6th International ICST Conference on Collaborative Computing: Networking, Applications, Worksharing

Research Article

Some basic principles for proxy signature schemes based on ECDLP

Download317 downloads
  • @INPROCEEDINGS{10.4108/icst.collaboratecom.2010.35,
        author={Fengying Li and Qingshui Xue and Zhenfu Cao},
        title={Some basic principles for proxy signature schemes based on ECDLP},
        proceedings={6th International ICST Conference on Collaborative Computing: Networking, Applications, Worksharing},
        publisher={IEEE},
        proceedings_a={COLLABORATECOM},
        year={2011},
        month={5},
        keywords={Cryptograph digital signature proxy signature principle ECDLP},
        doi={10.4108/icst.collaboratecom.2010.35}
    }
    
  • Fengying Li
    Qingshui Xue
    Zhenfu Cao
    Year: 2011
    Some basic principles for proxy signature schemes based on ECDLP
    COLLABORATECOM
    ICST
    DOI: 10.4108/icst.collaboratecom.2010.35
Fengying Li1,*, Qingshui Xue2,*, Zhenfu Cao3,*
  • 1: Dept. of Education Information Technology, East China Normal University, 200062, Shanghai, China
  • 2: Dept. of Computer Science and Engineering, Shanghai Jiaotong University, 201101, Shanghai, China
  • 3: Dept. of Computer Science and Engineering, Shanghai Jiaotong University, 200240, Shanghai, China
*Contact email: fyli@sjtu.edu.cn, xue-qsh@sjtu.edu.cn, zfcao@cs.sjtu.edu.cn

Abstract

Nowadays, most proxy signature schemes are based on the difficulty of DLP (Discrete Logarithm Problem) or ECDLP (Elliptical Curve Discrete Logarithm Problem). As though many proxy signature schemes based on DLP or ECDLP have been proposed, it makes us discouraged that some disadvantages can be found after a new or modified proxy signature scheme was designed after short time. How to solve the question? How to design secure and valid proxy signature scheme? How to prove them secure? Now, it is too difficult for us to prove one scheme secure, but if we can have some principles to conform to when designing some proxy signature schemes based on DLP or ECDLP, it will be helpful. It will be able to make the scheme designer to make few mistakes, that's to say, by these principles, they can judge their schemes meet basic secure conditions. If designers don't conform to these principles, it can easily be seen that their schemes are definitely insecure. It is all known by us that until now there are not these principles in the real life. By some hints from some attacks, especially forgery attacks, it seems to us that we have found three basic principles which should be conformed to when proxy signature schemes are proposed. The first principle is that the existent forms of public parameters in proxy signatures in the proxy signature verification congruence make a key role on the security property of unforgeability. The second principle is that any public parameter in the proxy signature can't lonely exist in the proxy signature verification congruence in the form of bases or exponents. The third principle is that any public parameter in the proxy signature should exist in the proxy signature verification equation in the form of not only exponents and bases, but also hashes. In addition, some examples are given.