introduction - arxiv

0

�

��

��

��

RSA Cryptosystem

ElGamal Cryptosystem

Messey - Omura Cryptosystem

Knapsack Cryptosystem

Construction of Knapsack Cryptosystem

Quadratic Residue Cryptosystem

Hybrid Cryptosystem: Diffie - Hellman’s key Exchange

Digital Signatures A Classification of Digital Signature Schemes

Digital Signature Schemes with Appendix

Digital Signature Schemes with Message Recovery

RSA Signature Scheme

Feige– Fiat – Shamir Signature scheme

ElGamal Digital Signature Scheme

The Digital Signature Algorithm

The Schnorr Signature Scheme

The ElGamal Scheme with Message Recovery

Nyberg – Rueppel Digital Signature Scheme

Digital Signature with Additional Functionality

Multi-signature scheme

Group Signature

Threshold Signature Scheme

Undeniable Signature Scheme

Blind Signature Scheme

1

Proxy Signature Scheme

Directed Signature Scheme

Abstract of the Thesis

��

Introduction

A Directed Signature Scheme

Security of the Proposed Scheme

A Directed Signature with Threshold Verification

An Application to Threshold Cryptosystem

��

Introduction

A Directed Delegated Signature Scheme


Remarks

��

Introduction

Directed Threshold Signature Scheme


Remarks

��

� ��

Introduction

Threshold Signature Scheme with

Threshold Verification

Security of the Proposed scheme

Remarks

2

��

Introduction

Directed - Threshold Multi – Signature Scheme


Remarks

��

��

Introduction

Directed - Threshold Multi – Signature Scheme Without SDC


Remarks

��

� ��

Introduction.

Generalized Directed - Threshold Multi - Signature Scheme


Remarks.

��

! � � ��

��

��

� ��

�

3

��

��

A thesis submitted for the partial

fulfillment of the degree of

��in

MATHEMATICS

by

�� !�"#$��

��

��%��# &'��

��

��

��

��

��

4

�

��

��

��

��

��

��

��

��

��

5

** Declaration** ��

��

� ��

�

�

�

�

��

��

� ��

��

�� !"##!!$�

��%�� &�[email protected]

��

�

6

DEPARTMENT OF MATHEMATICS

Institute of Basic Science Dr. B.R. Ambedkar University

Khandari, Agra-282002

�� !�"#$$%"&�

�� '!�"#$"#"(��

��)��"* ��

� � � � � � � � � � � � **Certificate**

�� A CRYPTOGRAPHIC

STUDY OF SOME DIGITAL SIGNATURE SCHEMES��

��

��

��

��

��

��

��

�

��

��&�!'�( �)�!**+� ,� � ��-��

,� ��)��-��

Sunder Lal �� !�"�� !�"�� !�"�� !�"��

7

**Acknowledgment** I am grateful to my Supervisor Dr. Sunder Lal, Prof. & Head, Department of

Mathematics, Institute of Basic Science, Dr. B.R. Ambedkar University, Agra, who

spares his valuable time in guiding me for my research work. He encourages me always.

I am short in word to express his contribution to this thesis through criticism, suggestions

and discussions. My sincere thanks are to Dr. Sanjay Choudhary and Dr. Sanjeev

Sharma, both senior lectures in the Department of Mathematics, Institute of Basic

Science, Dr. B.R. Ambedkar University, Agra, for their kind suggestions.

I am deeply indebted to Dr. J.P. Arya, HOD, Department of Mathematics, D.A.V.

College Muzaffarnagar, who had laid the foundation of my M.Phil. degree and then

encouraged me for Ph.D. degree.

There is no word to express my feeling for my family members and relatives,

especially to my parent for their hidden cooperation and to my wife Chhaya for her

enthusiastic inspirations, round the clock cooperation and help me in many ways. Really,

it is not possible to express the love and affection to sweet and little daughter Aayushi

Raghuvanshi, who is the driver of my success, to make the path for my Ph.D. work.

I am thankful to all the faculty members and staff of Hindustan College of Science &

Technology, Farah – Mathura, Ravindra Kumar (T&P Officer), Jagadeesh. G. (Lecturer,

Computer Science), Sri Gopal Sharma, Sri Sarvesh B. Singh for their kind cooperation in

this electronic age, through computer, printer etc. I am also thankful to my research

colleagues Ms. Meeta Gurmukh, Mr. Atul Churvedi, Mr. Anil Agarwal and Mr. Amit K

Awasthi for their result oriented discussion.

At last but not the least, my sincere thanks to the writers of the books and the

research papers, which, I have consulted during the course of my research work.

�

�

�

�

�

��

��&�!'�( �)�!**+�� ,� � �.�/��

��

8

�

�

�

�

�

�

�

�

�

�

Chapter 0 Introduction

�

9

� ��&#��

#�� #��$��%��#�� #��$��%��#�� #��$��%��#�� #��$��%�� &� �%�� &� ��%�� '�� &��

%��(��)$��&��*��

• � � ��

• � �� !�� !�� !�� !��

• � � �� !�� !�� !�� !��

�

+�� &��,��,��$%&�-��.��%��$��&�

�� (��%� � � �&� �� -�&�-�� ,�� ,��&� �� /� ��

�� &� �� $��,��&�� -�� %�� %� �--��%&� ��

��&��-��%%%%��-��-&��-��-&��-��-&��-��-&��

Cryptography is the art or science of keeping

secrets secret. Cryptography is about secure

communication through insecure channels.

+&�%��%-�� %$��&��$�&�%��-��-&��&��&��

��0��%��1��-��%�-&�� &��&��-&�%�,��

�� $�� +&� �� %��-�� 23#4+�5163#4+�5163#4+�5163#4+�516� ,�� &��

7�%� �� &� 8�&� #��$�� #�� 9$��$�� #�� %�� ,��&� $�� &�

�� %��-��-&�%� �� &�� 7�� "�

�-��%�� 1�� &��$�&� �&��-&��+&�7��

,�� $�� %��-�� ,&�%&� &� �-��%�� $��

�� ,��-��-��#��-��:��$�� (��

;0;�� '�� ;0<�� 5�� %�-&�� ,&�� '�� ;8=8�� >��

��%�� &� -��-&��%� �$��$�� %�-&�� '�� ;?:�� 9 �� -��

%�� %��-��<�� %&�,��&�� -&��+&��,��

��

10

'��;=;?��@��,��&��%��,&�%&�,��-��@&��

;=<��,��,��&�@&��%@&��%@&��%@&��%��'��-��-&��%�%�-&��

$�� ,�� %��%��%� ,&�� 1�� %&�� -�� %��

��%&��&��$��$��@��@��%��-�� ,&��,��&�

��%��A�%��%��-��$��$��$��%��$�$��-&��

� �� &� �� @�� @�� &�� %&�� 3�� B��

��C�� ,�� %�� %�� $��

��%��%��-��-&��$��&��0�� ,��%�-�-��--��

�&� -$��%� ��$�� &� �$D%�� ,�� -$��&��

�� &�� &� ��%� -�-�� "�� E0<F� �� (A�� %��-��

#��$�� 3&�� -$��&�� &�� ,�� $�� -�-�� $�� %��$��%��

�&�� '�� ;:0=�� G��&��%�� +&�� #��$��%�� G��&��%�� +&�� #��$��%�� G��&��%�� +&�� #��$��%�� G��&��%�� +&�� #��$��%�� E::F� �� ;:0:��

#��$��%�� +&�� 3%�� 3��#��$��%�� +&�� 3%�� 3��#��$��%�� +&�� 3%�� 3��#��$��%�� +&�� 3%�� 3�� E;��F�� --�� &� �� 3��

+%&��%��9�$��

��;:0:��;:<?�� &�%��-��-&�%� ��$��,��$��%�� '��&��

�� %��$�� --��*� �� H�&�I�� &�� +&�+&�+&�+&�

#��#��#��#�� '�� %�� ,� �%&��%�� $�� %��

�� %��-�� &�� ,&�� &�� %�$��

��&�� &�� &� �3�� %�� %�� #�� D��

�� &�$�� -�-��,&��&��&��

��I�� &�$�&�� ,�� %��-��-&�� %�� ,� %��-��-&�%� -�-��

��,��

"��,&��&��,�� %�� %��

�&��%��&�� -�� %��-��-&��'�G�@��5��

�� 4��,�� "��&�� B,� 4�� +&�� &� �� &� ��-�� ,&�� ,��

%�� &� �3�� 1�%��-�� 3�� 13�� 1�%��-�� 3�� 13�� 1�%��-�� 3�� 13�� 1�%��-�� 3�� 13�� &� �� ;:?��

11

�%&��%��-��&��$D%��&��%��$��&��-$��%�

��'�G��

'�� ;:?<�� @&�� G�� "��@&�� G�� "��@&�� G�� "��@&�� G�� "�� -�� &�� $�� -�-��

B,��%�� #��-��-&�B,��%�� #��-��-&�B,��%�� #��-��-&�B,��%�� #��-��-&�� E�0F�� +&�� -�-�� &� �%� � � %��-��-&��

+&� ��$�� &�� -%��%$�� %�� &� �$�� -�-�� ,��

%��-��-&�� &� �$�� &�� &� �$�� -�-��

-$��&��

0.1. Classical Cryptosystems +&� %��%�� %��-��-&�� -��%�*� �,��-�� 3� �� %��

,��&��%��$��%��-��&��,��&��$��,&��,��

%��$��%��%��-��-&�%��$��&�-��%��-��%��%��%��%��%��%��%��%��

%��-�� 3��%� %��-��%��-�� 3��%� %��-��%��-�� 3��%� %��-��%��-�� 3��%� %��-�� #��%�� %��-�� -�� %$��

%��$��%�� -�� $��'��%��%��%��-��&��%��-��

%��%��%$�� &��%��-��%��'��%��-��&�

�%��-�� %��-�� &� ��+&�� %��-�� %��

�%�� %��-�� %��-��%�� %��-�� %��-��%�� %��-�� %��-��%�� %��-�� %��-�� %��-�� %��-�� %��-�� %��-��

�)$��&��&��&��%�� &��%��%��$��%��

�%$��+&��%$�� &� %��%��%��-�� &��/��$��

�&�� &��%��%��-��%��-�� &�� &�

��%��&�%��$��%��%��

#��%��#��-��%�� &� ��,��*�

• ��-��(��-�%�� -��-��(��

• ��%�-&��(��-�%�####�� -��%��-��(��#��

• ��-�%�H�H�H�H��,&�%&��%&�H��%��-��&��1111HHHH�

��%��-��&��HHHH��$%&��&��HHHH��1111HHHH��J��J��J��J��/�/�/�/��∈��

12

�

��%�%��-�� %��-��,��&�$��

� ��%-��%�$��%-��$��%�-&��&��/�

&�,�� ,��&� �&�� %� %��-�� &�� &� ��,��

-��*��

• "�� #��"�� #��"�� #��"�� #��#��$��#��$��#��$��#��$��

• �� #�� #�� #�� #�� $�� $�� $�� $�� %�� %�� %�� %��

• �� #�� #�� #�� #�� #�� #�� #�� #�� $� %�� $� %�� $� %�� $� %�� $��$��$��$�&��&��&��&�� #�� #�� #�� #�� !��#��#��!��#��#��!��#��#��!��#��#��$��$��$��$��

• '�� (�� #�� '�� (�� #�� '�� (�� #�� '�� (�� #�� $��$��$��$�%��%��%��%��

13

��!��)��$�*��!��)��$�*��!��)��$�*��!��)��$�*�++++,-./�,-./�,-./�,-./�� $�� $�� $�� $� �� !� �� !� �� !� �� !� �� &�� 0�� &�� 0�� &�� 0�� &�� 0� �� 1111� �� $��$��$��$��

�

�

�

�

�

��

• 2�� #��2�� #��2�� #��2�� #��#��3��#��3��#��3��#��3��$��$��$��$��

0.2. Public Key Cryptosystems H-��,��&��,�%�� #��%��#��-��,��

�&�)$��@&�� @&�� @&�� @&�� G��"��G��"��G��"��G��"��-��-��;:?<��,��-��

%��-��,&�%&��%��,��-$��%��%��-��-$��%��%��-��-$��%��%��-��-$��%��%��-��E�H#FE�H#FE�H#FE�H#F��+&��

� �-$��%��%��-��-&��&��-��&� �� %��-��-&��

�� -�� ,�� &� �� -��

��$��

��-$��%��%��-��-�� K1111HHHHL��K��HHHHL��H�∈��-�%�HHHH��

��&��-��

�

"

#

$

�

�

14

1111HHHH�*�*�*�*��M�#�#�#�#��HHHH�*�*�*�*�#�#�#�#�M��

• ��H��1�1�1�1HHHH��&�� HHHH��

• ��H��%��-$��1�1�1�1HHHH��HHHH��

• �� H�� %&� �� %��-$�� &��)$�� HHHH��

%��-$�� 1111HHHH��

• ��H�� %��-$��-��1111HHHH��HHHH�� H��

��

�%�$�� &��&��-��-�� &��%��-��1�1�1�1HHHH�� %&�$��%��

-$��%� ,��&�$�� %��-�� &� �%$�� &�� -�� %��-�� HHHH�� +&�

-$��%� �� %��-��-&�%� �� &� �� -�� ,�� -��

�%��-�� %��-�� $%&� ��

,�� &�� &� %��-��

�� &��&��

�+&� ��&� -��-�� $�� &�� &�� ,�� %��-$��

%��-��-�� ,&��%��-��%��,&��

��&��&��%��-��%��-��

'��&��%��-��&��&��%��%$��%&��

1��$��&��&��-�� -$��%��-$��%��-$��%��-$��%��1H�� %��-��

��-��-��-��-��H�� %��-��@��&��&�&�-�� -��&�$��%��%$��&��

-$��%�� '�� %��-$�� %�� &�-��$��&��

-$��%� �� %�� %�� &�� $%&� %��-�� %�$��

15

�%�$��(��5��,��&�� &�� &�� $%%�� $�� C��+&�

�3��3��3��3��%��-��&�1�7��1�7��1�7��1�7��%��-��$%&��C��-$��%�

��-$��%��/��&��&��-$��%� ��-&��

.��&��&��&�� &�-��-��%��/��&��,��,��&��

5��$��,��$--�� &��,�&��-$��%�� %��-��#�� &�$��

,��&��+&�-��%��,�� ,��

• ��$-��&�-$��%��1H�� %��-��&��1H�� J�#�

��&�%��-��(��#��

• ��%��-��&�%��-��(��#��%�&�(%�$��,��&��H��

"��J��H��1H��

• B��&��$�� %��%�-&��1H�� %��%��%��H�� 1H��

��1H��

�$��%�H��#��-��&��&� ��,��,��&��

• B��%��(%&��&�$��B��%��(%&��&�$��B��%��(%&��&�$��B��%��(%&��&�$��

• 1��$�� ,1��$�� ,1��$�� ,1��$�� ,��

• B,�$��%��D��&��,��&�$��$��&��$��B,�$��%��D��&��,��&�$��$��&��$��B,�$��%��D��&��,��&�$��$��&��$��B,�$��%��D��&��,��&�$��$��&��$��

• �1�%��-��%��-��1�%��-��%��-��1�%��-��%��-��1�%��-��%��-��

• #��$��%��%$��,��&��-��%&�� -�-��#��$��%��%$��,��&��-��%&�� -�-��#��$��%��%$��,��&��-��%&�� -�-��#��$��%��%$��,��&��-��%&�� -�-��,&��&��,&��&��,&��&��,&��&��

• ��$��%&��$��%&��$��%&��$��%&��

• B��-$��B��-$��B��-$��B��-$��

3��,��A��,��-$��%��%��-��%��,*�

RSA Cryptosystem

'��;:??��&��-�-��,&��,��&��-%��%$��%��$��

�&� -$��%� �� %��-��-&�*� �� 3&�� 5��

��N ��$-��&�%&�� -��$%�� $��A ��-$��%��%��-��

,&�%&� �� %�� 3�� %��-�� +&� -��%�� &�� $��

,&�%&� �� -��-�� --��%&�� %�� &�� 3&�� %��

�� %&�� '�� ;:??� �&�� ,�� ,�� ,��&� �$%%��N �&�� &��

��%��&�,��-��-�%�� %��%��$��&��%�$��&�

-��E�8F�O�

16

�3�� %��-�� $-�� &� �� %$�� %��C�� ,��

-��'��&��%��-��,��$��&��%��+&��%��

• 7��,��%��-��-��)��%&��$�&��&��C��

• #��%$��J�-�)��φ��J��-�P�;��)�P�;��

• ��$��%��/�;�≤��≤��φ��φ��J�;��

• #��-$��&��$��-��%�� φ��1$%��&��

+&�-��&�-$��%��&��%��-��&�-��&�

�%��&��%��-�� &�$��+&��%��-��

��--�� QRQ�� #� J� � �� J� � e �� +&� �%��-��

�� J� �P;��#��J��# d ��

' ��$��%��-�� &�$��&��&�$��&� ��,��*�

• �-��&��&��E��P�;F�

• #��-$��#��J��

• 3��&�%�-&��(��#��&�$��

• ��%��&��%��-$��#��$��&��%��

ElGamal Cryptosystem

+�&�� 1�7�� E�=F� -��-�� %��-�� &� �� %$��

��%��&��%��&��%��&��%��&��+&�� %$�� %��&��--��%��&�

��$��&�� %��-��$��&��+��

�� $��&��%��$��&�%��%-�� %��&��3$--��

,� &�� Q)� ,��&� ��$-� �-�� $��-��%�� @��&� �&� &�-� � �

�-��)$��&��%��%��-$��(� ��(��$%&��J��(��

∈�Q)��B�,��%��-$��J��(� ��(��$��

%�� %��-$��(��"��&��$�(��&��%��&��

� ��&��(��-��$��Q;:��J��&��,�%��%��-$��<��J�

?��,&�%&��)$��&��&��%��&�� %��&�� %��&�� %��&�� ?��&��&��&��&��)$��)$��)$��)$��

��<��$��$%&�� %$��%��-$��&��$��<��$��?�3��

��(��%��-$�� %��&��(�,��&��&��,��

17

'�� &� 1�7�� %&�� &�� $-�� -�� -� ��

��1��$��%��α��/��S��α��S�-�P�;��%��-$��

-$��%��$�β��J�� Ag α ��-��' �,�,��&�$��&��,�

%&��&�-�� β�� B�,��%��&�$��

��,�� α�� &� %�� %�� &�� &��-��+&�$�� α��&�

-�,��&� �� &�-��&��&��%�� &�-��

��&�-��(��

Messey - Omura Cryptosystem

+&��%��-��&�� %$�� %�� &��

�&�$��&��$-��-$��%�-��-��B�,��%&�$��%&��,��-��

��$%&��&��-��J��;�

'�� %�� ,��&� �3�� %��-�� &�� &� $�� -� ��&� �&�'�� %�� ,��&� �3�� %��-�� &�� &� $�� -� ��&� �&�'�� %�� ,��&� �3�� %��-�� &�� &� $�� -� ��&� �&�'�� %�� ,��&� �3�� %��-�� &�� &� $�� -� ��&� �&�

�$��%��$��%��$��%��$��%��-$��&��&�� &��-$��&��&�� &��-$��&��&�� &��-$��&��&�� &��B�,�%��&��$��,&�%&��&�

$��&��&�$��@��$��&��$��-��&�

��,&�%&��&��-��

+&��&��,�� ,�*�

• +&�$��%��-$�� Aem ��-��&�$��

• +&� $�� %��-$�� &� thBe � -�,�� &� �$�� &� &�� %��

��$��&��$�� BAeem ��-��&�$��

• B�,��&�$��--��&��$��,&��&��%�� ABA deem �

��-��+&��$��$��$�� Bem ��-��+&�$��&��$��

��&�$��

• +&�$��--��&��%��$��&��

��

Knapsack Cryptosystem

'�� ;:?=�� G�� "�� E?;F� -��-�� -$��%� �� %��-�� ,&�%&� ��

��$-��&��A%��H��-��%��-��7�� K��L�� -��

18

��>�� A��J��ε��−�;�ε��−��N N N N N ��ε;�ε��,&��ε��∈�K��;L�

��&�� $%&��&��

�−

=

1

0

k

i

ε��J��>�� $%&��(��

�� -%�� %�� &� H��-��%�� -�� &� �$-��%�� H��-��%��

-�� '�� &�� )$�%� �&� �� %�� &�� &�'�� &�� )$�%� �&� �� %�� &�� &�'�� &�� )$�%� �&� �� %�� &�� &�'�� &�� )$�%� �&� �� %�� &�� &�

��-��-��&��%&��-��-��&��%&��-��-��&��%&��-��-��&��%&��&��&��$�� &��&��&��$�� &��&��&��$�� &��&��&��$�� &��+��

