Study On Theory And Application Technology Of Digital Signature And Authentication

Based on Public Key Cryptography, the concept of digital signature was introduced by Diffie and Hellman in 1976. It is playing the key role in information security and electronic commerce due to the properties of authentication, integrity and non-reputation it can provide. Digital signature, which is one of the most important primitives in information security, has a very significant impact on information science.Based on the search of structural features and safety properties in Public Key Cryptography, including identity based cryptography,certificateless cryptography and certificate based cryptography, some structure and security model of digital signature in provable security model are defined. Under the models, some more efficient signature with provable security are designed by the research and analysis on existing digital signature. Combined with the actual needs of the application, with the research on special digital signature, authentication technology and fair exchange protocols, in e-commerces and other application areas, some exploring research work has been done for digital signature design. The main research results in this dissertation are as follows:1.Signcryption, which meets the requirements of confidentiality and authenticity simultaneously, is a good method to transmit messages. Based on the studies of the structural features and safety properties of signcryption and the analyze on existing schemes, a new signcryption scheme is proposed with the requirements of confidentiality, public verifiability and forward secrecy satisfied. The method to ensure forward secrecy also has prevalent applicability. Blind signature schemes are protocols that guarantee anonymity of the participants by allowing a user to obtain a valid signature for a message from a signer, without signer's seeing the message or its signature. Aiming at the key issues of the lack of public verification in existing blind signcryption, a new blind signcryption is presented. It is proved to satisfy the properties of anonymity, untracebility, unlinkability and public verifiabbility. under the identity based Cryptography, a new scheme with public verifiability is proposed. In the scheme, with the steps which is comparatively independent to the signcryption process, it can provide the public verification of each signcryption in need. Therefore, our scheme has shorter ciphertext length and higher efficiently and also solves the problems of transfer and management of certificate in tranditional schemes.2.Authenticated key agreement (AKA) protocol allows two or multi-parties exchange messages, authenticate each other and establish shared session keys for later secure communications over an open network. With the research under certificateless cryptography, we analyzes the existing AKA protocol and presents a new certificateless AKA protocol. Furthermore, it is proved to achieve almost all the security properties while maintaining a good computational efficiency. The proposed certificateless-based authenticated key agreement protocol overcomes the dependence of KGC and the key escrow problem in identity-based cryptography and also combines the advantages of them.3. To meet the application requirement in e-commerce, proxy blind signature and aggregate signature based on certificateless cryptography are studied in this dissertation. A new efficient certificateless proxy blind signature scheme based on paring is proposed and a multi-bank electronic cash system solutions is presented as well. Through the pre-calculation of the parameter which is published as one of the system parameters, the new scheme does not require any pairing computation in the sign step. It is more efficient when compared with tother existing schemes thus it has advantages in practical application. A new certificateless aggregate signature scheme from bilinear pairing is presented which is proved to be existentially unforgeable against adaptively chosen message and identity attacks from Type I and Type II adversaries in random oracle model. It requires only 3 pairings computation in sign and verification algorithms when it is compared with the existing schemes. Thus it has higher efficiency than the known schemes in terms of computation and can be widely applied in the e-commerce area.4.Based on Boneh's aggregate signature model and Mambo's proxy signature model, we introduce the definition of certificate-based aggregate proxy signature, present the security models for such signatures and construct a certificate-based aggregate proxy signature scheme from bilinear pairing. Based on computational Diffie-Hellman problem, the scheme is proved to be existentially unforgeable against all the attacks from Type I and Type II adversaries in random oracle model. Our scheme is useful for reducing the size of certificate chains and it thus has higher efficiency in sign and verification algorithm than n proxy signatures in terms of computation. It can be widely applied in the e-commerce area due to it's special properties and higher efficiency.