Professional Documents
Culture Documents
been proposed. The proposed scheme satisfies all the 3. Overview Of Aung et al.’s DLP Based Proxy
properties of a proxy blind signature scheme. Blind Signature scheme With Low
The rest of this paper is organized as follows. In Section
2,some related work are discussed. Overview Of Aung et
Computation
al.’s DLP Based Proxy Blind Signature scheme with Low
Computation has been done in section 3 . In Section 4, In this section,DLP Based Proxy Blind Signature scheme
Cryptanalysis of Aung et al.’s scheme has been done. An With Low Computation has been discussed.
introduction to ECC is being described in section 5. In
Section 6, Proposed scheme is being described. Security
analysis of the proposed scheme has been done in section 7. 3.1 Proxy Delegation Phase
In Section 8, Efficiency of the proposed scheme is being
compared with the previous schemes and concluding
Original signer selects random number and
remarks are being described in Section 9.
computes:
(1)
(2)
2. Related Work
sends along with the warrant to the proxy
D. Chaum [4]introduced the concept of a blind signature signer. And then proxy signer checks:
scheme in 1982. In 1996 Mambo et al [2] introduced the
concept of proxy signature. The two types of scheme: proxy (3)
unprotected (proxy and original signer both can generate a
valid proxy signature) and proxy protected (only proxy can If it is correct, P accepts it and computes proxy signature
generate a valid proxy signature) ensures among other secret key as follow:
things, non-repudiation and unforgeability . (4)
The first proxy blind signature was proposed by Lin and Jan
[1] in 2000. Recently Tan et al. [7] introduced a proxy blind
Note: responding proxy public key
signature scheme, which ensures security properties of the
schemes, viz., the blind signature schemes and the proxy
signature schemes. The scheme is based on Schnorr blind
signature scheme Lee et al.[3] showed that a strong proxy
signature scheme should have properties of strong 3.2 Blind Signing Phase
unforgeability, verifiability, strong identifiability, strong
nonrepudiation and prevention of misuse. Proxy signer selects random number and
Hung-Min Sun and Bin Tsan Hsieh [8] show that Tan et
computes:
al.[6] schemes do not satisfy the unforgeability and
unlinkability properties. In addition, they also point out that
(5)
Lal and Awasthi [7] scheme does not possess the
unlinkability property either. In 2004, Xue and Cao [9]
and then sends to signature asker . To obtain the
showed there exists one
blind signature of message m, original signer randomly
weakness in Tan et al. scheme [5] and Lal et al. scheme [7]
choose two random numbers and computes:
since the proxy signer can get the link between the blind
message and the signature or plaintext with great (6)
probability. Xue and Cao introduced concept of strong (7)
unlinkability and they also proposed a proxy blind signature (8)
scheme.
In 2007 Li et al.[10] proposed a proxy blind signature If =0 then has to select new tuple Otherwise
scheme using verifiable self-certified public key, and their sends to . After receiving proxy signer computes :
scheme is more efficient than schemes published earlier.
Recently, Xuang Yang and Zhaoping Yu[11] proposed new (9)
scheme and showed their scheme is more efficient than Li et
al.[10]. and sends the sign message to .
In 2009 Aung et al.[12] proposed a new proxy blind
signature scheme which satisfied all the security
requirements of both the blind signature scheme and the 3.3 Extraction Phase
proxy signature scheme.
While receiving , computes:
(10)
holds.
(13)
signer, message type to be signed by the proxy signer, the The recipient of the signature can verify the proxy blind
delegation limits of authority, valid periods of delegation, signature by checking whether
etc.
h(.) a secure one-way hash function. (24)
|| the concatenation of strings. where
6.2 Proxy Delegation Phase If it is true, the verifier accepts it as a valid proxy blind
signature, otherwise rejects.
Original Signer randomly chooses ,1< < n ; and
computes:
7. Security Analysis of the proposed scheme
(14)
and corresponding proxy public key Nonrepudiation: The original signer does not obtain the
proxy signer’s secret key and proxy signer does not
obtain original signer’s secret key . Thus, neither the
original signer nor the proxy signer can sign in place of
6.3 Blind Signing Phase the other party. At the same time, through the valid proxy
blind signature, the verifier can confirm that the
Proxy Signer randomly choose , where 1 < < n and signature of the message has been entitled by the original
computes: signer, because the verifier must use the original signer’s
public key during the verification. Likewise, the proxy
signer cannot repudiate the signature. The scheme offers
(18) nonrepudiation property.
and then sends to signature asker A. To obtain the Unforgeability: An adversary (including the original
blind signature of message m, original signer O randomly signer and the receiver) wants to impersonate the proxy
choose two random numbers u,v and computes: signer to sign the message m. He can intercept the
delegation information but he cannot obtain
(19) the proxy signature secret key . From Equation (15),
(20) we know that only the proxy signer holds the proxy
(21) signature secret key . Because of 1 < < n , the
adversary can obtain the proper proxy signature secret
If then A has to select new tuple (u,v),Otherwise key by guessing it with at most a probability .That is,
O sends e to P. After receiving e proxy signer P computes : anyone else (even the original signer and the receiver)
can forge the proxy blind signature successfully with a
(22) probability .
9. Conclusion
We analyzed that Aung et al.’s DLP based proxy blind
Identifiability: The proxy blind signature signature scheme with low computation does not satisfy
contains the warrant . Moreover, in the verifiability property of proxy blind signature scheme
the verification equation .Compared with Aung et al’s scheme , we present a more
which includes the original signer O’s public key and efficient and secure proxy blind signature scheme to
the proxy signer P’s public key . Hence, anyone can overcome the pointed out drawback of the Aung et al’s
determine the identity of the corresponding proxy signer scheme.We proved that our scheme is more efficient and
from a proxy signature. secure than the previous schemes.
Authors Profile
Asis Kumar Tripathy received the B.E.
degree in Information Technology from
bialasore College of Engineering and
Technology in 2006. He has joned the
same college as Lecturer since
26.12.2006. Now, he is persuing his
M.Tech degree at International Institute
of Information Technology-Bhubaneswar,
Orissa, India. His research area of interest is Information Security