�� &� �$-��%�� H��-��%�� -�� @� �� &�

�� ,��&� �&� �� $�� ,� �� &� �� &�� ≤� >�� +&�

��,�� &�� &� H��-��%�� -�� $-��%��

�)$�%�� A�$-��>*�

• 3��@�J�>��D�J��

• 3��,��&�εD�−;��%��&��(�� ε��%&��&�ε��)$��C��

$��,��&� ��%��$%&��&��≤��@��3��ε��J�;��

• �-��%�@��@−��D�J��@�T��%��-��

• ' �@�J��$��' �@�T��&��T�@��&��&��

��$��&��-��

Construction of Knapsack Cryptosystem

1�%&�$��%&��$-��%��A�$-��K��;��N ��A;��

,&�%&��&��−

=

1

0

k

i

��-��S��S��(��-��

,�%�$��%&��)$�%�� U;�-��C��J��;��N ��

�&�� %�� $��/� �� J� C�� J� � C�� U� ��A;� U� ��A�� UN �U� �� J�

��;��N ��P�;/��)$��C�� U��−

=

1

0

k

i

��+&��%��%&��

-��S��&� ��≥��&��-��

�&��%��-$��&��$��-��%�� J��%��-$��&�

�A�$-��K�,��L�� ,��J��+&�$��-��&��$��

19

$��-$��&�� &��A�$-�� ,��+&��%��-�� H1� �J� K�,�� ,;� ��,�A;L��+&�

�%��-��H��J�K��L��

3��,&��,��-��(��A��J��ε�A�;�ε�A��N ��ε;�ε��

$��,��&��%�-&��K�,��L��&�%��-$��#��J� ��J��−

=

1

0

k

i

ε��,��

�&��+��&��&��%�� &��-��$�>�� #�

��3��%�#��≡��−

=

1

0

k

i

ε��,��≡��−

=

1

0

k

i

ε�� ,��&��>��J��−

=

1

0

k

i

ε��"��,��

$�� &� �%�� &�� &� >� � S� � �� −

=

1

0

k

i

ε�� ≤� � �−

=

1

0

k

i

� �� S� � �� %�� &�

%��$�%��$��)$��

Quadratic Residue Cryptosystem

+&��#��-��,��-��-��$��$��3&$�E<F��;:=<�+&�V$��%�

��$�� B��-��&��$�� B/�� W�I��)$��%�

��$��$��B��&��&��(��,&�%&��W�I��

,&��&��)$�� &��%��%$��$��$��B��

+��(-��&�,�� V�#�� %�� ,��$��3�� &� �%�-��

��3��&�� &��'��V�#��%&�$��W�I�%&��,��-��-�

��)��$D%��&��&��%��$��0��+&��,��-��%��

�&� �%�� J� -�)� �&� -$��%� �� &� $�� +&� -$��%� ��

��,��&��-��%�� ,��

+&��3�%&��)$��%��$��&�Q�X��+&��$��%��&�

��(�� &��,&�%&�,��$��%��-��&��+&��

3��-��-��%&��$��&��$��$%&��

,�� ;�,&�� &� -�� ,&�� &� -�� +�� -��%�� 3�

,�� ,�� &� �--��-�� %%�� &�� $� (�� &��

�)$��&��$��3��&��,��,��&��(��%��-��)$��&�

��$��$��'��&��-�$��-��

��-��$%��,&�%&�%��$��-��%��-��&��-��

� �%�$��&��&��$��,��&��&��$�$��+&�� %��%�� &��

20

�� -�� &�� $%&� �� %�-&�� &� �� -�� %��-�� &��%��

�%$��

+&��%�-��%��%��&�-��(��%�$��,��&�

�,�� %�� J��-)��&�%��%��-$��,��$%&��&��-�U��)��J��;��

"�%��%��-$��&��$�(��−�;��&��)$�� &��$�(��&��&�

�)$�� (��&��%��&��$�(��.��%�-�� &��

��,��&�B�U�;��&� ��$�(B��%��-$��&� ��,��$��

��%��&��(��&��&�-��(��

��µ��J��E�-��U��;��⁄�0�F�B��-−;��

��θ��J��E�)��U��;��⁄�0�F�B��)−;��

��$��J��(B��-��µ��-��

��J��(B��)��θ��)��

��(��J��)$��U��-��

Hybrid Cryptosystem: Diffie Hellman’s Key Exchange System

+&��-�� -$��%��%��-��,��@&��&��

�� %��%��%��-��'��%��

�&� �,�� -�� %��-�� (-�� %&� �� +&�� &�

$�� &��%��-�� "��E�0F��

1��$��%�%��-�� %��$��%��-$��%��

%��-�� $�� &� (%&�� &� �%�� %�� &�

��%�%��-��

'�� &� �%�� &�$��$�� %��-�� $��I��

-$��%� ��+&�� &�$��%��-�� &� �%�� $�,��&�&�� -��

��+&��-��%�$��,��-� %��/��&�� &�$��

�� &� �%�� &�$�� &�� &�� %�� %��$��%��

��%��-��,��&�$��&�$��$-��&��&�� &��

%&��&��&�� $%&��&�$��

,�$��-��(�%��&��

#��,��$��,&��,��&��$-��%��,&��&��

��$-��,��&��-��-��-��S�-��&�� ,&�%&�

21

��-$��%��3�� %��&�$��%�$��$��&��-��+&��

,�� ,�*�

• +&�$��%&��%��S�-��%��-$��α�J��-��"��

α��&�$��

• +&�$��%&��%��S�-��%��-$��β�J��-��"��

β��&�$��

• +&�$��%��-$��J�β��-��%��-$��J�α��-��

'��&��,��&��&�$��&��$-��%��%��+&��

��%$��%�� %-��+&��%-��,��α��β��' �&�

��$%��W�I� ��α��WI� ��β��&��&�%�$��%��-$��D$��&�$��

"�,�� $%��&��$��+&�� &��%�-��-��

��%��&��

��,�&��&��,��&�� -$��%��%��-��-&��

%��%�� %��-��-&�� &�� $�� -��

%��-��-&�%� �� ,&�%&� -�� %�%�� $�&��%�� &� ��

%��$��%��

0.3. Digital Signatures @�$��&��%��$��%��-��%��%� ��$�&��%��,��&�

,��,&��$��%��%��$��%��%��%��,��

��-��%��&��-��%�$��$��%��%��-��-&��H#�H#�H#�H#��-��%&��

�� $%&� -��%�$�� &��$�&� �� $�� %&�� '�� &� �&�

�$�&��%�� &� �%��%�� $�� &� ��

�&��,�$��$��$��%&��33��&��%��-��

�&��$�� %��-��&�� Thus, a� �� $��%&��-��

�&��$�&��%�� &��,��&��$�&��%�� &��

��$��%&��$��%&��$��%&��$��%&�� &�� -��%��-��-&�%� ��

�H#�H#�H#�H#��$��%$��%��$��&��&��

�&��&��&�&��,��$��&�� %$��-�-��

��$��%&��%�� &� ��,��*�

22

• ��$��&��,&�%&��&�� -��$%��

��$��

• ��$�� %��&��,&�%&��&��

��$��

+&�%�$%�� %� ��&��,��$��&��&��$��$��$��$��

��,&�%&��%��%��,��&��&��,��&��,&�%&��%��%��,��&��&��,��&��,&�%&��%��%��,��&��&��,��&��,&�%&��%��%��,��&��&��,��&��

��,&��&�&��,��$��D��&��,,&��&�&��,��$��D��&��,,&��&�&��,��$��D��&��,,&��&�&��,��$��D��&��,��

�&� �� #��)$�� %�� &� �� $�� ,��&�$�� &� �� #��)$�� %�� &� �� $�� ,��&�$�� &� �� #��)$�� %�� &� �� $�� ,��&�$�� &� �� #��)$�� %�� &� �� $�� ,��&�$��

��&��&��%$��&��%&��&��&��%$��&��%&��&��&��%$��&��%&��&��&��%$��&��%&��+&$��&��$��+&$��&��$��+&$��&��$��+&$��&��$��

��$��&�� &��%$��$��&�� &��%$��$��&�� &��%$��$��&�� &��%$��&��$��

�� &�� &� �--��%�� &� -$��%� �� &� ��

-��(�� ,&�%&� ,�� --�� +&�� -��-�� &� �� $��+&�� -��-�� &� �� $��+&�� -��-�� &� �� $��+&�� -��-�� &� �� $��

��-�� &�� &� ��$�� $�� $� ��-�� &�� &� ��$�� $�� $� ��-�� &�� &� ��$�� $�� $� ��-�� &�� &� ��$�� $�� $� �� B�� (%-�� &�

�� %�� %$�� "�%�� &� �%�-�� %��%�� &�� &� ��

��&��%$��+&��$��$��&��$�&��%��$�&��%��$�&��%��$�&��%��

�&��&��,��-��-��$� ��$�&��%��$� ��$�&��%��$� ��$�&��%��$� ��$�&��%��$��&�

��AAAA��-$��-$��-$��-$�� &��$��+&��%��&��&��

�&��

�

��

A Classification of Digital Signature Schemes

+&��,��%�� $��%&��$��%&��,��&��$��%&��,��&��$��%&��,��&��$��%&��,��&�

�--��--��--��--��(��(��(��(� �)$�� &� �� -$�� &� �� %�� &��

23

��$��%&��,��&��%��)$��&��

��-$��&�� %��&��

� ��

�� $�� %&�� ,��&� �--��(� �� %��-��-&�%� &��&� $�%�� &��

�3��1�7��3%&��$��%&��$%&��$��%&��

-��,�� &��)$�� &�� %��&��'��&��

��$��%&��$��%��-��$%��$��X�∈3�� %��

��$��-�%�� ∈G�� %��-�%��,&�%&�

%�� $��

1�%&�$��%��%��3�� &��K�3��*��∈��L��"��3��

P��--�� G&��3��%��

��%��&��(�� G&��&�� &��&*�G�M�G&�/�G&�

⊆ � � G3� �� %�� -�%�� %�� &�&��&��$� �-�%��3��

� ��%��-��--��>�� G&Y�3��K��$�� L��$%&��&��

>��X��X��J��

�� =

otherwiseflase

smSiftrue kA

,

,)(, **,

�

��X∈�G&��X∈�3/�&��X�J�&�� ∈G��>��&�-$��%�� &��

�� %�� %�� %��$%�� $%&� �&��

%��-$��,��&�$��,�� &��%��3�� &��

+��&��$��

• ��%��&��%��3��∈��%��-$��X�J�&��

�X�J�3��X��"��&��A,��&��&� $�%��

• +&�-��X��&��$��&��$��

+�� &��$��

• +&�$��&�-$��%�� &�$��%��-$��X�J�&��

$�J�>��X��X��

• +&�$��%%-��&��$�� $�J��$��

24

�

�� !" ��

�

��#��!" �� $ ��

% ��&��

• ��&��-��%��∈��3��&�$�� %��%��-$��

• ��&�� %��-��%��>��&�$�� %��%��-$��

• '��&�$��%��-$�� $��&��

��∈G��X�∈�3��$%&��&��

>��X��X��J��$��,&��X�J�&��

• +&�� P�,��&��&� $�%��&� �� -�%�� %�� %��P� ��

&��&� $�%��

� ��

��$��,��&��%��&��&� ��$��&��&��%��

�%�� &��$�� +&��%&��$� $�� &��

25

-��,�� &��)$�� &�� %��&��+&�

�3��B��P��$--��$%&��$��%&��

+��&��$��

• ��%��&��%��3��∈��%��-$��X�J�Z��

�X�J�3��X��"��Z��A��--�� G��G3��

• +&��$��X��&��$��&��,&�%&��

�&�$��

+�� &��$��

• +&�$��&�-$��%�� &�$��%��-$��X�J�>��X��

�� X�∈�GZ��&�� Z��' ��X�∉ �GZ��&��D%��&��$��

• �+&�$��%��&�� X��%��-$��Z�P�;��X��

�

��'�� (��"�� % ��) ��

% ��&��

• G�� $�� %&�� ,��&� �� %�� --��

�� (��&��,&��$��%&��,��&��--��(��

�--�� &��

• +&� $�%��Z��-$��%��,��Z�P�;��%��-$��

• ��$��%&��,��&��%��%��%��

��$��%&��,��&��--��(��-��&��&��&��

�&��&�&��&��$�

26

� � � ��

+&� �3�� $�� %&�� ,�� &� �� $�� %&�� ,��&� ��

�%�� 3�� $�� %&�� &� �� -��%��%��

�%&��)$�� +&� �� -�%�� -�%�� $�� -�%� ��

%�-&��(��-�%� ��&��%&��Q��J� �K��;��N ��P�;L�,&��J�-�)� ��&�

-��$%�� ,��%&��-��$��

+��∈G��

• ��$��%��-$��X�J�Z��

• �--��&��%��&�%��-$��X�J��X��

• +&��$��X��&��$�� &�$�� &��

+�� &��$��X��%��&��

• ��$��--��&�-$��%�� &�$��%��-$��

�X�J��X��

• >�� &��X�∈�GZ/�� D%��&��$��

• ��%��&��J��Z�P�;��X��

� � ��

��A� ��A� 3&�� $�� %&�� $�� %&�� ,��&� �--��(��

+&��%&��)$��P�,��&��&� $�%��&*�K��;LX�M�K��;L�� (��

-�� "�� K��;L�� &�� A� �� A��&��

K��;LX��&�� A�� A��&��'��&��$��%&��

• 1�%&�$��%��-��%��D��∈�

Q�X��,&��D�J�;��N ��J�-�)��

• ��%��-$��D��J��D�P��

• +&��A�$-��D��&�-$��%��&��A�$-��D��&��%�� &�

$��

+��&��$��

27

• ��%��$��∈�Q�X��%��-$��$�J��

• ��%��-$��J��D��J��&��[$�/��%&�D�∈K��;L��

• ��%��-$��J��∏=

k

j

ej

js1

��

• �I��$�� &��

+�� &��$��$��

• %��-$��,�J��∏=

k

j

ej

jv1

��

• %��-$��\�J�&��[$��• �%%-��&��$�� J�\�

��&��3��$��%&��$��$��&��$�$��J�-�)��

'��&��%��$��%��,�$��&�-��-��)�

��&��%��-$��%�� %&�$��

� ��

'�� $�$�� ;::;�� &� �3�� B�� '��$�� 3�� +%&�� B'3+��

-��-��$��&��3��+&��3��&��%�� 3��

'� ��%��3��'�3�;=<��%��&��3��$��3��

��33��33��&� ��$��%&��%��C��3��

�� 1�7��$��%&��+�� $��&�� ,��&��%$��&�

1�7�� $�� %&�1�7�� $�� %&�1�7�� $�� %&�1�7�� $�� %&�� &�� 3��3��3��3�� 3%&�� $�� %&�3%&�� $�� %&�3%&�� $�� %&�3%&�� $�� %&��

��

+&�1�7��$��%&��$��%&��,��&��--��(��'��)$��

��&��&� $�%��&*�K��;LX�M�Q-��,&��-��-��'��&��$��%&��

�%&�$��%��

• ��-��$��$��-��

• ��$��&�� Q-X��

• ��%�� A,��&��&� $�%��&/�

28

• �� Ax ��;≤� Ax �≤�-P��%��-$�� Ay �J� Αxg ��-��

"�� Ax ��&�-�� Ay ��&�-$��%�� &�$��

+�� &��&�$��

• ��%��%��;≤��≤�-P��,��&��-P�;��J�;��

• %��-$��J��-��P�;��-P�;��

• %��-$��J��P�;K&��P Ax ��L��-P�;��

• �I��$�� &��

+�� &��$��$��

• �� &��;≤��≤�-P;/�� &��D%��&��$��

• %��-$��;��J�� Ay ��-��

• %��-$��&��J��&��-��

• �%%-��&��$�� ;�J��

� � � �� !�

��&��&��,��&� ��,��-��

;� -�J��-��$�$��5��,&��8;��≤�5�≤�;��0��5��$��-��

<0��

�� )�J��;<��-�� -�−;��

�� J�]�-A;��R)��-��,&��]�∈�Q-X�� )��Q-X��

0� Ax ��,��&��S� Ax �S�)��

8� Ay �J� Αxg ��-��

<� &��,��&��&� $�%��

29

+&��-��-��)��&��-$��%��+&�$��I��-$��%��&�

-�� Ay �� Ax ��-%��+��%��$��

� ��&��&�$��

• ��%��%��-$��A;��)��

• %��-$��J��-��)��

• �%��-$��J��P�;K�&��U� Ax ��L��)��

+&�-��&��$�� &�$�� &��,��$��

�$�� %&��,��$��

+�� &��$��&��%�-��

• �� &��;≤��≤�-P;/��;≤��≤�-P;/�� &��D%��&��$��

• computes w = s – 1 mod p and h (m).

• computes u1 = w. h (m) mod q and u2 = r w mod q.

• computes v = 1ug 2uAy mod q.�

• �%%-��&��$�� J��

• +&��%$�� &��3��,��%��$��%��

• ��&��-��.��&��&��-��Q-X/��&��&��&�

��&��-��&�%�%��%��$��$-�� )��

� � � ��

+&� 3%&�� $�� %&�� ,��A��,�� &� 1�7�� $��

�%&��+&��$��)$��&��&� $�%��&*�K��;L�M�Q)��'��&��%&��

�� &��&�$��

• %&��%�� Ak ∈�Q)��

• %��-$�� Ar ��J��&�� Ak ��-�� AS ��J�� Ak �− Ax � Ar ��-��

+&�-�� Ar � AS ��&��$�� &�$�� &��+�� &�

��$��&��%�-��%&%��&�)$��

30

Ar ��J��&�� AS �� Ar ��-��

The ElGamal Scheme with Message Recovery

+&�1�7��$��%&�� $��%&��,��&�

�--��(��'��%��B��B��B��B��AAAA��$--��$��$--��$��$--��$��$--��$�� 1�7��$��

�%&��,&�%&�&��&� ��$��&��&��%��%�� &��$��

��

" � # � � � ��

+&� �� &� B��A� �$--�� $�� &� �� 3��

��&��-�%��G3��J��Q-X��-��-��&��$��-�%��

3�J�Q-Y�Q)��)��-��)��-�P�;��

+��$��

• %��-$��X��J��Z��

• ��%��%��∈�Q)X��%��-$��J��P��-��

• %��-$��J��X��-��J��(��U��)��

+&�-��&��$�� &�$�� &��

+�� &��$��$��

• �� &��∈�Q-X��∈�Q)X��/�� D%��&��$��

• %��-$��J��P��-��X�J��-��

• �� &��X�∈�GZ�/�' ��X�∉ �GZ��&��D%��&��$��

• ��%��&�� X��%��-$��Z�P�;��X��

Digital Signature with Additional Functionality +&��$��%&��,&�%&�-�� $�%��

�� $�� $�&��%�� &�� -��-�� '�� &�� $��

�%&��%��$��%&��+&��3��+&�1�7��%��

31

,��&� �� -%� �%� -��%�� %&�� &� �� $��,&�%&� �&� ��%��&��

��-��

�%%�� &� �� $�� -��%$�� -�� &� ��C�� &�

��$��,��3��,��A��,��$��%&��,��&��

$�%��%��,*�

Multi-Signature Scheme

'��%��%��--��%��&��$�� &��-��)$��

�� %$�� @&�� &�� )$�� $�� ,� %�� &��

��$�� $��A��$�� E0��0;�0��00�0=�=��=;F�� +&�� $�� $� $��

,&�� %��-�� $�� %&)$�� ,&�%&� �� $�&��C�� &��

-��+&��$��$� $��%�� %��%��,&�%&��

��&��$��-��

Group Signature Scheme

#��$-�� -�-��,&�%&�� &��$-��$�&��C��

�&� ��%$�� &�� &� ��$-�� +&�� -� � � ��$�� %�� $-�

��$�� E;8�;=F��7��$-� ��$�� ,�� $%&� ��

,��&��

• .�� &��$-�%��&��

• +&��%�� &��$��%�� &��$-��$��

• �+&��%�� &��$��%�� ,&�%&�� &��$-��

�&��

• '��%�� -$��&��&��$-��&��$��

�$�&��%�� &��

Threshold Signature Scheme

�$��&�� $��%&��$��B��&��&��

�� $�� ,&�� $-� �� %�� &� �� &��

��C�� %��(��-�� &�� -��%�� %��,&�%&�

�)$��$�� &��-��3$%&��-��%��%�$��-��

32

��&�� -�� $�� )$�� $�� &�� $��

��%��&� �� &�� ,��&��&��

��&��&��&��$��%&��E��;��;�0?�8��:�F��,&�%&��

�&� �&��&�� %��-��&��&�� %��-��&��&�� %��-��&��&�� %��-�� '�� &��&�� %&�� %�� &��

��$-�� -�-��$%&��&��%��$�� &��%��,��&��

��%��&��%��+&��$�� -��-��%��&��

��$-� �� %%�� %��$�� %�� +�� $��&�� ,� �&��

��%$��&��&��%&��$��3&��

��&��&��%&��%&��$��%��H��$��

�$%&��,��&��$��%��%��-��%��$%��H�$��%��$�� P�;��

��$��&��$��&��%�� 3&��I��%&��5��

��-�� +��-��-�� P�;��

%&��Q)��$%&��&�� J�H��1�%&�$��-$��%�� iu ��%��

�&�� iu ��B�,��$�� &��&��%��%��$%��&��%��H�J��

-��&��&��$��

�

�

�

"��,��$�� -��%�� &�� &��$�&��C��$�� $��%��

�&��&�� J;��N ��

'��&��&��$��%&��$��$-�� &��&��

�&��$-�%��$-��$�� $%&��,��&�� &�

�� %��%&%��&�� &��$��,��&�$�� &��

�&� �� $�� &��&�� %&�� $ �� ,�%�� '��

�&��&�� %&�� ,&�� &��&�� %�� %��$�� &�� %��

��-��&�� &��&�� &��$��'��&��%��&�

��%��$�� &��-�� &��$��

��-��%��&��

'��&��)$��&��&��&��$��&�$��

�� *�

��J�� quu

uuf

ji

jt

ijj

t

ii mod)(

,11 −−

∏�≠==

�

33

;��+&��$-��%��WH�W�%��W�W�� 2�%��&��6��;��

��N ��$%&��&��

�� +&� ��$-� ��$�� %�� -��$%�� ,��&� ��,�� W�I�

�%��&�� ̂��

� @��&��,�� P�;�� ,��%�� &�� -��

��$-��$��

%� +&��$-��%��%��&��%�� &��

��$-��$��-��$��

�� '��&��&��C�� &��$-��$��)$��&��C��

��$��$��

�� $�� %�� &��$-��$�� %��-��%��&�$��

��-��-��

0� +&��$-��&�� &� ��-�� +&�� %&�

$��&��$-�%��&��&��

8� +&�-��$��$-��$��%�� $��

��%��$��&��&��

Undeniable Signature Scheme

�� $�� $�� &��,�� $�� -��

%�-�� (�%�� +&�� -��-�� %�� $�� $�� $%&� ��

�� &� ��$�%�� -$��%� �� ,&�� &� �� %�-��

��$�� B��&�� $��$�� &�� --��%��

#��%��%��-��%�� &�,��%��&��

��(��-��%��%��'��$%&�%��&�-��

%�� %�-��%�$�� %��-��-��$��%��$��-��

+&��%�-�� $%&��%��&�$��$��&��&��$��%��

�� ,� �� $�� &� �%�-�� &�$�� $�� &�,� �&�� &�

%��,��&�$��&��$�I��%��

��&��$��$��$��E?�;��;0�;<�0��=�F��,��$��

�� $�� $�� $�� $�� $��

34

�&�� -�� &� �� $�� $�� $��

��$��%�� ,��&��&�&�-�� &��

Blind Signature Scheme

��&�� &�� %� �� $�� %&�� $�� %&��

E;��;��?�8:�;;�F��,��P�-��-��%��,��&��&��

+&��%� �� &�� &��-�%��

��,&�%&�� $�� &�� $�� %�� %��-$��I��

��$��-�� &��%&��%�� &�%��-�� &�-��%��

��,��&��&��&��$��%��,��&� ��+&�-$�-��

��$��-��&�� &��

�&� ��$�/� &�%�� $�� %�� &� �� ,��&� �&�

��

�� $�� %&�� &�� --��%��,&�� &� �� &� %$��

�� ,�� &� �� &� �� %�-�� %�� -��

��$��3��-%� �%��%�� &�-��%��+&��

��-�� %��%� %��&� �--��%�� ,&�� &�� -��

�� $� �&�� %�� -�� @&�� 3�� -��

-��$��$%�,&�%&�-��,��&��$��

+&��,��$��&��-��-��%��

��$��%&��-��%��)$��&� ��,��%��-��*�

• ��$��%&�� &��

• �$�%��_�� ̀��,��$%&��&��

�̀�3��_��J�3��

�$�%��_� �� %�� $�%�� ̀ �� $�� $�%�� _� ��

��

Proxy Signature Scheme

�� &�� %�� -��%��%� �� &� �� ,�� ' � ��

%��-��&��&�&��&��-$��&�%�-��

&�� &� %��-�� '�� &� -�-�� ,�� %��-�� $�� &��

35

-$�-�� %��-�� -�� &� ��C�� &� -�� ,&�� &��

�$�&��$��&��

'�� &� �%��%� ,�� %�� &�� )$�� -��(�� $�� %&��

E0=�<��<:�;��;�8�;�:�;;;�;;�F� &�� %�-��

�%�� -�� $�� %&��%�� $��

��,&�%&��&�%�� -��,��' ��&��%��&��

-�� %�� %�� ,��&� �&�� -�� &�%� �&�

��$�-�� &� �� $�� @� �&� �� &�

��%�-��,��&�$��&��%��$%&��&��&��%�-��%��

�&��$�� &��,��&��&�&�-�� -��(��-��,&��%��

%��&��$��&��

Directed Signature Scheme

'��$��&��$��%��3��$��

�� %�� %�� (� �� -��R$�� %��

�$%&��$��#��,&��$��,��$��

�� &� �� %��%�� &�� $�� &��

��$��&� �� &��$��&�$��$%&��&��%��%�� &�

��$�� &�� %�� -�� &�� -�� #�� ,&��

�%�� 3$%&� ��$�� %�� %�� $��%�� $��%�� $��%�� $�� E8<�8?�<?F�� '�� %��

��$�� %&�� &� ��$�� %�� &�� $�� %�� &� ��$��

�� %�� -��%�� B�� %�� %&%�� &� �� $�� ,��&�$�� &��

%��-��

Abstract of the Thesis '�� &�� &�� ,� -��-�� %�� $�� %&��,� -��-�� %�� $�� %&��,� -��-�� %�� $�� %&��,� -��-�� %�� $�� %&�� '�� ,� &��

