【作者】 郭浩；

【导师】 曹珍富；

【作者基本信息】 上海交通大学 ， 计算机技术， 2013， 硕士

【摘要】 随着网络技术的飞速发展，各行各业都离不开网络。网络技术的出现和发展，在方便我们生活和工作的同时，也带来了很多信息安全方面的难题。由于互联网的开放性，恶意攻击者很容易对网上传播的信息进行拦截和篡改，因安全漏洞和黑客入侵而造成巨大损失的案例日益增多，网络安全问题日益重要和迫切。公钥密码技术可以为网络时代的用户保密数据、保护数据完整性和认证用户身份和数据来源等，从而能保障数据安全。传统的公钥密码签名方案虽然经受住了各种攻击的考验而被广泛地应用在实际生活中，但仍存在诸多不足，其中之一便是交互过程比较繁琐，因为验证者需先通过公钥基础设施获得公钥后才能验证签名的有效性。身份基签名方案的出现则简化了相关的交互过程，因为验证者获取公钥不再通过公钥基础设施而是由用户的身份信息直接计算得出。因此基于身份的签名方案受到密码研究者的广泛关注。目前，学者们提出的身份基签名方案主要采用配对运算实现，而配对运算由于涉及到大量高复杂度操作而严重降低了方案的效率，这也是身份基签名方案具有传统签名方案无可比拟的优势却得不到广泛应用的原因之一。也因此，采用非配对的方法实现身份基签名方案成为密码学界非常感兴趣的研究方向。二次剩余理论是数论中的著名理论之一。近几年来，密码学者们已提出大量基于二次剩余的身份基签名方案，却鲜有采用其他高次剩余理论如四次剩余构造的身份基签名方案被提出。而四次剩余理论是与二次剩余相类似的一套高次剩余理论，且四次剩余同二次剩余类似，也具有雅可比符号表示、四次互反律等性质，因此可以利用四次剩余来构造身份基签名方案。本文的研究内容便是结合代数学和密码学等方面的技术，主要是四次剩余理论和身份基签名，设计出兼具安全性和高效性的新方案。文中首先在介绍四次剩余相关理论的基础上，提出了一个能在给定的相关条件下求出四次剩余数的四次方根的新算法。随后以此算法为基础，构造了一个基于四次剩余的身份基签名方案，并给出此方案的安全性的形式化证明。为了实现可撤销签名权限的效果，本文设计了第二个新方案，该方案采用中间机构完成最终的签名，只要中间机构拒绝签名便可撤销签名者的权限。本文的研究丰富和发展了四次剩余的理论和应用，也丰富了使用非配对的方法实现的身份基签名方案，同时填补了利用四次剩余构造身份基密码方案研究上的空白。更多还原

【Abstract】 With the rapid development of network, we cannot do business withoutnetwork. The emergence and development of the network technology, whichgreatly facilitates our work and study, brings a lot of security problems atthe same time. In view of the Internet is open, information is vulnerable toeavesdropping, tampering and other attacks, and cases of huge losses due tosecurity breaches and hacking are increasing. Network security problemsbecome increasingly important and urgent. As the technology to ensuresecurity of information on the network, public key cryptography can provideusers with information confidentiality, information integrity protection, useridentity and information for source certification.Although traditional public key cryptography signature schemes havewithstood the trial of all kinds of attacks and been widely applied ineveryday life, there is still an inadequacy that the verifier needs to obtain thepublic key through a public key infrastructure before he verifies a signature.And the interaction process is cumbersome. Signature schemes based onidentity (also known as identity-based signature schemes) simplify theinteraction process. Because in identity-based schemes, the signer’s publickey can be calculated directly from his identity information, without goingthrough a public key infrastructure. Therefore identity-based signatureschemes attract lots of attention of researchers.Up to now, the proposed identity-based signature schemes are based onpairing operation, which consists of a large number of high complexityoperations and seriously reduce the efficiency of the schemes. That is alsoone of the reasons why identity-based signature schemes have incomparableadvantages over traditional signature schemes but were not widely applied. Therefore identity-based signature schemes without pairing operationbecome a research topic of cryptography.Quadratic residue theory is famous in number theory. Identity-basedsignature schemes based on quadratic residues have made fruitful researchresults. Then those schemes based on quartic residues are an emerging fieldof study. Compared with quadratic residues, quartic residues have similarproperties such as the Jacobi symbol, quartic reciprocity law and so on, butthe latter can express1more bit of information than the former. Hence it ispractical to construct identity-based signature schemes based on quarticresidues.The main work of this article is to study quartic residues and identity-based signature schemes, then design effective and secure signature schemes.The article first introduced the theoretical basis, definitions and relatedproperties of quartic residues. Then a new algorithm was proposed tocalculate the fourth root of quartic residue integers in a Gaussian ring, andbased on which a new identity-based signature scheme using quarticresidues theory was constructed. The security of the scheme is based on thedifficult problem of factorization in a Gaussian ring. By detailed securityanalysis, the article formally proves that the scheme can avoid existentialforgery on the adaptive chosen message and identity attacks. It should bepointed out that the scheme is the first identity based signature schemewhich is based on quartic residues. In order to withdraw the signing privilege,the article proposes the second identity based signature scheme based onquartic residues. The basic idea is to use intermediaries to complete the finalsignature. If you would like to revoke signer permissions, you just make theintermediate institutions refuse to sign.This research develops the theory and application of high times powerresidues as well as enriches the identity-based cryptographic schemeswithout pairing operation and fills the blank of construction of identity-based signature schemes using quartic residues.更多还原