With the development of computer science and technology, e-commerce, e-government, e-finance are widely used, people hope to make rapid and long-distance trade contract signatures through the Internet. Therefore, digital signature technology comes into being. Digital signature is the method which is an electronic form signature on a message, only the sender can make and it is a string which can not be forged by any others. Digital signatures have many applications, including authentication, authorization, data integrity and non-repudiation, so it is playing an important role in network communication.However, due to the openness of the Internet, anyone can freely access the Internet, some dishonest persons can make use of various illegal ways to destroy and attack the Internet, it can be said that the invasion of adversary is inevitable. In addition, the exposure and loss of secret information which is due to personal reasons often occurs, so the secret information is likely to be used by some dishonest persons to do some criminal things. Once the secret key is exposed, all signatures, not only are all future signatures will not be valid any more, but also those that were issued by the signer before invalid. It means that the whole signature system collapses, and the loss is enormous. Therefore, constructing a robust intrusion-resilient digital signature scheme is of great significance.This thesis focuses on the intrusion-resilient digital signature system which can deduce the damage caused by key exposure and provide with the greatest security for the communication system. The main contributions of this thesis are as follows.This thesis first analyzes the security of ASP scheme and show an attack to point out that ASP scheme doesn't satisfy the forward security. Then we modify and improve ASP scheme to overcome the shortcoming. The most prominent performance of the improved scheme is that it has the most efficient key update of all known schemes, only running just a hash function once. Then we analyze the Key-Insulated signature system, consider adding intrusion detection system to Key-Insulated signature system and make it more practical.To solve the key escrow problem in identity-based public key cryptography, we propose two new efficient certificateless public key signature schemes without pairing based on the RSA signature scheme and the Schnorr signature scheme(WHZ scheme and ZW scheme). Then we compare the performance of LJC scheme with that of our two schemes, it shows that our schemes are more effective. We also combine the forward security signature model and the certificateless signature model, propose a forward security certificateless signature model to enhance the security of the certificateless signature system.In addition, we prove WHZ scheme in the random oracle model, show that our scheme is existentially unforgeable against adaptively chosen-message attacks. Lastly, we use the C++ compiled language to realize our ZW scheme. The experiment results demonstrate that the analysis is true and our scheme is feasible and efficient in practice. |