Presentation is loading. Please wait.

Presentation is loading. Please wait.

多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity Date:2010.04.02 Reporter :Chien-Wen Huang 出處: 2008 Second International Conference on Future.

Published byTyrone Matthews Modified over 9 years ago

Similar presentations

Presentation on theme: "多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity Date:2010.04.02 Reporter :Chien-Wen Huang 出處: 2008 Second International Conference on Future."— Presentation transcript:

1 多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity Date:2010.04.02 Reporter :Chien-Wen Huang 出處: 2008 Second International Conference on Future Generation Communication and Networking

2 多媒體網路安全實驗室 Outline Introduction 1 Bilinear Maps and Some Concepts 2 Anonymous ID Signature Scheme with Provable Identity 33 Analysis on the Scheme 44 Conclusion 35

3 多媒體網路安全實驗室 Introduction  ID-based Public Key Cryptography(ID-PKC)  was firstly proposed by Shamir in 1984.  users can communicate securely without -exchanging public key certificates, -keeping a public key directory,or using online service of a third party.  Blind signature scheme  was firstly proposed by Chaum in 1982.  protect the privacy of the user effectively.  Identity-based blind signature (IBBS)

4 多媒體網路安全實驗室 Introduction  Blind signature scheme involves a)blind message signature scheme  message m was blinded to m’.  verification: on the signature of m would be valid with no leak of m to signer. b)blind parameter signature scheme  sign(m) which is the signature of message m could be blinded to sign’(m).  The verification on (m, sign’(m)) would be valid.

5 多媒體網路安全實驗室 Bilinear Maps and Some Concepts  Concepts of Bilinear Maps  Let G 1 and G 2 be two cyclic groups of prime order q.  G 1 is additive group,G 2 is a multiplicative group. 1)Bilinear is bilinear if 2)Non-degenerate The map does not send all pairs in to the identity in 3)Computable An efficient algorithm to compute for any

6 多媒體網路安全實驗室 Bilinear Maps and Some Concepts  Some Difficult Problems 1.Discrete Logarithm Problem For any,find,which satisfy is difficult. 2.Decision Diffie-Hellman Problem(DDHP) For, decide whether is difficult. 3.Computational Diffie-Hellman Problem(GDHP) For, given to compute is difficult. 4.gap Diffie-Hellman Problem(GDH) easy to decided whether and hard to compute. (easy to resolve DDHP and hard to resolve CDHP -> is a GDH group)

7 多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity based on ID-based blind parameter signature scheme and BLS short signature scheme. 1)System Parameters Setup G 1 is a GDH group,G 2 is a multiplicative cyclic group, is a prime, 2)System Initialize Choose,compute.choose and public system parameter is

8 多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity 3)Generate Key Pair for Verifying Identity of User the real identity of user is ID,computes,and corresponding private key. 4)Generate Key Pair for signing Make use of as private key, Corresponding public key is 5)Generate Anonymous Identity of User a)User send (ID,U) to KGC. b)KGC chooses,computes,and.then send (U’, S’) to user. c)User computes,and is the blind parameter signature d)User computes his anonymous

9 多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity 6)Verify Anonymous Identity of User When doubt appears, user submits the evidence information to KGC involves KGC computes,and following formula exist: If exists, then compute 7)Message Sign a)Maps m to G 1, b)Computes,so signature is 8)Signature Verification Receives signature and obtains user’s public key if the following formula exists:

10 多媒體網路安全實驗室 Analysis on the Scheme Theorem 1 Verification for anonymous identity satisfies correctness. Proof: Theorem 2 Signature Verification satisfies correctness. Proof:

11 多媒體網路安全實驗室 Analysis on the Scheme Theorem 3 This scheme satisfies blindness. Proof: 1.user’s anonymous ID’ comes from the blinded signature that generated by KGC. 2.When doubt appears, KGC can not get private key a from (ID,U’,S,ID’),even have. Theorem 4 This scheme satisfies anonymity of identity. Proof: Because,KGC can not get S, so he can’t compute the anonymous.

12 多媒體網路安全實驗室 Conclusion  Shortage: when doubt appears(the anonymous identity would be leaked to KGC),user can’t use it any longer. Applying another anonymous identity would increase user’s spending on some aspects.  Tomorrow work: resolve the invalidation problem on anonymous identity after identity verification.

13 多媒體網路安全實驗室

Download ppt "多媒體網路安全實驗室 Anonymous ID Signature Scheme with Provable Identity Date:2010.04.02 Reporter :Chien-Wen Huang 出處: 2008 Second International Conference on Future."

