| In modern society,how to ensure the security of data has always been the hotspot of public attention.As a key measure to ensure information security,the digital signature provides authentication capability for network communication to assure the integrity and non-repudiation of messages.With the emergence of scenarios such as cloud computing and the Internet of Things,the single digital signature can no longer meet the complex business needs in practical scenarios.Therefore,digital signatures with different functional properties have been proposed one after another.Among them,the revocable digital signature not only provides data security protection capability,but also expands the effective user revocation mechanism to revoke users in the cryptographic system who have expired authorities,misbehaved or compromised keys.In view of the important research significance and excellent application prospects of revocable digital signatures,this thesis makes a comprehensive study on revocable digital signatures and achieves the following contributions:A revocable unidirectional single-use identity-based proxy re-signature scheme is constructed in this thesis.The constructed scheme allows the semi-trusted proxy to transform the delegatee's signature into the delegator's signature on the same message,and the proxy cannot convert a signature repeatedly which has been already transformed.While providing the signature conversion capability,the presented scheme also utilizes the binary tree access structure and node update algorithm to reduce the frequency of key update,thereby realizing efficient user revocation function.Moreover,the proposed scheme achieves existential unforgeability security under the random oracle model.Experimental analysis demonstrates that the constructed scheme is efficient compared to existing works.An anonymous authentication protocol with delegation and revocation for Content Delivery Networks is put forward in this thesis.Constructed by a revocable proxy resignature scheme,the proposed authentication protocol enables the origin server to delegate and revoke the authentication capability to the cache CDN nodes without leaking its private key.The presented revocable proxy re-signature scheme enjoys unidirectional and single-use properties,which is proven to be secure under the extended Computational Diffie-Hellman assumption.Furthermore,experimental simulation demonstrates that the proposed revocable proxy re-signature scheme is efficient compared to existing works. |
PDF Full Text Request