Threshold Ring Signature And Signcryption Theoretical Research

With the fast development of the networks as well as the appearance of more and more information systems dealing with governmental affairs, commercial affairs, and even daily affairs, digital signature - a subset of public-key cryptology - is sure to be attractive for more extensive applications in the coming years. The relations between digital signature and digital document are similar to those between typical written signature and paper document. As a result, digital signature has been widely used in E-Government and E-Commerce. Since the idea of "digital signature" was firstly proposed by W. Diffie and M. Hellman, many digital signatures have been proposed, such as the very famous schemes of RSA, ElGamal, DSS, etc. In real-life applications, it is necessary to add some additional properties to standard signature schemes mentioned above. Accordingly, several signature schemes with special properties have been proposed, such as group signature, ring signature, blind signature, signcryption, etc. . The researches over those special signature schemes mentioned above will surely contribute to the theory of information security as well as cryptology, and will be of great importance to the design of practical, secure and efficient cryptographical protocols for commercial affairs, governmental affairs, and military affairs. This dissertation mainly studies these special signatures, especially the theory of ring signature, threshold signature and signcryption.In 2001, R. Rivest et al. firstly introduced the notion of ring signature in their paper of "How to Leak a Secret". Constructed on PKI, ring signature requires no pre-defined group, no manager, and no group public key; It allows unconditional anonymity, and can be implemented efficiently. The notion of threshold signature was proposed by Y. Desmedt and Y. Frankel in 1991, which allows members of certain organization or a group to share the authority of signing. In some circumstance (such as multi-user vote, multi-user election, and employees' attitude feedback), it is necessary to share the authority of signing, and, at the same time, to protect the privacy of the actual signers. As an effective solution, a new kind of signature scheme - threshold ring signature -came forth. So far, only a few studies on threshold ring signatures have been reported. Moreover, some of previous schemes have been reported to have dissatisfactory security defects. Consequently, it is necessary to develop in-depth researches on the theory of threshold ring signatures.This dissertation analyzes a (t, n) threshold ring signature scheme proposed inChinacrypt'2004. It is clear that the scheme cannot satisfy the property of unlinkability; that is, the adversary can easily learn whether two ring signatures have been issued by the same group members. Moreover, it does not satisfy the property of anonymity, and therefore, the misbehaving group member can prove that he did not participate in producing the given ring signature by making a simple signature, which reveals the real members who have produced ring signature. Then, an ID-based threshold ring signature scheme is provided in the dissertation, which is based on the bilinear pairings. The new scheme is obtained by incorporating several building blocks, such as ID-based cryptographic system, the concept of threshold ring signature, etc. The new scheme enjoys three main properties, which are the secrecy of user's private key, the unforgeability of valid signatures, and the anonymity of user's identity. To achieve the target of improving the efficiency, the known standard technique is combined with two novel ones, i.e. fair partitions of a ring and "super-ring" mechanism. Moreover, in the new scheme, each user's private key and the corresponding public key are derived from his identity, which simplifies key management procedures and saves a large amount of computing time and storage. The salient features of the new scheme make it attractive for many specialized settings, typical examples of which are modern enterprise management, electronic voting systems, or e-commerce applications.In the modern era of information, there is an increasingly large demand for more efficient solution to safeguard communications over open networks. To achieve "secure and authenticated message delivery", the typical method widely used is "digital signature followed by encryption". However, this solution brings significantly huge cost. As a more efficient and practical alternative, a novel cryptographic primitive, e.g. signcryption was firstly proposed by Y.Zheng. Compared with the above typical method, signcryption simultaneously fulfills both the functions of digital signature and public key encryption in one logical step. In some setting, it is necessary to transport authenticated secret information, and, simultaneously, to protect the privacy of the information promulgator. As a result, the construction of a new kind of scheme -anonymous signcryption - is needed.In this dissertation, a new anonymous signcrption scheme based on ECC (Elliptic Curve Cryptosystems) is put forward, which is inspired by the idea of ring signature. While satisfying all the security properties proposed in previous signcrption schemes, the new scheme provides a new desired security property, complete-anonymity, which makes the privacy of user protected to the greatest degree. With all these features, thiswork is attractive for many specialized applications, such as employee feedback programs. Based on ECC, the new scheme requires shorter key without losing security. By simultaneously fulfilling both the functions of digital signature and symmetrical encryption in a single step, the new scheme is more efficient than traditional approach.In a grid computing environment, there are frequent communications among different nodes. To implement the secure and efficient transmission, there are also demands on studying signcrption theories. In this dissertation, a signcryption scheme for secure data transmission in grid computing is provided, which is inspired by the idea of short signature on GDH (Gap Diffile-Hellman). The new scheme has many safety properties such as confidentiality, unforgeability, authentication, non-framing, etc. Moreover, it does not require a shared private key choosen jointly by the two entities in advance, and the resultant signature is very short. By simultaneously fulfilling both the functions of digital signature and symmetrical encryption in a single step, the new scheme is more efficient than traditional two-step approach. With all these features, this work is attractive for many specialized applications, such as grid computing systems.