Similar presentations

1 9 4 5 1 8 8 6 E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April. 30. 2003 Seo, Seung-Hyun Dept. of Computer Science and.

E W H A W U New Nominative Proxy Signature Scheme for Mobile Communication April Seo, Seung-Hyun Dept. of Computer Science and.
An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.

An Introduction to Pairing Based Cryptography Dustin Moody October 31, 2008.
多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.

多媒體網路安全實驗室 An efficient and security dynamic identity based authentication protocol for multi-server architecture using smart cards 作者 :JongHyup LEE 出處.
BY JYH-HAW YEH COMPUTER SCIENCE DEPT. BOISE STATE UNIVERSITY Proxy Credential Forgery Attack to Two Proxy Signcryption Schemes.

BY JYH-HAW YEH COMPUTER SCIENCE DEPT. BOISE STATE UNIVERSITY Proxy Credential Forgery Attack to Two Proxy Signcryption Schemes.
多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : 2012.10.24 Reporter : Hong Ji Wei Authors.

多媒體網路安全實驗室 Improved Secure Anonymous Authentication Scheme for Roaming Service in Global Mobility Networks Date : Reporter : Hong Ji Wei Authors.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
多媒體網路安全實驗室 Source:International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH- MSP),2010 Sixth. Authors:Hsiang-Cheh.

多媒體網路安全實驗室 Source:International Conference on Intelligent Information Hiding and Multimedia Signal Processing (IIH- MSP),2010 Sixth. Authors:Hsiang-Cheh.
Identity Based Encryption

Identity Based Encryption
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date : 2008-06-03.

1 Identity-Based Encryption form the Weil Pairing Author : Dan Boneh Matthew Franklin Presentered by Chia Jui Hsu Date :
1 A practical off-line digital money system with partially blind signatures based on the discrete logarithm problem From: IEICE TRANS. FUNDAMENTALS, VOL.E83-A,No.1.

1 A practical off-line digital money system with partially blind signatures based on the discrete logarithm problem From: IEICE TRANS. FUNDAMENTALS, VOL.E83-A,No.1.
Identity-based authenticated key agreement protocol based on Weil pairing N.P.Smart ELECTRONICS LETTERS 20 th June 2002 vol.38 No13 p.630-632 Present by.

Identity-based authenticated key agreement protocol based on Weil pairing N.P.Smart ELECTRONICS LETTERS 20 th June 2002 vol.38 No13 p Present by.
Efficient fault-tolerant scheme based on the RSA system Author: N.-Y. Lee and W.-L. Tsai IEE Proceedings Presented by 詹益誌 2004/03/02.

Efficient fault-tolerant scheme based on the RSA system Author: N.-Y. Lee and W.-L. Tsai IEE Proceedings Presented by 詹益誌 2004/03/02.
Certificateless Authenticated Two-Party Key Agreement Protocols

Certificateless Authenticated Two-Party Key Agreement Protocols
Inter-Domain Identity-Based Authenticated Key Agreement Protocols from Weil Pairing Authors: Hong-bin Tasi, Yun-Peng Chiu and Chin-Laung Lei From:ISC2006.

Inter-Domain Identity-Based Authenticated Key Agreement Protocols from Weil Pairing Authors: Hong-bin Tasi, Yun-Peng Chiu and Chin-Laung Lei From:ISC2006.
1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.

1 Hidden Exponent RSA and Efficient Key Distribution author: He Ge Cryptology ePrint Archive 2005/325 PDFPDF 報告人:陳昱升.
Identity Base Threshold Proxy Signature Jing Xu, Zhenfeng Zhang, and Dengguo Feng Form eprint Presented by 魏聲尊.

Identity Base Threshold Proxy Signature Jing Xu, Zhenfeng Zhang, and Dengguo Feng Form eprint Presented by 魏聲尊.
A Double-Efficient Integrity Verification Scheme to Cloud Storage Data Deng Hongyao, Song Xiuli, Tao jingsong 2014 TELKOMNIKA Indonesian Journal of Electrical.

A Double-Efficient Integrity Verification Scheme to Cloud Storage Data Deng Hongyao, Song Xiuli, Tao jingsong 2014 TELKOMNIKA Indonesian Journal of Electrical.
Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.

Cryptography and Network Security Chapter 10. Chapter 10 – Key Management; Other Public Key Cryptosystems No Singhalese, whether man or woman, would venture.
Computer Science Public Key Management Lecture 5.

Computer Science Public Key Management Lecture 5.

Similar presentations

Ads by Google