Research And Application On Proxy Signature Scheme

Digital Signatures are widely applied in information security, identity certification, data integrity, anonymity and so on, especially significant in security of large network and electronic commerce system, and is one of the major elements in modern Cryptology fields. Digital signatures have become an indispensable security measure in computer network and an important tool in data guarantee, certification. Digital signatures are necessary in commercial, financial and military fields, and are practically applied in electronic trade, electronic check,electronic publication and intellectual property rights protection.Proxy signatures are first introduced by Mambo, Usuda and Okamoto[1,2] in 1996.Such a scheme allows one user who is called original signer, to delegate his signing capability to another user who is called proxy signer. There are three kinds of proxy signature: full delegation, partial delegation and delegation by warrant. During recent years,the proxy signature are combined with some security attributes or other signature schemes to form new signature schemes.This signature schemes are include threshold proxy signature, Proxy Signature Scheme with Message Recovery, nonrepudiable proxy signature, Multi-proxy Signature, proxy signature with the specified receiver, ID-Based proxy signature ,anonymous proxy signature and so on.Based on the idea of secret sharing and threshold cryptosystems, Zhang and Kim [3] et al. independently constructed the first threshold proxy signatures. In a (t, n) threshold proxy signature scheme, the original signer'signing power is delegated to a group of n proxy signers such that t or more of them can generate proxy signatures cooperatively, but t-1or less of them can not do the same thing. Though there exist many threshold proxy signatures schemes now, most of them are not proved security or only proved security with random oracle.To generalize the concept of (t, l)-threshold proxy signature scheme, we propose a (t, k, l)-threshold proxy signature scheme. In this scheme, any k or more proxy signers in a designated proxy group of l members can cooperatively issue a proxy signature and this scheme can also tolerate at most t– 1 corrupted signers. We first present the security model of existential unforgeability for the threshold proxy signature scheme, then propose a (t +1, 2t +1, l)-threshold proxy signature scheme based on the hardness of CDH problem, and finally prove the existential unforgeability under this security model. At the same time, this scheme has the properties of Distinguishability and Proxy Protected.In some cases, orginal signer delegates his signing capability to proxy signer, while this proxy singer also delegates his signing right to another signer for some reason.It leads to the concept of transitive proxy signature. We solve the security problem of one sever multi-grade delegating the right to the other servers to provide download service by transitive signature.