6.1. Conclusion
In this dissertation, we provide a new strong proxy signature scheme in DSA, a strong proxy signature scheme with forward secure property and a one-time proxy signature. This new strong proxy signature scheme in DSA satisfies all the requirements Lee, et al proposed. It provides another method to practice proxy signature, and we also design a procedure to apply it in the PKIs. The second scheme suggests a stronger proxy signature scheme and it combines strong proxy signature with forward secure property. It is more attacker-resistant because even a secret key of a proxy signer is compromised at some time period. The signatures which proxy signer signed for the original person still valid provided that the signatures are signed before key exposure. However, this is not sufficient for the use of a proxy signature.
The key exposure problem in distributed environments is also a serious problem against the security of a strong proxy signature scheme. For this reason, we can adopt a strong proxy signature scheme with forward secure property to lengthen the lifetime of a digital signature.
On the other way, we have proposed the generalized Lamport-t one-time signature scheme and apply it on the proxy signature. We use the concepts of hashing chain, signing long message and fly key to improve the storage space of key and get great
results. We expect that our scheme can be used to build more operative one-time signature schemes. In case of the base scheme L(1) of the proposed scheme, the proposed scheme is a conventional Lamport one-time signature scheme.
6.2. Future Work
XML signatures are digital signatures designed for use in XML transactions. The standard defines a schema for capturing the result of a digital signature operation applied to arbitrary data. Like non-XML-aware digital signatures (e.g., PKCS), XML signatures add authentication, data integrity, and support for non-repudiation to the data that they sign. However, unlike non-XML digital signature standards, XML signature has been designed to both account for and take advantage of the Internet and XML. A fundamental feature of XML signature is the ability to sign only specific portions of the XML tree rather than the complete document. The different components are authored at different times by different parties and each signing only those elements relate to itself. This flexibility will be suitable to be use in the proxy signer. The original signer and the proxy signer have the signatures respectively.
Those results can be applied on electronic commerce.
In other way, a proxy signature can be used into a mobile agent who can be applied in the electronic commerce. Mobile agents are autonomous software entities
which are able to migrate across different execution environments. Mobility and autonomy make permanent connections unnecessary. There are following fundamental problems of executing mobile code. (1) Code and execute integrity, (2) Code privacy, and (3) Computing with secrets in public. Mobile agents are suitable for providing low-bandwidth connections and asynchronous communications. So far, the relative discussions on proxy signature are rare, and not applicable. The issue is a good interesting problem to research.
References
[AF99] C. Adms, S. Farrell, “Internet X.509 public key infrastructure certificate management protocols,” March 1999.
[AMN01] M. Abdalla, S. Miner and C. Namprempre, “Forward-secure threshold signature schemes,” LNCS 2020, Springer-Verlag, CT-RSA 2001, pp.
143-158, Apr. 2001.
[And99] R. Anderson, Invited lecture, Fourth Annual Conference on Computer and Communications Security, ACM, 1997.
[ANSI99] ANSI X9.63, “Public key cryptography for the financial services industry: Key agreement and key transport using elliptic curve cryptography,” Jan 1999.
[AR00] M. Abdalla and L. Reyzin “A new forward-secure digital signature scheme”, Asiacrypto, pp. 116 -129, 2000.
[BC+01] M. Burmester, V. Chrissikopoulos, P. Kotzanikolaou and E. Magkos,
“Strong forward security”, Proceedings of the Sixteenth international conference on Information security, Kluwer International Federation For Information Processing Series (IFIP), pp. 109-122, 2001.
[BC93] Jurjen N. Bos, David Chaum, “Provable unforgeable signatures,”
Advances in Cryptology – Crypto’92, LNCS 740, Springer-Verlag, pp.
31-53, 1993.
[BM99] M. Bellare and S. Miner, ”A forward-secure digital signature scheme,”
Advances in Cryptology - Crypto’99 Proceedings, LNCS 1666, Springer-Verlag, pp. 431-438, Sep. 1999.
[BPH02] L. Bassham, W. Polk, R. Housley, ”Alogrithms and Identifiers for the Internet X.509 public key infrastructure certificate and Certificate Revocation List (CRL) profile,” RFC3279, April 2002.
[CCH03] Tzer-Shyong Chen, Yu-Fang Chung, and Gwo-Shiuan Huang,
“Efficient proxy multisignature schemes based on the elliptic curve cryptosystem,” Computers & Security, vol 22, no 6, pp 527-534,2003.
[CF+03] S. Chokhan, W. Ford, R. Sabett, C. Merill, S. Wu, “ Internet X.509 public key infrastructure certificate policy and certificate practices framework,” RFC3647, November 2003.
