English  |  正體中文  |  简体中文  |  Items with full text/Total items : 52052/87180 (60%)
Visitors : 8893339      Online Users : 566
RC Version 7.0 © Powered By DSPACE, MIT. Enhanced by NTU Library & TKU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    Please use this identifier to cite or link to this item: http://tkuir.lib.tku.edu.tw:8080/dspace/handle/987654321/101659

    Title: Unlinkable concurrent signcryption scheme with innocent signer protection
    Other Titles: 可保護守法簽名者的不可鏈結同時簽密法
    Authors: 李彥賜;Lee, Yen-Shih
    Contributors: 淡江大學資訊工程學系資訊網路與通訊碩士班
    Keywords: 同時簽章;不可鏈結性;擔保;簽密法;隱私保護;機密性;Concurrent Signatures;Unlinkability;commitment;signcrytpion;privacy protection;confidentiality
    Date: 2014
    Issue Date: 2015-05-01 16:13:29 (UTC+8)
    Abstract: 同時簽章法可以分成兩類: 可鏈結的同時簽章法與不可鏈結的同時簽章法。保護個人隱私而言,不可鏈結的同時簽章法優於可鏈結的同時簽章法。然而,在可鏈結的同時簽章法下,被交換的訊息與簽章對之間的鏈結關係是明顯的,所以誠實簽名者可以在簽章有違法爭議時,用來證明其清白;相對的,不可鏈結的同時簽章法沒有任何鏈結,所以一個誠實的簽名者無法在爭議出現時,提供鏈結證據以證明他的簽章用途是合法的。為了避免這樣的缺陷,不可鏈結的同時簽章法應該有可供事後解決爭議的指定驗證者鏈結證據,在提供指定驗證者鏈結證據時,同時保有能保護隱私的不可鏈結性。此外,為了完善的隱私保護,訊息的機密性是必須具有的。本論文首先提出一個指定驗證者擔保的概念,在指定驗證者擔保的概念下,提出一個可保護守法簽名者的不可鏈結同時簽密機制。此外,本論文提出一個欺騙攻擊,指出Zhang跟Xu兩位學者的改進同時簽章法不滿足公平性,初始簽名者可透過此攻擊讓自己拿到未經同意的同時簽章,但是對應簽名者卻拿不到約定好的同時簽章。
    Concurrent signature schemes can be classified into two classes: linkable concurrent signatures and unlinkable concurrent signatures. To protect the transaction privacy, the unlinkable concurrent signatures are better than the linkable ones. However, the unlinkable concurrent signatures cannot used as innocence clarification since no link between the exchanged message and concurrent signature pairs can be used to prove their concurrent signatures have legal and valid usages. To prevent this flaw, the concept of designated verifier commitment is proposed first. By adopting our designated verifier commitment, an unlinkable concurrent signcryption scheme with innocent signer protection is proposed to provide privacy protection and innocence classification at the same time. Moreover, our scheme efficiently provides the message confidentiality for complete privacy protection. Besides, a cheating attack is proposed to show that Zhang and Xu’s scheme is unfair, since the initial signer can obtain a concurrent signature on messages without the matching signer’s agreement while the matching signer cannot obtain his/her desired concurrent signature.
    Appears in Collections:[資訊工程學系暨研究所] 學位論文

    Files in This Item:

    File SizeFormat

    All items in 機構典藏 are protected by copyright, with all rights reserved.

    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library & TKU Library IR teams. Copyright ©   - Feedback