With the advance of the Internet, many traditional off-line services such as voting, cash, and auction, are moving to online services over the Internet. To provide such online services safely, cryptography and information security technologies should be used. Digital signature which acts as one of the absolutely necessarily technology of information security become an important problem of modern cryptography.Digital signature is the digitalization form of the concept of handwritten signature, and also is an important method of certificating information in modern telecommunication. On one hand, Digital Signature has the same functions with handwritten signature: receivers could recognize the signature of senders but could not forge, and the sender could not deny the information he had sent to the receiver. And on the other hand, Digital Signature is different from handwritten signature: first, hand signature is imitable, but Digital Signature is hard to forge. Second, everyone's string composed of 0 and 1; every piece of information is particular and could never change. Digital signature is approaches that we can sign a message storaged in electronic style. So the messages signed can be transferred in Internet. A digital signature scheme of a message is consist of two parts: signing algorithm and verifying algorithm, digital signature technology has many kinds of variants from practical requirements. On the one hand, the privacy of user's must keep secret in the system of e-cash. On the other hands, the identification of signers is secret for users in the multi-bank e-cash system. So from these requirements, blind signature, group signature, and group blind signature appear. For the large group, we must consider forward and revocable properties, for the scenario of transferring the signature power we call for proxy signature technology.The Digital Signature has become focus in the field of cryptograph since the concept of digital signature appeared. From then on, the researchers of cryptograph have designed several kinds of digital signature scheme to meet different circumstances, and these schemes have been used in some protocols (SET, IPsec) electronic cash systems are confronting with more and more secure threat. Digital signature technology in the identification and authentication, data integrity. Non-repudiation and so is the role of which can not be replaced by other technologies, in the military, e-commerce and e-government and other fields have a very wide range of applications. These areas are closely related to national security. So it requires signature schemes have higher secure qualities. And it is precisely the lack of such key areas still our country's independent encryption products. Also long-term foreign export restrictions for cryptographic products, even if we have no restrictions should be used with caution. Therefore, we urgently need their own passwords system, and its digital signature scheme based on the creation, to ensure that these vital areas of communications security.At present, a substitutable scheme is based on multivariate quadratic polynomial question over finite fields. This question has already been proved to be an NP-complete problem. But different hard problems correspond to different crypto technology. So the key of creating different crypto technological lies in how to select a specific hard problem. For this reason, this thesis provides a new way to construct a hard problem. The basic thought is as follows:Suppose there is a non-empty set M, KL KR, where KL(?)M, Kr(?)M, if there is a binary operation·to make that:(1) (M,·) is a monoid, its identity unit is e(2) (KL·) and (KR,·) are Abelian groups, their identity units are also e(3) for a,b∈M, we usually have: (a·b)≠(b·a), i.e. operation·has no commutative law in Mthen we can construct a function f: KL×M×KRâ†'M (f(a,x,b)=a·x·b), then we have:(1) known that x∈M,a∈KL,b∈KR; it's easy to compute y =f(a,x,b)(2) if |Kl| and |Kr| are relatively big, known that x,y∈M, it's probably hard tofind a∈KL,b∈KR and make y=f(a,x,b)(3) for any x∈M, a1,a2∈KL, b1,b2∈KR; we always have: f(a2, f(a1,x,b1),b2)=(4) known that a∈KL and b∈KR, it's easy to deduce a-1∈KL and b-1∈KR, and for any x∈M, we always have:If property (2) is true, then by (1) and (2) we know that the function f has one-way property. (2) And (3) indicate that f can implement techniques like Diffie-Hellman key exchange. (2), (3) and (4) indicate that f can implement Shamir's three-pass protocol. Moreover, by (3) and (4), we can use (a, b) as a "trapdoor" of the one-way function f, thereby we can implement normal public-key cryptography. Obvious that if we can construct a hard problem satisfies conditions above, then we can get the corresponding one-way function and thus the cryptography techniques based on that can be developed.Therefore, let Mn×nFq be a set of n×n matrix over finite field Fq, then (Mn×nFq,+,×) is a 1-ring, here + and×are addition and multiplication over Fq, respectively. We arbitrarily select two nonsingular matrices Q1 and Q2(here Q1, Q2∈Mn×nFq) and let the generation sets, which are generated under the multiplication of Q1 and Q2 over Fq, be 1> and 2>, then we have:(1) (Mn×nFq,×) is a monoid, its identity unit is In×n(2) (1>,×) and (2>,×) are Abelian group, their identity units are also In×n(3) for Q1 and Q2(hert Q1,Q2∈Mn×nFq) generally we have: Q1×Q2≠Q2×Q1. i.e. the multiplication operation has no commutative law in Mn×nFq.Let M=Mn×nFq, KL=1>, Kr = 2>, we know that they nicely satify the conditions that needed. By experiment result, we also know that the ergodic matrices in Mn×nFq have a biggest generation set(whose order is qn-1) under multiplication over Fq. Meanwhile, the result of multiplying any nonzero n-column vector over Fq on the left with an ergodic matrix of all power nicely takes over all nonzero n-column vectors over Fq; And the result is the same to row vectors over Fq. Moreover, the ergodic matrices in Mn×nFq have many important properties, therefore, we naturally think of choosing Q1 and Q2 as ergodic matrices in Mn×nFq and put forward the following question:Question 1. Let Q (here Q∈Mn×nFq) be Ergodic Matrix, and x be the Integer which between 0 and qn-1, we know that Q and Qx∈MnxnFq, it is hard to looking for x which make them equivalent.Question 2. Let Q1, Q2(here Q1, Q2∈Mn×nFq) and M(here M∈MnxnFq\{O}) be Ergodic Matrices, and x and y be the Integers between 0 and qn-1, we know that Q1, Q2, M and Q1xMQ2y, looking for Q1x∈1> and Q2y∈2> that makes it hard to equal to Q1xMQ2y.Question 3. Let Q(here Q∈Mn×nFq) and M(here M∈Mn×nFq\{O}) be Ergodic Matrices, and x and y be the Integers between 0 and qn-1, we know that Q, M and QxMQy, looking for Qx and Qy∈ that makes it hard to equal to QxMQy.Question 4. Let Q1,Q2(here Q1,Q2∈Mn×nFq) and M(here M∈Mn×nFq\{O}) be Ergodic Matrices, and x and y be the Integers between 0 and qn-1, we know that Q1, Q2, M and Q1xMQ2y, looking for x and y that makes it hard to equal to Q1xMQ2y.Question 5. Let Q(here Q∈Mn×nFq) and M(here M∈Mn×nFq\{O}) be Ergodic Matrices, and x and y be the Integers between 0 and qn-l, we know that Q, M and QxMQy, looking for x and y that makes it hard to equal to QxMQy.Through analysis we find that the Difficult of Question 1 is equal to DLP, for any given Ergodic Matrices Q1 and Q2, if Q1,Q2∈Mn×nFq, then the Difficult of Question 2 is specially relative to the selection of A(here A∈MnxnFq). For most As in MnxnFq, Question 2 is easy, but there also many As to make Question 2 hard; and the Question 3,4,5 is mixed up with the Question 1 and 2. We call such A "strong matrix for Q1 andQ2".Thereafter we discuss how to look for such a strong matrix and how to structure digital signature scheme under these difficult issues. Finally, introduced a Digital Signature scheme based on the Question 1 and 2.1. Parameters chosen:Let Q1,Q2(here Q1,Q2∈Mn×nFq) Ergodic Matrices, and M(here M∈Mn×nFq\{O}) be Strong Matrix, and k1 and k2 be the Integers between 0 and qn-1, calculate K = Q1k1MQ2k2 as the public key of the text m, kl,k2 as the secret key. H( ),h( ) are the safety Hash function, use the MD5 as the h(), and H( ) is a hash function based on the Ergodic Matrix.2. Signature Generation:The man Alice who signature the text m uses the chosen parameters:(1) Alice calculates the e = h(m);(2) Alice chooses t1 and t2 be the Integers between 0 and qn-1, andcalculates the T = Q1t1MQ2t2;(3) Alice calculates the r = H(T);(4) Alice calculates S2-1 = (t2e-t1k2r+t2k1r)/(e(e+k1r+k2r)) , S2 and S2-1 are themultiplication converses. If S2 is not existent then go to (2). (5) Alice calculates S1-1 = (t1k2-t2k1)/(ek2)+k1/k2S2-1 , S1 and S1-1 are themultiplication converses. If S1 is not existent then go to (2). Then sign(m) = (r, S1, S2) is the digital signature of the text m.3. Signature Certification:The man Bob who want to certificate the (r, S1, S2) is or not the digital signature of text m which is signed by Alice.(1) Bob calculates the g(K, S1-1r ) = Q1S1-1k1rMQ2S1-1k2r;(2) Bob calculates the g(K, S2-1r ) = Q1S2-1k1rMQ2S2-1k2r;(3) Bob calculates the e = h(m);(4) Bob calculates the Q1S1-1e ,Q2S2-1e;(5) Bob calculates f(g(K,S1-1,g(K,S2-1r)=Q1S1-1k1r+S2-1k1rMQ2S1-1k2r+S2-1k2r;(6) Bob calculates T' = Q1S1-1eQ1S1-1k1r+S2-1k1rMQ2S1-1k2r+S2-1k2rQ2S2-1e;(7) Bob calculates the H(T'), if that is equal to r then accept the signature, else refuse it.In the Chapter 4, using the program to achieve the scheme and give the demo of it.From what we have discussed above, Ergodic Matrix has favorable encipher properties, and the Digital Signature scheme based on the Ergodic Matrix over the finite fields is Feasible in security, Effectiveness and complexity. So further research of it will advance the development of information security and have important realistic meanings. |
PDF Full Text Request