844 research outputs found
Design and Analysis of Opaque Signatures
Digital signatures were introduced to guarantee the authenticity and integrity of the underlying messages. A digital signature scheme comprises the key generation, the signature, and the verification algorithms. The key generation algorithm creates the signing and the verifying keys, called also the signer’s private and public keys respectively. The signature algorithm, which is run by the signer, produces a signature on the input message. Finally, the verification algorithm, run by anyone who knows the signer’s public key, checks whether a purported signature on some message is valid or not. The last property, namely the universal verification of digital signatures is undesirable in situations where the signed data is commercially or personally sensitive. Therefore, mechanisms which share most properties with digital signatures except for the universal verification were invented to respond to the aforementioned need; we call such mechanisms “opaque signatures”. In this thesis, we study the signatures where the verification cannot be achieved without the cooperation of a specific entity, namely the signer in case of undeniable signatures, or the confirmer in case of confirmer signatures; we make three main contributions. We first study the relationship between two security properties important for public key encryption, namely data privacy and key privacy. Our study is motivated by the fact that opaque signatures involve always an encryption layer that ensures their opacity. The properties required for this encryption vary according to whether we want to protect the identity (i.e. the key) of the signer or hide the validity of the signature. Therefore, it would be convenient to use existing work about the encryption scheme in order to derive one notion from the other. Next, we delve into the generic constructions of confirmer signatures from basic cryptographic primitives, e.g. digital signatures, encryption, or commitment schemes. In fact, generic constructions give easy-to-understand and easy-to-prove schemes, however, this convenience is often achieved at the expense of efficiency. In this contribution, which constitutes the core of this thesis, we first analyze the already existing constructions; our study concludes that the popular generic constructions of confirmer signatures necessitate strong security assumptions on the building blocks, which impacts negatively the efficiency of the resulting signatures. Next, we show that a small change in these constructionsmakes these assumptions drop drastically, allowing as a result constructions with instantiations that compete with the dedicated realizations of these signatures. Finally, we revisit two early undeniable signatures which were proposed with a conjectural security. We disprove the claimed security of the first scheme, and we provide a fix to it in order to achieve strong security properties. Next, we upgrade the second scheme so that it supports a iii desirable feature, and we provide a formal security treatment of the new scheme: we prove that it is secure assuming new reasonable assumptions on the underlying constituents
Security Proofs for Identity-Based Identification and Signature Schemes
This paper provides either security proofs or attacks for a large number of identity-based identification and signature schemes defined either explicitly or implicitly in existing literature. Underlying these is a framework that on the one hand helps explain how these schemes are derived, and on the other hand enables modular security analyses, thereby helping to understand, simplify and unify previous work. We also analyze a generic folklore construction that in particular yields identity-based identification and signature schemes without random oracles
Conditionally Verifiable Signatures
We introduce a new digital signature model, called conditionally
verifiable signature (CVS), which allows a signer to specify and
convince a recipient under what conditions his signature would
become valid and verifiable; the resulting signature is not publicly
verifiable immediately but can be converted back into an ordinary
one (verifiable by anyone) after the recipient has obtained proofs,
in the form of signatures/endorsements from a number of third party
witnesses, that all the specified conditions have been fulfilled. A
fairly wide set of conditions could be specified in CVS. The only
job of the witnesses is to certify the fulfillment of a condition
and none of them need to be actively involved in the actual
signature conversion, thus protecting user privacy. It is
guaranteed that the recipient cannot cheat as long as at least one
of the specified witnesses does not collude. We formalize the
concept of CVS and give a generic CVS construction based on any
CPA-secure identity based encryption (IBE) scheme. Theoretically, we
show that the existence of IBE with indistinguishability under a
chosen plaintext attack (a weaker notion than the standard one) is
necessary and sufficient for the construction of a secure
CVS.\footnote{Due to page limit, some proofs are omitted here but
could be found in the full version \cite{CB05ibecvs}.
