| Summary: | 博士 === 國立中山大學 === 資訊工程學系研究所 === 101 === Privacy is an essential requirement for users of these services and applications on the Internet; however, protecting the privacy of individuals or sensitive information is a challenging task. Unlinkability is a privacy property of crucial importance for web transactions in some systems; if a system cannot guarantee unlinkability, it may suffer several cyber attacks or repeated threats from an eavesdropper or malicious user. Blind signature and zero-knowledge proof are the two methods that some systems usually combine them to attain the unlinkability property according to the different applications and services in which blind signature is suitable for electronic payment protocols and electronic
voting systems whereas zero-knowledge proof is appropriate for anonymous credential systems.
An on-line/off-line signature is used in particular scenarios in which a signer must quickly respond with a signature when a message to be signed is presented. This approach can also substantially reduce the computation cost for the signer; therefore, the concept of an on-line/off-line signature is extremely well-suited for devices with low-computational power, limited communication environments, and user-oriented services on the Internet. Based on the concept of on-line/off-line signatures, in order to reduce the users'' waiting time in the
service requesting stage, two types of highly efficient signature schemes with unlinkability for distinct applications and services are proposed in this dissertation. First, this dissertation presents a construction from the elliptic curve primitive after providing a definition of on-line/off-line partially blind signatures in which the signer has high efficiency in the signing phase. Next, based on the former construction, a signature scheme is presented for anonymous credential systems in which both the prover (signature holder) and the verifier have good performance in the knowledge proving stage. In addition to presenting comparison computation cost tables to show that the proposed signatures perform optimally compared to others, this dissertation also provides concrete security proofs under the random oracle model to demonstrate that the proposed schemes meet the required properties for partially blind signatures and
anonymous credentials.
|
|---|
