The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme...The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme is presented. The new scheme isunforgeable and robustagainst any adaptive adversary if the base Guillou-Quisquater signature scheme is unforgeable underthe chosen message attack and computing the discrete logarithm modulo a prime is hard This schemecan also achieve optimal resilience. However, the new scheme does not need the assumption that N isthe product of two safe primes. The basie signature scheme underlying the new scheme is exactlyGuillou-Quisqualtr signature scheme, and the additional strong computation assumption introduced bythe first threshold Guillou-Quisquater scheme is weaken.展开更多
The short secret key characteristic of elliptic curve cryptosystem (ECC) are integrated with the ( t, n ) threshold method to create a practical threshold group signature scheme characterized by simultaneous signi...The short secret key characteristic of elliptic curve cryptosystem (ECC) are integrated with the ( t, n ) threshold method to create a practical threshold group signature scheme characterized by simultaneous signing. The scheme not only meets the requirements of anonymity and traceability of group signature but also can withstand Tseng and Wang's conspiracy attack. It allows the group manager to add new members and delete old members according to actual application, while the system parameters have a little change. Cryptanalysis result shows that the scheme is efficient and secure.展开更多
Based on Shamir’s threshold secret sharing scheme and the discrete logarithm problem, a new (t, n) threshold secret sharing scheme is proposed in this paper. In this scheme, each participant’s secret shadow is selec...Based on Shamir’s threshold secret sharing scheme and the discrete logarithm problem, a new (t, n) threshold secret sharing scheme is proposed in this paper. In this scheme, each participant’s secret shadow is selected by the participant himself, and even the secret dealer cannot gain anything about his secret shadow. All the shadows are as short as the shared secret. Each participant can share many secrets with other partici- pants by holding only one shadow. Without extra equations and information designed for verification, each participant is able to check whether another participant provides the true information or not in the recovery phase. Unlike most of the existing schemes, it is unnecessary to maintain a secure channel between each par- ticipant and the dealer. Therefore, this scheme is very attractive, especially under the circumstances that there is no secure channel between the dealer and each participant at all. The security of this scheme is based on that of Shamir’s threshold scheme and the difficulty in solving the discrete logarithm problem. Analyses show that this scheme is a computationally secure and efficient scheme.展开更多
Digital signature scheme is a very important research field in computer security and modern cryptography. A (k, n) threshold digital signature scheme is proposed by integrating digital signature scheme with Shamir sec...Digital signature scheme is a very important research field in computer security and modern cryptography. A (k, n) threshold digital signature scheme is proposed by integrating digital signature scheme with Shamir secret sharing scheme. It can realize group-oriented digital signature, and its security is based on the difficulty in computing discrete logarithm and quadratic residue on some special conditions. In this scheme, effective digital signature can not be generated by anyk?1 or fewer legal users, or only by signature executive. In addition, this scheme can identify any legal user who presents incorrect partial digital signature to disrupt correct signature, or any illegal user who forges digital signature. A method of extending this scheme to an Abelian group such as elliptical curve group is also discussed. The extended scheme can provide rapider computing speed and stronger security in the case of using shorter key. Key words threshold scheme - digital signature - discrete logarithm - quadratic residuc - threshold digital signature CLC number TP 309. 7 Foundation item: Supported the National Nature Science Foundation of China, Hubei Province (90104005, 2002 AB0039)Biography: FEI Ru-chun (1964-), male, Ph. D candidate, Associated professor, research direction: information security and cryptography.展开更多
