代理簽章與前向預防式代理簽章之研究

Abstract

網際網路的發達，使得政府及工商業界的文書往來，漸漸地由紙式文件，改為利用網際網路傳遞的電子式文件；簽章部分也由傳統的印章改為電子簽章。因應此一電子化的趨勢，世界各國紛紛制訂電子簽章法來推行電子簽章；中華民國政府也於2001公告自2002開始施行電子簽章法。 電子簽章又稱數位簽章，其發展到1996年，Mambo才提出代理簽章的概念。代理簽章提供了原始簽章者，可以授權給代理簽章者代簽電子簽章的功能，是近十年來，蓬勃發展的電子簽章應用之一。許多學者也提出增進代理簽章安全性及不同的代理簽章演算方法來實現代理簽章。但這些方法被質疑能否實際應用於現實生活，所以我們除了提出架構在Quadratic Residues上的代理簽章外；也建議代理簽章建構在標準的簽章法，如DSA及ECDSA等；並提出了建構在DSA/ECDSA 的代理簽章法，藉由已充分討論過安全性的標準簽章法，使代理簽章成為現實可行的簽章機制。 為了解決金鑰曝光的問題，我們在現有的代理簽章法加入前向預防式(proactive) 的概念，而提出了 proactive secret sharing proxy signature scheme。藉由定時更新金鑰的方式，確保了某一段時間內，簽章的安全性。proactive secret sharing proxy signature scheme的復原機制，更可以在某一代理簽章者的share遺失或無法使用時，由其他的代理簽章者來復原其share。 單向雜湊函數經常配合簽章使用來增進簽章的效率，自從王小雲教授提出在269的時間複雜度內可以找到單向雜湊函數SHA-160的碰撞後；我們也分析SHA-160的訊息處理模式，發現SHA-160有衰減(Decay)的現象，所以我們提出兩個改進SHA-160的訊息處理模式安全性的方法。期望我們對單向雜湊函數與代理簽章的分析與改進，能使電子簽章能實際地運用於日常生活中。

Due to the rapid progress of Internet, governments and enterprises change their paper-based documents to electronic ones; as well as hand-made signatures to digital signatures. The electronic signature relative regulations are established all over the world. Taiwan has also established the Electronic Signature Laws in 2001 and put into operation in 2002. Mambo et al. are the first group who introduced the proxy signature scheme in 1996. The proxy signatures, with which the original signers can delegate their signing capability to the proxy signers, are the most popular application of digital signatures in the last decade. Lots of researchers proposed improvement or alternative mathematic base of proxy signatures without adopting Digital Signature Algorithm (DSA) or Elliptic Curve Digital Signature Algorithm (ECDSA); however, most of the proposed proxy signature schemes are not feasible in practice because their securities cannot be really proved. Therefore, we propose the proxy signature adopting DSA and ECDSA and firstly introduce Quadratic Residues’ concepts. Our scheme keeps not only the properties of the DSA/ECDSA but also fulfills the strong requirements of proxy signatures. To solve key exposure problem, we adopt proactive concept into proxy signature and propose proactive secret sharing proxy signature scheme. The proactive secret sharing proxy signature scheme is based on verifiable secret sharing to against the active attacker. Consequently, the proactive secret sharing proxy signature scheme, which is a group-oriented scheme, provides the functionality of proxy signers' shares renewing and recovering. One-way hash functions are important skills to make digital signatures efficient. Wang et al. reported their method to find a collision efficiently in SHA-160 within 269 hash steps in February 2005. In fact, we can still discover the decay phenomenon with the application of a message schedule’s judgment when inspecting how SHA-160 generates message schedule actually. Therefore, we would like to introduce two SHA-160 corrections to enhance the security of SHA-160. In general, we hope our enhancement of SHA-160 and new proxy signature schemes could be used in practice.