| Digital signatures have played an important role in data integrity checking, identity verification and undeniability. However, for some reasons, the signer needs to delegate his/her signing ability to others, and the ordinary digital signatures could not fully satisfy the needs of developing e-commerce or the e-government techniques, then the proxy signatures generate. So far, A great deal of in-depth researches on proxy signatures have been done by the domestic and foreign scholars, and many special schemes such as threshold, multi-grade and designated-receiver proxy signatures have been designed for secure multi-party computation, mobile agents and intellectual property protection and other special applications.Most of the proxy signature schemes couldn't effectively control the proxy signing ability, which harms the profits of the original signers. This thesis aims at finding some effective schemes to restrict the receivers of the signatures and to revoke the signing ability. And this thesis mainly analyses the designated receiver proxy signatures, the k-times proxy signatures and the time-limited proxy signatures, and points out that most of them could not resist the signature forgery, public key substitution, frame attack and other attacks. Therefore, the zero-knowledge proof, one-way function, discrete logarithm problem and secret sharing are used to design and improve three proxy signature schemes to make them become the controllable signatures. Specifically, the main studying results of this thesis are as follows:(1) The public key substitution attack existing in digital signature schemes is solved by combing public key certificates with zero-knowledge proof.(2) This thesis analyses the special property and the security of the existing designated receiver proxy signatures, and points out that some of the existing schemes don't possess the property of designating receiver. Then, this thesis proposes a new scheme which generally fits for the designated receiver proxy signatures. New scheme resolves these problems and successfully restricts the receivers in order to control the ability to sign messages.(3) This thesis analyses a k-times proxy signature scheme based on the trusted third party and presents a forging scheme of the course of the attack on the hash chain and the proxy signature. The thesis points out the flaw in the original scheme that the proxy signer can use the middle attack to upgrade his power. New scheme can not only resist the forgery attack on proxy signatures and the destruction of verifying the proxy signature, but also gives the ways of resisting the middle attack and replay attack in an open channel. (4) Since most of the time-limited proxy signature schemes have the bottleneck problem by taking advantage of a time-stamp service provided by a trusted third party, this thesis analyses a time-limited proxy signature scheme without the trusted third party and points out that the original scheme has some security deficiencies such as forgery and frame attacks and the disadvantage of clock synchronization. The improved scheme can not only resist the attacks in the original scheme, the original signer also can trace the receiver of the signature. |
PDF Full Text Request