Key Management And Proxy Signature

The content of this thesis consists of two parts. The first part discusses the key element of multicast security—Group Key Management, and the second part talks about Proxy Signature, especially about the design and cryptanalysis to Threshold Proxy Signature Scheme.As the basis of many current Internet applications, multicast has become a hottest research topic now. Security is an important issue of multicast, and group key management is the key one of most safety demands. At present, group key management mainly divided into goup key distribution and group key agreement, both of them have their own character and can be used in different applications. Firstly, the concept and category of group key management will be presentated in this thesis. Secondly we discuss five classic group key management schemes: GKMP, LKH, Iolus, GDH and TGDH. Finally based on existing protocols, we propose the concept of virtual dynamic security subgroup, then design distributed virtual dynamic subgroup scheme (DVDSG) and agreed virtual dynamic subgroup scheme (AVDSG), which can efficient meet the requirement of security to complex group structures, such as Microsoft Solution Framework (MSF) and Virtual-Organizations (VOs) which are based on grid.Another content of this thesis is proxy signature, The concept of the proxy signature scheme was first introduced by Mambo et al. in 1996, which allows the original signer delegates her/his signing capability to a designated person, called a proxy signer. The proxy signer could stand proxy for the original signer to generate signatures, referred to as proxy signatures.Following the development of the proxy signature scheme, the threshold proxy signature scheme was also widely studied recently. A (t, n) threshold proxy signature scheme allows at least t proxy signers of a proxy group to sign messages on behalf of the original signer. Since there is no efficient means for anonymous threshold proxy signature to withstand the conspiracy attack during long time, Sun Hung-Min proposed an efficient nonrepudiable threshold proxy signature scheme with known signers in 1999, which tryed to solve it through track. In 2000, Hwang et al. pointed out the Sun's scheme still suffered from the threat of the conspiracy attack then proposed a secure nonrepudiable threshold proxy signature scheme (called as HLL scheme hereafter) to improve Sun's scheme. In 2004 Tzeng et al. showed a forge attack against HLL scheme and proposed an improvement scheme to remedy HLL scheme. Unfortunately, Tzeng et al.'s scheme did not work, so we propose a new improvement of HLL scheme. Anothermethod to solve the conspiracy attack was importing SA, which worked out by Hsu et al. in 2001, and in 2004 Yang et al. proposed an improvement scheme with high efficiency. In this thesis we point out a cryptanalysis of their scheme. Furthermore, we improve the security of the threshold proxy signature scheme which remedies the weakness of Yang et al.'s scheme. In the end we propose a more efficient scheme without SA, which is secure against the conspiracy attack and original signer's forgery attack.