The Research On Forward-Secure Signature And Forward-Secure Proxy Signature Scheme With Restricted Proxy Signing Power

If forward-secure algorithm is used in digital signature, we can reduce potential risk for our privacy key's exposure. The paper mainly analyzes a class of forward-secure signature schemes. In these schemes, time-parameter is not a valid parameter when we verify its validity. If the secret key is leaked, adversary can forge a valid digital signature before the leak with the current secret key. So this class of schemes is not forward security. As digital signature schemes, proxy signature schemes have the problem of forward security. If original signer's key is leaked, attacker can forge proxy keys and proxy signatures. Proxy signature before current time may not be trustworthy.To resolve the problem mentioned above, firstly, the paper proposed a new class of forward security digital signature scheme. In the schemes, the current private key is bind with a random number. The random number and time-parameter are used in the signature procedure, and time-parameter is necessary when we verify its validity. It insures the schemes possesse forward security.Then forward-secure algorithm is used in the proxy signature and the forward security proxy signature of restricted proxy signing power is proposed. In the scheme, the privacy key's validity of the original signature's secret key is compartmentalized to some phases and is irreversible evolution, current secret key generate proxy's secret key which be valid only at current phase. Time-parameter will be necessary in the validation. Compromise of the current secret key does not enable an adversary to forge signatures pertaining to the past. It will promise the proxy signature key in the past is valid at that time. In the paper, warrant information is used, which include the proxy's ID and the limit of proxy's authority and we can't forge it. It can prevent the proxy from transferring and abusing proxy's authority.Lastly in the paper, we analyze the problem of behind security in the forward security scheme. Mike Burmeste proposed a strong forward security scheme. But the scheme must replace public key and privacy key when it moves forward a new period time and need much space to store the public key. Based on the ahead analyses, the paper proposes an effective strong forward security scheme to solve the behind security problem. The public key keeps unchanged, and the privacy is irreversible evolution. It has a good efficiency and is feasibility.