Title: 利用雙線性群數對實現群體導向授權簽章
Group-oriented Signature Delegation Using Bilinear Pairings
Authors: 林之寅
Chih-Yin Lin
Jing-Jang Hwang
Tzong-Chen Wu
Keywords: 數位簽章;簽章權力;授權簽章;群體導向;雙線性群數對;身份基底公開金鑰;授權模式;Digital signature;Signing power;Signature delegation;Group-oriented;Bilinear pairings;dentity-based public key;Authorization model
Issue Date: 2002
Abstract: 「數位簽章」在密碼學與資訊安全領域中是一個相當重要的研究課題,它將傳統上印鑑所代表之背書與授權的功能意義以數位化的形式實現在電腦化、網路化的環境中,並提供了完整性、鑑別性與不可否認性等安全服務。在某些情況下,擁有「簽章權力」的簽章者可能無法有效地對訊息產生數位簽章,因而必須將其簽章權力授權委託給適當的代理者以維持相關流程業務的持續運作。此時,該簽章者會扮演授權者的角色去選定適當的代理者,然後將簽章權力授權給他。代理者利用所被賦予的簽章權力,便可以依據相關的授權條件來代替授權者對訊息產生簽章。這樣的簽章權力移轉概念在本論文中稱之為簽章的授權,或是「授權簽章」。
〈高度授權系統模式〉 – 授權者賦予代理群體其簽章權力,使得代理群體中任一成員皆可獨力行使該權力以產生有效的代理簽章。
〈低度授權系統模式〉 – 授權者賦予代理群體其簽章權力,使得代理群體中的所有成員需一起參與並合作方能行使該權力以產生有效的代理簽章。
〈門檻策略授權系統模式〉 – 授權者賦予代理群體其簽章權力,並定義一個門檻值,使得當代理群體中任一子群體的成員數目大於等於該門檻值時,該子群體中的所有成員便可以一起參與合作以行使該簽章權力,產生有效的代理簽章。
〈一般化授權系統模式〉 – 授權者賦予代理群體其簽章權力,並定義所有的有效代理子群體,使得任意一個有效代理子群體中所有皆成員參與時,方能行使該簽章權力以產生有效的代理簽章。
Digital signature is one of the main issues in modern cryptographic research. As hand-written signatures and seals do in real life, digital signature provides the functions of endorsement and authorization in the digitalized world of computers and networks. In terms of security services, digital signature achieves message integrity, signer authenticity, and signature undeniability.
Under certain circumstances, a signer may not be able to effectively perform his private “signing power”, and has to authorize a proper delegate to sign messages on behalf of him. In this thesis, how to perform such “signature delegation” with a “group-oriented” manner is researched. Two issues are considered herein: how a signer, namely the “authority”, authorizes his signing power to a delegation group; and, how members in the delegation group cooperate to generate valid digital signatures, namely delegated signatures. Regarding all possible scenarios for group-oriented signature delegation, four system models are defined:
〈Loose-authorization model〉The authority chooses a delegation group and allows each group member to independently generate valid delegated signatures.
〈Strict-authorization model〉The authority chooses a delegation group and demands that all group members have to cooperate for generating valid delegated signatures.
〈Threshold-authorization model〉The authority chooses a delegation group of n members and defines a threshold value t < n. Then, any subgroup consisting of t or more group members can generate valid delegated signatures.
〈Generalized-authorization model〉The authority chooses a delegation group and defines qualified subgroups. Then, valid delegated signatures can only be generated via the cooperation of all members from any of the predefined qualified subgroups.
In accordance with these system models, five authorization conditions and four security requirements are defined. Then, four concrete schemes are proposed to respectively realize these models. The proposed schemes are based on bilinear pairings and designated for the identity-based public key cryptosystem. Due to the bilinear pairings, the proposed schemes are simple in construction and efficient in performance. Moreover, all schemes are derived from the same basic identity-based signature scheme, and as a result constitute a systematic solution for group-oriented signature delegation.