The Security of the FDH Variant of Chaum’s Undeniable Signature Scheme
In this paper, a new kind of adversarial goal called forge-and-impersonate in undeniable signature schemes is introduced. Note that forgeability does not necessarily imply impersonation ability. The security of the full-domain hash (FDH) variant of Chaum's undeniable signature scheme is then classified according to three dimensions, the goal of adversaries, the attacks, and the zero-knowledg (ZK) level of confirmation and disavowal protocols. Each security is then related to some well-known computational problem. In particular, the security of the FDH variant of Chaum's scheme with noninteractive zero-knowledge (NIZK) protocol confirmation and disavowal protocols is proven to be equivalent to the computational Diffie-Hellman (CDH) problem, as opposed to the gap Diffie-Hellman (GDH) problem as claimed by Okamoto and Pointcheval
Efficient Deniable Authentication for Signatures, Application to Machine-Readable Travel Document
Releasing a classical digital signature faces to privacy issues. Indeed, there are cases where the prover needs to authenticate some data without making it possible for any malicious verifier to transfer the proof to anyone else. It is for instance the case for e-passports where the signature from the national authority authenticates personal data. To solve this problem, we can prove knowledge of a valid signature without revealing it. This proof should be non-transferable. We first study deniability for signature verification. Deniability is essentially a weaker form of non-transferability. It holds as soon as the protocol is finished (it is often called offline non-transferability). We introduce Offline Non-Transferable Authentication Protocol (ON-TAP) and we show that it can be built by using a classical signature scheme and a deniable zero-knowledge proof of knowledge. For that reason, we use a generic transform for Σ-protocols. Finally, we give examples to upgrade signature standards based on RSA or ElGamal into an ONTAP. Our examples are well-suited for implementation in e-passports
A study on supervision over foreign banks in China
JEL Classification: E44 G18The five-year transitional period after China’s entry into WTO has expired. To fulfil her promise of opening up the financial service market, China has cancelled all the restrictions on
the scope of business and regional access for foreign-funded banks. Although the State
Council has enacted the recently revised «Regulation of the People’s Republic of China on the Administration of Foreign-funded Banks» and the «Rules for Implementing the Regulations
of the People’s Republic of China on Administration of Foreign-funded Banks» as the main legal document on regulating foreign-funded banks, and, as obvious, flaw is unavoidable. And we must improve the supervisory legal system of foreign-funded banks in China to dissolve the risk arising by the entry of foreign-funded banks. This research work analyses and discuss the practical impact of the current legislation for supervision of foreign-capital banks,
supervision of market access of foreign-capital banks, the supervision on RMB business management in foreign capital banks and the legal system for internal control of foreign banks.
In the end of the dissertation, the improvement towards the perfection supervision of the foreign banks in PRC will be emphasized with respect to the new opening situation.O período de transição concedido à República Popular da China (RPC) na sua admissão na
Organização Mundial do Comércio (OMC) já caducara. Segundo os compromissos de
admissão na OMC, o sector financeiro da China passou a estar completamente aberto no final
de 2006, e são abolidas todas as restrições para os bancos de capital estrangeiro no que
respeita ao tipo de operações bancárias e no que respeita à extensão geográfica de operação. O
Conselho de Estado promulgou a lei denominada de “Os Estatutos de Administração dos
Bancos de Capital Estrangeiro” e ainda o decreto-lei de “Regulamentação para a
implementação dos Estatutos de Administração de Bancos de Capital Estrangeiro” e estes
constituem os principais documentos jurídicos que servem de base para uma efectiva
administração e supervisão dos bancos de capital estrangeiro. Subsistem, no entanto, muitos
aspectos por melhorar, sobretudo no que respeita aos limites e abertura do sistema. O presente
trabalho cinge ao estudo e análise de como melhorar a supervisão dos bancos de capital
estrangeiro, através da análise de vários discursos de dirigentes do Estado, da análise do
estado actual da legislação de administração e supervisão dos bancos de capital estrangeiro,
do sistema de leis de administração e supervisão no acesso ao mercado financeiro, de
operação de RMB e do sistema legal de supervisão e controle interno das empresas.
Discutiremos no final do trabalho as ineficiências do sistema legal de administração e
supervisão dos bancos de capital estrangeiro da China, com base na realidade de que os
bancos de capital estrangeiro entraram na China para explorar o mercado financeiro nacional.
Proporemos sugestões e recomendações com vista a melhoria do sistema legal de
administração e supervisão dos bancos de capital estrangeiro na China
Special Signature Schemes and Key Agreement Protocols
This thesis is divided into two distinct parts. The first part of
the thesis explores various deniable signature schemes and their
applications. Such schemes do not bind a unique public key to a
message, but rather specify a set of entities that could have
created the signature, so each entity involved in the signature can
deny having generated it. The main deniable signature schemes we
examine are ring signature schemes.
Ring signatures can be used to construct designated verifier
signature schemes, which are closely related to designated verifier
proof systems. We provide previously lacking formal definitions and
security models for designated verifier proofs and signatures and
examine their relationship to undeniable signature schemes.
Ring signature schemes also have applications in the context of fair
exchange of signatures. We introduce the notion of concurrent
signatures, which can be constructed using ring signatures, and
which provide a "near solution" to the problem of fair exchange.
Concurrent signatures are more efficient than traditional solutions
for fair exchange at the cost of some of the security guaranteed by
traditional solutions.
The second part of the thesis is concerned with the security of
two-party key agreement protocols. It has traditionally been
difficult to prove that a key agreement protocol satisfies a formal
definition of security. A modular approach to constructing provably
secure key agreement protocols was proposed, but the approach
generally results in less efficient protocols.
We examine the relationships between various well-known models of
security and introduce a modular approach to the construction of
proofs of security for key agreement protocols in such security
models. Our approach simplifies the proof process, enabling us to
provide proofs of security for several efficient key agreement
protocols in the literature that were previously unproven
- …