��%$��&��--��%�� $�� '��&��&��,�,�$��

��%$�� &� �%$�� -%�� $�� &� �� -��%�� &� -��-�� %��

��$��%&��+&��%$�� &��$��%&��,��

$��-��%��%� ��&��,�� %$��-��C/��&�-�� %��

��+&��3��%&��&�-�� %��&��

��+&�1�7��%&��

36

+&� -��-�� ,�� &�� &�� %&�-�� +&� �(��

��%$��-��&��%�� %&�%&�-��

Chapter 1

'�� &�� %&�-�� ,� -��-�� %�� $�� %&�� %�� $�� %&�� %�� $�� %&�� %�� $�� %&�� %$��

�--��%�� +�� &� ��$�� &� �� $�� &� -$��%� �� &�

��$��%��$%&��,��&��&�� $�� %��&��%��

�� &��$��%��)$��$��&��$��%��%��

%&%��&�� $��+&��$��%��-��&��

�&��$��&��,&��%��

B(�� --��%�� &��&�� %�� %$�� -��-��

��%�� $�� %&�� ,��&� �&��&�� %��%�� $�� %&�� ,��&� �&��&�� %��%�� $�� %&�� ,��&� �&��&�� %��%�� $�� %&�� ,��&� �&��&�� %�� +&�� %&�� --��%��

,&�� C��%��$��

��&��&��C�� $%&��,��&��$��"��

�� $�� $-�7�� $�� %�� &� �� &�

��$�� $�� P;� �� $�� %�� &� ��$�� '�� &�� %&��

�&�� &�� $�� %�� 3�#3�#3�#3�#�� +&� �%$�� -�� %��

�&�� (�� &� �� %�� %&�� &� �&��&��$��+&� ��

��%��&��-��%��

B(��&��&��%��-��%$��+&��&��%��-��

��$� $��,&��&��%��&�� C��+&��C��

&�� -$��%� �� +&� �%�� $�� &� $��

��C��$%&��,��&��$��)$��&��

$�� ,&�� P� ;� �� $�� ,�� &�� &�� %�� %��

�� $��&��

Chapter 2

#��$��,&��&��&��$��%��W#I��

��I�I�,��&��-�,��&��-��(��W�I��+&�

-��(��%��&��$��&�� &��$��

%�� $�� ,&�� &�� B7.I�� &��-�� ,&�%&� �%�� '�3�

%&%�$-�� +&� &��-�� &�� #G.� �� ,&�� &�� -��

37

-� ��"��$��%��$��$�%�� %��&��&��

-��#��,��%��&��$�� &��R&��%&%�A$-��&R�&�,��

%�� %��&��%��,��&�$��&��&�-�� $�� #��"'>�-��

�&�� &�� %$�� &�� &�� -�� &��-��

&��B7.�%&� �4��@&��-�� G��%��$�%��

�� '�3�-��#��&��#�&��-��&��

��%�� %��-��&��$��&��%&�-��,�%��&�

�� -��(�� $�� %&�� ,��&� ��%�� $�� %&�� -��-��

��%��$��%&��

'��&��$��%&��&�� ,��-&��+&� ��

-&�� A�� +&�� -&�� -��(�� $�� %&�� %��

-� �� &��,��'��&��-&��&��

��&��-�,��&��-��(�� '�� &��%&�� &��

�� &�� %�� %�� &�� -��(�� "� �� &��

��&��%��&��-��(��&��$�&��-��(��$��@��&�$��

��,�� &� �%�� &� �� &� -��(�� %�� &�

��$��&��

+&� �%�� -&�� A�� '�� &� �� %�� ,��

$��C�� &� -�%��-$�� &� �� -&�� '�� &�� -&�� &� -��(��

��&��%��$��&��

+�� &��$��&��%�� &��$��%��)$��

��$�� &�� &�� &� ��$�� %�� %�� %&%�� &� �� &�

��$��'��%�� &��-�� %��&��$��%��-��

�&�� &��$��&��$�&�C��,��-��%��

Chapter 3

�� ,� &�� %$�� &� �� &��&�� $�� %&�� '��

��$�� &� ��$�� %�� &� ��

�� -�� "�,�� ,&�� &� �� &��

��C��)$��&��--��%�� -�-��

�� &�� $�� ,� -��-�� %�� &��&�� $�� %&��%�� &��&�� $�� %&��%�� &��&�� $�� %&��%�� &��&�� $�� %&�� '�� &��

��$��%&��7��$-�� $��$�� ,&�%&��

38

��%��&��$�� $��+&�$��%��

�� &��$��&��%��-��&��-��#��,&��

�%��B��%��%&%��&�� &��$��,��&�$��&�&�-��

�� $�� %��$%�� ,� ��$�� &� (��%� � � �� $�� &�� $��

%��3�#��,&�%&��&��$-��%��-��&��%��&��

�� ∈� 7�� 5�� "� � �� $�� 7�� %�� @� �� $�� &�

(��%� � � �� %�� #� ,&�� %��%�� -�� $�� %&�

$�� &� �$��$-�"��1�� &��&�� &� ��$-�&�� )$��$�&��,��&�

��&��$-��%��+&�� &��%��$��)$��$��

�� &��&�� %�� ,��&� �#�� @� �&�$�� &�� &�� %��

�� %��,��&��&��#��

Chapter 4

'��$��&��&�� -��"�,��

,&�� &� �� C�� &�� C��

�� )$�� &� �--�� %�� -�-�� '�� &�� %�� &�

��$�� %�� &�� %�� &��

�&��-��+&�� %&�-��-��-�� &��&��$��%&��&��&��$��%&��&��&��$��%&��&��&��$��%&��,��&�,��&�,��&�,��&�

�&��&�� %��&��&�� %��&��&�� %��&��&�� %��

#�� &� �� C�� 3� �� &��

��C��)$��&��--�� $��"3��

��$-�73�� $��&��C��3��.��&��&��&��

�&��$-�,�� &��$�� $%&��,��

�&�� &� ��$�� %�� $�� "�� $��

�� $-� 7�� $�� &� ��C�� &�� &��&��

�� %��%&��$��-$�-��

'�� &�� %&�-��,� $��&��$�� &��&� �&��C��3�&��

%�� $�� %�� #+#�� &� ��$-� �%�� -�� &�

�,��$-��&��%��&��'��%�� -$��,��&�

��$-� 3� �� &� #+#� �-�� &� �%�� $�� -�� &� ��

��$��D$��3��%��&�#+#�%��%&%��&�� &��$��,&��

39

�&��-��&��$�� %��&�#+#�%��%��&��&��-��$��

�&� �%��

Chapter 5

'�� &��&�� %&��'�� &��&�� %&��'�� &��&�� %&��'�� &��&�� %&��,&�� &��&�� %�� %��$�� &�� %��

��-��&�� &��&�� &��$��'��&��%��&�

��%��$�� &��-�� &��$��

��-�� %� �&� �� $�� ,��&� �&� �� &��&�� %&��

-��-�� &��-��%��

'��$��$��%&��'��$��$��%&��'��$��$��%&��'��$��$��%&��&�� $��$�� &�

��&�� &��$��$��&�� ,��&��&�&�-��

�� &� �� $��$�� $��%�� -$��

�&��&�� $� �� %�� &��$�� #�� &� ��$��,&��

��$-� � � ��$�� ,�$�� &�� $��$�� +&�

�� &�� $-�$�� -�$�� &�� &� -$��%� ��%��

@&��%��%��&�� &��

�� &�� %�� &��$-��"�,�� &�� &��,��

,&�&��$�� %�� &��$-�%�$�� &�� &�

��&�-�� '�� &�� %�� &��$��$��%&�� %�� &��-��

&�,��&��&��&��$��%&��

'��&��%&�-��,�%��&�� %��$��%&��&��&��

��$�� ,��&� �$�� $�� %&�� -��-�� $�� %&��

��%��%��%��%��AAAA��&��&��$��&��&��$��&��&��$��&��&��$��AAAA��$��%&��$��%&��$��%&��$��%&��'��&��%&��

• +&�� $�� 3�#��$�� 3�#��$�� 3�#��$�� 3�#� �&�� &� ��$-� �%��

�&��&��I��%��&��

• +&��%��#��%��#��%��#��%��#�,&��&��-��%��%��

�� %&� -�� $�� &�� -��$%� �� $-� ��$�� $�� $�� $�� $��

�%�� %��,��&��&��#�%�� %��,��&��&��#�%�� %��,��&��&��#�%�� %��,��&��&��#�

• ��%��$�� %�� -��&��

��&��$��'��%�� -��%��&��

40

• ��&��&��%��%��$��%��%��-��%��$%��&�

-�� 3��(��-��&��,��%��&��&�%��&��%��

�%��&��$-��%��

Chapter 6

G�� &��&�� $�� %&�� )$�� $�� 3�#$�� 3�#$�� 3�#$�� 3�#�� &� ��$-�

�%�� %�� &�� $-� �� ,&�%&� &�� -��

�$��+&�(��%�� $%&��%�� $�-��/��&��

��,��-��-��

• �� --��%��&��-��%��,&�%&�%��

%��-��$�� &��$-��

• �3%�� &�$�� %�� %�� -�� $��%$��

��-��&��%��%��&�-��

+��&��-��;::��"��$%��%&��

1�7��$��%&��,&�%&��)$��$��3�#,&�%&��)$��$��3�#,&�%&��)$��$��3�#,&�%&��)$��$��3�#��'��&��%&��

�%&��,��3�#��$��&��%��&�� %&�

$�� '�� &�� %&�-��,� -��-�� %��%��%��%�� AAAA� �&�� &�� &�� &��&��$��&��$��&��$��&��$�� AAAA� ��$�� %&�� $�� %&�� $�� %&�� $�� %&��

,��&�$�� 3�#��,��&�$�� 3�#��,��&�$�� 3�#��,��&�$�� 3�#�� '�� &�� %&�� %&� �&��&�� ,�� 3�#� �� &��

�%��$��&�%��-��%��&��&��&��&��

�&��&��&��%� ��&�-$��%�-��@��$��&��&��

��%��%��%��%��#�#�#�#�,&��&��-��%��%�� %&�

-�� $�� &�� -��$%� �� $-� ��$�� B��&�� &�� B��&�� &�� B��&�� &�� B��&�� &��

-��%�� &��&��$��%��,��&��&�-��%�� &��&��$��%��,��&��&�-��%�� &��&��$��%��,��&��&�-��%�� &��&��$��%��,��&��&��#�#�#�#��'��&��%&��

• 1�%&� �&��&�� ,�� 3�#1�%&� �&��&�� ,�� 3�#1�%&� �&��&�� ,�� 3�#1�%&� �&��&�� ,�� 3�#� �� &�� %��

��$��&�%��-��%��&��&��&��&��

• �+&�� %�� %�� %�� %�� #�#�#�#� ,&�� &� ��-��

%��%�� %&� -�� $�� &�� -��$%� �� $-�

��$��$��%�� %��,��&��&��$��%�� %��,��&��&��$��%�� %��,��&��&��$��%�� %��,��&��&��#��#��#��#��

• ��%��$�� %��-��&��

�� &� ��$�� '�� %�� -�� %� �&�

��

41

Chapter 7

@&��&��&��$��%��)$��&��--��

�� -%� �� $�� '�� &�� ,� %�� &� �� %��

��$�� %&�� ,��&� �&��&�� $��A��$�� %&�� -��-�� &��&��

�� $�� %&�� $�� &� �� 7��C��%��7��C��%��7��C��%��7��C��%�� AAAA� +&��&��G$�� +&��&��G$�� +&��&��G$�� +&��&��G$�� AAAA��

3��$�� 3%&��3��$�� 3%&��3��$�� 3%&��3��$�� 3%&�� +&� ��$�� &�� C�� %��A� �&��&�� $�� A�

��$�� %&�� &�� &� �� %�� &��&��A� �$�� P�

��$��%&��-��$��&��%&�-��(%-��&��&��$-��$��

%�� generated only by some specified subsets of members according to the signature

policy.

' � �&� �� &� ��$�� %�� &� ��$�� %�� &� ��$�� %�� &� ��$�� %��

��C��3��-��&��)$��&��--�� -%� �%�

�$�� &� �� &�� &� ��-�� &�

�� &��-%� ��$�� &��%%��

�&��-��%��&��$��,�-��-��7��C��%��7��C��%��7��C��%��7��C��%��AAAA��&��&��&��&��&��&��&��&��

�$��$��$��$��AAAA��$��%&��$��%&��$��%&��$��%&��

�5��73��&�� &��C��3��"3��&�

�-%� �� $�� +&� �� $-� ��$�� %�� &�

%��-�� &��"3��@�� &��73��&��

�-%� ��$��

��$��%��$%��,��$��&��&��$��&��$��%��$��&��$��%��$��&��$��%��$��&��$��%��

��3�#3�#3�#3�#��&��&��&��&��&��$-��%��&��&��I��%��&��

�� %�� %�� %�� %�� #�#�#�#� ,&�� &� ��-�� %��%�� %&�

-��$��&��-��$%��$-��$��'��&��%&��

• +&��3�#3�#3�#3�#��$-��%��%��-��%��&��

� ��&��&��

• +&��%��%��%��%��#�#�#�#�,&��&��-��%��%��

�� %&� -�� $�� &�� -��$%� �� $-� ��$�� $�� $�� $�� $��

�%�� %��,��&��&��%�� %��,��&��&��%�� %��,��&��&��%�� %��,��&��&��#��#��#��#��

42

• ��%��$�� %��-��&��

��&��$��'��%�� -��%��&��

• ��&��&��%��%��$��%��%��-��%��$%��

�&��$-��%��-��&��%��&��

The thesis ends with a list of references (papers, books and websites) that have been

consulted from time to time while completing the work.

�

�

�

�

�

�

�

�

�

�

�

�

�

�

43

�

�

�

�

�

�

�

�

�

�

�

�

�

�

Chapter 1


��

�

�

�

�

�

�

�

44

�


1.1. Introduction �� ,� &�� %$�� $�� &� �%�� &� ��%�� $�� %&��

��%��$��%&��$��&��$��,&��&��&�

��$�� %�� '�� &�� %&�-�� ,� -��-�� %�� $�� %&�� %�� $�� %&�� %�� $�� %&�� %�� $�� %&��

��%$�� --��%�� '�� &�� %&�� &�� -�� %�� %&%�� &�

��$��,��&��&�&�-�� $��%��

1.2. A Directed Signature Scheme 3$--��&��$��,��$��&��&��

�%��%��%�� &��$��%��-��&�� $��

��&��-��#��,&��%��+&�� %��-��%��

�� ,��

1.2.1. Signature Generation by A

��-�%��1aK ��

2aK �∈��Q)��%��-$��

��@��J�� 2aK− ��-��>��J�� 1aK �� 2aK ��-��

"��&�-$��%�� &��$��%��

�� A�,��&��&� $�%��&��%��-$��%��$��J��&�� 1aK ��

��%��%��-$�� AS ��J��1aK U� Ax � Ar ��)��"� Ax ��&�-�� &��

K AS ��@��>��L��&��$�� &��

1.2.2. Signature Verification by B

�� &��-�� Bx ��%��-$��J��>��@�� Bx ��-��%��

Ar ��J��&��

45

��%&%��&�%��$�%�� AS � ≡?

�� Ar ��-� ��$��' �&��

�&��K AS ��@��>��L��$��

1.2.3. Proof of Validity by B to C

��-�%�� K ∈�Q)��%��-$��@#��J�� K− ��-��>#�J��#� K ��-��

��#��

��#�$��@#��>#��-��%��@��>��%&%��&�� $��$��

&�� %�� +&� ��$�� %�� -��%�� ,�� $A

�%��;��

1.3. Security Discussions '��&��$A�%��,��&��%$��&��%$�� -��-��%��3��$��%��3��$��%��3��$��%��3��$��

3%&��3%&��3%&��3%&��

��#�� &� �%�� Ax � �� 1aK �� %�� $� Ar � �� &�

)$�� AS J�1aK U� Ax � Ar ��)�O�

"��&��$�� $��,��-��&��+&��$�� )$��

��%��-$�� %��%��&��%�� Ax � ��

��1aK ��%��$� Ar � ��&��)$��

��#��-��&��O�

�� -��&��%��,��

1K � 2K �∈�Q)��%��%$��

@��J�� 2K− ��-��>��J�� 1K �� 2K ��-��J��&�� 1K ��

�$��,��&�$��,�� &� �%�� Ax �� %$�� AS � ��

�� &�� %��)$�� AS �� ≡?

��E�� Ar ��F��-��

�%��%��%��%��#�� $��K AS ��@��>��L��&�)$��

� AS �≡?

��E�� Ar ��F��-O�

46

�� %��&��%��-$��&�&��&��$� Ar �

�$%&� �&�� Ar J� &� �� )�� .��$�� %��-$�� &� �� AS � ��

)$��&��%��&��-��+&$��&��%��,��

��$%%�� $��

Illustration�

+��$��&��%&��-��J��)��J��;;��J��+&��%��-$��%�

�� $�� ,��

�� 3%��-$��%�� 3%��-$��%�� 3%��-$��%�� 3%��-$��%��

�� 0� ��;��

�� ?��

��#�� <� ��;<�

+��&��$��-�%��1aK �J��:��

2aK �J��8��%��-$��

@��J�;<�>��J��;�� ,��&��&� $�%��&��%��-$��J�;�� AS J�8�

��K8��;<��;��L��&��R&��$��&��

��%��-$��J�;=��%�� Ar �J��&��;=��J��;��5��%&%��&�%��$�%�

��8�� ≡?

�;=��;��;�� $��+&��&��

+��-��&�� &��$��#��&��$��%��-�%��

K �J�=��%��-$��@#� �J� ��0��>#��J� �:��#��#�%��-$��J��:��0�<�

�� J� � ;=�� #� �� &� ��$�� &� �� &�� $��

�%��

1.4. A Directed Signature with Threshold Verification .$�� %�� $�� %&�� %�� $�� $�� %&�� ,��&�

�&��&�� %�� %�� $�� &�� &�

��C�� $%&� �� ,�� &�� $�� "�� $��

�� $-�7�� $�� %�� &� �� &� ��$��

$��P;��$��%�� &��$��+&�%��$%�� %��%��%��%��

��$��%&��,��&��&��&�� %��$��%&��,��&��&��&�� %��$��%&��,��&��&��&�� %��$��%&��,��&��&��&�� %��3&��I��&��&��%&��

47

E:?F��@��$��&��$��&��$-�7��-��-��

iRx ��-$��%��iRy ��

+&��%&��%�� &� ��,��-��

1.4.1. Signature Generation by A

��-�%��1aK ��

2aK �∈��Q)��%��-$��

@��J�� 2aK− ��-��>��J�� 1aK ��-��

�� A�,��&��&� $�%��&��%��-$��%��$��

��J��&��>�� AS �J�1aK U� Ax � Ar ��)��

"� Ax ��&�-�� &��

�%��%��-�� (��J�1aK U�;(�UN ��A;�(��A;��)��,��&

1aK J��

��%��-$��-$��%��$iRv �� %&�� &��$-�7��

iRv J�� iRu �� 2a

i

KRy ��-��

"��iRy ��-$��%��

iRu ��&�-$��%��$��%��,��&��%&�$��

�&��$-�7��

��K AS ��@�� niRi

v 1}{ = L��&��$-�7��&��$��

1.4.2. Signature Verification by the Organization R

�� $�� "�� $�� $-� 7�� $�� %�� &�

��$�� @� ��$�� &�� &�� %�� ,&�%&� %��%�� -��

%��-$�� %&� $�� "�� &� �� $�� +&�

�� -��%�� ,��

��1�%&�$��∈�"��%��&��R&��%��&�� iRu ��J�

iRv iRxRW ��-��

��1�%&�$��∈�"�� &��R&��&��,��

48

iRMS �J�� iRu �� q

uu

u

ji

i

RR

Rt

ijj

mod,1 −

−∏

≠=��

�%��1�%&�$��∈�"��$��&��R&�� &��,��iRMS ��%��%$��&�-��

��$��iRR ��J��

iRMS ��)��&�%��

��+&�%��%��-$��J� pRk

iRi

mod1

∏=

��%��J��&��)��

��+&�%��%&%��&�%��$�%�� AS � ≡?

