Font Size: a A A

The Research On Multi-Signatures, Aggregate Signatures And Their Applications

Posted on:2014-02-01Degree:DoctorType:Dissertation
Country:ChinaCandidate:L F WeiFull Text:PDF
GTID:1228330392460338Subject:Computer software and theory
Abstract/Summary:PDF Full Text Request
With the development of computers and networks, various digital signature variation-s appear. Multi-signature and aggregate signature, denoted as multi-message (or multi-participator) digital signature, play an essential role among the variations of ordinary digitalsignature schemes. Multi-message digital signature enables different signers to sign on themessage and generate a single compact signature to authenticate the message under a set ofdifferent signers, which keeps the message and signature non-repudiation, authenticity andintegrity. Thus, researchers all over the world focus on how to achieve security and improveefficiency of multi-message digital signature in the signing and verification algorithms. Theresearches on the multi-message digital signature play an important role both in theoreti-cal and in practical, which could wildly apply in the real networks such as delay/disruptiontolerant networks (DTNs), cloud computing and wireless sensor networks and contribute tonational construction of information technology.This thesis focuses on the researches of multi-message digital signature and their appli-cations. The main work and contributions of the present thesis are as follows:(1) Through the deep research on the formal security models of interactive multi-signature,this thesis proposes several identity based multi-signature (IBMS) schemes basedon the large integer factoring assumptions.Currently, most of the IBMS schemes rely on bilinear pairings or non-standard assump-tions. We propose several IBMS schemes based on the large integer factoring assumptions.Firstly, we propose an IBMS scheme with three interactive rounds under quadratic residue as-sumption, which equals to integer factoring assumption. By using the technique of quadraticresidue-based multiplicatively homomorphic equivocable commitment, an advanced IBMSscheme is proposed to achieve reducing the interactive round complexity to two rounds. Fur-thermore, we propose an IBMS scheme based under cubic residue assumption. We give theformal security proof that our IBMS schemes are existentially unforgeable under adaptivelychosen message attacks and chosen identity attacks in the random oracle model. Compared with the previous work, our schemes are very efficient. In particular, our schemes are fea-tured by the weak assumption and the efficient signing and verification procedures.(2) Through the deep research on the formal security models of ordered multi-signature,this thesis proposes an efficient and secure PKI-based ordered multi-signature scheme.Most of the multi-signature schemes are generated in an interactive way. However,non-interactive multi-signature shows its advantage in avoiding complicated communicationround costs and attracting more attention by cryptographic scientists. Thus, we point out thelimitation of the Boldyreva et al.’s schemes in ACM CCS2007, introduce the new securitydefinition and properties such as resisting to adversatively uncombined, give the new secu-rity models and through the idea of BLS short signature scheme propose an efficient andsecure PKI-based ordered multi-signature scheme. Our scheme is proven secure under com-putational Diffie-Hellman assumption in the random oracle model. Our scheme has shorterpublic key which is suitable to application under current PKI.(3) This thesis focuses on the incentive mechanisms in the DTNs and builds two repu-tation based incentive schemes by taking the multi-message signature techniques.DTNs are self-organized wireless ad-hoc networks, where end-to-end connectivity cannot be guaranteed and communications rely on the assumption that the nodes are willing tostore-carry-and-forward bundles in an opportunistic way. However, this assumption wouldbe easily violated due to the selfish nodes that are unwilling to consume precious wirelessresources by serving as bundle relays, which suffers from serious performance degradation.To tackle this issue, we model the networks and attacks’ behaves, employ the tech-niques of identity based aggregate signature scheme and batch verification, and propose asecure user-centric and social-aware reputation based incentive scheme for DTNs. Differentfrom conventional reputation schemes which rely on neighboring nodes to monitor the trafficand keep tracks of each other’s reputation, our scheme allows a node to manage its reputa-tion evidence and demonstrate its reputation whenever necessary. Two concepts, self-checkand community-check, are defined for reputation evaluation according to the candidate’sforwarding competency and the sufficiency of the evidence shown by the node itself, andfor speeding up reputation establishment and forming consensus views towards targets in thesame community, respectively. Extensive performance analysis based on epidemic modeland simulations are given to demonstrate the effectiveness and efficiency of the proposedscheme.We also propose a novel user-centric reputation based incentive protocol for DTNs,which allows a node to manage its reputation evidence. Through short signature and batch verification in the reputation ticket generation and verification, it achieves to reduce the com-munication overhead and computation overhead. To achieve the cooperation and the fairnessrequirements in the bundle forwarding, we define a game-theoretic framework to designreasonable costs and reward parameters, which leads to a Perfect Bayesian Equilibrium.Performance simulations are given to show the effectiveness and efficiency.(4) This thesis focuses on the security and privacy issues of cloud computing andproposed secure and privacy preserving protocol in cloud computing by taking the multi-message signature techniques.Cloud computing emerges as a new computing paradigm in which security and privacyissues have been widespread concerned in academia and industry. In the thesis, we take bothcloud storage security and computation security into consideration and propose the definitionof uncheatable and privacy cheating discourage. We construct an identity based designatedverifier signature scheme to achieve cloud storage security and privacy cheating discourage-ment. To improve the efficiency of cloud storage security, different users’ requests can beconcurrently handled through the batch verification technique. From the computation securi-ty aspect, we build Merkle hash tree to make commitments on the computing results and findthe cheating behaves through probabilistic sampling technique. To minimize the auditingcost, detailed analysis is given to obtain an optimal sampling size. By testing the overheadand performance of the proposed scheme in the simulation environment, the experiment re-sults demonstrate that it is indeed a viable, lightweight solution for secure storage, securecomputation and privacy preserving in the cloud computing.In summary, this thesis focuses on both the theory and application of the multi-messagesignature and its variations. The proposed cryptographic schemes and application proto-cols not only deserve deep research in theory, but also have further application values forengineering in practical.
Keywords/Search Tags:Multi-signature, Aggregate signature, Provably secure, Ran-dom oracle, Delay/Disruption tolerant networks, Cloud computing
PDF Full Text Request
Related items