Resource sharing among peers is one of important application in Peer-to-Peer(P2P) network. Inexistenee of server makes P2P network to be a less trustable tool for property owners to distribute their resource. In ord...Resource sharing among peers is one of important application in Peer-to-Peer(P2P) network. Inexistenee of server makes P2P network to be a less trustable tool for property owners to distribute their resource. In order to protect intelligent property, reputation management strategy is adopted in many P2P network. As long as a P2P network reputation strategy is confirmed, application designer can employ a special detailed distribution scheme to fulfill content distribution within the net. Shmir (k, n) threshold scheme, for example, is an encryption scheme to enhance the distribution se curity of this kind of design. (k*, n) threshold scheme is a new tool similar to Shmir scheme is proposed in this paper. The new scheme based on polynomial expansion and its security is decided by the one way function used in the secret distribution procedure. The scheme efficiency and its features as well as comparison between new and Shmir scheme are also discussed in this paper.展开更多
Massive data covert transmission scheme based on Shamir threshold is proposed in this paper. This method applies Shamir threshold scheme to divide data, uses information hiding technology to cover shadows, and realize...Massive data covert transmission scheme based on Shamir threshold is proposed in this paper. This method applies Shamir threshold scheme to divide data, uses information hiding technology to cover shadows, and realizes massive data covert transmission through transmitting stego-covers. Analysis proves that compared with the natural division method, this scheme not only improves the time-efficiency of transmitting but also enhances the security.展开更多
Based on the difficulty in computing discrete logarilhm and square 1001 onsome special conditions,we propose a basic threshold seeret sharing scheme for multiple secretswith multiple policies,which allows a group of u...Based on the difficulty in computing discrete logarilhm and square 1001 onsome special conditions,we propose a basic threshold seeret sharing scheme for multiple secretswith multiple policies,which allows a group of users to share multiple secrttkeys and only onesecret shadow to be ktpt by each user.An efficient threshold decryption scheme with multiplepolicies is designed on the basis of the basic threshold scheme.This decryption scheme allowsmultiple secret keys to he shared among a groupof users,and each user to ketp only one secretshadow.Different public keys can be used to encrypt documents.If and only if the number ofcooperated users who koop the secret shadows is greater than or c-qual to the threshold value of thecorresponding secret key,they can cooperate to decrypt the documents.It is proved that theproposed scheme has very strong security,unless the attackers can solve the discrete logarithmproblem and the square root problem.展开更多
Since Tian Jun proposed the difference expansion embedding technique,based on which,many reversible watermarking techniques were proposed.However,these methods do not perform well when the payload is high.In this pape...Since Tian Jun proposed the difference expansion embedding technique,based on which,many reversible watermarking techniques were proposed.However,these methods do not perform well when the payload is high.In this paper,we proposed an expandable difference threshold controlled scheme for these three methods.Experiments show that our scheme improves the performance of these three methods for heavy payload.展开更多
A concept of secret sharing scheme with the function of assignment is proposed. It provides great capabilities for many practical applications. In this scheme, the dealer can randomly assign one or more than one parti...A concept of secret sharing scheme with the function of assignment is proposed. It provides great capabilities for many practical applications. In this scheme, the dealer can randomly assign one or more than one participant to get the secret at any time, but these participants can get nothing about the secret before that moment. At the same time, the other participants cannot get anything about the secret by stealing the secret value when it is transferred. However, if the dealer is lost, a certain number or more partidtmnts of them can reoonstruct the secret by ccoperating. In order to clear this concept, an illustrating scheme with geometry method and a practical scheme with algebra method is given.展开更多
The idea behind a (t, n) threshold blind signature is that a user can ask at least t out of n players of a group to cooperate to generate a signature for a message without revealing its content. This paper first prese...The idea behind a (t, n) threshold blind signature is that a user can ask at least t out of n players of a group to cooperate to generate a signature for a message without revealing its content. This paper first presents a new blind signature scheme from Weil pairing on elliptic curves. Based on this scheme, a threshold blind signature scheme is proposed. It is efficient and has the security properties of robustness and unforgeability. In the proposed scheme, the group manger is introduced to take the role of distributing the group secret key to each player. However, he cannot forge the players to generate partial blind signatures (Each partial blind signature depends on not only the secret key of the player, but also a random number the player picks). Compared with a threshold signature with a trusted third party, its advantage is obvious; Compared with a threshold signature without a trusted third party, it is more simple and efficient.展开更多