�� ArAy ��-� ��$��

' �&��&��KK AS ��@�� niRi

v 1}{ = L��$�� &��

+&�-��-��%&��&��&� ��,��%&��%��%�*�

• +&�� $��3�#��,&��&��&��$��

�%&�� &�� $�� 3�#� �&�� &� �%$��

-��$��&��%��&��%&�$��&�

��

• +&�� %��&��%$��-��%��&��

��%&�$��

• +&��%��&��%$��-��%��&��&�

��

• +&��%��$��&��%$��-��%��&��A

��%��+&�� (��&��

• +&� �� %�� %&�� &� �&��&�� $� �� &��

��%$��

• +&��)$��&��$��&��$-�7��

-��-��-$��%��-��iRx ��

iRy ��

1.5. Application to Threshold Cryptosystem +&��&�� %��-�� %�� P�� %��-��+&�� $� $��,&��

-��%��)$��&�%�� &��-��+&��C��&��

49

-$��%��+&��%��$��&�$�� C��$%&��

,��&��$��%��&�-��%��$��,&��P�;��

$��,��&��&��%��%�� $��&��%��

��4�� 4�� E��;��F� ��-�� &� %��%-�� &��&��

%��-��+&�I��,��&��%��-�� ,�*�

• +&��$-��%�� (�/��$��$-�� &��$��%��

�%��&��$-��%��%��&�� $�� &��

• +&��%$��-�� (��+&��%��&��

�$�� &� �� $-�� %&�� A��$-� �� %$��

-��%��)$��D$��$-��I��%��&��%%��

.$��%��$��%&��%��$��&��&��%��-��

��$��&��,��3$--��$��,��%��-��&��

��&��$�� $-�7�� $��&�$��%��-��%��

�&� �� +&� �%��-�� %��-�� H� �� &� �%��

��$-� 7�� %�� %�� >�� -%�� +&� �� %��

KK AS ��@�� %�� niRi

v 1}{ = L��&��$-�7��,&��%��J��1H� ��H��J��&��>��

�� %�� %�� &� �%��-�� H� J� &� �� +&� �� &�� %��

�%��-��&��H�%��J��

+&� -��-�� &��&�� %��-�� &�� &� ��,�� &�

%��-��&�%��%-��

• +&� ��$-� �%�� (�� %�� %&�� %&� $��&��

%��$��%��

• +&�� (��$-��+&��&��

�&�� %��-��

• �� $�� %�� %�-&�� (�� %&�� $-� ,��&� ��

��%$��-��%��

��

50

�

�

�

�

�

�

�

Chapter 2

A Directed Delegated Signature Scheme

51

A Directed-Delegated Signature Scheme

2.1 Introduction

�� &��%��-��%��%��&��,��'��&��%��%�,��

�%�� &�� )$�� -��(�� $�� %&�� &�� &��$�&�

,&�%&� � �� %�-�� %�� -��

��$��%&��%��$��E0F��,&�%&��&�%�� -��

��,��' ��&��%��&��-��%��%��

�� ,��&� �&�� -�� &�%� �&� ��$�-�� &� �� $��

��+&� ��&��&��%�-��,��&�$��

�&��%��$%&��&��&��%�-��%�� &��$�� &��

,��&��&�&�-�� &��-��(��

.�� &� ��&�� &�� &� ��$�� ,&�� &� �� &�

��$��%��%��$��$��#�� $��,&��

,� ,�� &� �� %�-�� &� �� &�

��$�� %�� &�� $�� ,� � %�� &� �� -��(�� $��

�%&��,��&��%��$��%&��%��%��%��%��AAAA��$��$��$��$��

�%&��%&��%&��%&��

'��&��%&�-��,�-��-��%��P��$��%&��,&�%&��&�

�� ,��-&��+&� ��-&�� A��+&��-&��

��-��(��$��%&��%��-� �� &��

�� ,�� +&� �%�� -&�� A�� '�� &� ��

%��,��$��C��&�-�%��-$�� &� ��-&��

'�� &�� %&�-�� ,� �� $�� --��%�� &� -��-�� %��%��%��%��AAAA

�� $�� %&�� $�� %&�� $�� %&�� $�� %&�� %�� %�� $�&�� ,&��

��$��$�&��$�%�� %��&��&�� +&�� #�

�� %��%��&��$��#�,��%�� %��&��%��%&%��&�

52

�� $��,��&�$��&��&�-��$��#�%��-��&�� &��$��

��&��-��4��,&��%��

2.2. A Directed – Delegated Signature Scheme #�� $�� ,&�� &�� B7.I�� &��-�� ,&�%&� � �%�� '�3�

%&%�$-�� +&� &��-�� &�� #G.� �� ,&�� &�� -��

-� �� "� �� $�� %��$� �� $� %�� %�� &�� &��

-��#��,��%��&��$�� &��R&��%&%�A$-��&R�&�,��

�� %�� %�� &�� %�� ,��&�$�� &�� &�-�� $�� #� �� "'>�

-�� &�� &�� %$�� &�� &�� -��

&��-��&��B7.�%&� �4� ��@&�� -�� G��%��

��$�%�� '�3�-��#��&��#�&��-��&�

�� %�� %��-��

+&��$�� $%&�-��%��A��$��

�%&��"��&��%��#�%��%�� &��$��&��#�%��-��

��&��-��4��,&��%��3��%��%��$��%��

� �� ,��&� �&� &�-� � � �%�� #� �� ,� %�� &�� &� %��

%�� %��&��,��&�$��&��$�� %��+&� ��,��

(-��&�,�-��(��%��$��%&��%��-�� $��

%��$%��

� ��C��&�%&%��$-��--��"��

��$��$��&� ��,��-��%��%&��-��

�$��-��)��-�� %�� -�P�;��∈��Q-�,��&��)��

,��&��&� $�%��&��

2.2.1.Signature Key Delegation by A

;��%�� Ak ∈�Q)��%��-$��J�� Ak ��-��

��%��a�∈�Q)��%��-$��J��a��-��

��' ��∈�Q)X��&��&�,��-��

��%��-$��J��(��U�� Ak ��)�� ,��

0��%��-$��3��J��U��a��)��%&%��3��J��-��

53

' �)$��&��%%-��W��I��$��

B�,� �&� &��-�� -�� &� -$��%�� &� %&%�� $-� � � �� -�� #� ��

-�-��-��%�� -�� #��+&��$��

�� %��&� ��,��-��%��

2.2.2. Signature Generation by B for C

��-�%��1bK ��

2bK �∈��Q)��%��-$��

@��J�� 21 bb KK − ��-��Q%��J��#� 1bK ��-��

��%��-$�� Br ��J��&��Q%��@�� BS ��J��2bK −�3��)��

�%��K BS ��@�� Br ��L��#��#G.I��$��

2.2..3. Signature Verification by C

��#�%��-$��b��J�� BS �� Ay �� Br ��@��-��Q%��J��b� Cx ��-��

��#�%&%��&�� Br �J��&��Q%��@�� &�� $��

2.2.4. Proof of Validity by C to Y

��#��K AS ��@�� Ar ��bL��4��

��4�%&%�� Ar J��&��Q��@��)��

' ��&��&��4��-��&�-��%��/��&�,��&��(��-��

�%��#��C��,�� &��-��4��&��b�Q#��J��#�� ,��

• 4�%&��$��∈�Q-�%��-$��,�J�bu ��v ��-��,��#��

• #�%&��a�∈�Q-�%��-$��c�J�,��α ��-��γ��J�c Bx ��-��

��4��

• 4��$��,&�%&�#�%�� &��,��J�bu ��v ��-��

• #��a��4��,&�%&��&�%�� &��

c�J�bu �� v Uα ��-��γ��J�Q#�u ��#� v Uα ��-��

54

2.3. Security Discussions '��&��%��,��%$��-��%��

��' ��&��-��(��&��&��&�%��%&�� &�

��&�R&��$�� &�R&��

%&��%��

+&� ��$�� &�� -�� &� (��%� � � �� $�� &�� -�� +&�

��&��,��,��-��

�$��&��-��%��$�&��%��+&��&��-��-��&�

�%�� I�� %&%�� %��

��I��

��#��2bK ��3��%��$�� -��(�� &�

)$�� BS ��J��2bK −�3��)�O�

"�� &� �$�� $��,�� -�� ,�� +&� �$�� )$��

�� %��-$�� %��%�� &��%��

2bK ��3��

�%��%��%��%��#��-��&��O�

�� -��&��%��

�,�� 1i

K ��2i

K �∈� � Q)� ��$��,��&�$��,�� &� �%��-��a� ��

�� %$�� -��(�� $�� 3� � �� BS �� &�

�� %��)$��

Q%��J�� BS �� Ay �� Br @�� Cx ��-�� Br ��J��&��Q%��@��

��#�� $��K� BS ��@�� Br ��L�$��&�)$��

b��J�� BS �� Ay �� Br @��-�O�

+�� %��-$�� &� �� BS �� &�� )$�� )$�� &�

��%�� &��-��' �� %�� *S �� K� *S ��

@�� Br ��L��&��%��%��-$��bX� � � � �J��E��*S � Ay �� Br � � �@��F��

��-��QX��J��bX Bx ��-��%��%&%��

55

Br ��J��&��QX��@��%��&� ��

Illustration�

@��$��&��%&��$��-��+��-�J��)�J�;;��J�<��

�&��%��&�-$��%�� $�� ,��

�� 3%��-$��%��3%��-$��%��3%��-$��%��3%��-$��%��

�� :�

�� 8��

��#�� <��;��

��4�� =��;=�

+��&��%��J�?��J��%��a�

J�8��J�<��%��-$��J��%��-$��-��(��

��$��J�=��%&%�� <�=��J�E�:�<��<�F��

+��&��$��-�%��1bK J�?�

2bK J��%��%$��@��J�

��Q%�J�;<�� Br �J��&��;<��=��;=��J�� BS �J�=��&�%��-��

K��=��=��;=�<L��#��

��&��$�� %��#��%��-$��d��J��Q%��J��;<��%&%�� Br �

J��&��;<��=��;=��J�� &�� $��

+�� #��4��#��;<��=��=��;=��4��4�%&%�� Br ��J��

&��;<��=��;=��J��+&��&��B�,�#�%��-��&��;<�J��<�;��

C��,�� &��$��&� ��,��%�� -��%��

��4�%&��$��J�;��J�;8��%��-$��,�J��,��#��

��#�%&��a�J�=��%��-$��c�J�=�e�J�;��c��e��4��

��4��$��#��,&�%&�#�%�� &��,��J��

��#��a��4��,&�%&��&�%�� &��c��J��;<��e�J�0��

56

2.4. Remarks '��&��%&�-��,�&��%$��%��A��$��%&��,&�%&��

$� $�� &�� %��,&�� &� �� $�� %�� '��

�&��%&��&��$��%��#�&�� $��%��&��$�� %��

-��%�� B�� %�� %&%�� &� �� $�� ,��&�$�� &�� %�A�-�� +&�

�%��-��&�� &��$��,&��%��

@�&��-��%��$%�� $%&��%��$��%&��,&�%&��

�� %�� &�� -�� "�%� �&� �%$�� &�� %&��

�� &�� &�� %&�� %�� &�� 3��%� �&� ��

�,�� &��I��%�� ,�� &��%&��

��%$��&��&��%&��&��%��&��

��

�

57

�

�

�

�

�

�

�

Chapter 3

Directed – Threshold Signature Scheme

�

�

�

�

�

�

�

58

Directed – Threshold Signature Scheme �

3.1. Introduction

'��$��&��&�� C��

��)$��&��--��%�� -�-��'��&��%��&��$��

�� &�� %�� &�� &�� -�� %��

(��-�� &��-��%�� %��,&�%&��)$�� &��$��

�� &�� -�� 3$%&� �� -��%�� %�$�� -�� &�� -��

��$�� )$��$�� &��$�� %��&� ��

�� &�� ,��&� �&� �$�� +&��&�+&��&�+&��&�+&��&�� $�� $�� $�� $��

��,�� &�� -��+&� �� &��&�� $�� %&�� $��

�&��-��+&��&��$��%��&�%��%-�� &��&��

%��-��-&�� $%��E�;��F��'��;::;��

E��F�-��-�� &� �� &��&�� $��%&�� &��3��

��$�-��

'��&��%&�-��,�-��-��%��%��%��%��AAAA��&��&��$��%&��&��&��$��%&��&��&��$��%&��&��&��$��%&��

��3&��I��&��&��$��%&�E:=F��3%&��I��$��%&�E:0F��

3.2. Directed -Threshold Signature Scheme��

5��7��$-�� $��$�� ,&�%&�� %��

�� &� ��$�� $�� +&� $�� %�� &�

��$�� &�� %�� -�� &�� -�� #�� ,&��

�%��B��%��%&%��&�� &��$��,��&�$��&�&�-��

�� $�� %��$%�� ,� ��$�� &� (��%� � � �� $�� &�� $��

%��3�#��,&�%&��&��$-��%��-��&��%��&��

�� ∈� 7�� 5�� "� � �� $�� 7�� %�� @� �� $�� &�

(��%�� %��#� �,&�� %��%�� -�� $�� %&�

$�� &� �$��$-�"��1�� &��&�� &� ��$-�&�� )$��$�&��,��&�

��&��$-��%��+&�� &��%��$��)$��$��

� ��&��&��%��,��&��#��

59

+&��%&��%�� &� ��,��-��

3.2.1. Group Secret Key and Secret Shares Generation

��3�#��%��&��$-�-$��%�-��-��)��%�� ,��&��&�

$�%��&��3�#��%��-��

��(��J��U��;(�UN ��A;�(�A;��)��,��&��J�� Gx ��J��

��"�� Gx ��&��%�� &��$-�7��

��3�#�%��-$��&��$-�-$��%�� Gy �� Gy ��J�� -��

�%��3�#�%��-$��%��&�� %&�� &��$-�7��

��J�� $��)��

�"��$��&�-$��%��$��%��,��&�$��&��$-�7��

��3�#��%&�$��%��

3.2.2. Signature Generation by any t Users

' ��$�� &��$-�� $��&��

��&��$��$�� ,��-�*�

��1�%&��%��1i

K ��2i

K �∈��Q)��%��-$��

,��J�� 2iK

1iK− ��-��C��J�� By 2i

K ��-��

�� 1�%&� �� ,�� -�� C�� %�� %&�

�� "� ��.�%��,�� C�� %��-$��

Q�@��

@��J�� qwHi

i mod∏∈

��Q��J�� qzHi

i mod∏∈

��J��&��Q��@��)��

�%��1�%&�� &��R&��&��G3��J�� quu

u

ji

jt

ijj

mod,1 −

−∏

≠=��

60

�� 1�%&� �� $�� &��R&�� &�� G3�� 1i

K ��

%��%$��&�-��$��J��1i

K P��G3��)��

��1�%&�� &��R&��-��$�� &��%��#�

,&��%��%��&�-��$��-��$%��&��$-��$��

3�J��=

t

i ,1��)��

� ��#��K�3�@��L��$�� &��$-�7��&��

��

��%��-$��b��J��E�� S � Gy � R ��@�F��-��Q��J��b Bx ��-��

��%&%��&�� $�� J��&��Q��@��)��

3.2.4. Proof of Validity By B to Any Third Party C

+&��-�� &�-��%��$��%��A��0��

3.3. Security Discussions ,� ��,� � ��%$�� %$�� -%�� &� -��-�� %��%��%��%�� AAAA� +&��&�� 3��$�� +&��&�� 3��$�� +&��&�� 3��$�� +&��&�� 3��$��

3%&�3%&�3%&�3%&��

�� '�� -�� &��$-� �%�� &��$-�-$��%��

Gy O�B��%�$��&�� %$��%��&��-��

�� #�� &��%�� &�� ∈�7�� &�-$��%��$� �$�� O�B��

%�$�� %��%��-��

(c). Can one retrieve the secret shares vi ,integer 1i

K and partial signature si , from the

equation si = 1i

K P��MSi .R mod q. ?

"�� &��$�� $��,��-�� ,��+&��$�� )$��

��%��-$�� %��%��&��%��&��

��1i

K ��-��$��∈�7��

61

(d). Can the designated combiner DC retrieve the group secret key f (0) or any partial

information from the equation, S = �=

t

i ,1si mod q ?

��+&��%��-$��

��#��-��∈�"��O�

�� -�� &��&�� %�� ,��

��1i

K ��2i

K �∈��Q)��%��,��C��$��,��&�$��,��&�

�%��&�� %$��-��$�� &�

�� %��)$��

Q��J��E�� S � Gy � R ��@�F� Bx ��-��,&��3��J��=

t

i ,1��)��

� �� #�� $��K�3�@��L��&� ��,��)$��

b��J��E�� S � Gy � R ��@�F��-�O�

+��%��-$�� 3� ��&�� )$�� &��%�� &��

-��' �� %�� *S ��K� *S �@�Q��L��&�

�%��,�$��%��-$��

��bX��J��E��*S � Gy � R ��@�F��-��QX��J��bX Bx ��-��%&%��

Br ��=?

��&��QX��@��

�+&��%��%�� &��&�� &��$��

��#��&��&��%��%��$��%��$%��&�-��

��(��O�

��%%��&� ��,��)$��

��(��J�� quu

uxuf

ji

jt

ijj

t

ii mod)(

,11 −−

∏�≠==

��

62

�&��%��-�� (��%��%��$%�� ,��&��&��,��

�%��&�� $��∈�7��

3�� C�� &� �&��&�� ,�� %&� ��&�� &�

��-�� &��%��$��%�$��$��&��,�$��

��&��%�� &�%��-��,&�%&�,��%��$��$��

+&�� %�� ,�� &� �%$�� $�� %&�� &� �� &�� &�

�$�� $�� &�� &�� %��$�� &� ��$��

�� &�� &� �&��&�� $�� "�,�� ,��&� -�� $�� &��

��$��%��%��-��%��-$��&��%��

Illustration ��$��,��$��&�� $��$��&��.$�� $��$��

�� #� �� 1� � �� ,�� $�� %�� &� ��%��

��$�� &�$��,��&��%��-$��%��-�� Bx ��J��J��J��J��<��

�� By ��J��J��J��J��=��-%��+&� ��,��-��$��&��%&��

*�� +�� "�� * � ��

5��3�#�%&��-��J��)��J��;;��J��;=�� (��J��U�8(��;;��

,&�� J�� &��$-��%�� +&�-$��%��$�� $�� %��-��

�%��&�� $�� ,AAAA�

��-$��%��$��$��%��&��

��:��0�

��#��;��=��

��1��;0��?��

��;<��<�

B�,��&�3�#��&��$-��%�� %��-$��&��$-�

-$��%�� Gy �� Gy �J��;=��J��;��

�� * � ��,� ��

' ��,��$��$�� $��$�� $��

�&��&��$��&��&� ��,��-��

63

�� +&�$��%��1aK J��

2aK �J�?��%��-$�� 1w J�� 1z J�;��

�� +&�$��%��1f

K J�8�2fK J��:��%��-$�� 4w J�0� 4z J��:��

�%� ��&� �&� $�� 1w � 4w �� 1z � 4z �� -$��%��

�&��$�&� �� %�� %&��.�%� �� 1w � 4w �� 1z � 4z ��

�%&�$��"�%��-$��&�-��$%��@�J�;��Q�J�;<��J��&��;<��;��

��;;��J��8��5��$��$--��&��&��$��$��$��)$��8��

��%��+&�$��%��-$��&�� &��G3��J��<��G3��J��=��

��+&�$��&�$��%��%$��&��R&��-��$� 1s �J��8�� 2s �

J� � :� ��-%�� &� �&� �� &�� -�� $�� #� ,&��

-��$%��$-��$��3��J��

��#��K��;��8��L��$�� &��$-�7� ��&��

�� $ ��-�

�� %��-$�� b� � J� E� ;=� ��;�8�;�� F��J� �� Q� � � J� ;<� �� %&%�� &� ��

��$��%��-$��J��&��;<��;��;;��J��8��

��$��+��-��!"��+��

��K��;��8��L��#��#�%&%��&��J�&��;<��;��;;�J��8�+&��&��

B�,��-��#��&��;<�J��;=�=��C��,�� &��$��&�

��,��%�� -��%��

��#�%&��$��J�;;��J�;��%��-$��,�J��,��

��%&��a�J�;?��%��-$��c��J�;<��e��J��0��c��e��#��

��#��$��,&�%&��%�� &��,��J��

��a��#��,&�%&��&�%�� &��c��J��;<��e��J��0��

3.4.Remarks '�� &�� %&��,� &�� $�� &�1�7�� -$��%� �� %��-�� &�

%��$%�� %�� +&��&�� 3��$�� 3%&�� +&� �%$�� &��

%��-�� &� ��%�� -�� .�� P� ;� �&��,��

64

�$ �%��&��$-��%��&��,�� $��

�&��$-��%��$��$��%��%��$��

'��&��%&��&��#�#�#�#��,&��%��%��&�-��$�� &��@�

�&�$��&��&��%�� %��,��&��&��#��1��$��

%�� %��-$�� &�� &�� $�� )�� ' � )� �� -�� &�� &�

%��%$�� &� (-�� -� �� f� �)�� ,&�%&� �� -�� +&��

��-�� &�� 5�� -�� %��%$�� &� �� &��,�� ,��

,�� (%-�� ,&�� )� J� �� ,&�%&� %�� ,� �� #�� &�

��$��,&�� ∏≠=

−t

ijjji uu

,1

)( ��)��%�-��'��&��%��&��,��

�$�� &� �$��-��%�� ∏≠=

−t

ijjji uu

,1

)( �� )�� +&�� -��

��%�� &� �� -�� )� �$�� %&� -�� $�� &��

�� %$��

��%��&��&��$��&��-��%�$��&��

��,�� &��-��+&��,�� Q��$ �%��

-�� &� �� $�� 3��$�� %�� &�� -� �� &�

%�� -��%��C��,�� &��-��&�� $��

��

��

��

��

��

65

�

Chapter 4

Threshold Signature Scheme with Threshold

Verification

�

�

�

�

66

Threshold Signature Scheme with

Threshold Verification �

4.1. Introduction

'��$��&��&�� -��"�,��

,&�� &� �� C�� &�� C��

�� )$�� &� �--�� %�� -�-�� '�� &�� %�� &�

��$�� %�� &�� %�� &��

�&��-��+&��%&�-��-��-��+&��&��$��%&�+&��&��$��%&�+&��&��$��%&�+&��&��$��%&��,��&�,��&�,��&�,��&�

