Research On Theory Of Threshold Signature And Its Application

With the rapid development of computer and network technology, digital signature plays a more and more important role in real life. Dealing with the treatment of network and fulfilling the increasing needs of society, the ordinary digital signature can't satisfy these new requirements. So people propose threshold signature to meet these needs. Threshold signature is derived from ordinary digital signature, and the difference lies in: Ordinary digital signature is generated by one individual independently, on the other hand, threshold signature is generated by multi-members' cooperation. For example, in a (t, n) threshold signature scheme, we need t or more members to produce a signature. The verifications of two schemes are both finished by an individual. Threshold signature is one of the significant parts of threshold cryptography. It has an extensive application in electronic commerce activity, so the research of threshold signature is not only theoretical significance but also practical value.In this thesis, research on threshold signature schemes is focused on the following aspects: first, summarize the threshold signature schemes proposed; second, research the conspiracy attack of threshold signature; third, research the threshold signature schemes with different rights. The main contributions of this thesis are given as follows:(1) Threshold signature is built on the theories of digital signature and the theory of secret sharing, consolidating multiple cryptography theory and technology. The first threshold signature scheme is proposed by Desmedt and Frankel in 1991, based on the RSA cryptosystem. Then many threshold signature schemes are proposed. Research on threshold signature during this period is focused primarily on the construction of threshold signature, that is, how to combine the general threshold signature with threshold signature effectively. Along with the maturescent construction of threshold signature, people focus on the attribute of threshold signature: analyzing the proposed schemes, summarizing the attributes that threshold signature schemes should have, and proposing new schemes with good attributes. In this thesis, we classify the schemes proposed and then summarize them.(2) A (t, n) threshold signature allows t or more members of the group generate a signature on behalf of the group. Unfortunately, most of (t, n) threshold signature schemes proposed can't resist the conspiracy attack, thus the group secret key can be revealed. In this thesis, we have analyzed some stages that conspiracy attack takes place easily according to recent threshold signature schemes. A kind of conspiracy attack is proposed to show that Zheng's (t, n) threshold signature scheme withstanding the conspiracy attack is insecure. A threshold signature scheme based on Zheng's (t, n) threshold signature scheme is proposed, which withstands the conspiracy attack. Also the scheme is traceable.(3) When a special member exists in the members, original of (t, n) threshold signature no longer applies, which has to be lead into the more general form: the threshold signature scheme with different rights. It means that, in n members, t different members which include all or parts of members of different subgroups can complete the message; In this meanwhile, like the general (t, n) threshold signature schemes, arbitrary t-1 members can't acquire the whole or any useful information for signature. In this thesis, we divided the threshold signature schemes with different rights into two categories: these with privilege subsets and these not. We analyze a scheme with privilege subsets and propose a scheme without privilege subsets.The new scheme we proposed is not only with good attributes, but also of extensive application.