Research On Several Problems Of Digital Signatures

With rapid development of computer network and E-commerce, information security has become more and more important. Digital signature, which can provide authentication, integrity and non-repudiation for data transfer, is one of the crucial techniques concerning information security and plays a very important role in E-commerce and E-governance. Hence, it's significant and practical to research on digital signatures.ID-based public key cryptography simplifies key management process which is a heavy burden in traditional certificate-based cryptosystems, and it has been a hot topic in modern cryptography. This dissertation studies how to design an ID-based signature scheme, and how to prove its security and solve its drawback of key escrow. And we focus on ID-based short signatures, ID-based aggregate signatures, traceable ID-based signatures, certificateless signatures, certificateless proxy signatures and certificateless designated verifier signatures. The major contributions of the dissertation are as follows:1. We present a short ID-based signature (IBS) scheme that is proved to be secure in the random oracle model under the hardness assumption of k-CAA problem. The proposed scheme upholds all desirable properties of previous IBS schemes. Furthermore, our scheme requires less computational cost and is significantly more efficient than all known IBS schemes, and the size of signatures generated by our scheme is approximate 160 bits, which is the shortest ID-based signatures so far.2. We propose a new ID-based aggregate signature scheme from bilinear pairings. Its security proof is given in the random oracle model and it can be reduced to the computational Diffie-Hellman problem. Compared with the existing ID-based aggregate signature schemes, our scheme drastically improves the efficiency of signature communication and verification since the verification algorithm only requires 3 pairing evaluations and the size of the signature generated by our scheme is only about 320 bits. In addition, we cryptanalyze an ID-based aggregate signature scheme presented by Song, Kim, Lee and Yoon, and show that this scheme is universally forgeable.3. The inherent key escrow problem is a main disadvantage in IBS schemes. This paper introduces the concept and security model of traceable ID-based signature (T-IBS) which is a new approach to mitigate the key escrow problem in IBS schemes. We present a T-IBS scheme without pairing and give the security proof for our scheme under the elliptic curve discrete logarithm assumption in the random oracle model. Compared with the existing schemes without suffering from key escrow, ours achieves higher efficiency since the signing algorithm needs only one scalar multiplication in the additive group while the reverse operation requires only three scalar multiplications.4. Certificateless public key cryptography is a recently proposed attractive paradigm which combines the advantages of both certificate-based and ID-based cryptosystems as it avoids the usage of certificates and does not suffer from key escrow. We present a certificateless signature (CLS) scheme that is proved to be secure in the random oracle model under the hardness assumptions of k-CAA and Inv-CDHP. The proposed scheme upholds all desirable properties of previous CLS schemes, and requires general cryptographic hash functions instead of MapToPoint hash function which is inefficient. Furthermore, our scheme requires less computational cost and significantly more efficient than all known CLS schemes, and the size of signatures generated by our scheme is approximate 160 bits, which is the shortest certificateless signatures so far. So it can be used widely, especially in low-bandwidth communication environments.5. We first formalize the definition and the security model of certificateless strong proxy signatures (CLSPS), and then propose a novel CLSPS scheme from bilinear pairings. It proves that our CLSPS scheme satisfies all the requirements of strong proxy signatures in certificateless public key cryptography. Furthermore, our scheme is more efficient than the existing CLSPS schemes because it requires general cryptographic hash functions instead of MapToPoint function which is inefficient, and the signing algorithm and the verification algorithm online altogether require one scalar multiplication, two exponentiations and one pairing computation.6. We present a new pairing based certificateless designated verifier signature (CLDVS) scheme and provide the security proofs and efficiency analysis for our scheme. Moreover, as an application of our CLDVS, the first notion and construction of the certificateless designated verifier proxy signature (CLDVPS) scheme is proposed. It proves that our CLDVPS scheme satisfies all the requirements of the designated verifier proxy signature schemes in the certificateless cryptography.