�&��&�� %��&��&�� %��&��&�� %��&��&�� %��

4.2. Threshold Signature Scheme with Threshold

Verification

#��&��C��3��&��C��

��)$��&��--�� $��"3��

��$-�73�� $��&��C��3��

.�� &� ��&�� &�� &� �� $-� ,�� &� ��$��

��$%&��,��&��&��$��%�� $��"��

��$�� $-�7�� $��&��C��&��

�&��&�� %��%&��$��-$�-��

@��$��&��&��%�� &��C��3�� Sx ��&�-$��%��

Sy �,&�� Sy �J�Sxg � ��-�,��& Sx ∈�Q)��3�� &��C��-��

-�� Rx � Ry �� -�� Rx ��-$��%�� Ry �J� Rxg ��-��'��

$��&��&��C��-��-�� Ax � Ay ��,��&� Ax ��%�� Ay �J�

Αxg ��-�-$��%��

67

@� $��&��$��&��&��&��C��3�&��%��$��

%��#+#�� &��$-��%��-�� &��,��$-��&�

�%��&��+&��%&��%�� &� ��,��-��

4.2.1.Group Secret Key and Secret Shares Generation for the

Organization S

��#+#��%��&��$-�-$��%�-��-��)��%�� ,��

&��&� $�%��&��#+#��%��-�� 3��(�� &��$-�73��

3��(��J��U��;(�UN ��A;�(��A�;��)��,��&��J�� Sx ��J�� 3��

��#+#�%��-$��&��$-�-$��%�� Sy ��J�� 3��-��

(c). #+#��%�� K �∈�Q)��%��-$��-$��%��$�@��J�� K− ��-��

��#+#�%��-$��-$��%��$iSv �� %&�� &��$-�73��

iSv �J�� 3��iSu �� K

Siy ��-��

"��iSy ��-$��%��

iSu ��&�-$��%��$��%��,��&��%&�$��&�

��$-�73��

��#+#��KiSv ��@�L��%&�$��&��$-�73��&��$�&��-$��%�%&��

4.2.2. Group Secret Key and Secret Shares Generation for the

Organization R

��#+#��%��-�� (�� &��$-�7��

� ��(��J��U�;(�UN ��A;�(��A;��)�,��&��J�� Rx �J��

��#+#�%��-$��&��$-�-$��%�� Ry ��J�� -��

�%��#+#�%��-$��-$��%��$iRv � ��%&�� &��$-�7��

�iRv ��J��

iRu �� KRi

y ��-��

68

"��iRy ��-$��%��

iRu � ��&�-$��%��$��%��,��&��%&�$��

�&��$-�7��

��#+#��KiRv ��@L��%&�$��&��$-�7��&��$�&��-$��%�%&��

4.2.3.Signature Generation by any t Users

' �"3��$�� &��C��3��$�� ,&��

��&��C��&��&��$��&��

�&� ��,��-�*�

��1�%&�$��∈�"3��%��1i

K ��2i

K �∈��Q)��%��-$��

$��J�� 2iK− ��-��J�� 1i

K ��-��,��J�� 1iK � Ry 2i

K ��-��

��1�%&�$��%��$��,��-$��%��%��&��$��"3��

.�%��$��,��%&��∈�"3�%��-$��&�-��$%��

3��>3��@3��&��&��$��3��

3��J�� quSHi

i mod∏∈

��>3��J�� qvSHi

i mod∏∈

��

@3��J�� qwSHi

i mod∏∈

��3��J��&��>3��)��

�%��1�%&�$��∈�"3��%��&��R&��%��&�� 3��iSu ��J��

iSv iSxW ��-��

��1�%&�$��∈�"3�� &��R&��&��,iSMS J�� 3��

iSu �� quu

u

ji

j

SS

St

ijj

mod,1 −

−∏

≠=��

�� $�� &��R&�� &��,iSMS �� %&� $�� ∈� "3� %��-$�� &��R&��

-��$��J��1i

K ��U��iSMS ��3��)��

� �� 1�%&� $�� ∈� "3� �� &��R&�� -�� $�� &� #+#�� ,&�� -��$%� ��

��$-��$��33��J��=

t

i ,1��)��

69

��#+#��K�33�� 3��@3��L��&��%��%��%��%��#��#��#��#�� C�� C�� C�� C��

��$�� &��$-�3� ��&��

4.2.4. Signature Verification by the Organization R

��$��"�� $�� $-�7��%�� &��$��@�

��$�� &�� &�� %�� %�� %�� %�� #�#�#�#� �%�� &�� %�� &�� %�� &�� %�� &�

�� &��$-�� &��$-�� &��$-�� &��$-�7777�� &�&�� &��C�� &�&�� &��C�� &�&�� &��C�� &�&�� &��C�� ,&�� %��%�� -��

%��-$�� %&� $�� "�� &� �� $�� +&�

�� -��%�� ,��

��1�%&�$��∈�"��%��&��R&��%��&�� iRu ��J��

iRv iRxW ��-��

��1�%&�$��∈�"�� &��R&��&��,iRMS �J��

iRu � quu

u

ji

i

RR

Rk

ijj

mod,1 −

−∏

≠=��

�%��1�%&�$��∈�"��&�� &��,iRMS ��&��#��

��#�%��-$��J��

=

k

iiRMS

SS UW1

. ��)��%��

�3��J��&��)��

��#�%&%��&�%��$�%�� SS ��≡?

�� SRSy ��-� ��$��' �&��

�&��K�33�� 3��@3��L��$��&��

4.3. Security Discussions '�� &�� $A�%�� ,� �&�� %$�� &� �%$�� -%�� -��-�� +&��&��+&��&��+&��&��+&��&��

3��$��3%&��,��&��&��&�� %��3��$��3%&��,��&��&��&�� %��3��$��3%&��,��&��&��&�� %��3��$��3%&��,��&��&��&�� %��"��,��&��%$��-��

��%��$�� &��%��$%%�� $��$��

��#�� &��C��I�� %�� Sx � �� Rx � �� &��$-�

-$��%�� Sy �� Ry ��-%��O��

+&�� %$�� %�� &�� -�� B�� %�� &�

�%�� Sx �� Rx �� %� � 3�� &� ��%��%��

-��&�#+#��.��&��&��&��$��&�-$��%�� Sy �� Ry �

70

�� &��%�� Sx � �� Rx %�$�� &�� %$��

��%��&��-��

�� #�� &� �%�� &�� 3� � ��iSu �� 73� � �� &�

)$��iSv ��J�� 3��

iSu �� KSi

y ��-��O��

B�� %�$�� 3� �� %�� %�� -�� H� ��

��%��%��&�#+#��3��%��&�

�%��&�� iRu �� 7�� &�)$��

iRv ��J�� iRu �� K

Riy ��-��

(c). #�� &� �%�� &�� 3� ��iSu �� 73� � �� &�

)$�� 3��iSu ��J��

iSv iSxW ��-��O��

.��&�$��%��%��&��%��&�� 3��iSu ��%�$�� 3��

��%��%��-��iSx ��%�� &�$��∈�73��3��

��%��&��%��&�� iRu �� 7�� &�)$��

��iRu ��J��

iRv iRxW ��-��

��#��&�� &��,iSMS ��

1iK ��&�&��&��$��3��

-��$��∈�73�� &�)$��

��J��1i

K ��U��iSMS ��3��)��O�

+&��%��-��%��-$��

%��%��&iSMS ��

1iK ��&�&��&��$��3��-��$��∈�73��

��#��&��#+#��-�� &�)$��

33��J��=

t

i ,1��)��O�

.��$�� ,�$�� %��-$�� #+#� ��

��

71

� �� #��-��∈�"3��O�

�� -��&��&��∈�"3��%��

�,�� 1i

K ��2i

K ∈� Q)� �� %�� $�� ,�� $�� ,��&�$��

��,�� &� �%�� &�� 3� �iSu �� %$�� -��

��$�� &�� %��)$��

33��J��=

t

i ,1��)�� SS �� ≡

?

�� SRSy ��-��

�� #�� $�� K33� � 3� �@3� ��L� �� &� ��,�� )$��

� SS �� ≡ �� SRSy ��-O�

�� %��&��%��-$��&�&��&��$��

�3��$%&��&��3��J��&��)��

.��$�� %��-$�� &� �� SS � �� )$�� &� ��%��

��&��-��.��&��&��&��&� ��%��%�� SS �

��&��$��3��&�� &�)$��

� SS �� ≡ �� SRSy ��-��

"�,�� %%�� &��A,��-��-�� &�&��&� $�%��&�� )$��

��-��+&$��&��%��,��$%%�� $��

�&��&��&��&��#��&��&��%��%��$��%��$%��&�-�� 3��(��O�

�%%��&�)$�� 3��(��J�� quu

uxuf

jSiS

jSt

ijj

t

iiSS mod)(

,11 −−

∏�≠==

��&��%��

-�� 3��(��%��%��$%��,��&��&��,�� %��&��

3� ��iSu �� ∈�73� � ��3�� C��&��&��&��,��%&�

��&�� &��%��$�� &��%��-�� 3��+&��%��

&�,�� ,�� &� �%$�� $�� %&�� &� �� &�� &�

�$�� $�� &�� &�� %��$�� &� ��$��

��&��&��&��&��$��

72

Illustration �� $�� 3$--�� =SG ?�� =SH � 0�� =RG <� �� =SH � 8�� @� �� &�

-��-��J��0?��)��J��J��

*�� +�� "�� * � ��" �.��/��

��#+#��%�� &��$-�73��-�� 3��(��J��;;�U��(�U;��(��U�(��

"�� Sx �J��;;�� Sy ��J��;;��0?��J��?��

��#+#��%�� K �J��=��%��-$��-$��%��$�@��J��:��

�%��#+#�%��-$��&��%��-$��%��%��&��-$��%��$� ��%&�

�� &��$-�73��&�,��&� ��,��

�

��

��

��

��

��

��

��

��

*�� +�� "�� * � ��" �.��/��

��#+#��%�� &��$-�7��-�� (��J��?�U��(�U�0�(��U��(��

"� Rx �J��?�� Ry �J��?��0?��J��0��

��#+#�%��-$�� &��%��-$��%��%��&��-$��%��$� ��

�%&�� &��$-�7��&�,��&� ��,��

��>�5 1�

31��

��iSy � ��

iSx �

iSu �� 3��

iSu �� iSv �

��P�3;� ��?� ��;�� =� ��0�

��P�3�� ?� ��;�� :� �� 0�

��P�3�� =� ��;0� ��=� �� =�

��P�30� ��;=� ��;<� ��;;� ��0� ��:�

��P�38� ��=� ��;� �� <�

��P�3<� �� ;:� ��8� ��;<� ��<�

��P�3?� ��<� ��;?� ��0� ��;:� ��0��

73

>�5 1�

31��iRy �

iRx �iRu � ��

iRu ��iRv �

��P��;� :� ;8� ;;� �;� ;0�

��P�� 0�� :� 8� :� �8�

��P�� ?� ;;� =� �;� ;<�

��P��0� �8� ;=� �� ;8� ��

��P��8� ;?� <� <� <� �0�

��P��<� ;0� ;�� 0� ;=� ��

��

��

' �3��30��3<��3?�� &��C��&��

��3��%��12K �J��8��

22K �J��?��%��-$��$��J��;=��J��,��J��;��

��30��%��14K J��0��

24K �J��%��-$��$0��J��<��0��J��;<��,0��J��0��

�%�� 3<� ��%��16K J� ;��

26K J� ;=� �� %��-$�� $<� J� �� <� J� ?� �� ,<� J� ;��

��3?��%��17K �J��;�

27K �J��;;��%��-$��$?��J��?��?��J�;��,?��J��;?��

��1�%&�$��%��-$�� 3��J��0��>3��J��@3333��J��J��J��J��;=��3��J��&��J�=��

� ��3��%�� 3��2Su ��J��%��-$��

2SMS ��J��8��J��

��30��%�� 3��4Su ��J��0��%��-$��

4SMS ��J��;��0��J��;;��

��3<��%�� 3��6Su ��J��;<��%��-$��

6SMS ��J��;��<��J��;<��

�D��3?��%�� 3��7Su ��J��;:��%��-$��

7SMS ��J��;:��?��J��;��

��#+#�-��$%��$-��$��33� �J� �;8�� K�;8� ��0� ��;=� � ��L��&�

�� %��#�� C�� $�� &� ��$-�3� �� &�

��

�� $ ��" �.��/��

3$--�� $��;��0��8��<�,�� &��$��&��

��;��%�� 1Ru ��J��;��%��-$��

1RMS ��J��;:��

74

��%�� 3Ru ��J��;��%��-$��

3RMS ��J��0��

�%��0��%�� 4Ru ��J��;8��%��-$��

4RMS ��J��;;��

��8��%�� 5Ru ��J��;��%��-$��

5RMS ��J��:��

��<��%�� 6Ru ��J��;=��%��-$��

6RMS ��J��;��

� ��#�%��-$��&��$��J��&��%��3��J��&��J�=��

��#�%&%��&�%��$�%�� ;8� � � ≡?

� � �� ?�=��08� ��$��+&��

%��$�%�&��K;8��0��;=��L��$��&��

4.4. Remarks '�� &�� %&�-�� ,� &�� -��-�� &��&�� $�� %&�� ,��&� �&��&��&��&�� $�� %&�� ,��&� �&��&��&��&�� $�� %&�� ,��&� �&��&��&��&�� $�� %&�� ,��&� �&��&��

�� %�� %�� %�� %�� +�� &�� %��$%�� ,� &�� $�� &� 1�7�� -$��%� ��

%��-��3%&��I��$��%&��+&��%$�� &��%��-��

�� &� ��%�� -�� +&� ��$�� %��

��$�P��$-�� &�� %��%��

�$A��$-�� &� ��$-� � � �&� �%�� "�� $� P� ��$-��

%&��%��C��&��&��$��+&��&��&��$�%�� $��

�� $�� %�� &��&��&��$�� &��$-��

�� $�� %�� %��$�� &��,�� $�� &� ��$-�

�%�� 3�� $�� &� �&��&�� $� � � �&� ��$-� � � �%�-��

��$��%��%��$��&��,�� $��&��$-��%��

+&��$-�-$��%�-��-��)��%�� A,��&��&� $�%��&� ��

�� &��&��C��

'��%�� -$��,��&��$-�3��&�#+#��-��&��%��

��$�� -�� &� �� $�� D$�� 3��%� �&� #+#� %�� %&%�� &�

�� &��$��,&�� &��-��&��$�� %��

�&�#+#�%��%��&��&��-��$��&� �%��

75

�

Chapter 5

Directed-Threshold Multi-Signature Scheme

�

�

�

76

��Directed-Threshold Multi-Signature Scheme 5.1. Introduction

'�� &��&�� %&��'�� &��&�� %&��'�� &��&�� %&��'�� &��&�� %&��,&�� &��&�� %�� %��$�� &�� %��

��-��&�� &��&�� &��$��'��&��%��&�

��%��$�� &��-�� &��$��

�� -�� %� �&� �� $�� ,��&� �&� �� &��&��

�%&��-��-�� &��-��%��

'��$��$��%&��'��$��$��%&��'��$��$��%&��'��$��$��%&��&�� $��$�� &�

��&�� &��$��$��&�� ,��&��&�&�-��

�� &� �� $��$�� $��%�� -$��

�&��&�� $� �� %�� &��$�� #�� &� ��$��,&��

��$-� � � ��$�� ,�$�� &�� $��$�� +&�

�� &�� $-�$�� -�$�� &�� &� -$��%� ��%��

@&��%��%��&�� &��

��&��%�� &��$-��$��&�� &��,�� ,&�&��

�� $�� %�� &�� $-� %�$�� &� �� &�

��&�-�� '�� &�� %�� &��$��$��%&�� %�� &��-��

&�,��&��&��&��$��%&��

.��&��&��&��&��$��,&��&��

��&��$��%��)$��&��--��%��

-�-��#��&��,�-��-��$��%&��

��%��A�+&��&��G$��A�3��$��3%&��

5.2. Directed - Threshold Multi - Signature Scheme '�� &�� %&�-�� ,� �� %�� &� �� &��&�� $�� &��&�� $�� &��&�� $�� &��&�� $��

�%&��$��$��%&��$��$��%&��$��$��%&��$��$��%&��%&��%&��%&��,��&��%��$��%&��,��&��%��$��%&��,��&��%��$��%&��,��&��%��$��%&��-��-��

�,� ��-�� $��%&�� %�� &��%��%��%��%�� AAAA�+&��&��G$��+&��&��G$��+&��&��G$��+&��&��G$��AAAA3��$��3��$��3��$��3��$��

3%&��3%&��3%&��3%&��

��$��%��$%��,��$��&��&��$��&��$��%��$��&��$��%��$��&��$��%��$��&��$��%��

�3�#��3�#��3�#��3�#��,&�%&��&��$-��%��%��&�� &��&��

77

�� %�� %�� %�� %�� #�#�#�#� ,&�� &� ��-�� %��%�� %&�

-��$��&��-��$%��$-��$��

+&��%&��%�� &� ��,��-��

5.2.1.Group Secret Key and Secret Shares Generation for the

Organization S

��3�#3�#3�#3�#��%��&��$-�-$��%�-��-��)��%�� ,��

&��&� $�%��&��3�#��%��-��

�3�(��J��U��;(�UN ��A;�(�A;��)��,��&��J�� Sx ��J�� 3��

��3�#3�#3�#3�#�%��-$��&��$-�-$��%�� Sy ��J�� 3��-��

(c). SDC randomly selects K ∈ Zq and computes a public value W = g K− mod p.

�

��3�#3�#3�#3�#��%��H��∈�Q)��%��-$��J��EH��U�� 3�iSu �F��)��

��"��"��"��"��iSu ��&�-$��%��$��%��,��&��%&�$��&�-$��%��$��%��,��&��%&�$��&�-$��%��$��%��,��&��%&�$��&�-$��%��$��%��,��&��%&�$��&��$-��&��$-��&��$-��&��$-�77773333��

��3�#�%��-$��-$��%��$iSv �� %&�� &��$-�73��

iSv ��J�� KSi

y ��-��

��"�"�"�"�iSy ��&�-$��%��$��%��,��&��%&�$��&�-$��%��$��%��,��&��%&�$��&�-$��%��$��%��,��&��%&�$��&�-$��%��$��%��,��&��%&�$��&��$-��&��$-��&��$-��&��$-�77773333��

� ��3�#��KiSv ��@�L��%&�$��&��$-�73��&��$�&��-$��%�%&��

��3�#��%��-$��-$��%��$��

��J�� ilg ��-��J�� iKg ��-��

�

�

78

5.2.2. Partial Signature Generation By Any t Users and

Verification

' �� &��C��3��$��

��-��-��-�� Rx � Ry ��+&��&��$��&��&�

��,��-��

�� 1�%&�$��∈�"3��%��1i

K ��2i

K �∈��Q)��%��-$��

��$��J�� 2iK− ��-��J�� 1i

K ��-��,��J�� 1iK � Ry 2i

K ��-��

�� 1�%&�$��$��,��-$��%��%��%&��∈�"3��

.�%��$�� ,��%&��∈�"3�%��-$��&�-��$%��

3��>3��@3��&��&��$��3��


i mod∏∈


i mod∏∈

��

@3��J��J��J��J�� qwSHi

i mod∏∈

��3��J��&��>3��)��

�%��1�%&�$��∈�"3��%��&��R&��%��&��J��iSv iSxW ��-��

��1�%&�$��∈�"3�� &��R&��&��,�iSMS J�� q

uu

u

ji

j

SS

St

ijj

mod,1 −

−∏

≠=��

��1�%&�$��∈�"3�$��&��R&�� &��,�iSMS ��%��-$��$��

��J��1i

K ��U��iSMS ��3��)��

�� 1�%&��∈�"3��&��-��$��&��#�#�#�#��

� � +&��#��#��#��#�%&%��&�%��$�%� � � �� is � � ≡?

� � � �� S

ijSHj jSiS

iSR

quu

u

im ��

�

�

�

−

−∏

≠∈ ,

mod ��-� ��

-�� $�� 3� �� ' � �&�� %��$�%�&�� &��&�-��

��$��3�� &��&��

79

5.2.3. Group Signature Generation

��#�#�#�#�%��%��-$��&��$-��$��33��J��=

t

i ,1��)��%��

�&�-��$��

��#�#�#�#��K�33�� 3��@3��L��$�� &��$-�3��&��

5.2.4. Signature Verification by R

+�� &�� &��$-��$��K33�� 3��@3��L��&�� &�� &�� &��

&��R&��%��&��R&��%��&��R&��%��&��R&��%�� Rx ��

�� +&�� %��-$�� %��$�1��

1��J�� ∏∈

��

�

�

�

−

−∏ ≠∈

S

ijSHjjSiS

jS

Hi

quu

u

in mod0

, ��-��

��+&�� %��%��&��$��3��

��J��@3�� RxSU ��-��3��J��&��

�%��+&�� $��&�%��%$��%�� SS �� ≡?

��1�� SRSy ) ��-��%&%��&�

�� &��$��' ��&��%��%$��%�&��&��&��$-��$��K33��

3��@3��L��$�� &��C��3��&��

5.2.5.Proof of Validity By R to any third Party C

��%��-$��b��J�� 3� Rx ��-��J��b��@3��-��

��K��1��33�� 3��bL��#��

�%� #��%��3� � � �J� �&�� $��&� ��,��%��%$��%��%&%��&�

�� &��$��

� SS ��≡?

��1�� SRSy ) ��-��

��' ��&��&��#��-��&�-��%��/��&�,��&��(��-��

80

��C��,�� &��-��#��&��SU �b��J�� Ry �� ,��

+&��-�� &��%&��$��%��A��0��

5.3. Security Discussions '�� &�� $A�%�� ,� �&�� %$�� &� �%$�� -%�� -��-�� %��%��%��%�� AAAA��

�&��&��&��&��&��&��&��&��PPPP� �$��$�� %&�� $��$�� %&�� $��$�� %&�� $��$�� %&�� "�� ,� �&�� %$�� -��

��%��$�� &��%��$%%�� $��$��

��#��&��%�� Sx �J�� 3�� &��$-�-$��%�� Sy �O��

+&�� %$�� %�� &�� -�� B�� %�� &�

�%�� Sx ��%� �3��&��%��%��-��&�

3�#��.��&��&��&��$��&�-$��%�� Sy ��&��%��

�� Sx �%�$��&�� %$��%��&��-��

��#��&��%��&�� 3��iSu ��∈�73�� &�)$��

iSv ��J�� 3��iSu �� K

Siy ��-��O�

B�� %�$�� 3� � �� %�� %�� -�� H� ��

��%��%��&�3�#��

�%��%��%��%��#��&��%��&�� 3��iSu ��∈�73�� &�)$��

3��iSu ��J��

iSv iSxW ��-��O�

.��&�$��%��%��&��%��&�� 3��iSu ��%�$�� 3��

��%��%��-��iSx ��%�� &�$��∈�73��

(d). #�� &� �� &��,iSMS ��

1iK �� 3� � �� -��

��$��∈�73�� &�)$��J��1i

K ��U��iSMS ��3��)��O�

'�� %��-$�� %��%�� &iSMS ��

1iK ��3�

��-��$��∈�73��

81

(e). #��&��%��#��&��-�� &�

)$��3��J��=

t

i ,1��)��O�

.��$��&��%��-$�� #��

� �� #��-��$��∈�"��O�

�� -�� $�� ∈� "3� �� %�� ,��

��1i

K ��2i

K ∈�Q)��%��$�� ,��$��,��&�$��,��

�&� �%�� &�� 3� �iSu �� 3� �� %$�� -��

��$�� &�� %��)$��

� is �� ≡?

��

S

ijSHj jSiS

iS

R

quu

u

im ��

�

�

�

−−

∏≠∈ ,

mod��-��

��#�� $��K33�� 3��@3��L��&� ��,��)$��

� SS ��≡?

��1�� SRSy ) ��-��O�

�� %��&��%��-$��&�&��&��$�

�3��$%&��&��3��J��&��)��

.��$�� %��-$�� &� �� SS � �� )$�� &� ��%��

��&��-��.��&��&��&��&� ��%��%��3�� SS �

��&��$��&�� &�)$��

�� SS �� ≡?

