Journal of KIISE:Computer Systems and Theory (한국정보과학회논문지:시스템및이론)

Korean Institute of Information Scientists and Engineers (한국정보과학회)
권호 표지

Dynamic Multi-Proxy Signature Schemes based on Secret Sharing and Diffie-bellman Problem

비밀분산법과 Diffie-Hellman 문제에 기반한 동적 멀티 대리서명 프로토콜

  • 박소영 (이화여자대학교 컴퓨터학과) ;
  • 이상호 (이화여자대학교 컴퓨터학과)
  • Published : 2004.08.01
Download PDF
⟨ Previous Next ⟩

Abstract

Proxy signatures is a signature scheme that an original signer delegates one's signature capability to a proxy signer, and then the proxy signer creates a signature on behalf of the original signer. Delegation of authority is a common practice in the real world, in particular, it happens naturally in hierarchical groups such as company, bank and army, etc. In this paper, we propose a new dynamic multi-proxy signature scheme allowing repetitive delegations in a hierarchical group. We adopt multi-proxy signatures to enhance the security of proxy signature. In multi-proxy signatures, plural proxy signers can generate a valid proxy signature collectively on behalf of one original signer. In our scheme, the proxy group is not fixed but constructed dynamically according to some situations. Delegations are processed from higher level to lower level in the hierarchy using delegation tickets. When the original signer wants to delegate one's signature authority, the original signer generates a delegation ticket based on secret sharing and Diffie-Hellman problems. The delegation ticket is shared among proxy signers and then all the proxy signers can generate a valid proxy signature collectively by reconstructing the original signer's delegation ticket. If a certain proxy signer can not attend the proxy signature generating protocol, the proxy signer can also delegate repetitively his partial signature authority to the lower level participants, and then the proxies are constructed dynamically.

권한 위임은 군대, 기업, 은행 등의 계층 그룹에서 자연스럽게 발생할 수 있다. 대리서명 (proxy signature)은 서명 권한을 위임받은 대리서명자가 원 서명자를 대신하여 유효한 전자서명을 생성하고 검증할 수 있는 전자서명 프로토콜이다. 계층 구조를 갖는 B2B 전자 거래 및 전자서명의 활용 범위가 다양화됨에 따라 이를 반영하는 보다 안전한 대리서명이 요구된다. 본 논문에서는 계층 그룹에서 반복적 권한 위임을 허용함으로써 대리서명자들이 동적으로 구성될 수 있는 새로운 멀티 대리서명 프로토콜을 제안한다. 한 명의 대리서명자가 아닌 복수의 대리서명자가 모여야만 원 서명자를 대신해 하나의 유효한 대리서명을 생성할 수 있게 함으로써, 보다 강화된 안전성을 제공한다 대리서명 생성을 위한 권한 위임은 비밀분산법과 Diffie-Hellman 문제에 의해 생성된 위임티켓을 통해, 계층 구조의 상위 계층에서 하위 계층으로 이루어진다. 위임받은 대리서명자 중에서 대리서명에 참여할 수 없는 대리서명자는 다시 자신의 하위 계층의 참가자들에게 개별 위임을 수행함으로써, 대리서명 권한이 반복적으로 위임될 수 있고, 이에 따라 대리서명자 그룹이 동적으로 구성된다.

