門檻式單次代理簽章之方法

Abstract

最近，很多傑出的代理簽章方案已經被提議。對於先前更多的安全議題來說，這裡我們提出一種更安全的方法。它允許一個或更多實體共同合作扮演出一名代理簽章者的角色來代表原始簽章者簽章的權力。我們使用門檻值的特性並且用信任單元和組合PHF物件來提出我們的方案。在一個(w，n)門檻值代理簽章裡，原始簽章者能授予n個代理簽章者簽核訊息的能力，即任w個或多個代理簽章者共同合作產生一個代理簽章來代表原始簽章者，但是(w-1)個或更少的代理簽章者就不能運作。繼上述相同的模型之後，我們首先提出一個新的門檻式單次代理簽章的方式基於單向功能的簽章方案。這個工作原理不同於其他相關的代理簽章方案。除了給這把代理金鑰提供機密性防護之外，這種方法對全部有關係的實體提供了不可否認的機制。特別是，它保護代理簽章者以防止原始簽章者否認授權給代理簽章者代表其簽章的能力，及防止代理簽章者否認其所產生的代理簽章，以及防止簽章接受者否認代理簽章者所產生的代理簽章。我們的方案仍然保持著單次簽章的快速簽章驗證特性和較低計算能力特性，並且適用於各式各樣的無線網路應用。

Recently, many excellent proxy signature schemes have been proposed. For advanced security issue, here we present a more secure method. It allows the delegation of signature power to one or more entities that jointly play the role of a proxy signer. We use characteristic of threshold and trust party and combinatorial object PHF to propose our scheme. In a (w, n) threshold proxy signature, the original signer can delegate the power of signing messages to n proxy signers so that any w or more proxy signers cooperatively generate a proxy signature on behalf of the original signer, but (w-1) or less of them cannot. Following the same model, we first propose a new threshold proxy one-time signature scheme based on one-way functions. This work is different from other related proxy signature schemes. In addition to providing confidentiality protection to the proxy key, the method provides non-repudiation services to all the parties involved. In particular, it protects proxy signer against repudiation of signature delegation of the original signer、 repudiation of proxy signature generation of the proxy signer and repudiation of receipt of the proxy signature of the signature recipient. Our scheme still preserves the fast signature verification and low computation power of one-time signature, and it is suitable for various wireless applications.