��1�� SRSy ) ��-��

�"�,�� %%�� &� -��-�� &� &��&� $�%�� &�� )$��

��-��+&$��&��%��,��$%%�� $��

�&��&��&��&��#��&��&��%��%��$��%��$%��&�-�� 3��(��O�

��%%��&�)$��

3��(��J� quu

uxuf

jSiS

jSt

ijj

t

iiS mod)(

,11 −−

∏�≠==

��

82

�&��%��-�� 3��%��%��$%��,��&��&��,�� %��

�&�� 3��iSu ��∈�73��

�$��$��-��-��%&��&��%��&��∈�73��%��&��H��

,&�%&� ��,�� &� ��$�� 3�#� �� &��

�%��$%�� &� -�� 3� �(�� %��$�� &��&��

��&��H�� &�-$��%��"�,��&�� %$��

��&��%��&��-��+&$��&��&��%��

%��-��%��$%��&�-�� 3��(��-��&��,��%��&��

3�� C�� &� �&��&�� ,�� %&� ��&�� &��

�&��%��%��$%��&�-�� 3��(��

Illustration ��$��$--�� =SG ��?�� =SH �8��-�J��0?��)��J��J��8��

*�� +�� "�� * � ��" �.��/��

��3�#��%��-�� 3��(��J�;��U�;=�(�0�� Sx �J�;�� Sy �J�;<��

��3�#��%�� K J�;0��%��-$��-$��%��$�@�J��

��>�5 1�

31��

3%��

ix �

�$��%�

iy �

3%��

iK �

3%��

3�iSu ��

3%��

il �

�$��%�

im �

�$��%�

in �

�$��%�

iv �

� ��P3;� ;�� ;<� =� �� ;�� ;?� 0;�

� ��P3�� ;=� 0� �� ;� �� :� �� :�

� ��P3�� ;:� <� ;�� ;<� �� ;� �� ;�

� ��P30� �� :� ;?� �� :� �0� ;:�

� ��P38� ;?� �0� ;0� ;0� 8� ;�� 0� �=�

� ��P3<� �� ;<� ;0� ?� �?� ?� ;0�

� ��P3?� ;8� �<� �;� �� :� �?� 00�

83

�%��3�#�%��-$��&��%��-$��%��%��&��-$��%��$� ��%&�

�� &��$-�73��&�,��&��

�� * � ��,� ��

' �� $��3��30��38��3<��3?��$��

�� -�� -�� Rx J� :� Ry J� �� &�� &� ��$�� &�� &�

��,��-��

��3��%��12K J�;=�

22K J�;?��%��-$��$��J�;=��J�0��,��J��

��30��%��14K J�;?�

24K J�;:��%��-$��$0��J�=��0��J��0��,0��J��=��

�%��38��%��15K �J�;0�

25K J�;��%��-$��$8��J��8��J��0��,0��J�?��

��3<��%��16K J�;:�

26K J��;��%��-$��$<��J;0��<��J�<��,<��J��8��

��3?��%��17K J�;<�

27K J�;=��%��-$��$?�J;��?��J�?��,?��J��0��

� ��1�%&�$��%��-$��&�-��$%�� 3�J�=�>3��J��<��@3333��J��J��J��J�;0��3��J�:��

��3��%��&��R&��%��&��J��%��-$��2SMS ��J��;��J��;<��

�&��30��%��&��R&��%��&��0��J��%��-$��4SMS ��J��;<��0��J��

��38��%��&��R&��%��&��8��J��8��%��-$��5SMS ��J��<��8��J��

�D��3<��%��&��R&��%��&��<��J��?��%��-$��6SMS ��J��8��<��J��;=��

��3?��%��&��R&��%��&��?��J��%��-$��7SMS ��J��8��?��J��;8��

�� $ ��+�� * � ��

��#�� %&�-��$��(��-�� $��3��

��J��;<��J��0��J��:��3�J�:�� 23mod2.7,6,5,4 ji

j

SS

S

ij uu

u

−

−∏

==�J��;��

"� %&%�� 8� ;<� � � ≡?

� � � 0� � �� ( )9129 ��0?�+&�� &��3�� &� %&%�� %&�

-��$��

84

��#�%��-$��$-��$�33��J��K��;0��=��L��$�� &�

��$-�3� ��&��

�� $ ��" �,� ��

��+&�� %��-$�� %��$�1��J��;=��

��+&�� %��%��&��$��J��<��3��J��:��

�%��+&�� $��&�%��$�%��8� �� ≡?

� ��<� �� ;=�;<��:� ��0?��%&%��&�

�� &��$��

+&��%��$�%�&��&��$-��$��K��;0��=��L��$��

�&��$-�3��&�� &�-��

��$��+��!��"��+��

��%��-$��b�J�;<��J��<��K�<��;=��=��;<L��#��

��#��%��3� � � �J�:��%&%��&�%��%$��%��8� �� ≡?

� � ��<� �� ;=�;<��:� � ��&�

�� &��$��+&��&��/��#��&��(��-��

�%��C��,�� &��-��#��&��=�;<��J��8�� ,�*A��

• #�%&��$�J�:��J�;;��%��-$��,�J��8��,��

• ��%&��a�J��?�%��-$��c�J��<��γ��J�:��c��γ��#��

• #��$��,&�%&��%�� &��,��J��8��

• ��a��#��,&�%&��&�%�� &��c�J��<��γ��J�:��

5.4. Remarks '��&��%&�-��,�&��-��-��%��+&��&��%��+&��&��%��+&��&��%��+&��&��PPPP�G$��$��3%&��G$��$��3%&��G$��$��3%&��G$��$��3%&��'��

�&��%&��

• +&�� $�� 3�#��$�� 3�#��$�� 3�#��$�� 3�#� �&�� &� ��$-� �%��

�&��&��I��%��&��

• +&��%��#��%��#��%��#��%��#�,&��&��-��%��%��

�� %&�-��$��&��-��$%��$-��$��$��$��$��$��

��%�� %��,��&��&��#��%�� %��,��&��&��#��%�� %��,��&��&��#��%�� %��,��&��&��#�

85

• ��%��$�� %��-��&��

�� &� ��$�� '�� %�� -�� %� �&�

��

• ��&��&��%��%��$��%��%��-��%��$%��

�&�-�� 3��(��-��&��,��%��&��&�%��&��

%��%��&��$-��%��

�

86

�Chapter 6

Directed-Threshold Multi-Signature Scheme without

SDC �

�

87

Directed-Threshold Multi-Signature

Scheme without SDC 6.1. Introduction G�� &��&�� $�� %&�� )$�� $�� 3�#��$�� 3�#��$�� 3�#��$�� 3�#�� &� ��$-�

�%�� %�� &�� $-� �� ,&�%&� &�� -��

�$��+&�(��%�� $%&��%��$�-��/��&��

��,��-��-��

• �� --��%��&��-��%��,&�%&�%��

%��-��$�� &��$-��

• �3%��&�$�� %��%��-�� $��%$��

��-��&��%��%��&�-��

+�� &�� -�� ;::�� "�� $%�� %&��

�� 157��$��%&��,&�%&��)$��$��3�#�E0��<;F��

1�%&��,��3�#��$��&��%��&�� %&�

$��'��&��%&�-��,�-��-��%��%��%��%��AAAA�+&��&��G$��+&��&��G$��+&��&��G$��+&��&��G$��AAAA�3��$��3%&��3��$��3%&��3��$��3%&��3��$��3%&��

,��&�$��3�#��,��&�$��3�#��,��&�$��3�#��,��&�$��3�#��

6.2. Directed - Threshold Multi - Signature Scheme without SDC '�� &�� %&�� %&� �&��&�� ,�� 3�#� �� &�� %��

��$��&�%��-��%��&��&��&��&��'��%��&�

�&��&�� &� -$��%� -�� @� ��$�� &�� &��

�� %�� %�� %�� %�� #�#�#�#� ,&�� &� ��-�� %��%�� %&�

-�� $�� &�� -��$%� �� $-� ��$�� B��&�� &�� B��&�� &�� B��&�� &�� B��&�� &��

-��%�� &��&��$��%��,��&��&�-��%�� &��&��$��%��,��&��&�-��%�� &��&��$��%��,��&��&�-��%�� &��&��$��%��,��&��&��#�#�#�#��

6.2.1.Group Public Key and Secret Shares Generation Phase �� &� �� &� ��C�� 3� �� %�� &� ��$-� -$��%�

-��-��)��&��%��%��H��

��1�%&��73�%��-$��@��J�� Kg − ��-��

88

�%��1�%&��73��%��P�;��&��-�� (��

�%��iSu ∈��Q)�-$��%��

��1�%&��73��%��-$��-��$-�-$��%�� iy ��J�� -��

��+&��$-�-$��%�� Sy �� Sy J�� ∏∈ SGi

�� iy ��-��

� ��1�%&�� 73�,�� 3�#�"� ��%�� %��&�D� � ∈� � Q)� ��

%��-$��&��%��$��D��-$��%��$��D��D�� D� ≠ ��

��D��J��E&�D��U� ��iSu �F��)��

��D��J��ijlg ��-��D��J�� ijhg ��-��

��1�%&��73��%��-$��-$��%��$iSv �� %&��D� ≠ �� &�

��$-�73��ijSv ��J��D�� K

S jy ��-��

��"��jSy ��&�-$��%��%��,��&��%&�$��D��&��$-�73��

�&��1�%&��73��ijSv ��%&��D� ≠ ��&��$�&��-$��%�%&��

6.2.2. Partial Signature Generation by any t Members and

Verification�

' �� &��C��$��

��-��-��-�� Rx �� Ry ��+&��&��$��&��&�

��,��-��

��1�%&��∈�"3��%��1i

K ��2i

K �∈��Q)��%��-$��

$��J�� 2iK− ��-��J�� 1i

K ��-��,��J�� 1iK � Ry 2i

K ��-��

��1�%&��$��,��-$��%��%��%&��

"3� ��.�%��$�� ,��%&�� ∈�"3�%��-$�� &�

-��$%�� 3��>3��@3��&��&��$��3��


i mod∏∈


i mod∏∈

��

89


i mod∏∈

��3��J��&��>3��)��

�%��1�%&��∈�"3��%��&��R&��%��&��D��

�D��J��jiSv iSxW ��-��D� ≠ ��

��1�%&��∈�"3��%��-$��$��#��J� quu

u

ikHk SS

S

S ki

k mod)(

)0(

,∏

≠∈ −−

��

��1�%&�� "3��%��-$��&��R&�� &��,iSMS ��J �

∉∈ SS HjGjjil

,

�#��)��

� ��1�%&��∈�"3��$��&��R&�� &��,��iSMS ��$��

��J��E1i

K U�� UiSMS ��3�F��)��

��1�%&�� ∈�"3� ��&��-��$�� &��%��

�#��#�� &�-��$��#��3��&��

� is �� ≡?

��S

SS

i

R

HjGj

Cjii my �

��

�

�∏

∉∈ ,

��-��

' � �&� �� )$�� &�� &�� &� -�� $�� #��

�&��&��

6.2.3.Group Signature Generation��

��#�#�#�#��%��%��-$��&��$-��$��33��J��=

t

i ,1��)��%��&�

-��$��

��#�#�#�#��K�33�� 3��@3��L��$�� &��$-�3� ��&��

6.2.4.Signature Verification by R +�� &� �� &� ��$-� ��$�� K33� �� 3� �@3� � �� L� �&� �� &� �� &� �� &� ��

��R&��%��R&��%��R&��%��R&��%�� Rx ��+&��$A�%��%�� &� ��,��-��

��+&�� %��-$�� %��$�1��J�� ∏ ∏∈ ∉∈

��

�

�

�

��

�

�

S

i

SSHi

C

HjGjjin

,��-��

��.��&�� %��%��&��$��3��

90

��J��@3�� RxSU ��-��3��J��&��>3��

�%��+&�� $��&�%��$�%�� SS � � � ≡?

��1�� SRSy ) ��-��%&%��&�

��&��$��' ��&��%��$�%�&��&��&��$-��$��K33�� 3�

�@3��L��$�� &��C��3��&��

6.2.5. Proof of Validity by R to any third Party C ��+&��-�� &�-��%��%��8��8�

6.3. Security Discussions '��&��$A�%��,��&��%$��&��%$��-%�� -��-��%&��"��

,� �&�� %$�� -�� %�� &�,� �&�� &�� %��

�$%%�� $��&��

��'��-��&�-��%�� ∈�73��O�

+&�� %$�� %�� &�� -�� B�� %�� &�

-�� $-� -$��%� �� iy �� %� �� &� �� %�� %��

-��&��.��&��&��&��$��&�-$��%�� Sy ��

��&�-��%�� %�$��

iy ��J�� -�� Sy J��∏∈ SGi

iy ��-��

��'��-��&��%��&��D�� &�)$��

��D��J�E&�D��U� ��iSu �F��)�O�

B��%�$�� &��%��%��-��&�D��

��%��%��&��

�%��'��-��&��%��&��D�� &�)$��

��D��J� ijlg ��-��O�

B��%�$��&�� %$��%��&��-��

��'��-��&��%��&��D�� &�)$��

ijSv J��D�� KS j

y ��-O�

B��%�$��H��%��%��%��

��'��-��&��%��&��D� ��&�)$��

�D��J��jiSv iSxW ��-O�

91

.��&�$��%��%��&��%��&�� D�D�D�D�%�$�iSx � ��%�� &�

$��

� ��#��&�� &��,iSMS ��&�)$��

iSMS ��J�� ∉∈ SS HjGj

jil,

�#��)��O�

'��-��%��%��&�� &��,iSMS ��&�)$��%�$��

��D�D�D�D��%�� &��&�$��

�� '�� -�� &�� &� �� %�� #� �� &� �� -��

�� &�)$��33��J��∈ SHi

��)��O�

.��$��&��%��-$�� #��

�&��'��-��&��%��-��$��∈�"��O�

�� -�� $�� ∈� "3� �� %�� ,��

��1i

K ��2i

K ∈�Q)��%��$�� ,��$��,��&�$��,��

�&��%��&��D��3�� %$��-��$��

�� &�� %��)$�� is �� ≡?

��

S

SS

i

R

HJGj

Cjii my ��

�

�∏

∉∈ ,��-��

�� '�� -�� &�� %�� $�� K33� � 3� �@3� ��L� �� &�

��,��)$�� SS ��≡?

��1�� SRSy ) ��-�O�

�� %��&��%��-$��&�&��&��$�

�3��$%&��&��3� � �J� � � �&��)��$��%��-$��&�� SS ��

)$�� &� ��%�� &�� -�� .�� &� ��&�� &�� &�

��%��%��3�� SS � ��&��$��&��

�� &��$�� %��)$��"�,��%%��&�-��-��

� � �&� &��&� $�%�� &�� )$�� -�� +&$�� &�� %�� ,��

�$%%�� $��

92

Illustration ��$��3$--�� =SG ?�� =SH 0��-�J�0?��)�J��J��H��J�;;��@�J�;��

*�� +�� "�� * � ��"��

�� &� $�� %��-$�� &�� %�� -$��%� ��$�� ,&�%&� �� &�

��,��

�

>�5 1�

31��

3%��

��(��

3%��

��

�$��%�

u��

�$��%�

iy �

3%��

iSx �

�$��%�

iSy �

��A3;� ?�U�;��(�� ?� :� �8� :� �?�

��A3�� :�U�;;�(�� :� ;�� ?� ;;� 0�

��A3�� ;0�U�=�(�� ;0� ;8� ;0� ;�� <�

��A30� ;?�U��(�� ;?� ;;� �� ;:� ;=�

��A38� ;��U�?�(�� ;�� ;=� �<� 8� =�

��A3<� ;=�U�;8(�� ;=� ;:� <� ;�� ;?�

��A3?� �;�U�;8�(�� ;� �;� �;� ;0� ;0�

�

��+&��$-�-$��%�� Sy �� Sy ��J��8��

�%�� A�3;��&� ��,��

�

��>�5 1�

31��

��%��

&;D��

��%��

�;D��

�-$��%��

�;D�

�-$��%��

�;D�

-$��%��

��;D�

��P�3�� ;0� 0� �0� ;0� ��

��P�3�� :� ;�� <� ��?� ;��

��P�30� ;;� 8� =� 0� 08�

��P�38� ;8� ;?� �� 0�� ;=�

��P�3<� ;?� ;8� 0�� 0��

��P�3?� ;�� ;<� �� <� 0��

�

�

�

93

�� A�3��&� ��,��

��>�5 1�

31��

��3%��

&�D��

�3%��

��D��

��$��%��

��D�

��$��%��

��D�

�$��%��

��D�

��P�3;� ��;�� ;0� ��;0� ��<� ��;�

��P�3�� ;0� �� ?� ��;0� ��0�

��P�30� ��:� ��=� ��=� ��;?� ��8�

��P�38� ��?� ��;� ��;� ��8� ��8�

��P�3<� ��;<� ��;;� ��0� ��=� ��;:�

��P�3?� �� ;<� �� ?� ��0��

�

�� A�3��&� ��,��

��>�5 1�

31��

��3%��

&�D��

�3%��

��D��

��$��%��

��D�

��$��%��

��D�

�$��%��

��D�

��P�3;� ��?� ��;;� ��0� ��8� ��0��

��P�3�� ;�� 8� ��=� ��;?� ��<�

��P�30� ��;;� ��;� �� 0� ��:�

��P�38� ��;�� ;<� �� <� ��=�

��P�3<� ��;:� ��0� ��0� ��;=� ��0�

��P�3?� ��;� ��;?� �� ;� ��?�

�

� �� A�30��&� ��,��

��>�5 1

31��

��3%��

&0D��

�3%��

�0D��

��$��%��

�0D�

��$��%��

�0D�

�$��%��

��0D�

��P�3;� ��;:� ��;8� ��;0� ��;=� ��0<�

��P�3�� ;�� ?� ��<� ��;��

��P�3�� ;;� ��;�� ;?� ��0� ��

��P�38� ��<� ��;<� �� 0� ��=�

��P�3<� ��=� ��;?� �� =� ��=�

��P�3?� ��;=� ��;;� ��0� ��<� ��

�

�

94

�� A�38��&� ��,��

�

��>�5 1�

31��

��3%��

&8D��

�3%��

�8D��

��$��%��

�8D�

��$��%��

�8D�

�$��%��

��8D�

��P�3;� ��<� ��;<� �� 0� ��0�

��P�3�� ;?� �� ;<� �� ;;�

��P�3�� ;=� ��;8� ��0�� <� ��<�

��P�30� ��;�� 8� ��=� ��<� ��08�

��P�3<� ��;:� ��;� ��;� ��;=� ��

��P�3?� ��=� ��;;� ��0� ��=� ��

�

�&�� A�3<��&� ��,��

�

��>�5 1�

31��

��3%��

&<D��

�3%��

�<D��

��$��%��

�<D�

��$��%��

�<D�

�$��%��

��<D�

��P�3;� �� ?� ��8� ��:� ��0�

��P�3�� 8� ��;:� ��;=� ��=� ��

��P�3�� ?� ��0� ��0� ��8� ��

��P�30� ��;;� ��?� ��8� ��0� ��;<�

��P�38� ��;�� ;:� ��;=� ��<� ��08�

��P�3?� ��;�� :� ��;�� ;?�

�

�� A�3?��&� ��,��

��>�5 1�

31��

��3%��

&?D��

�3%��

�?D��

��$��%��

�?D�

��$��%��

�?D�

�$��%��

��?D�

��P�3;� ��;;� ��;:� ��;=� ��0� ��8�

��P�3�� ;�� ?� ��8� ��<� ��?�

��P�3�� ;8� ��;8� ��0�� 0�� <�

��P�30� ��;?� ��;<� ��

��P�38� ��;0� ��=� ��=� ��;<� ��;0�

��P�3<� ��;�� ;<� �� ;��

95

�

�

�� * � ��,� ��

��' �� $��3��30�3<��3?�� -��

�� -�� Rx � J� ?�� Ry � J� � � �8� ��&�� &� ��$�� &�� &� ��,��

��-��

��3��%��12K J�;;�

22K J��;��%��-$��$��J��;��J��0��,��J�;?��

��30��%��14K J��;��

24K J�;��%��-$��$0��J�0��0��J�;?��,0��J��:��

�%��3�<��%��16K J�;0�

26K J�;?��%��-$��$<��J��0��<��J�;0��,<��J�<��

��3?��%��17K J�;=�

27K J��8��%��-$��$?��J��<��?��J��<��,?��J��8��

��1�%&�$��%��-$�� 3��J��;<��J��8�@3��J��;0��3��J�&��8��J��?��

� ��3��%��&��&��;��J��0��J��8��8��J��#��J�;�G3��J�=��J��;8��

��30��%��&��&��;0�J��8��0��J�;��80�J��8��#0�J;;��G30��J��<��0��J��;��

�&��3<��%��&��&��;<��J�;8��<��J��0��8<��J��;��#<��J�:�G3<��J;8��<��J��;8��

��3?��%��&��&��;?�J�;<��?��J�;?��8?��J�;;��#?��J��G3?��J�;?��?��J�=��

�� $ ��+�� * � ��

�� #�#�#�#�� %&�-��$��(��-�� $��3�� J�

;8��J�0��;��J��0��J��=��8��J��;<�2Sy �J��?��3��J��?��#��J��;��

��#��#��#��#�%&%�� ;<� � � � � ≡?

� � � �0� � ��?�?� � � ��0��=��;<��?��0?��+&��&��3��&�

%&%��&��-��$��

��#�#�#�#�%��-$��$-��$�33��J��K��;<��;0� ��L��$��

�&��$-�3� ��&��

�� $ ��" ��

��+&�� %��-$�� %��$�1��J��;��

��+&�� %��%��&��$��J��8��3��J��?��

�%�� +&� �� $�� &� %��$�%�� ≡?

� �8� �� ;��8�� ?� � ��0?� �� %&%�� &�

�� &��$��

96

+&��%��$�%�&��&��$-��$��K��;<��;0��L��$��

�&��$-�3��&�� &�-��

�

��$��+��"��+��

��%��-$��b��J��J��8��K�8�;��;<��L��#��

��#��%��3��J��?��%&%��&�%��%$��%��≡?

