| Digital Signature which is used to sign for digital message can prevent false forging and tampering of messages and can identify the communicating peers. It is the important technology for supply data authentication, integrity and non-repudiation. Digital Signature is one of the core technologies of information security, and it plays an important role in the e-commerce and e-government, and it is widely used in electronic payment, electronic tendering, electronic auction and electronic lottery agreement.In the real application, the greatest threat to the digital signature scheme is disclosure of key, because the security of the system which the digital signature scheme relies on or the securities of the machine where the key store at has been compromised. In the traditional digital signature scheme, if the private key disclosed, all of the signature would be not credible either before or after.This paper bring my research results from different angle for serious consequences from the disclosure of digital signature private key:First when the signature private key lost, all of signature signed by this private key will not trust, even the signature is signed before the private key lost. From this view, we introduce a credible third party, as well as the time parameter T. Because the time parameter also can be faked by an attacker and be sent to validation directly in order to make the credible third party defunct. In this possible situation, we let the trusted third party join the signature process, and time parameter generated by the trusted third party.We mentioned a method that our scheme let the third party maintain a signature record form because the time of the private key disclosure is important, and send the relevant time parameter T, and sign message m to original signer. Original signer can query these two forms on a regular basis to detect whether his private key maybe lost or not.Second in digital signature, when the user’s private key is lost, an attacker can forge a signature based on the private key, and then the verifier can’t distinguish whether the signature is legitimate. For this situation, a time-limited digital signature scheme is proposed, only in a fixed time or time interval signatures can be received by verifiers.In addition, the other digital signature can’t be accepted.At last in forward-secure digital signature scheme, if a private key in one period were lost, all the private key in the time period after would not safe, so that the signature would be threated. From this point, our scheme add a counter in every time period that used to limited the private key update time only once in a time period to the next period. The improved scheme provides not only backward security of the private key but also can find the private key missing in which period in time.The three schemes are based on the same point from different directions to try to mitigate the possible impact of the private key lost situation. The first scheme can validity the digital signature generate before the private key lost; second, we give a time-limited digital signature scheme, this scheme can distinguish the two people who use same private key to generate digital signature question; at last, if a private key in a period of forward-secure digital scheme were lost, all the private key after will not safe, the new private key update scheme can give the private key backward-secure. |
PDF Full Text Request