[Cha83] D. Chaum, “Blind signatures for untraceable payments,” Advances in
Cryptology - Proceedings of Crypto '82, pp. 199-203, 1983.
[ElG85] T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms,” IEEE Transactions on Information Theory, vol.
31, no. 4, pp. 469-472, July 1985.
[GQ88] L.C Guillou, J.J. Quisquater, “A paradoxical identity-based signature scheme resulting from zero-knowledge,” Advances in Cryptology CRYPTO’88 LNCS Vol.403, pp.216-231, Aug.1988.
[HS97] Stuart Haber and W. Scott Stornetta, “Secure names for bit-strings,”
Proceedings of the 4th ACM conference on Computer and Communication Security, April 1997.
[HTT04] Min-Shiang Hwang, Shiang-Feng Tzeng, and Chwei-Shyong Tsai,
"Generalization of proxy signature based on elliptic curves," Computer Standards & Interfaces, vol.26, pp.73–84, March 2004.
[HWW01] Chien-Lung Hsu, Tzong-Sun Wu, Tzong-Chen Wu, “New nonrepudiable threshold proxy scheme with known signers,” The Journal of System and Software 58, pp. 119-124, 2001.
[KB+01] H. Kim, J. Baek, B. Lee, and K. Kim, “Secret computation with secrets for mobile agent using one-time proxy signature”, SCIS'2001, 14C-3, pp. 845-850, Osio, Japan, 2001.
[KPW97] S. Kim, S. Park, and D. Won, "Proxy signatures, revisited," Proceedins of ICICS’97, Springer-Verlag, LNCS 1334, pp. 223-232, 1997.
[Kra00] H. Krawczyk. “Simple Forward-Secure Signatures From Any Signature Scheme “, Proceedings of the 7th ACM Conference on Computer and Communications Security, ACM Press, pp.108-115, 2000.
[LA03] S. Lal and A. K. Awasthi, “Proxy blind signature scheme,” to appear in Journal of Information Science and Engineering Cryptology ePrint Archive, Report 2003/072.
[Lam79] L. Lamport, “Constructing digital signatures from a one-way function,” Technical Report CSL-98, SRI International, 1979.
[LC03] Wei-Bin Lee and Tzung-Her Chen, “Constructing a proxy signature scheme based on existing security mechanisms,” Information&
Security International Journal, vol 12, no. 2, pp.250-258, 2003.
[LHW98] Narn-Yih Lee, Tzonelih Hwang, Chih-Hung Wang, “On zhang's nonrepudiable proxy signature schemes,” ACISP 1998, pp. 415-422, 1998.
[LK99] B. Lee, and K. Kim, "Strong proxy signatures,” IEICE Trans.
Fundamentals, vol. E82-A, no.1, pp.1-11, Jan 1999.
[LKK101] B. Lee, H. Kim and K. Kim, "Strong proxy signature and its applications," Proceedings of SCIS 2001, 11B-1, pp. 603-608, 2001.
[LKK201] B. Lee, H. Kim, and K. Kim, “Secure mobile agent using strong non-designated proxy signature”, Proceedings of ACISP2001, LNCS vol. 2119, Springer-Verlag, pp. 474-486, 2001.
[LKK301] Byoungcheon Lee, Heesun Kim, and Kwangjo Kim, “Secure mobile agent using strong non-designated proxy signature,” LNCS, 2001.
[LTH03] Li-Hua Li, Shiang-Feng Tzeng and Min-Shiang Hwng,
“Generalization of proxy signature-based on discrete logarithms,”
Computer & Security, vol. 22, no. 3, pp. 245-255, 2003.
[MEE00] Elsayed Mohammed, A. E. Emarah and Kh. El-Shennawy, “A blind signature scheme based on ElGamal signature,” 17th National Radio Science Conference, Egypt, 2000.
[Men93] Alfred Menezes, Elliptic Curve Publish Key Cryptosystems, Kluwer Academic Publishers, 1993.
[Mer87] R. C. Merkle, “A certified digital signature based on a conventional function,” Advances in Cryptology - Crypto’87, LNCS 293, pp.
369-378, 1987.
[MUO196] M. Mambo, K. Usuda, and E. Okamoto, "Proxy signatures: delegation of the power to sign messages, " IEICE Trans. Fundamentals, vol.
E79-A, no.9, pp.1338-1354, 1996.
[MUO296] M. Mambo, K. Usuda, and E. Okamoto. “Proxy signatures for
delegating signing operation,” In Proceedings of the 3rd ACM Conference on Computer and Communications Security (CCS), 48C57.
