ElGamal签名方案及其变体之间的安全性关系Security Relation between ElGamal Signature Scheme and Its Variants
唐飞;林昌露;郭玲玲;张胜元;
摘要(Abstract):
主要讨论ElGamal签名方案及其变体方案之间的安全性关系.首先指出已有的文献在证明过程中的一个误用,该误用会对相应签名方案的安全性构成威胁,其次从安全强等价的角度重新给出ElGamal签名方案及其变体方案之间的安全性关系分类.
关键词(KeyWords): 数字签名;消息恢复;强等价;安全强等价
基金项目(Foundation): 国家自然科学基金资助项目(11026008);; 福建省自然科学基金资助项目(2011J05147)
作者(Authors): 唐飞;林昌露;郭玲玲;张胜元;
参考文献(References):
- [1]李继红,谷大武,肖国镇.ElGamal型签名方案与相应MR(p)型方案的安全性关系研究[J].通信学报,2000,21(4):58-61.
- [2]ElGamal T.A public key cryptosystem and signature scheme based on discrete logarithms[J].IEEE Transactions on Information Theory,1976,31:469-472.
- [3]Nyberg K,Rueppel R A.A new signature scheme based on the DSA giving message recovery[C]∥Proceedings of the1st ACM Conference on Communication and Computer Security,1993,New York,NY,USA:ACM,1993:58-61.
- [4]Harn L,Xu Y.Design of generalized ElGamal type digital signature schemes based on discrete logarithm[J].Elec-tronics Letters,1994,30(24):2025-2026.
- [5]Kim S,Kim J,Cheon J H.Threshold signature schemes for ElGamal variants[J].Computer Standards and Inter-faces,2011,33:432-437.
- [6]Mohanty S,Majhi B.A digital signature scheme with message recovery and without one-way hash function[C]∥2010International Conference on Advances in Computer Engineering,2010,Bangalore,India,USA:IEEE,2010:265-267.
- [7]Nyberg K,Rueppel R A.Message recovery for signature schemes based on the discrete logarithm problem[C]∥In Advances in Cryptology-EUROCRYPT’94,1994,Perugia,Italy,Berlin:Springer-Verlag,1995:182-193.
- [8]Nyberg K,Rueppel R A.Message recovery for signature schemes based on the discrete logarithm problem[J].Designs,Codes and Cryptography,1996,7:61-81.
- [9]Miyaji A.A message recovery signature scheme equivalent to DSA over elliptic curves[C]∥In Advances in Cryp-tology-ASIACRYPT'96,1996,Kyongju,Korea,Berlin:Springer-Verlag,1996:1-14.
- [10]Lin C C,Laih C S.Cryptanalysis of Nyberg-Rueppel's message recovery scheme[J].IEEE Communications Let-ters,2000,4(7):231-232.
- [11]Paterson K G.ID-based signatures from pairings on elliptic curves[J].Electronics Letters,2000,38:1025-1026.
- [12]Ramasamy R R,Prabakar M A.Digital signature scheme with message recovery using knapsack-based ECC[J].International Journal of Network Security,2011,12(1):15-20.