatures, anew nominative signature scheme is proposed, which can satisfy the requirements forthe nominative signatures. A (k, n) threshold nominative proxy signature scheme isproposed too. At last, an extended nominative signature scheme is proposed, whichmakes that the signer and the signature receiver have the same control ability to thesigned documents. At the same time, some applications of the proposed schemes aboveare proposed too.