ACM, 1996.
[MVS96] Alfred J. Menezes, Paul C. Van, Oorschot and Scott A. Vanstone, Handbook of Applied Cryptography, CRC Press, 1996.
[Neu93] B. Clifford Neuman, “Proxy-based authorization and accounting for distributed systems,” International Conference on Distributed Computing Systems 1993.
[NIST00] NIST. “Digital Signature Standard (DSS),” Federal Information Processing Standards Publication 186, November 1994. Revision (To include ECDSA) 186-2, January, 2000.
[NIST02] NIST. “Secure hash standard,” Federal Information Processing Standards Publication FIPS PUB 180-2, Aug. 2002.
[OS91] H. Ong and C. Schnorr, “Fast signature generation with a Fiat Shamir-like scheme”, Advances in Cryptology - Eurocrypt'90, LNCS vol.473, Springer Verlag , pp. 432-440, 1991.
[Rab79] M. O. Rabin, “Digitalized signatures,” Foundations of Secure Communication, Academic Press, pp. 155-168, 1979.
[RSA78] R. L. Rivest, A. Shamir, L. Adelman, “A method for obtaining digital signature and public key cryptosystem,” Comm. ACM 21 (2),pp.
120-126, 1978.
[RSA00] RSA Laboratories, “PKCS #10: Certification request syntax specification,” RFC 2986, Version 1.7, November 2000.
[Sch95] L.A.M. Schoenmakers, “An efficient payment system withstanding parallel attacks,” CWI, CS-R9522, 1995.
[Sch00] B. Schneier, Applied cryptography, John Wiley & Sons, 2000.
[SH04] H. M. Sun and B. T. Hsieh, “On the Security of the some proxy blind signature scheme,” Proceedings of the second workshop on Australasia Information Security, Data Mining and Web Intelligence, and Software Internationalisation, vol 32, pp 75-78, 2004.
[SLH99] H. M. Sun, N. Y. Lee, and T. Hwang," Threshold proxy signatures" IEE proceedings – Computers and Digital Techniques, vol. 146, no. 5, pp.
259-263, 1999.
[Son01] D. Song, “Practical forward secure group signature schemes,” 8th ACM Conference on Computer and Communications Security (CCS-8), 2001.
[Sti02] Douglas R. Stinson, Cryptography Theory and Practice, 2nd, CRC Press, 2002.
[Sun99] H. M. Sun, "An efficient nonrepudiable threshold proxy signature scheme with known signers," Computer Communications, vol. 22, no.
8, pp. 717-722, New York, IPC Science and Technology Press, 1999.
[Sun00] H. M. Sun, "On the Design of Time-Stamped Proxy Signatures with Traceable Receivers", IEE Proceedings - Computers and Digital Techniques, accepted, London, IEE Press, 2000.
[TLT02] Z. Tan, Z. Liu and C. Tang, “Digital proxy blind signature schemes based on DLP and ECDLP,” MM Research Preprints’ no. 21, MMRC, AMSS Academia Sinica, Beijing, pp. 212-217, 2002.
[TJC03] Yuh-Min Tseng, Jinn-Ke Jan and Hung-Yu Chien, “Digital signature with message recovery using self-certified public keys and its variants,” Applied Mathematics and Computation vol. 136, pp.
203-214, 2003.
[SW02] K. Shum and V. K. Wei, "A strong proxy signature scheme with proxy signer privacy protection," IEEE Eleventh International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp 55 –56, June 2002.
[WP03] H. Wang and J. Pieprzyk, “Efficient one-time proxy signatures,”
Asiacrypto’03, LNCS 2894, pp. 507-522, 2003.
[WS96] T. C. Wu and H. S. Sung, “An improved one-time digital signature scheme based on one-way function,” Journal of Information science and Engineering, vol.12 no.3, pp. 387-395, 1996.
[YBX00] Lijang Yi, Guoqiang Bai and Guizhen Xiao, “Proxy multi-signature scheme: A new type of proxy signature scheme,” Electronic Letters 16th, vol. 36, no. 6, pp. 527-528, March 2000.
[Zha97] K. Zhang, “Threshold proxy signature schemes,” 1997 Information Security workshop, Japan, pp. 191-199, September, 1997.
[Zho98] K. Zhong, "Efficient protocols for signing routing messages,"
Proceedings of NDSS, 1998.
[ZW+04] Jianhong Zhang, Qianhong Wu, Jilin Wang, Yumin Wang, “An improved nominative proxy signature scheme for mobile communication,” Proceedings of the 18th International Conference on Advance Information Networking and Application (AINA’04), 2004.