140 likes | 391 Views
Proxy Blind Signature Scheme . Author: Sunder Lai , Amit Kumar Awasthi Source: Journal of Information Science and Engineering Date: Dec/3/2003 Speaker: 陳東怡. Outline. Introduction Proposed Scheme Efficiency Security Analysis Conclusion. Introduction. Blind signature:
E N D
Proxy Blind Signature Scheme Author: Sunder Lai , Amit Kumar Awasthi Source: Journal of Information Science and Engineering Date: Dec/3/2003 Speaker: 陳東怡
Outline • Introduction • Proposed Scheme • Efficiency • Security Analysis • Conclusion
Introduction • Blind signature: • User C can obtain signature of A on any given message without revealing any information of the message • Proxy blind signature: • The original singer A delegates his signature authority to proxy singer B in such a way B can sign any message on behalf of the original A
Introduction • Proxy unprotected: • Proxy and original singer can both generate a valid proxy signature • Proxy protected: • Only proxy can generate a valid signature Original A Signature Authority Proxy blind signature Proxy B User C
Proposed Scheme • Notations:
Proposed Scheme (cont.) • Proxy phase 1. Proxy Generation • Choose and compute 2. Proxy Delivery • The original singer sends (s, r ) to a proxy B in a secure way and makes public
Proposed Scheme (cont.) 3. Proxy Verification • Verify if • if (s ,r) satisfies this congruence, B accepts it as a • valid proxy, otherwise rejects it. • Signing phase 1. B choose a random num computes and sends it to the receiver C
Proposed Scheme (cont.) 2. C choose randomly and computes and sends e to B 3. After receiving e, B computes and sends it to C 4. Now C computes The tuple (m, Sp, e’ ) is the proxy blind signature
Proposed Scheme (cont.) • Verification phase The verifier of the proxy blind signature computes Here e’’ = e’ if the tuple (m, Sp, e) is a valid proxy signature
Proposed Scheme (cont.) • Proxy protected case • Proxy phase • 1. Proxy Generation • Choose and compute • 2. Proxy Delivery • The original singer sends (s, r ) to a proxy B in a secure • way and makes public
Proposed Scheme (cont.) • 3. Proxy Verification and key alternation • After confirming the validity of the pair (σ ,r) B • alters the proxy key as The Signing phase and the Verification phase are same as in the proxy unprotected case
Efficiency Phase Total Proxy generation Signature generation Signature verification 4E+2M 3E+3M+2I 2E+M 9E+6M+2I where E denotes Exponential computation, M denotes Multiplication load , I denotes Inversion
Security Analysis • With different congruence, the original signature and the proxy signature can be distinguished. • It is impossible to create a valid proxy signature without knowing xB or s or both. • Original signer cannot deny his agreement because yp is computed from ya.
Conclusion • A proxy blind signature scheme with which a proxy user is able to make proxy blind signature and verifier may verify it very similar to proxy signature schemes.