��8��;��8��?��0?� ��&�

�� &��$��+&��&��/��#��&��(��-��

�%��C��,�� &��-��#��&��;<��J��8�� ,�*A��

• #�%&��$�J�;��J�;8��%��-$��,�J��:��,��

• ��%&��a�J�;;�%��-$��c�J��<��γ��J�;<��c��γ��#��

• #��$��,&�%&��%�� &��,��J��:��

• ��a��#��,&�%&��&�%�� &��c�J��<��γ��J�;<��

6.4. Remarks '��&��%&�-��,�&��-��-��%��%��%��%��PPPP+&��&��G$��+&��&��G$��+&��&��G$��+&��&��G$�� AAAA��$��3%&��$��3%&��$��3%&��$��3%&��

,��&�$��3�#�,��&�$��3�#�,��&�$��3�#�,��&�$��3�#��'��&��%&��

• 1�%&� �&��&�� ,�� 3�#1�%&� �&��&�� ,�� 3�#1�%&� �&��&�� ,�� 3�#1�%&� �&��&�� ,�� 3�#� �� &�� %��

��$��&�%��-��%��&��&��&��&��

• �+&�� %�� %�� %�� %�� #�#�#�#� ,&�� &� ��-��

%��%�� %&� -�� $�� &�� -��$%� �� $-�

��$��$��%�� %��,��&��&��$��%�� %��,��&��&��$��%�� %��,��&��&��$��%�� %��,��&��&��#��#��#��#��

• ��%��$�� %��-��&��

�� &� ��$�� '�� %�� -�� %� �&�

��

• �� &��&�� %�� %��$�� %�� %��-��

�%��$%��&��$-��%��-��&��,��%��&��.��

97

�

�

Chapter 7

The Generalized Directed– Threshold Multi – Signature

Scheme

��

�

�

�

��

��

��

��

��

��

98

The Generalized Directed-Threshold

Multi-Signature Scheme�

7.1. Introduction @&��&��&��$��%��@&��&��&��$��%��@&��&��&��$��%��@&��&��&��$��%��)$��&��--��

�� -%� �� $�� '�� &�� '�� &�� '�� &�� '�� &�� ,� %�� &� �� %��,� %�� &� �� %��,� %�� &� �� %��,� %�� &� �� %��

��$�� %&��,��&� �&��&��$��$�� %&��,��&� �&��&��$��$�� %&��,��&� �&��&��$��$�� %&��,��&� �&��&��$��AAAA��$�� %&��-��-�� &��&��$�� %&��-��-�� &��&��$�� %&��-��-�� &��&��$�� %&��-��-�� &��&��

�� $�� %&��$�� &� �� $�� %&��$�� &� �� $�� %&��$�� &� �� $�� %&��$�� &� ��7��C��%�� A� +&��&��G$�� A�

3��$�� 3%&�� +&� ��$�� &�� C�� %��+&� ��$�� &�� C�� %��+&� ��$�� &�� C�� %��+&� ��$�� &�� C�� %��AAAA� �&� �&� �&� �&��&�� $��&�� $��&�� $��&�� $�� AAAA��

��$�� %&�� &�� &� �� %�� &��&��$�� %&�� &�� &� �� %�� &��&��$�� %&�� &�� &� �� %�� &��&��$�� %&�� &�� &� �� %�� &��&��AAAA� �$�� $�� $�� $�� PPPP��

��$��%&��-��$��&��%&�-��(%-��&��&��$-��$��$��%&��-��$��&��%&�-��(%-��&��&��$-��$��$��%&��-��$��&��%&�-��(%-��&��&��$-��$��$��%&��-��$��&��%&�-��(%-��&��&��$-��$��

%�� -%� �� $�� %%�� &%�� -%� �� $�� %%�� &%�� -%� �� $�� %%�� &%�� -%� �� $�� %%�� &��

��$��-��%��$��-��%��$��-��%��$��-��%��

7.2. Generalized Directed - Threshold Multi - Signature Scheme

' � �&� �� &� ��$�� %�� &� ��$�� %�� &� ��$�� %�� &� ��$�� %��

��C��3��-��&��)$��&��--�� -%� �%�

�$�� &� �� &�� &� ��-�� &�

�� &��-%� ��$�� &��%%��

�&��-��%��&��$��,�-��-��7��C��%��7��C��%��7��C��%��7��C��%��AAAA��&��&��&��&��&��&��&��&��

�$��$��$��$��AAAA��$��$��$��$��%&��%&��%&��%&��

�5��73��&�� &��C��3��"3��&�

�-%� �� $�� +&� �� $-� ��$�� %�� &�

%��-�� &��"3��@�� &��73��&��

�-%� ��$��

��$��%��$%��,��$��&��&��$��&��$��%��$��&��$��%��$��&��$��%��$��&��$��%��

�3�#��&��3�#��&��3�#��&��3�#��&��&��$-��%��&��&��I��%��&��

�� %�� %�� %�� %�� #�#�#�#� ,&�� &� ��-�� %��%�� %&�

99

-��$��&��-��$%��$-��$��+&�� %&��%�� &�

��,��-��

7.2.1.Group Public Key and Secret Shares Generation Phase

��3�#3�#3�#3�#��%��&��$-�-$��%�-��-��)��%�� ,��&��&�

$�%��&��3�#��%��$-��%�� Sx �∈�Q)��%��-$��&��$-�

-$��%�� Sy �� Sy ��J�� Sx ��-��

��3�#��3�#��3�#��3�#��-$��%��$�iSu ∈�Q)��%��$��∈�Q)�∀ ��∈�73��

�%��3�#3�#3�#3�#�%��$%��&��-�� 3��(�� %&��-%� ��$��"3��∈��

�73�� =SH ��

�� 3��(��J�� Sx � qux

ux

ux

ku

ux

S iJS j

j

iS j

j

Hi Hj S

S

Si

Hj S

Smod

(

(.

)0(

)(

,

� ∏∏∈ ∈∈ �

�

�

�

�

−

−+

−

−

≠

��

,��&�� Sx �J�� 3�� 3��iSu ��J��∀ ��∈�"3��

��3�#3�#3�#3�#�%&��-$��%��$�SHu ∈�Q)�� %&��-%� ��$��"3�∈��73��$%&�

�&�� ≠SHu

iSu ��∀ ��∈�73��%��-$��&��-%� �%�� %��>H��

��>H��J��∏∈ −

−

SHj jSSH

jS

SHa uu

uuf

g)(

)0().(

��-��

��3�#3�#3�#3�#��%�� K ∈�Q)��-$��&��$�@��J�� K− ��-��

�

� ��3�#3�#3�#3�#�%��-$��&��%��&��∀ ��∈�73��J��)(

Si

S

HS

H

uu

u

−−

��)��

��3�#�3�#�3�#�3�#�-$��&��&�-$��%��$��iSv �� ∀ ��∈��73��

��J�� il ��-��iSv �J�� K

Siy ��-��

�"�"�"�"�iSy ��&�-$��%��%��,��&��%&�$��&�-$��%��%��,��&��%&�$��&�-$��%��%��,��&��%&�$��&�-$��%��%��,��&��%&�$��&��$-��&��$-��&��$-��&��$-�77773333��

100

#�0�0�� +� ��

��+�) ��

+&�%��%&�� &��-%� ��$��$-��&��

' ��&�� -%� ��$��"3�� -��

-��-�� Rx � Ry ��+&��&��$��&��&� ��,��-��

�%� 1�%&�$��∈�"3��%��1i

K ��2i

K �∈��Q)��%��-$��

��$��J�� 2iK− ��-��J�� 1i

K ��-��,��J�� 1iK � Ry 2i

K ��-��

�� 1�%&�$��$��,��-$��%��%��%&��∈�"3�

��.�%��$��,��%&��∈�"3�%��-$��&�-��$%��

3��>3��@3��&��&��$��3��


i mod∏∈


i mod∏∈

��


i mod∏∈

��3��J��&��>3��)��

�%��1�%&�$��∈�"3��%��&��R&��%��&��J�iSv iSxW ��-��

��1�%&�$��∈�"3�� &��R&��&��,��iSMS J�� q

uu

u

ji

j

SS

St

ijj

mod,1 −

−∏

≠=��

�� 1�%&� $�� ∈� "3� $�� &��R&�� &��,� �� %��-$�� &�� -��

��$��J�1i

K ��U��iSMS ��3��)��

� ��1�%&��"3��&��-��$��&��%��%��%��%��#�#�#�#��

��+&��#�#�#�#�� &�-��$��3��&�%��$�%��

� is ��≡?

��

S

ijSHj jSiS

jSR

quu

u

im ��

�

�

�

−

−∏

≠∈ ,

mod��-��

101

' ��&��%��$�%�&��&��&�-��$��3�� &��&��

��

7.2.3.Group Signature Generation

��#�#�#�#�%��%��-$��&��$-��$��33� �J� �∈ SHi

��)��%�� &�

-��$��

"��,��&�$��&��&��%�� "��,��&�$��&��&��%�� "��,��&�$��&��&��%�� "��,��&�$��&��&��%�� %��,��&��&��%��,��&��&��%��,��&��&��%��,��&��&�

�#�#�#�#��

��#�#�#�#��K�33�� 3��@3��L��$�� &��$-��$-��$-��$-�3�3�3�3��&��&��&��&��

7.2.4. Signature verification by R

+�� &�� &��$-��$��K33�� 3��@3��L��&�� &�� &�� &��

&��R&��%��&��R&��%��&��R&��%��&��R&��%�� Rx ��+&��$A�%��%�� &� ��,��-��

��+&�� %��%��&��$��3��

��J��@3�� RxSU ��-��3��J��&��

�� +&� �� $�� &� ��$-� -$��%� �� Sy � �� &� %��-�� -%� �%�

�� %��>H��%&%��&�%��$�% SRKV � SS �� ≡

?

�� SRSy ��-��

�&�� &��$��

' � �&�� %��$�%� &�� &�� &� ��$-� ��$�� K33� �� 3� �@3� � �� L� � ��

��$�� &��C��3��&��

7.2.5.Proof of validity by R to any third party C +&��-�� &�-��%��%��8��8�

7.3. Security Discussions '�� &�� $A�%�� ,� ��%$�� &� �%$�� -%�� -��-�� 7��C�� 7��C�� 7��C�� 7��C��

��%��%��%��%�� AAAA� �&��&�� &��&�� &��&�� &��&��PPPP� �$��$�� %&�� $��$�� %&�� $��$�� %&�� $��$�� %&�� "�� ,� ��%$�� -��

��%��$��&�,��&�� &��%��$%%�� $��$��

��#��&��%��#��&��%��#��&��%��#��&��%��%%%%�J�J�J�J�� 3333�� &��$-�-$��%�� &��$-�-$��%�� &��$-�-$��%�� &��$-�-$��%�� Sy �O�O�O�O��

102

+&�� %$�� %�� &�� -�� B�� %�� &�

�%�� %�� %� 3� � �� &� �� %�� %��

-��.��&��&��&��$��&�-$��%�� Sy ��%��&�

�%��%�%�$��&�� %$��%��&��-��

��#��&��%��&��#��&��%��&��#��&��%��&��#��&��%��&��∀ ��∈∈∈∈��77773�3�3�3�� &�)$�� &�)$�� &�)$�� &�)$��

iSv ��J��J��J��J�� KSi

y ��-��-��-��-��OOOO��

B��%�$��H��%��%��&�3�#��

�%��#��&��%��&��%��#��&��%��&��%��#��&��%��&��%��#��&��%��&��∀ ��∈∈∈∈��77773�3�3�3�� &�)$�� &�)$�� &�)$�� &�)$��

��J��J��J��J�iSv iSxW ��-��-��-��-��OOOO��

.��&�$��%��%��&��%��&��%�$��iSx ��%�� &�

$��∈�73��

�� #�� &� �� &��,�� #�� &� �� &��,�� #�� &� �� &��,�� #�� &� �� &��,iSMS ��

1iK �� 3� �3� �3� �3� � �� -�� -�� -�� -��

��$��$��$��$��∈∈∈∈��77773�3�3�3�� &�)$�� &�)$�� &�)$�� &�)$��J�J�J�J��1i

K ��U��U��U��U��iSMS ��3333��)��)��)��)��OOOO��

'�� %��-$�� %��%�� &iSMS ��

1iK ��3�

��-��$��∈�73��

(e). Can the designated combiner DC retrieve the any partial information from the

equation, SS = �∈ SHi

si mod q ?

.��$��&��%��-$�� #�#�#�#��

� ��#��-��$�� #��-��$�� #��-��$�� #��-��$��∈∈∈∈��"��"��"��"��OOOO��

�� -�� $�� ∈� "3� �� %�� ,��

��1i

K ��2i

K ∈�Q)��%��$�� ,��$��,��&�$��,��

�&��%��&��3�� %$��-��$��

�� &�� %��)$��

103

� is ��≡?

��

S

ijSHj jSiS

jSR

quu

u

im ��

�

�

�

−

−∏

≠∈ ,

mod��-��

�

�� #�� $�� K�� #�� $�� K�� #�� $�� K�� #�� $�� K33333�3�3�3� � � � � 3�3�3�3� �@�@�@�@3�3�3�3� ��L� �� &� ��,�� )$��L� �� &� ��,�� )$��L� �� &� ��,�� )$��L� �� &� ��,�� )$��

SRKV �� SS ��≡

?

�� SRSy ��-�-�-�-��

�� %��&��%��-$��&�&��&��$�

�3��$%&��&�� 3� �J� � �&�� )�.��$��%��-$��&�� SS ��

)$�� &� ��%�� &�� -�� .�� &� ��&�� &�� &�

��%��%��3�� SS � ��&��$��&��

�� &�)$�� SRKV � SS ��≡

?

�� SRSy ��-��

"�,��%%��&�-��-�� &�&��&� $�%��&��)$��-��

+&$��&��%��,��$%%�� $��

�&�� #�� &� ��&�� #�� &� ��&�� #�� &� ��&�� #�� &� �� -%� �� $�� -%� �� $�� -%� �� $�� -%� �� $�� """"3� �3� �3� �3� � ∈∈∈∈�� 77773333�� %��-�� %�� &�� %��-�� %�� &�� %��-�� %�� &�� %��-�� %�� &�

-��-��-��-�� 3333��((((��O��O��O��O��

+&��%��-�� 3��%��%��$%��,��&��&��,�� U�;��

-�� )(,ii SSS ufu �� @&�� &� �� -%� �� $�� %��-��

�%��$%��&�-�� 3��&�� -��%�$�� =SH �

��"�,�� %��&�(��%��&�� )(SHS uf ��>H� �� %$��

��&��%��&��-��+&$��&��&��%��

%��-��%��$%��&�-�� 3��(��-��&��,��%��&��

Illustration +&� ��,�� $�� $--�� $�� %&�� -��%��%�� -��

3$--�� =SG ��3;��3��3��30��38�� =SH ��3;��3��38��-��J��0?��)��J��J��<��

7��$-�3%��H��3%��3&��7�� &��C��7��$-�3%��H��3%��3&��7�� &��C��7��$-�3%��H��3%��3&��7�� &��C��7��$-�3%��H��3%��3&��7�� &��C��3333��

��3�#3�#3�#3�#��%��$-��%�� Sx �J�;=��%��-$�� Sy �J��:��

104

��3�#3�#3�#3�#��%�� K �J��-$��&��$�@��J��<��

�%��3�#�3�#�3�#�3�#��-$��%��$��iSu ��%��$��&� ��,��

��

>��$��

3;�� 3�� 3�� 30�� 38��

iSu � ;;� :� ;0� =� ;?�

�� =� ;0� ;�� 8� ;��

��3�#�3�#�3�#�3�#�%��$%��-�� 3�(��J��(��U8(��U;?(�U;=� ��-%� ��$��"3��

��3�#3�#3�#3�#�%&��SHu J�;�� -%� ��$��"3��%��-$��>H��J��

� ��3�#3�#3�#3�#�%��-$��&��%��-$��%��%��&��-$��%��$� ��%&�

�� &��$-�73��&�,��&� ��,��

�

��

��

��

��

��

��

��

�

�� +��

' ��&�� -%� ��$�� =SH �3;��3��38��

�� -�� -�� Rx J� ;�� Ry J� ;=�� &�� &� ��$�� &�� &�

��,��-��

��3;��%��11K J�?�

21K J�:��%��-$��$;��J�;<��;��J��0��,;��J��;��

��>�5 1�

31��

3%��

�� ix �

�$��%�

�� iy �

3%��

��

�$��%�

iSu �

3%��

il �

�$��%�

im �

�$��%�

iSv �

� ��P3;� 8� �;� =� ;;� ;�� ?� ;0�

� ��P3�� ;8� �� ;0� :� �� <� ;�

� ��P3�� 0�� ;�� ;0� �;� ;?� �0�

� ��P30� 0� �?� 8� =� �� <� ;0�

� ��P38� ;�� ?� ;�� ;?� ;;� ;0� ;��

105

��3��%��13K J�8�

23K J�;;��%��-$��$��J��?��J��;��,��J�;��

�%��38��%��15K �J��:�

25K J��?��%��-$��$8��J�;��8��J��,8��J��;=��

��1�%&�$��%��-$��&�-��$%�� 3��J�?�>3��J��;?��@3333��J��J��J��J��3��J�=��

��3;��%��&��R&��%��&��;��J��;��%��-$��1SMS ��J��;��;��J��;:��

� ��3��%��&��R&��%��&��J��;��%��-$��3SMS ��J��;<��J��;=��

��38��%��&��R&��%��&��8��J��;;��%��-$��5SMS ��J��8��J��=��

�� ) ��+��

�� #�#�#�#�� %&�-��$��(��-�� $��3��

��J�;=��J��;��J��;?��3�J�=�� 23mod2,5,1 ji

j

SS

S

ij uu

u

−

−∏

==��J��;8��

"� %&%�� <� ;=� � ≡?

� � �;� �� ( )81517 �� 0?�+&�� &�� 3�� &� %&%�� &��

-��$��

��#�#�#�#�%��-$��$-��$�33��J��K��?��L��$�� &�

��$-�3� ��&��

�� ) ��" � ��

+&� �� +&� �� +&� �� +&� �� &��R&�� %�� &��R&�� %�� &��R&�� %�� &��R&�� %�� Rx �� &� �� &� ��$-�

��$��K��?��L��+&��$A�%��%�� &� ��,��-�*�A�

��+&�� %��%��&��$��J�;?��3��J��=��

��+&�� %&%��&�%��$�%��=� � �<�� ≡?

� �;?� � ��:� =��0?� ��&�

�� &��$��

+&��%��$�%�&��&��$-��$��K��?��L��$��

�&��C��3��&��

��)��+��"��+��

��%��-$��b��J��J��;?��K�;?��?��L��#��

106

��#��%��3��J��?��%&%��&�%��%$��%��=��<�� ≡?

��;?��:�=��0?��

�&�� &��$��+&��&��/��#��&��(��-��

�%��C��,�� &��-��#��&��?��J��<��;=�� ,�*A��

• #�%&��$�J��J��8��%��-$��,�J��,��

• ��%&��a�J��?�%��-$��c�J�;=��γ��J��0��c��γ��#��

• #��$��,&�%&��%�� &��,��J��

• ��a��#��,&�%&��&�%�� &��c�J�;=��γ��J��0��

7.4. Remarks '�� &�� %&�-�� ,� &�� -��-�� 7��C�� 7��C�� 7��C�� 7��C�� %��%��%��%�� PPPP+&��&�� G$��+&��&�� G$��+&��&�� G$��+&��&�� G$�� AAAA��

��$��3%&��,��&�$��$��3%&��,��&�$��$��3%&��,��&�$��$��3%&��,��&�$��3�#3�#3�#3�#��'��&��%&��

• +&��3333�#�#�#�#��$-��%��%��-��%��&��

� ��&��&��

• +&��%��%��%��%��#�#�#�#�,&��&��-��%��%��

�� %&� -�� $�� &�� -��$%� �� $-� ��$�� $�� $�� $�� $��

�%�� %�� %�� %�� %��,��&��&��%��,��&��&��%��,��&��&��%��,��&��&��#��#��#��#��

• ��%��$�� %�� -��&��

��&��$��'��%�� -��%��&��

• ��&��&��%��%��$��%��%��-��%��$%��

�&��$-��%��-��&��%��&��

107

Appendix

3$�� &�-�-��-$��&�R$��-$��%��*�3$�� &�-�-��-$��&�R$��-$��%��*�3$�� &�-�-��-$��&�R$��-$��%��*�3$�� &�-�-��-$��&�R$��-$��%��*��

��

��

��-��-$��&�*��-��-$��&�*��-��-$��&�*��-��-$��&�*��

%& �� ' In South East

Asian Journal of Mathematics and Mathematical

Science�2 (1), ��!"�#�$%��

(& �� In the

proceeding of National conference on Information

Security,�Sponsored by DRDO, �� !��!$&�'�!"$��

��-��$��-��$��-��$��-��$��-$��%��*��-$��%��*��-$��%��*��-$��%��*��

%& �� Communicated to Aligarh

Math Bulletin.

(& ��

�� Communicated to J. of Applied and Pure

Mathematics, New Delhi.

)& �� ' Communicated to J.

of Natural Science Grukhul Khagri University

Haridwar.

*& �� '

Communicated to GANIT SANDESH, J. of Rajasthan Ganit

Parishad.��

+& ��

Manuscript.

108

References

�

109

��'��

1. Adleman L.M., Pomerance C.and Rumely R.S. (1983). On distinguishing prime from the

composite numbers, Annals of Mathematics - 117, p.p.173-206.

2. Bellare M. and Michali S. (1988). How to sign given any trapdoor function, Proceeding of 20th

STOC-ACM, p.p. 32-42.

3. Biehl I., Buchmann, J. A., Meyer, B., Thiel, C. and Thiel, C. (1994). Tools for proving zero

knowledge, Advances in Cryptology -EuroCrypt - 94, Springer Verlag, p.p. 356-365.

4. Blakley G.R. (1979). Safeguarding cryptographic keys, Proceeding, AFIPS 1979 Nat. Computer

conference - 48, p.p. 313-317.

5. Blake I.F., Van Oorschot P.C. and S.Vanstone. (1986). Complexity issues for public key

cryptography, Performance limits in communication, Theory and Practice, NATO ASI Series

E: Applied Science - 142, p.p. 75 – 97.

6. Blum L., Blum M. and Shub M. (1986). A Simple unpredictable pseudorandom number

generator, SIAM Journal on Computing - 15 (2), p.p. 364-383.

7. Boyar J., Chaum D., Damgard I. and Pederson T. (1990). Convertible undeniable signatures,

Advances in Cryptology – Crypto - 90, Springer Verlag, LNCS # 537, p.p.189-205.

8. Boyd C. (1986). Digital multi-signature, In Cryptography and Coding. Editors, Beker H.J. and

Piper F. C., Clarendon Press, London, p.p. 241 – 246.

9. Burmester M. V. D., Desmedt Y., Piper F. and Walker M. (1989). A general zero knowledge

scheme, Advance in Cryptology- Eurocrypt - 89, Springer Verlag, p.p. 122-133.

10. Camenish J.L., Piveteare J.M. and Stadler M.A. (1994). Blind signature based on discrete

logarithm problem, Advance in Cryptology-Eurocrypt - 94, Springer Verlag, p.p. 428-432.

11. Chang C.C., Jan J.K. and Kowng H.C. (1997). A digital signature scheme based upon the

theory of Quadric Residues, Cryptologia - 21 (1), p.p. 55- 69.

12. Chaum D. (1982). Blind signature for untraceable payments, Advances in Cryptology – Crypto

- 82, Springer Verlag, p.p. 199-203.

110

13. Chaum D. and Van Autwerpan H. (1989). Undeniable signatures, Advance in Cryptology-

Eurocrypt - 89, Springer Verlag, p.p. 212-216.

14. Chaum D. (1990). Zero knowledge undeniable signatures, Advance in Cryptology-Eurocrypt -

90, Springer Verlag, LNCS # 473, p.p. 458-464.

15. Chaum D. (1991). Group signatures, Advance in Cryptology-Eurocrypt - 91, Springer Verlag,

p.p. 257-265.

