[[alternative]]The Design of Proxy Group-Oriented Signature Schemes with Anonymous Proxy Agent

計畫編號：NSC92-2213-E032-019研究期間：200308~200407研究經費：416,000[[sponsorship]]行政院國家科學委員

[[alternative]]The Desing of Threshold Proxy Threshold Signature Schemes

計畫編號：NSC91-2213-E032-014研究期間：200208~200307研究經費：384,000[[sponsorship]]行政院國家科學委員

[[alternative]]The Design of Group-Oriented Proxy Signature Schemes and Proxy Authenticated Encryption Shcemes (II)

計畫編號：NSC90-2213-E032-025研究期間：200108~200207研究經費：318,000[[sponsorship]]行政院國家科學委員

[[alternative]]The Desing of Anonymous Proxy Automatic Signature Schemes for Distributed Compilers

計畫編號：NSC94-2213-E032-022研究期間：200508~200607研究經費：422,000[[abstract]]本計畫預定提出適用於分散式誠實製造編議器的匿名自動代理簽章 法，藉以抵抗(未知)電腦病毒的威脅。由於網際網路的普及，電腦病毒的 危害也變得比以往嚴重。雖然防毒軟體可以提供抵抗電腦病毒的保護，但 是防毒軟體無法偵測未知的電腦病毒。在另外一方面，數位簽章法可以偵 測未知的電腦病毒，因為數位簽章法驗證檔案是否被病毒更動過。利用誠 實製造編議器，日本學者Usuda 等人提出自動簽章法以抵抗電腦病毒，隨 後學者Lin 和Jan 提出他們的適用於分散式誠實製造編議器之自動簽章 法。不幸地Lin 和Jan 的方法不足以抵抗偽造簽章攻擊，另外存在原始程 式碼長度受限的限制。於是學者Hwang 和Li 提出他們的適用於分散式誠 實製造編議器之自動代理簽章法。 在Lin 和Jan 的方法與Hwang 和Li 的 方法中，代理編議器編議工作的伺服器之隱私並未受到保護。為了抵抗編 議器製造者偽造自動簽章攻擊，伺服器之公開金鑰與秘密金鑰並須分別用 於自動代理簽章的驗證與產生，然而維護伺服器之公開金鑰的變更過程是 十分不方便的事。若匿名自動代理簽章只需使用編議器製造者公開金鑰就 可以驗證，不僅可以保護伺服器之隱私，也可以方便匿名自動代理簽章法 的實用性。所以本計畫預定提出適用於分散式誠實製造編議器的匿名自動 代理簽章法。[[sponsorship]]行政院國家科學委員

[[alternative]]The Design of Group-Oriented Proxy Signature Schemes with Anonymous Proxy Group

計畫編號：NSC93-2213-E032-020研究期間：200408~200507研究經費：428,000[[abstract]]Mambo 等學者在1996 年，首次提出了代理簽章的概念。在代理簽章法 中，原始簽章者，能委託一個代理簽章者為其產生代理簽章。因應實際群 體導向應用的需求，產生了多人授權代理簽章法、代理多人簽章法、多人 授權多人代理簽章法、門檻式代理簽章法與門檻式代理門檻式簽章法。在 已知的提出的代理簽章法中，有一種代理方式是：原始簽章者可以指明代 理人的身份，並委託他作為代理者。但是，在許多商業交易或軍事機密上 的需求，希望代理簽章者的身份是匿名的，只有原始簽章者才能知道代理 簽章的身份。然而在已知的提出的代理簽章法中，代理簽章者的身份是匿 名時，會產生了下列問題，如果代理簽章者希望匿名，會面臨被原始簽章 者偽造代理簽章的風險：如果不希望被原始簽章者偽造代理簽章，他勢必 公開自己的身份。因此我們在今年度正進行的研究計畫中，研究如何設計 匿名的多人授權代理簽章法，以及匿名的門檻式授權代理簽章法，讓代理 簽章者既可以匿名，也可以不怕被原始簽章者偽造代理簽章。延續本年度 的研究，我們發現當代理簽章者變成一個代理簽章群時，再防止代理簽章 群上面需要更近一步地研究設計。因此本次計畫將繼續探討當代理簽章者 為一代理簽章群時的主題，藉以設計匿名的多人代理簽章法，以及匿名的 門檻式代理簽章法。[[sponsorship]]行政院國家科學委員

Cryptanalysis and Performance Evaluation of Enhanced Threshold Proxy Signature Scheme Based on RSA for Known Signers

In these days there are plenty of signature schemes such as the threshold proxy signature scheme (Kumar and Verma 2010). The network is a shared medium so that the weakness security attacks such as eavesdropping, replay attack, and modification attack. Thus, we have to establish a common key for encrypting/decrypting our communications over an insecure network. In this scheme, a threshold proxy signature scheme based on RSA, any or more proxy signers can cooperatively generate a proxy signature while or fewer of them cannot do it. The threshold proxy signature scheme uses the RSA cryptosystem to generate the private and the public key of the signers (Rivest et al., 1978). Comparison is done on the basis of time complexity, space complexity, and communication overhead. We compare the performance of four schemes (Hwang et al. (2003), Kuo and Chen (2005), Yong-Jun et al. (2007), and Li et al. (2007), with the performance of a scheme that has been proposed earlier by the authors of this paper. In the proposed scheme, both the combiner and the secret share holder can verify the correctness of the information that they are receiving from each other. Therefore, the enhanced threshold proxy signature scheme is secure and efficient against notorious conspiracy attacks

An Efficient Secure Anonymous Proxy Signature Scheme

Proxy signature schemes can be used in many business applications such as when the original signer is not present to sign important documents. Any proxy signature scheme has to meet the identifiability, undeniability, verifiability and unforgeability security requirements. In some conditions, it may be necessary to protect the proxy signer’s privacy from outsiders or third parties. Recently, several studies about proxy signature schemes have been conducted but only Yu et al.’ anonymous proxy signature scheme proposed in 2009 attempting to protect the proxy signer’s privacy from outsiders. They claimed their scheme can make the proxy signer anonymous. However, based on our research, we determined that this was not the case and the proxy signer’s privacy was not anonymous. Hence, in this paper, we propose a new anonymous proxy signature scheme that truly makes the proxy signer anonymous while making it more secure and efficient when compared with Yu et al.’s scheme in 2009. Our proxy signature scheme consists of two constructions. First, we mainly use random numbers and bilinear pairings to attain the anonymous property in our proxy. Secondly, we increase the security, integrity, and efficiency of our proxy through modifications

The Insecurity of Two Proxy Signcryption Schemes: Proxy Credential Forgery Attack and How to Prevent It

Securing different online e-business activities usually requires applying different cryptographic algorithms. The proxy signcryption algorithms are designed for applications such as online proxy auction or online proxy signatures on business contracts, which require a proxy agent to sign on confidential messages. This paper proposes a proxy credential forgery attack to two recent proxy signcryption schemes in the literature. Using the attack, a malicious proxy signer can create a fake proxy credential from his original credential to extend his signing power. Simple modifications to these two schemes are also provided in this paper to prevent the attack without adding too much computational complexity. In addition to the contribution of introducing a new type of attacks to signcryption schemes, the paper also points out that, while designing a secure proxy signcryption scheme, not only the unforgeability of proxy signatures is important, but also that of proxy credentials as well