1 / 20

Provably secure randomized blind signature scheme based on bilinear pairing

Provably secure randomized blind signature scheme based on bilinear pairing. Source: Computers and Mathematics with Applications Author: Chun-I Fan , Wei-Zhe Sun, Vincent Shi-Ming Huang Presenter: 林志鴻. Outline. Introduction Preliminaries Randomized blind signature

oded
Download Presentation

Provably secure randomized blind signature scheme based on bilinear pairing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Provably secure randomized blind signature scheme based on bilinear pairing Source: Computers and Mathematics with Applications Author: Chun-I Fan , Wei-Zhe Sun, Vincent Shi-Ming Huang Presenter:林志鴻

  2. Outline • Introduction • Preliminaries • Randomized blind signature • Performance and security Analysis • Conclusion

  3. Signer User Introduction + (1) +盲因子= (2) = (3) -盲因子=

  4. Introduction(cont.) • Usage of Blind Signature • Anonymous electronic voting • Untraceable electronic cash system • Security properties of Blind Signature • Unlinkability • Unforgeability • randomization

  5. A Signer B Unlinkability A? or B?

  6. Blind signature with randomization • 分成六個演算法 • KeyGen(k) → (SK, PK) • Blind(m, r, u) → α • Sign(α,y, SK) → t • Unblind(t, r) → s • RandMix(u, y) → c ;σ=signature-message • Verify(σ,PK) → {0,1} • Verify((Unblind (Sign (Blind (m, r, u),y,SK),r),m, RandMix(u, y) ),PK)=1

  7. Outline • Introduction • Preliminaries • Randomized blind signature • Performance and security Analysis • Conclusion

  8. Preliminaries • Bilinear Pairing • GDH Groups

  9. Bilinear Pairing • e : G1 × G1 → G2 • Bilinearity • Non-degeneracy • Computability

  10. GDH Groups • 對於一個循環群G • CDH problem︰對a,b∈Zq給定(P,aP,bP) ∈ G計算abP • DDH problem ︰對a,b,c∈Zq 給定(P,aP,bP,cP) ∈ G 判斷c=ab • 若存在一多項式時間演算法A可解決DDH問題但不存在任何演算法可解決CDH問題則此循環群G稱為GDH Groups

  11. Outline • Introduction • Preliminaries • Randomized blind signature • Performance and security Analysis • Conclusion

  12. Randomized blind signature • Initialization phase • Blinding phase • Signing phase • Unblinding phase • Verification phase

  13. Randomized blind signature (cont.) • Initialization phase • 輸入秘密參數k產生兩個order q的循環群G1,G2 ,P為G1生成元, e: G1× G1→G2 • 簽章者選取兩個私鑰x1,x2 ∈Zq* 產生相對應的公鑰Pub1 = x1P, Pub2 = x2P ,H:{0,1}*→G1* • params = (q, H,G1,G2,e,P, Pub1, Pub2)

  14. Randomized blind signature (cont.) • Blinding phase • 當使用者發送簽章要求時,簽章者隨機選取 y∈ Zp*傳送ρ= yP 給使用者 • 使用者準備明文m並隨機選取u,r1,r2∈ Zp*,設定隨機參數C = u ρ • 計算盲訊息α1 = r1H(m || C) + r2Pα2 = r1u (mod q) • 傳送(α1, α2 )給簽章者

  15. Randomized blind signature (cont.) Pub1 = x1P, Pub2 = x2P ρ= yP ,C = u ρ α1 = r1H(m || C) + r2Pα2 = r1u (mod q) • Signing phase 簽章者計算T = x1α1 + x2yα2P並回傳給使用者 • Unblinding phase使用者計算S = r1-1(T – r2Pub1)此時簽章-訊息組為(S,m,C) • Verification phase驗證式子e(S, P) = e(H(m || C), Pub1)e(C, Pub2)

  16. Randomized blind signature (cont.) 整體流程

  17. Outline • Introduction • Preliminaries • Randomized blind signature • Performance and security Analysis • Conclusion

  18. Performance and security Analysis [11]A. Boldyreva [12]H. Elkamchouchi, Y. Abouelseoud [13]Y. Yu, S. Zheng, Y. Yang [14] [15]F. Zhang, K. Kim

  19. Outline • Introduction • Preliminaries • Randomized blind signature • Performance and security Analysis • Conclusion

  20. Conclusion • 本文提出了一個提供具有隨機屬性的pairing-based盲簽章並正式的證明此簽章具有unlinkability, unforgeability,和randomization properties。 • 本文提出的方法為第一個可證明安全的隨機化盲簽章

More Related