Keywords

References

  1. M. Mambo, K. Usuda and E. Okamoto, 'Proxy Signature: Delegation of the Power to Sign Message,' IEICE Trans. Fundamentals, vol. E79-A, no. 9, pp. 1338-1353, 1996
  2. Y. Desmedt, 'Threshold Crytography,' European Transaction on Telecommunications and Related Technologies, vol.5, no. 4, pp. 35-43, 1994
  3. R. Gennaro, S, Jarecki, H. Krawczyk and T. Rabin, 'Robust Threshold DSS Signatures.' in Advances in Cryptology-EUROCRYPT '96, LNCS 1070, 1996
  4. C. Li, T. Hwand and N. Lee, '(t, n)-Threshold Signature Scheme based on Discrete Logarithm,' Advances in Cryptology-EUROCRYPT '94, 1995
  5. K. Itakura and K. Nakamura, 'A Public-Key Cryptosystem Suitable for Digital Multisignatures,' NEC Research and Development, (71), pp. 1-8, 1983
  6. S. Micali, K. Ohta and L. Reyzin, 'Accountable-Subgroup Multisignatures,' Proceeding of ACM Conference on Computer and Communications Security, pp. 245-254, 2001 https://doi.org/10.1145/501983.502017
  7. 송영원, 박소영, 이상호, '트리형태의 계층 구조에 적용가능한 비밀분산법의 설계', 한국정보과학회 논문지(컴퓨터 시스템 및 이론), 제29권 4호, pp. 161-168, 2002
  8. W. Diffie and M. E. Hellman, 'New Directions in Cryptography,' IEEE Transaction on Information Theory, vol. IT-22, no. 6, pp. 644-654, 1976 https://doi.org/10.1109/TIT.1976.1055638
  9. K. Zhang, 'Threshold Proxy Signature Schemes,' Proceeding of 1st International Information Security Workshop, pp. 191-197, 1997
  10. H. Sun, N. Lee, T. Hwang, 'Threshold Proxy Signatures,' Proceeding of IEE - Computers and Digital Techniques, vol. 146, no. 5, pp. 259-263, 1999 https://doi.org/10.1049/ip-cdt:19990647
  11. M. Hwang, I. Lin and E. J. Lu, 'A Secure Nonrepudiable Threshold Proxy Signature Scheme with Known Signers,' Informatica, vol. 11, no. 2, pp. 137-144, 2000
  12. S. Hwang and C. Chen, 'Cryptanalysis of Nonrepudiable Threshold Proxy Signature Schemes with Known Signers,' Informatica, vol. 14, no. 2, pp. 205-212, 2003
  13. J. Lee, J. Cheon and S. Kim, 'An Analysis of Proxy Signatures: Is a Secure Channel Necessary?,' Proceeding of CT-RSA 2003, LNCS 2612, pp. 68-79, 2003
  14. S. Hwang and C. Shi, 'A Simple Multi-Proxy Signature Scheme,' Proceeding of the Tenth National Conference on Information Security, Hualien, Taiwan, pp. 134-138, 2000 https://doi.org/10.1145/352600.352617
  15. X. Chen, F. Zhang and K. Kim, 'ID-Based Multi-Proxy Signature and Blind Multisginature from Bilinear Pairings,' Proceeding of KIISC conference 2003, pp. 11-19, 2003
  16. S. Lal and A. Awasthi, 'A New Multi-Proxy Signature Scheme for Partial Delegation with Warrant,' http://www.gfcr.org/ecryp/old/multi.pdf
  17. C. Lin, T. Wu and J. Hwang, 'Multi-Proxy Signature Schemes for Partial Delegation with Cheater Identification,' Institute of Information Management, NCTU
  18. S. Hwang and C. Chen, 'New Multi-Proxy Multi-Signature Schemes,' Applied Mathematics and Computation, Vol. 147, pp. 55-67, 2004 https://doi.org/10.1016/S0096-3003(02)00650-1
  19. S. Hwang and C. Chen, 'A New Proxy Multi-Signature Scheme,' International Workshop on Cryptology and Network Secrity, Taipei, Taiwan, pp. 199-204, 2001
  20. H. Sun, 'On Proxy (Multi-) Signature Schemes,' 2000 International Computer Symposium, Chiayi, Taiwan, pp. 65-72, 2000
  21. L. Yi, G. Bai and G. Xiao, 'Proxy Multi-Signature Scheme: A New Type of Proxy Signature Scheme,' Electronic Letters, Vol. 36, No. 6, pp. 527-528, 2000 https://doi.org/10.1049/el:20000422
  22. C. P. Schnorr, 'Efficient Signature Generation for Smart Cards,' in Advances in Cryptology-CRYPTO '89, pp. 239-252, 1990 https://doi.org/10.1007/BF00196725