16. Chaum D. (1995). Designed confirmer signatures, Advance in Cryptology-Eurocrypt - 94

Springer Verlag, LNCS # 950, p.p. 86-91.

17. Chaum-m. Li, Hwang T., Lee N. and Jiun-Jang Tsai (2000). (t, n) threshold multi-signature

scheme and generalized multi-signature scheme, where suspected forgery implies

traceability of the adversarial shareholders, Cryptologia – 24(3), p.p. 250-268.

18. Chen L. and Pederson T.P. (1994). New group signature signatures, Advance in Cryptology -

Eurocrypt - 94, Springer Verlag, p.p.171-181.

19. Damgard I.B. (1987). Collision free hash function and public key signature scheme Advance

in Cryptology - Eurocrypt - 87, Springer Verlag, p.p. 203-216.

20. Desmedt Y. (1988). Society and group oriented cryptography, Advances in Cryptology –

Crypto - 87, Springer Verlag, p.p. 120 - 127.

21. Desmedt, Y. and Frankel Y. (1990). Threshold cryptosystems, Advances in Cryptology –Crypto

- 89, Springer Verlag, LNCS # 293, p.p. 307-315.

22. Desmedt, Y. and Frankel Y. (1991). Shared generation of authenticators and signatures,

Advances in Cryptology –Crypto - 91, Springer Verlag, p.p. 457-469.

23. Desmedt Y. (1994). Threshold cryptography, European Transactions on Telecommunications

and Related Technologies - 5(4), p.p.35 – 43.

24. Diffie W. and Hellman M. (1976). New directions in Cryptography, IEEE Trans. Information

Theory - 31, p.p. 644 - 654.

25. Diffie W. (1988). The first ten years of Public Key Cryptography, In Contemporary

Cryptology: The Science of Information Integrity, Editor, Simmons G.J. IEEE Press, New York.

p.p 135-175.

111

26. Dowland P. S., Furenell S. M., Illingworth H. M. and Reynolds P. L. (1999). Computer crime

and abuse: A survey of public attitudes and awareness, Computer and Security - 18(8), p.p.

715-726.

27. Due Liem V. (2003). A new threshold blind signature scheme from Pairings.

www.caislab.icu.ac.kr

28. ElGamel T. (1985). A PKC and a signature scheme based on discrete logarithm, IEEE trans

information theory - 31, p.p. 469 - 472.

29. Fiat A. and Shamir A. (1986). How to prove yourself, Practical solution to identification and

signature problem, Advances in Cryptology - Crypto - 86 Springer and Verlag, LNCS # 263,

p.p. 186-194.

30. Frankal Y. and Desmedt Y. (1992). Parallel reliable threshold multi-signature, Tech report,

Dept of EE and CS, University of Wisconsin.

31. Gennaro R., Jarecki Hkrawczyk S. and Rabin T. (1996). Robust threshold DSS signature,

Advances in Cryptology–EuroCrypt - 96, Springer Verlag, p.p. 354 - 371.

32. Gnanaguruparan G. and Kak S. (2002). Recursive Hiding of the secrets in the visual

Cryptography, Cryptologia - 25 (1), p.p. 68 – 75.

33. Goldrich O. (1986). Two remark concerning the GMR signature scheme, Advance in

Cryptology - Crypto – 86, Springer and Verlag, p.p. 104 - 110.

34. Goldwasser, Michali S. and Yao A. (1983). Strong signature scheme, Proceeding of the 15th

STOC - ACM, p.p. 431 - 439.

35. Goldwasser S., Michali S. and Rivest R. (1985). A paradoxical signature scheme, 25th IEEE

symposium of foundation on the computing, p.p. 441 – 344.

36. Goldwasser S., Michali S. and Rivest R. (1998). A digital signature secure against adaptive

chosen message attacks, SIAM Journal on Computing - 17, p.p. 281-308.

37. Gordon J. A. (1985). Strong primes are easy to find, Advances in Cryptology -Eurocrypt – 84,

Springer-Verlag, p.p. 216-223.

38. Guillou L.C. and Quisquater J.J. (1988). A paradoxical identity based on signature scheme

resulting from zero knowledge, Advances in Cryptology Crypto – 88, Springer-Verlag, p.p. 216-

231.

112

39. Guillou L.C. and Quisquater J.J. (1988). A practical zero-knowledge protocol fitted to security

microprocessors minimizing both transmission and memory, Advances in Cryptology –

Eurocrypt - 88, Springer-Verlag LNCS # 330, p.p.123 - 128.

40. Hard jono T. and Zheng Y. (1992). A practical digital multi-signature scheme based on

discrete logarithm, Advance in Cryptology – Auscrypto – 92 Springer and Verlag, p.p.16-21.

41. Harn L. and Kiesler T. (1989). New Scheme for Digital Multi-signature, Electronic Letters - 25

(15), p.p. 1002-1003.

42. Harn L. and Yang S. (1992). Group oriented undeniable signature scheme without the

assistance of a mutually trusted party, Advance in Cryptology- Auscrypt - 92, Springer and

Verlag, p.p. 133-142.

43. Harn L. (1993). (t,n) threshold signature and digital multi-signature. Proceeding of Workshop

on Cryptography & data security, Chung Cheng Institute of technology, ROC, p.p. 61 – 73.

44. Harn L. (1994). Group oriented (t, n) threshold signature scheme and digital multi-signature,

IEEE, Proc – computer digit tech - 141(5), p.p. 307-313.

45. Hellman M. E. (1979). The mathematics of public key cryptography, Scientific American -

241, p.p. 130-139.

46. Hill L. (1929). Cryptography in an algebraic alphabet, American Mathematical Monthly – 36,

p.p.15-30.

47. Hwang M., Lin I. and Lie E.J. (2000). A secure nonrepudiable threshold signature Scheme

with Known Signers, International Journal of Informatica - 11(2), p.p.1- 8.

48. Hwang T. and Chen C.C. (2001). A new proxy multi-signature signature scheme, International

Workshop on Cryptography and Network Security, Taipei, p.p. 26 – 28.

49. Hwang T., Li C. and lee N. (1993). Remark on the threshold RSA signature scheme, Advance

in Cryptology - Crypto – 93, Springer and Verlag, p.p. 413-419.

50. Hwang T., Li C. and lee N. (1995). (t, n) Threshold signature scheme based on discrete

logarithm, Advance in Cryptology – Eurocrypt - 94, Springer and Verlag, p.p. 191-200.

51. Itakura K. and Nakamura K. (1983). A public key cryptosystem, suitable for digital multi-

signatures, NEC Research and Develop, p.p.1- 8.

113

52. Jac C.C. and Jung H.C. (2002). An identity based signature from gap Diffie Hellman groups,

www.iacr.org

53. Jackson, W. A., Martin, K. M. and O' Keefe, C. M. (1995). Efficient secret sharing scheme

without mutually trusted party, Advance in Cryptology – Eurocrypt - 95, Springer and Verlag,

p.p. 183-193.

54. Kim J. and Kim K. (2001). An efficient and provably secure threshold blind signature scheme,

www.caislab.icu.ac.kr.

55. Kobolitz N. (1987). Elliptic curve cryptosystem. Mathematics of Computation - 48, p.p.203-209.

56. Lal S. and Kumar M. (2003). A directed signature scheme and its application, Proceedings,

National Conference on Information Security, New Delhi -2003, p.p. 124 – 132.

57. Lal S. and Kumar M. (2003). Some applications of directed signature scheme, South East Asian

Journal of Mathematics and Mathematical Science - 1(2), p.p.13-26

58. Lal S. and Awasthi A.K. (2003). A scheme for obtaining warrant message from the digital

proxy signature scheme, Report No- 2003/73. http://www.eprint.iacr.org

59. Lal S. and Awasthi A.K. (2003). Proxy blind signature scheme. Report No- 2003/72.

http://www.eprint.iacr.org

60. Lanford S. K. (1995). Differential linear cryptanalysis and threshold signatures, Advance in

Cryptology – Crypto - 94, Springer and Verlag, p.p.17-25.

61. Lanford S. K. (1995). Threshold DSS signatures without a trusted party, Advance in

Cryptology - Crypto – 95, Springer-Verlag, p.p. 397-400.

62. Langford, S. K. (1996). Weaknesses in some threshold cryptosystems. Advance in Cryptology –

Crypto - 96, Springer and Verlag, p.p. 74- 82.

63. Lee B. and Kim H. (2001). Strong proxy signature scheme and its applications, Proceeding of

SCIS, p.p.603- 608. http://www.citeseer.nj.nec.com

64. Lehmer D.H. and Powers R.E. (1931). On factoring large numbers, American Mathematical

Society, p.p.770-776.

65. Lidl R. and Mueller, W. B. (1983). Permutation polynomials in RSA cryptosystems, Advance

in Cryptology – Crypto - 83, Springer and Verlag, p.p.293-301.

114

66. Lim C.H. and Lee P.J. (1993). Modified Maurer-Yacobi’s scheme and its Applications,

Advance in Cryptology – Auscrypt - 93, Springer and Verlag, LNCS # 718, p.p. 308 – 323.

67. Lim C.H. and Lee P.J. (1996). A directed signature scheme and its application to threshold

cryptosystems, Security Protocol, In Proceedings of International Workshop, (Cambridge, United

Kingdom), Springer-Verlag, LNCS # 1189, p.p. 131-138.

68. Luciano D.M. and Prichett G.D. (1987). Cryptology: From Caesar cipher to public key

cryptosystem, College Mathematics Journal - 18, p.p. 2-17.

69. Mambo M. Usuda K. and Okamoto E. (1996). Proxy signature: Delegating of the power to sign

messages, In IEICE Transaction – E79-A (9), p.p. 1338 – 1356.

70. Maurer U. (1990). Fast generation of secure of RSA- moduli with almost maximal diversity,

Advances in Cryptology – Eurocrypt - 89,Springer and Verlag, LNCS # 434, p.p. 636 - 647.

71. Merkle R.C. and Hellman M.E. (1978). Hiding information and signatures in trapdoor

knapsacks, IEEE transactions on the information theory, IT – 24, p.p.525- 530.

72. Merker R. C. (1987). A digital signature based on convential encryption function, Advance in

Cryptology – Crypto - 87, Springer and Verlag, LNCS # 293, p.p.369-378.

73. Michali S. (1992). Fair public key cryptosystems, Advance in Cryptology – Crypto - 92,

Springer and Verlag, p.p.113-138.

74. Miller V.S. (1986). Use of Elliptic Curves in Cryptography, Advances in Cryptology – Crypto -

86, Springer and Verlag, p.p. 417 - 426.

75. Mu Y. Varadharajan V. (2000). Distributed signcryption, Advance in Cryptology – Indocrypt -

2000, Springer and Verlag, LNCS # 1977, p.p. 155- 164.

76. Naor M. and Shamir A. (1994). Visual cryptography, Advances in Cryptology – Eurocrypt –

94,Springer and Verlag, p.p. 1 – 12.

77. NIST. (1994). Digital signature standard, U.S Department of Commerence, FIPS PUB, 186.

78. Nyberg K. and Rueppel R.A. (1994). A new signature scheme based on the DLP giving

message recovery, Advances in Cryptology – Eurocrypt – 94,Springer and Verlag, p.p. 182 -193.

79. Odlyzko A.M. (1984). Discrete logs in a finite field and their cryptographic significance,

Advances in Cryptology – Eurocrypt - 84, Springer and Verlag, LNCS # 209, p.p. 224 - 314.

115

80. Okamoto T. (1988). A digital Multi-signature scheme using bijective PKC, ACM transactions

on computer systems – 6(8), p.p. 432-441.

81. Ohta K. and Okamoto T. (1991). A digital multi-signature scheme based on Fiat- Shamir

scheme, Advance in Cryptology - Asiacrypt – 91, Springer and Verlag, p.p. 75 – 79.

82. Okamoto T. (1992). Provably secure and practical Identification schemes and corresponding

signature scheme, Advance in Cryptology – Crypto - 92, Springer and Verlag, LNCS # 740, p.p.

31-53.

83. Okamoto T. (1994). Designated confirmer and public encryption are equivalent, Advance in

Cryptology – Crypto – 94, Springer and Verlag, LNCS # 839, p.p. 61-74.

84. Pedersen, T. P. (1991). A threshold cryptosystem without trusted party, Advances in

Cryptology – Eurocrypt - 91, Springer and Verlag, p.p. 522- 526.

85. Pederson T. P. (1991). Distributed provers with application to undeniable signatures,

Advances in Cryptology – Eurocrypt - 91, Springer and Verlag, p.p. 221- 242.

86. Pointcheval D. and Stern J. (2000). Security arguments for digital signature and blind

signatures, Journal of Cryptology -13 (3), Springer-Verlag, p.p. 361-390.

87. Pomerance C. (1981). Recent development in the primality testing, The mathematical

intelligencer - 3, p.p. 97-105.

88. Pomerance C. (1982). The search for the prime numbers, Scientific American - 247, p.p. 136-

147.

89. Poupard G. and Stern J. (1998). Security analysis of practical “On the Fly” authentication

and signature generation, Advance in Cryptology - Eurocrypt - 98, Springer Verlag, LNCS #

1403, p.p. 422 - 436.

90. Rabin T. (1998). A simplified approach to threshold and proactive RSA, Advances in

Cryptology –Crypto - 98, Springer Verlag, p.p. 89-104.

91. Rivest, R., Shamir A. and Aldeman L. (1978). A method of obtaining digital signatures and

PKCS, Communication of ACM - 21(2), p.p. 120-126.

92. Rubin F. (1995). Message authentication using Quadric Residues, Cryptologia - 19(4), p.p.

397- 207.

116

93. Ruland.C. (1993). Realizing digital signature with one-way Hash function, Cryptologia –

17(3), p.p. 285-300.

94. Schnorr C.P. (1990). Efficient identification and signature for smart cards, Advance in

Cryptology – Crypto - 89, Springer-Verlag, LNCS # 435, p.p. 239-251.

95. Schnorr C.P. (1991). Efficient signature generation by Smart cards, Journal of Cryptology -

4(3), p.p. 161-174.

96. Schnorr C. P. and Jakobsson M. (2000). Security of signed ElGamal encryption, Advance in

Cryptology - AsiaCrypt - 2000, Springer-Verlag, LNCS # 1976, p.p. 73-89.

97. Shamir A. (1979). How to share a secret, Communications of the association for computing

machinery – 22, p.p. 612 - 613.

98. Shamir A. (1982). A polynomial time algorithm for breaking the basic Merkle – Hellman

Cryptosystem, Proceeding of the 23rd IEEE Symposium Found on Computer Science, p.p.142-

152.

99. Shannon C.E. (1948). A mathematical theory of communication, Bell System Technical Journal

– 27(4), p.p. 379-423.

100. Shannon C.E. (1949). Communication theory of secrecy systems, Bell System Technical Journal

– 28(4), p.p. 656-715.

101. Shepherd S.J., Sanders P.W. and Stockel C.T. (1993). The Quadric Residue Cipher and

some notes on the Implementation, Cryptologia -17 (3), p.p. 264-281.

102. Shum K. Wie V.K. (2002). A strong proxy signature scheme with proxy signer privacy

protection, Proceeding of 11th IEEE International Workshop on Enabling Technologies:

Infrastructure for Collaborative Enterprises.

103. Stallings W. (2002). The advance encryption standard, Cryptologia. To Appear.

104. Sun H.M. (2000). On proxy (multi) signature scheme, International Computer Symposium,

Chiayi, Taiwan ROC, p.p – 65-72.

105. Sun H.M., Hsieh B.T. (2003). On the security of proxy signature schemes, Report No- 2003/68.

http://www.eprint.iacr.org

117

106. William F.F. (1918). Methods for the solution of running key ciphers, Riverbank Publication-

16, Riverbank Labs.

107. William F.F. (1920). The Index of Coincidence and its Applications in Cryptography,

Riverbank Publication-22, Riverbank Labs.

108. Yen S.M. and Laih C.S. (1993). New digital signature scheme based on discrete logarithm,

Electronic letters - 29, p.p. 1120-1121.

109. Yi L., Bai G. and Xiao G. (2000). Proxy multi-signature Scheme; A new type of proxy

signature scheme, Electronic Letters - 36, p.p. 527- 528.

110. Zhang F.and Kim K. (2002). ID-based blind signature scheme and ring structure from

pairing, Advance in Cryptology. Asiacrypt-2002.

111. Zhang K. (1997). Nourepudiable Proxy signature scheme, http://www.citeseer.nj.nec.com

112. Zhang K. (1998). Threshold proxy signature schemes, Advances in Cryptology - Crypto –

98,Springer Verlag, LNCS # 1396, p.p. 282 - 289.

113. Zheng, Y., Matsummoto T. and Imai H. (1990). Structural properties of one – way hash

functions, Advances in Cryptology – Crypto - 90, Springer Verlag, p.p. 285 – 302.

114. Zheng Y. (2001). Identification, signature and signcryption using high order residues modulo

an RSA composite, Advances in Cryptology – Crypto – 2001, Springer Verlag, LNCS # 1992,

p.p. 48–63.

118

�

(��)��

1. Adams W. W. and Goldstein D. (1976). �� !� Prentice

Hall, Englewood Cliffs, N. J.

2. Ayoub R.G. (1963). �� !� �� American

Mathematical Society Providence RI: 02904 – 6248, 201, Charles Street, USA.

3. Beker H. J. and Piper F. C. (1982). �� !��"� �� #��

��Northwood, London.

4. Beker H.J. and Piper F. C. (1989). ��!��!� �� Clarendon Press,

London.

5. Bovet D.P. and Crescenzi P. (1994). �� !� �� $��!�

Prentice Hall, Englewood Cliffs, N. J.

6. Brassard G. (1988). ��!��!"��, Springer-Verlag, New York.

7. Bressoud D.M. (1989). %��&��#��!��, Springer-Verlag, New

York.

8. Buchmann J.A. (2000). ��!��!� Springer-Verlag, New York.

9. Davies D.W. and Price W.L. (1989). ��!��'� John Wiley &

Sons, New York.

10. Denning D.E. (1982). ��!��!� �� !� Addition Wesley, New

York.

11. Gallager R.G. (1968). ��(�� John Wiley &

Sons, New York.

12. Garrett D. (2001). )��'��"��!��!� Prentice

Hall, Englewood Cliffs, N. J.

119

13. Goldrich O. (1999). �� !��!�� #��

#�� Springer-Verlag, Newyork.

14. Guy R.K. (1981). *��+��#�� !, Springer-Verlag, New

York.

15. Kahn D. (1967). ��!��, �� Macmillan, New York.

16. Koblitz N. (1987). �� !� �� !��!� Springer-

Verlag, New York.

17. Koblitz N. (1998). �� !��!� Springer-Verlag, New York.

18. Kohnheim A.G. (1981). ��!��!"��#�� John Wiley & Sons, New York.

19. Kranakis E. (1986). #��!��!��!� John Wiley & Sons, New York.

20. Kumar I.J. (2000). ��!��!"� �!�� -�!� ��'

Aegean Park Press, Laguna Hills, CA.

21. Lidl R. and Niederreiter H. (1994). �� %�� %��

��Cambridge University Press, Cambridge.

22. Menezes A. and Vanstone S.A. (1993). �� %�� %�� Kluwer

Academic Publishers.

23. Menezes A. Van Oorsschot P. and Vanstone S.A. (1997). .�� '� ��

��!��!� Boca Raton Fl: CRC Press.

24. Meyer C.H. and Matyas S.M. (1982). ��!��!"� ��

�� !��John Wiley & Sons, New York.

25. Nechvatal J. (1992). #� ��-�!��!��!��NIST- USA.

26. Nichols R. (1996). ��!��!��, Prentice Hall, Englewood Cliffs,

N. J.

27. Pfleager C. (1997). ��!��'Prentice Hall, Englewood Cliffs, N. J.

28. Pomerance C. and Crandall R. (2001). #�� "� ��

#��+�� Springer Verlag, New York.

120

29. Ribenboim P. (1996). ��)��'��#�� (�� Springer Verlag,

New York.

30. Rosen K. (2000). /��!� �� !� �� Addition

Wesley, New York.

31. Salomaa A. (1990). #� ��-�!��!��!� Springer-Verlag, New York.

32. Schneier B. (1996). ��!��!� John Wiley & Sons, New York.

33. Schneier B. (1996). �� !��!� �� '� ��

Counterpane System, 7115 W. North Ave., Suite 16, Oak Park, IL 60302-1002.

34. Seberry J. and Pieprzyk J. (1989). ��!��!"��

��!��Prentice – Hall, Englewood Cliffs, N.J.

35. Simmons G.J. (1992). ��!��!��!0��

��!� IEEE Press, Newyork.

36. Simon S. (1999). �� )��'"� �� .��!� ��

)��'�� Simon‘s Shop, P.O. Box 23064, London W113GX, United Kingdom.

37. Smith L. D. (1971). ��, �� Dover Publications, New York.

38. Smith R. (1997). ��!��!��Addition Wesley, New York.

39. Stallings W. (2003). ��!��!��'��!� Principles and Practice,

First Indian Edition, ISBN. 81- 7808 - 902-5, Pearson Educational Singapore.

40. Stinson D. (2002). ��!��!"��!��#�� CRC Press.

121

26. http://www.freevbcode.com

27. http://www.ifca.com

28. http://www.inf.ethz.ch

29. http://www.iacr.org

30. http://www.ietf.org

31. http://www.Krypt.cs.unisb.de

32. http://www.jjtc.com

33. http://www.maths.mq.edu.au

34. http://www.mailru.com

35. http://www.missturtle.com

36. http://www.newton.uor.edu

37. http://www.pschit.monash.edu.

38. http://www.research.yale.com

39. http://www.research.att.com

40. http://www.rsasecurity.com

41. http://www.rsa.org.uk

42. http://www.r-s-a.org

43. http://www.rsa.com

44. http://www.std.com

45. http://www.searchson.com

46. http://www.simonsingh.com

47. http://www.siam.org

48. http://www.springer.com

49. http://www.xatrix.org

50. http://www.williamstallings.com

�

*'+��'��

��

��

��

��

��

��

��

1. http://www.ams.org

2. http://www.austinlinks.com

3. http://www.bitpipe.com

4. http://www.bokler.com

5. http://www.bluesoft.com

6. http://www.cryptography.com

7. http://www.counterpane.com

8. http://www.cryptography.org

9. http://www.crypto.stanford.edu

10. http://www.cs.fsu.edu

11. http://www.csa.com

12. http://www.cs.umd.edu

13. http://www.cesar.orul.gov

14. http://www.caislab.icu.ac.kr

15. http://www.cryptoheaven.com

16. http://www.certicom.com

17. http://www.citeseer.nj.nec.com

18. http://www.codebreaker.dids.com

19. http://www.cryptix.org

20. http://www.domainmart.com

21. http://www.epic.com

22. http://www.efgh.com

23. http://www.exp-math.uni-essen.de

24. http://www.fraw.org.uk

25. http://www.fitry.com

introduction - arxiv

Documents