基于离散对数的（t,n）门限组验证数字签名体制

Ｈａｒｎ提出了（ｔ，ｎ）门限组验证数字签名体制的概念。不幸的是，Ｈａｒｎ自己设计的基于离散对数的（ｔ，ｎ）门限组验证数字签名体制是不安全的，包括他的修改体制。本文设计了一个（ｔ，ｎ）门限组验证数字签名体制，它的安全性基于离散对数。     

一类高效的动态门限秘密共享体制

将Shamir（k，n）一门限体制逆用，笔者构造了一类新的动态门限体制．该体制结构简单，易于实现。而且在系统更新时、删减成员时，仅需更新一些公开信息，因此效率更高。另外该方案可以有效的阻止来自系统内部和外部的攻击，因此提高了系统的实用性。同时该体制能够由每个成员自主选择子密钥，所以在应用上更加灵活方便。     

一种新的无可信中心的门限签名体制

文章基于双线性对提出了一种新的无可信中心的门限签名体制。在多数环境中一个可信中心并不存在,所以没有可信中心的门限签名体制更受青睐,并且该协议几乎满足一个良好的门限签名体制的所有要求。该协议简单可行,在电子商务和电子投票中比其他协议更实用。     

对一类门限密码体制的研究注记

本文在研究扩展到有限Abel群上的Shamir(k,n)-门限秘密分享体制的基础上,构造出一类新的EIGamal类型的门限密码体制及具有信息恢复特性的数字签名体制;指出这类体制的一些良好特性及其在诸如密钥托管、密钥分配体制等方面的应用,并证明了其安全性。     

对秘密分享体制的分析研究注记

秘密分享体制(SSS)在许多方面(尤其是密钥托管研究方面)有重要应用。本文首先分析研究了一种SSS,并证明其不是(n,n)-门限体制;然后基于EIGamal签名算法设计了一种新的类型的(n,n)-门限体制,由于其潜在具有公开可验证性,特别适合在密钥托管的软件实现研究方面应用。     

一种新的密钥分割门限方案及密钥托管体制

密钥托管密码体制不仅能保护用户的隐私权，同时允许法律授权下的监听，本文首先提出了一种新的秘密分割门限方案，然后基于这种新的秘密分割门限方案，提出了一种分割密钥托管体制，并分析了体制的安全性。     

基于Asmuth-Bloom门限体制的密钥托管

密钥托管密码体制不仅能保护用户的隐私权,同时允许法律授权下的监听。本文基于Asmuth-Bloom门限体制提出了一种密钥托管体制,并分析了体制的安全性。     

基于身份密码体制的高效门限群签名方案

门限群签名用于保障集体决策的安全,针对其在实际应用中的效率问题,基于双线性映射和秘密共享思想,提出了一个新的基于身份密码体制的门限群签名方案.该方案将系统主密钥以自选份额秘密的模式分散到签名成员集合中,使各成员签名私钥均为门限存储,有利于保证系统整体安全性;采用基于身份的t-out-of-n秘密共享算法则使方案的效率更高.根据门限群签名性质对该方案进行了安全性分析和效率对比,结果表明该方案是一种安全高效的门限群签名方案.     

基于Asmuth—Bloom门限体制的密钥托管

密钥托管密码体制不仅能保护用户的隐私权，同时以下的监听，本文基于Ａｓｍｕｔｈ－Ｂｌｏｏｍ门限体制提出了一种密钥托管体制，并分析了体制的安全性。     

一种改进的基于标识的认证系统的实现

基于身份的认证体制是一种以用户的身份信息作为公钥的认证体制,文章提出了一种基于中间公钥和门限的IBE认证体制方案,解决了PKG密钥安全、用户身份认证和私钥的安全传输等问题,提高了IBE认证体制的安全性和实用性,并给出了系统的具体实现,就其安全性作了具体的分析.     

Performance analysis of generalized selection combining with threshold test per branch (T-GSC)

We analyze the average bit error rate (BER) and outage probability performance of two types of conditional diversity combining schemes in which each branch signal-to-noise ratio (SNR) is tested against a fixed predetermined threshold and applied to the combiner only if its value exceeds this threshold. The two schemes, respectively referred to as absolute threshold generalized selection combining (AT-GSC) and normalized threshold generalized selection combining (NT-GSC), differ from one another only in the manner in which the threshold is chosen. Nevertheless, when operating over a generalized fading channel, the two schemes have a markedly different behavior as reflected in the numerical results presented. The analytical method taken to obtain these results follows the moment generating function approach originally proposed by the authors for analyzing the performance of more conventional diversity combining schemes (see Simon, M.K. and Alouini, M.-S., Proc. IEEE, vol.86, p.1860-77, 1998).     