An accelerated singular value thresholding (SVT) algorithm was introduced for matrix completion in a recent paper [1], which applies an adaptive line search scheme and improves the convergence rate from O(1/N) for SVT...An accelerated singular value thresholding (SVT) algorithm was introduced for matrix completion in a recent paper [1], which applies an adaptive line search scheme and improves the convergence rate from O(1/N) for SVT to O(1/N2), where N is the number of iterations. In this paper, we show that it is the same as the Nemirovski’s approach, and then modify it to obtain an accelerate Nemirovski’s technique and prove the convergence. Our preliminary computational results are very favorable.展开更多
In Shamir’s(t,n) threshold of the secret sharing scheme, a secret is divided into n shares by a dealer and is shared among n shareholders in such a way that (a) the secret can be reconstructed when there are t or mor...In Shamir’s(t,n) threshold of the secret sharing scheme, a secret is divided into n shares by a dealer and is shared among n shareholders in such a way that (a) the secret can be reconstructed when there are t or more than t shares;and (b) the secret cannot be obtained when there are fewer than t shares. In the secret reconstruction, participating users can be either legitimate shareholders or attackers. Shamir’s scheme only considers the situation when all participating users are legitimate shareholders. In this paper, we show that when there are more than t users participating and shares are released asynchronously in the secret reconstruction, an attacker can always release his share last. In such a way, after knowing t valid shares of legitimate shareholders, the attacker can obtain the secret and therefore, can successfully impersonate to be a legitimate shareholder without being detected. We propose a simple modification of Shamir’s scheme to fix this security problem. Threshold cryptography is a research of group-oriented applications based on the secret sharing scheme. We show that a similar security problem also exists in threshold cryptographic applications. We propose a modified scheme to fix this security problem as well.展开更多
Based on Shamir's secret sharing, a (t, n) multi-secret sharing scheme isproposed in this paper p secrets can be shared among n participants, and t or more participants canco-operate to reconstruct these secrets a...Based on Shamir's secret sharing, a (t, n) multi-secret sharing scheme isproposed in this paper p secrets can be shared among n participants, and t or more participants canco-operate to reconstruct these secrets at the same time, but t— 1 or fewerparticipants can derivenothing about these secrets. Each participant's secret shadow is as short as each secret. Comparedwith the existing schemes, the proposed scheme is characterized by the lower complexity of thesecret reconstruction and less public information. The security of this scheme is the same as thatof Shamir' a threshold scheme. Analyses show that this scheme is an efficient, computationallysecure scheme.展开更多
文摘The deficiencies of the first threshold Guilbu-Quisquater signature schemepresented by Li-San Liu, Cheng-Kang Chu and Wen-Guey Tzeng arc analysiscd at first, and then a newthreshold Guillou-Quisquater signature scheme is presented. The new scheme isunforgeable and robustagainst any adaptive adversary if the base Guillou-Quisquater signature scheme is unforgeable underthe chosen message attack and computing the discrete logarithm modulo a prime is hard This schemecan also achieve optimal resilience. However, the new scheme does not need the assumption that N isthe product of two safe primes. The basie signature scheme underlying the new scheme is exactlyGuillou-Quisqualtr signature scheme, and the additional strong computation assumption introduced bythe first threshold Guillou-Quisquater scheme is weaken.
基金The National Natural Science Foundation of China (No60403027)
文摘The short secret key characteristic of elliptic curve cryptosystem (ECC) are integrated with the ( t, n ) threshold method to create a practical threshold group signature scheme characterized by simultaneous signing. The scheme not only meets the requirements of anonymity and traceability of group signature but also can withstand Tseng and Wang's conspiracy attack. It allows the group manager to add new members and delete old members according to actual application, while the system parameters have a little change. Cryptanalysis result shows that the scheme is efficient and secure.
