Research And Application Of Identity-Based Extraction Cryptographic Schemes

The content extraction signature schemes allow extractor to reasonably delete or modify sensitive sub-messages of signed data on demand without interacting with the original signer.Extraction signatures can compute a valid extraction signature that can be verified to protect data privacy.Since this process can be done independently by the extractor without the assistance of the signer,the extraction signatures are of great interest in many fields.However,extraction signatures may be leaked by the verifier in practical applications,which threatens personal privacy.In this thesis,we firstly propose a multiple extraction signature scheme with auditing function to avoid the security requirement of arbitrary signature revision by users;secondly,we propose an ordered multiple extraction signature scheme with multiple designated verifiers to solve the orderliness in the collaborative signature process and to limit the verification range of signatures;finally,we design an extraction signcryption scheme and apply it to the electronic voting environment.The specific research work is as follows:(1)To solve the problems of malicious user revisions in content extraction signatures and untraceability of signatures after extraction,an auditable extraction signature scheme is proposed.The scheme adopts the M-tree model to implement hierarchical multiple extraction signatures,and achieves auditability of signatures by backtracking the tree structure,so as to trace illegitimate users.Under the random oracle model,our scheme is proved to be resistant to existential forgery under the adaptive chosen message attacks based on the DLP difficulty problem.(2)In response to the privacy problem caused by the disclosure of signatures by verifiers in content extraction signatures,combining content extraction signatures and universal designated multiple verifiers signatures,a universal designated multiple verifier ordered multiple extraction signature scheme is proposed.The scheme allows a group of signers to collaborate to generate a signature.The signature holder specifies a set of verifiers for signature verification,and no other user can verify the validity of the signature except the specified verifiers;Furthermore,the signers must sign in a strict prescribed order and are not allowed to exchange the order of signature without permission.Under the random oracle model,the scheme is proved to satisfy the existential unforgeability of identity-based signs under adaptive chosen-message-and-identity attacks.The analysis of experimental results shows that the proposed scheme has high advantages and practical applications.(3)To address the problem of privacy security and election fairness issues in existing e-voting,an identity-based extraction signature scheme is proposed and applied to evoting by combining the identity-based cryptosystems and extraction signature algorithm.The scheme adopts the extraction signature technology to avoid irregularities of ballots by malicious third parties in the voting process,to ensure that the ballots are in ciphertext during the whole election process.The use of extraction signature technology guarantees the privacy and security of the ballot;The signcryption technology ensures that the signature and encryption of the ballots are done simultaneously in one step,which simplifies the ballot generation process;The scheme gives the requirement analysis of the electronic voting system,and the system architecture and design scheme are presented.Finally,the security and practicality of the scheme are demonstrated by analyzing the twelve security features of e-voting.