Updating the parameters of a threshold scheme by minimal broadcast

Threshold schemes allow secret data to be protected among a set of participants in such a way that only a prespecified threshold of participants can reconstruct the secret from private information (shares) distributed to them on a system setup using secure channels. We consider the general problem of designing unconditionally secure threshold schemes whose defining parameters (the threshold and the number of participants) can later be changed by using only public channel broadcast messages. In this paper, we are interested in the efficiency of such threshold schemes, and seek to minimize storage costs (size of shares) as well as optimize performance in low-bandwidth environments by minimizing the size of necessary broadcast messages. We prove a number of lower bounds on the smallest size of broadcast message necessary to make general changes to the parameters of a threshold scheme in which each participant already holds shares of minimal size. We establish the tightness of these bounds by demonstrating optimal schemes.     

基于多项式秘密共享的前摄性门限RSA签名方案

现有可证明安全的前摄性门限RSA签名方案均依赖加性秘密共享方法,存在每次签名均需所有成员参与,易暴露合法成员的秘密份额,签名效率低下等问题。该文以Shoup门限签名为基础,提出一种基于多项式秘密共享的前摄性门限RSA签名方案,并对其进行了详细的安全性及实用性分析。结果表明,在静态移动攻击者模型中,该方案是不可伪造的和稳健的,与现有同类方案相比,其通信开销更低,运算效率更高。     

Tracing traitors

We give cryptographic schemes that help trace the source of leaks when sensitive or proprietary data is made available to a large set of parties. A very relevant application is in the context of pay television, where only paying customers should be able to view certain programs. In this application, the programs are normally encrypted, and then the sensitive data is the decryption keys that are given to paying customers. If a pirate decoder is found, it is desirable to reveal the source of its decryption keys. We describe fully resilient schemes which can be used against any decoder which decrypts with nonnegligible probability. Since there is typically little demand for decoders which decrypt only a small fraction of the transmissions (even if it is nonnegligible), we further introduce threshold tracing schemes which can only be used against decoders which succeed in decryption with probability greater than some threshold. Threshold schemes are considerably more efficient than fully resilient schemes     

无双线性对的基于身份的在线/离线门限签名方案

为了减少公钥密码体制中证书管理带来的开销和提高在线/离线门限签名方案的性能,利用分布式密钥生成协议和可验证秘密共享协议,提出了一种基于身份的在线/离线门限签名方案,并在离散对数假设下证明了新方案满足顽健性和不可伪造性。分析结果表明,新方案避免了传统公钥证书的管理问题和复杂的双线性对运算,大大降低了离线门限签名算法和签名验证算法的计算复杂度,在效率上优于已有的在线/离线门限签名方案。     

Efficient threshold public key encryption with full security based on dual pairing vector spaces

Most robust and noninteractive threshold public key encryption (PKE) schemes have only been proven secure against chosen‐ciphertext attacks under the static corruption model; yet, the dynamic corruption model is more reasonable. In this paper, on the basis of bilinear groups of prime order and dual pairing vector spaces, we propose a threshold PKE scheme that is noninteractive, robust and, secure against adaptive chosen‐ciphertext attacks under the dynamic corruption model without random oracles. Moreover, our scheme is shown to be more efficient than currently existing fully secure threshold PKE schemes. Copyright © 2013 John Wiley & Sons, Ltd.     

一个完善的秘密分享方案

可验证秘密分享在实用密码学领域内是一个非常重要的工具,它在密钥管理协议、门限或分布式签名协议、电子商务、多方安全计算及团体式密码系统等许多方面都有极为广泛的应用。针对一类突发事务须及时、安全解决的特点, 利用离散对数问题的难解性,在假设初始化阶段和秘密恢复阶段始终有一位值得信赖的分发者参与的情况下,提出了一个可公开验证的门限秘密分享方案。     

两种门限签名方案的密码学分析及其改进

Jan等和Gan分别提出了抗合谋攻击的门限签名方案。给出了一种合谋攻击方案表明他们的方案是不安全的,任何一组成员可以合谋假冒另一组成员对任何消息生成有效的门限签名而不需负任何责任。一旦事后发生纠纷,指定的秘书可以打开签名,而被假冒的成员无法否认签名。为克服他们的方案的安全性缺陷,给出了一个改进方案。并且,基于改进的方案,提出了一个可以追查签名者身份的、抗合谋攻击的门限签名方案。     

Mutually Trusted Authority-Free Secret Sharing Schemes

Traditional secret sharing schemes involve the use of a mutually trusted authority to assist in the generation and distribution of shares that will allow a secret to be protected among a set of participants. In contrast, this paper addresses the problem of establishing secret sharing schemes for a given access structure without the use of a mutually trusted authority. A general protocol is discussed and several implementations of this protocol are presented. Several efficiency measures are proposed and we consider how to refine the general protocol in order to improve the efficiency with respect to each of the proposed measures. Special attention is given to mutually trusted authority-free threshold schemes. Constructions are presented for such threshold schemes that are shown to be optimal with respect to each of the proposed efficiency measures. Received 13 September 1995 and revised 10 April 1996     

A SECURE THRESHOLD GROUP SIGNATURE SCHEME

The threshold group signature is an important kind of signature. So far, many threshold group signature schemes have been proposed, but most of them suffer from conspiracy attack and are insecure. In this paper, a secure threshold group signature scheme is proposed.It can not only satisfy the properties of the threshold group signature, but also withstand the conspiracy attack.