基金Supported by the 973 Project of China(G19990358?04)
文摘Based on Shamir’s threshold secret sharing scheme and the discrete logarithm problem, a new (t, n) threshold secret sharing scheme is proposed in this paper. In this scheme, each participant’s secret shadow is selected by the participant himself, and even the secret dealer cannot gain anything about his secret shadow. All the shadows are as short as the shared secret. Each participant can share many secrets with other partici- pants by holding only one shadow. Without extra equations and information designed for verification, each participant is able to check whether another participant provides the true information or not in the recovery phase. Unlike most of the existing schemes, it is unnecessary to maintain a secure channel between each par- ticipant and the dealer. Therefore, this scheme is very attractive, especially under the circumstances that there is no secure channel between the dealer and each participant at all. The security of this scheme is based on that of Shamir’s threshold scheme and the difficulty in solving the discrete logarithm problem. Analyses show that this scheme is a computationally secure and efficient scheme.
文摘Digital signature scheme is a very important research field in computer security and modern cryptography. A (k, n) threshold digital signature scheme is proposed by integrating digital signature scheme with Shamir secret sharing scheme. It can realize group-oriented digital signature, and its security is based on the difficulty in computing discrete logarithm and quadratic residue on some special conditions. In this scheme, effective digital signature can not be generated by anyk?1 or fewer legal users, or only by signature executive. In addition, this scheme can identify any legal user who presents incorrect partial digital signature to disrupt correct signature, or any illegal user who forges digital signature. A method of extending this scheme to an Abelian group such as elliptical curve group is also discussed. The extended scheme can provide rapider computing speed and stronger security in the case of using shorter key. Key words threshold scheme - digital signature - discrete logarithm - quadratic residuc - threshold digital signature CLC number TP 309. 7 Foundation item: Supported the National Nature Science Foundation of China, Hubei Province (90104005, 2002 AB0039)Biography: FEI Ru-chun (1964-), male, Ph. D candidate, Associated professor, research direction: information security and cryptography.
基金Supported by the National Natural Science Foun-dation of China (60473072)
文摘Resource sharing among peers is one of important application in Peer-to-Peer(P2P) network. Inexistenee of server makes P2P network to be a less trustable tool for property owners to distribute their resource. In order to protect intelligent property, reputation management strategy is adopted in many P2P network. As long as a P2P network reputation strategy is confirmed, application designer can employ a special detailed distribution scheme to fulfill content distribution within the net. Shmir (k, n) threshold scheme, for example, is an encryption scheme to enhance the distribution se curity of this kind of design. (k*, n) threshold scheme is a new tool similar to Shmir scheme is proposed in this paper. The new scheme based on polynomial expansion and its security is decided by the one way function used in the secret distribution procedure. The scheme efficiency and its features as well as comparison between new and Shmir scheme are also discussed in this paper.
基金Supported by the National High Technology Research and Development Program of China (863 Program) (2007AA0825)
文摘Massive data covert transmission scheme based on Shamir threshold is proposed in this paper. This method applies Shamir threshold scheme to divide data, uses information hiding technology to cover shadows, and realizes massive data covert transmission through transmitting stego-covers. Analysis proves that compared with the natural division method, this scheme not only improves the time-efficiency of transmitting but also enhances the security.
基金the National Natural Sciencc F0un datiell Of China(90101005.90204011)the Natural Science Found dation of Hubei Province(2002AB0039).
文摘Based on the difficulty in computing discrete logarilhm and square 1001 onsome special conditions,we propose a basic threshold seeret sharing scheme for multiple secretswith multiple policies,which allows a group of users to share multiple secrttkeys and only onesecret shadow to be ktpt by each user.An efficient threshold decryption scheme with multiplepolicies is designed on the basis of the basic threshold scheme.This decryption scheme allowsmultiple secret keys to he shared among a groupof users,and each user to ketp only one secretshadow.Different public keys can be used to encrypt documents.If and only if the number ofcooperated users who koop the secret shadows is greater than or c-qual to the threshold value of thecorresponding secret key,they can cooperate to decrypt the documents.It is proved that theproposed scheme has very strong security,unless the attackers can solve the discrete logarithmproblem and the square root problem.
