Research On ID-based Ring Signature

With the rapid development of computer and network technologies, people's life obtains huge changes and more convenience. Going with the advantages,the information security problems appear too. Modern cryptography has become the kernel technique of information technology, and digital signature technology is the foundation and guarantee of the modern cryptography and plays a key role in protecting the security of network communication.Digital signature is a simulation of traditional handwriting signature, it can be applied in the field of identification, data integrity, non-repudiation and so on. Especially in the field of electronic commerce, electronic government etc, digital signature is one of the crucial technologies. With the development of the digital signature, in recent research, a large number of digital signatures with additional properties and different effect have appeared(e.g. blind signature, threshold signature, group signature, ring signature, multi signature and proxy signature, etc).The concept of ring signature is introduced by Rivest, Shamir and Tauman in 2001. Ring signature has the property of unconditional anonymity, nobody can trace the identity of the signer. In the process of the generation of ring signature, the real signer randomly choose a set of members(including himself) to be the potential signer. The signer use his private key and other members'public key to generate the signature. The set of chosen members is called a ring, the signature generated is called ring signature. The receiver of the ring signature can verify that the signature is from one member of the ring but can't point out the real signer.Proxy signature is a special form of digital signature. It is first introduced by Mambo, Usudu and Okamoto in 1996. In a proxy signature, people always need to consign the signing capability to a trusted proxy who can sign on a message instead of the original signer.Proxy ring signature is the combination of proxy signature and ring signature. In a proxy signature scheme, the problem of the proxy signer's privacy protecting is very important. Think about such an application scenario: An original Signer delegate his signing capability to many proxies, called proxy signers set such as a public known directorate. These proxy signers can sign messages on behalf of the original signer while providing anonymity. To solve this problem, Zhang et al introduced the concept of a proxy ring signature and proposed the first ID-based proxy ring signature scheme. Later Amit et al proposed another scheme. Using proxy ring signature, an original signer delegate his signing capability to a set of proxy signers, then every member of the set can sign the message on behalf of the original signer and ensure his identity anonymity. So proxy ring signature solves the problem of the proxy signer's privacy protecting well.The concept of the designated verifier signature scheme was first introduced by Jakobsson, Sako and Impagliazzo in 1996. It make sure only the designated verifier can convince that the signature is made by the signer. Because the signer's public key and the designated verifier's public key are both included in the verification step, the designated verifier can efficiently simulate signatures that are indistinguishable from the signer's signature. Anyone can verify the signature, but no one can be convinced that whom the real signer is, the original signer or the designated verifier, except for the designated verifier himself. A designated verifier signature is suitable to be used in some circumstances that the signer should specify who may be convinced by the signer's signature. But in some situations, for example, the signature may be captured on line by the third party before the designated verifier receives it, then the third party can confirm that the original signer is the real signer. To avoid this, the concept of the strong designated verifier signature scheme was introduced by Saeednia, Kramer and Markovitch in 2003. Everyone can simulate signatures that are indistinguishable from the signer's signature. The signer encrypt the signature with the designated verifier's public key or involve it in the signature, so only the designated verifier can verify the signature generated by the signer with his private key.The main work in this thesis is analysis, design and research on ring signature and relevant schemes. Our main results are as follows: Summarize the research hotspots and research progress on ring signature, introduce the properties and development of some kinds of ring signature (threshold ring signature, linkable ring signature, deniable ring signature, anonymity-revocable ring signature, proxy ring signature, blind ring signature, ring signcryption, etc).Propose an ID-based proxy ring signature scheme from bilinear pairings which combines the advantages of proxy signature and ring signature. Compared with Zhang's scheme and Amit's scheme, the new scheme has a better computational efficiency because the computational cost of bilinear pairings required is reducedfrom O(n) to O(1). It is proved that our scheme is signer anonymous, verifiable,non-deniable and distinguishable. Using ring signature forking lemma, we also prove it is unforgeable in random oracle model.A basic model of a strong designated verifier ring signature is given. An Efficient ID-based strong designated verifier ring signature (SDVRS) scheme is proposed. In random oracle model, it is proved that the new scheme satisfy the security properties of SDVRS: Signer Anonymity for the Designated Verifier Signer Anonymity for the third party, and Unforgeability. The computational efficiency is analysed. Compared with similar schemes, the new scheme is more efficient.The security of an ID-based ring signature scheme and an ID-based ring signcryption scheme are analysed. Efficient attack algorithms are introduced, we find the trapdoor information in the signature scheme, use the public keys of the ring member and verify the equation to confirm the identity of the real signer. It is proved that the two schemes don't satisfy the security property of signer anonymity, so a secure ring signature scheme must realize the signer anonymity according to the definition of Adam Bender.Base on an ID-based ring signature scheme, blind signature and multi-verification technology, combined with RSA crypto system, a perfect anonymous e-voting system is designed. The system can realize the legal voters' unconditional anonymity, and avoid illegal behaviors such as ballot collision, voter deceiving, vote organization deceiving, united organization deceiving, etc. Next works ard as follows:Propose ring signature schemes with stronger security properties, improve the prove methods of security. Prove the security properties not only in random oracle model but also in standard model.Analyse the existent ring signature scheme. A lot of schemes has security leakages, prove them and optimize them.Research the application of ring signature in Ad-Hoc network.For the requirements of E-business and network security, propose more useful ring signature schemes with better security and efficiency.