基金the National High Technology Research and Development Program (863) of China (No.2007AA02Z452) the National Natural Science Foundation of China (Nos.30570511 and 30770589)
文摘Since Tian Jun proposed the difference expansion embedding technique,based on which,many reversible watermarking techniques were proposed.However,these methods do not perform well when the payload is high.In this paper,we proposed an expandable difference threshold controlled scheme for these three methods.Experiments show that our scheme improves the performance of these three methods for heavy payload.
基金This project was supported by Liuhui Applied Mathematics Center of Nankai University .
文摘A concept of secret sharing scheme with the function of assignment is proposed. It provides great capabilities for many practical applications. In this scheme, the dealer can randomly assign one or more than one participant to get the secret at any time, but these participants can get nothing about the secret before that moment. At the same time, the other participants cannot get anything about the secret by stealing the secret value when it is transferred. However, if the dealer is lost, a certain number or more partidtmnts of them can reoonstruct the secret by ccoperating. In order to clear this concept, an illustrating scheme with geometry method and a practical scheme with algebra method is given.
基金Supported by the National 973 Project of China(No.G1999035803)the National Natural Science Foundation of China (No.60373104)the National 863 Project of China (No.2002AA143021)
文摘The idea behind a (t, n) threshold blind signature is that a user can ask at least t out of n players of a group to cooperate to generate a signature for a message without revealing its content. This paper first presents a new blind signature scheme from Weil pairing on elliptic curves. Based on this scheme, a threshold blind signature scheme is proposed. It is efficient and has the security properties of robustness and unforgeability. In the proposed scheme, the group manger is introduced to take the role of distributing the group secret key to each player. However, he cannot forge the players to generate partial blind signatures (Each partial blind signature depends on not only the secret key of the player, but also a random number the player picks). Compared with a threshold signature with a trusted third party, its advantage is obvious; Compared with a threshold signature without a trusted third party, it is more simple and efficient.
文摘An accelerated singular value thresholding (SVT) algorithm was introduced for matrix completion in a recent paper [1], which applies an adaptive line search scheme and improves the convergence rate from O(1/N) for SVT to O(1/N2), where N is the number of iterations. In this paper, we show that it is the same as the Nemirovski’s approach, and then modify it to obtain an accelerate Nemirovski’s technique and prove the convergence. Our preliminary computational results are very favorable.
文摘In Shamir’s(t,n) threshold of the secret sharing scheme, a secret is divided into n shares by a dealer and is shared among n shareholders in such a way that (a) the secret can be reconstructed when there are t or more than t shares;and (b) the secret cannot be obtained when there are fewer than t shares. In the secret reconstruction, participating users can be either legitimate shareholders or attackers. Shamir’s scheme only considers the situation when all participating users are legitimate shareholders. In this paper, we show that when there are more than t users participating and shares are released asynchronously in the secret reconstruction, an attacker can always release his share last. In such a way, after knowing t valid shares of legitimate shareholders, the attacker can obtain the secret and therefore, can successfully impersonate to be a legitimate shareholder without being detected. We propose a simple modification of Shamir’s scheme to fix this security problem. Threshold cryptography is a research of group-oriented applications based on the secret sharing scheme. We show that a similar security problem also exists in threshold cryptographic applications. We propose a modified scheme to fix this security problem as well.
文摘Based on Shamir's secret sharing, a (t, n) multi-secret sharing scheme isproposed in this paper p secrets can be shared among n participants, and t or more participants canco-operate to reconstruct these secrets at the same time, but t— 1 or fewerparticipants can derivenothing about these secrets. Each participant's secret shadow is as short as each secret. Comparedwith the existing schemes, the proposed scheme is characterized by the lower complexity of thesecret reconstruction and less public information. The security of this scheme is the same as thatof Shamir' a threshold scheme. Analyses show that this scheme is an efficient, computationallysecure scheme.
