English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  Items with full text/Total items : 113451/144438 (79%)
Visitors : 51283077      Online Users : 885
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
Scope Tips:
  • please add "double quotation mark" for query phrases to get precise results
  • please goto advance search for comprehansive author search
  • Adv. Search
    HomeLoginUploadHelpAboutAdminister Goto mobile version
    政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 >  Item 140.119/120258
    Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/120258


    Title: ECQV自簽名憑證及其延伸應用之研究
    A Study on ECQV Self-singed Certificate and Its Extensions
    Authors: 蘇勤文
    Su, Ching-Wen
    Contributors: 左瑞麟
    Tso, Ray-Lin
    蘇勤文
    Su, Ching-Wen
    Keywords: Elliptic curve Qu-Vanstone(ECQV)
    隱式憑證
    憑證更新
    Elliptic curve Qu-Vanstone(ECQV)
    Implicit certificate
    Certificate update
    Date: 2018
    Issue Date: 2018-10-01 12:10:34 (UTC+8)
    Abstract: Elliptic curve Qu-Vanstone(ECQV)由Daniel等人於2001年提出,為目前眾多系統及標準使用的隱式憑證。隱式憑證確保只有憑證的原始擁有者可以算出相應私鑰,且隱式憑證並不包含簽章,因此可以快速計算,適合用於能力受限的系統設備上。但是我們發現ECQV存在兩個問題。第一個問題,由於隱式憑證不包含簽章的特性,在與對方溝通之前無法驗證用戶是否是正確的對象。第二個問題,由於證書和公鑰是一對一的對應關係,當用戶需要多個密鑰時,他們必須頻繁地與證書頒發機構(CA)溝通,這可能增加傳輸溝通成本。因此本研究提出兩種機制來解決上述問題。代理憑證機制以及憑證更新機制,兩種機制皆可基於原始憑證,自行產生多組公私鑰。代理憑證機制產生的公私鑰可分與他人做使用;憑證更新機制不可分與他人做使用,且生成的憑證具有可驗證性,可證實為原憑證擁有者生成,因此兩個機制可滿足不同的情境。另外我們也針對私鑰的機密性和證書的不可偽造性進行安全性證明。同時我們也透過實作證實,相較RSA或是ECQV我們提出的機制確實可以利用較少的時間、較低的成本生成憑證,因此適用於能力受限系統。
    Elliptic curve Qu-Vanstone (ECQV) is now the most commonly used implicit certificate. However, we noticed that ECQV presents two main problems. First, due to the characteristics of the implicit certificate, it is not possible to verify whether the user is the correct object until we communicate with. Second, the certificate and the public key are in a one-to-one correspondence; hence, when users need multiple keys, they have to frequently communicate with the Certificate Authority (CA), which may increase the communication transmission costs. Therefore, we propose two schemes to solve the above issues. The proxy certificate scheme allows users to update their public/private keys without asking for a new certificate from the CA. The certificate update scheme allows users to update their keys and verifiers to check their identities. Then we also make sure that our scheme satisfy the confidentiality of the private key and the unforgeability of the certificate. In addition, we also implement the scheme we proposed and proved that it took a short time. Therefore, the mechanism we propose can indeed reduce the cost and suitable for power-limited systems.
    Reference: [1] Cooper, David, et al. Internet X. 509 public key infrastructure certificate and certificate revocation list (CRL) profile. No. RFC 5280. 2008.
    [2] Brown, Daniel RL, Robert Gallant, and Scott A. Vanstone. "Provably secure implicit certificate schemes." International Conference on Financial Cryptography. Springer, Berlin, Heidelberg, 2001.
    [3] IEEE 1609.2-Standard for Wireless Access in Vehicular Environments (WAVE) - Security Services for Applications and Management Messages, available from ITS Standards Program, http://www.standards.its.dot.gov/StdsSummary.asp.
    [4] Miller, Victor S. "Use of elliptic curves in cryptography." Conference on the theory and application of cryptographic techniques. Springer, Berlin, Heidelberg, 1985.
    [5] Koblitz, Neal. "Elliptic curve cryptosystems." Mathematics of computation 48.177 (1987): 203-209.
    [6] Menezes, Alfred J., and Scott A. Vanstone. " Elliptic curve cryptosystems and their implementation." Journal of Cryptology 6.4 (1993): 209-224.
    [7] Law, L., and J. Solinas. Suite B cryptographic suites for IPsec. No. RFC 4869. 2007.
    [8] Pintsov, Leon A., and Scott A. Vanstone. "Postal revenue collection in the digital age." Financial Cryptography. Vol. 1962. 2000.
    [9] Brown, Daniel RL, Matthew J. Campagna, and Scott A. Vanstone. "Security of ECQV-Certified ECDSA Against Passive Adversaries." IACR Cryptology ePrint Archive 2009 (2009): 620.
    [10] D. R. L. Brown. Generic groups, collision resistance, and ECDSA. Designs, Codes and Cryptography, 35:119–152, 2005. http://eprint.iacr.org/2002/026.
    [11] D. R. L. Brown. On the provable security of ECDSA. In I. F. Blake, G. Seroussi, and N. P. Smart, editors, Advances in Elliptic Curve Cryptography, volume 317 of London Mathematical Society Lecture Note Series, pages 21–40. Cambridge University Press, 2005.
    [12] P. Paillier and D. Vergnaud. Discrete-log-based signatures may not be equivalent to discrete log. In B. Roy, editor, Advances in Cryptology — ASIACRYPT 2005, volume 3788 of Lecture Notes in Computer Science, pages 1–20. International Association for Cryptologic Research, Springer, Dec. 2005.
    [13] Brown, Daniel RL, Robert Gallant, and Scott A. Vanstone. "Provably secure implicit certificate schemes." International Conference on Financial Cryptography. Springer, Berlin, Heidelberg, 2001.
    [14] Brown, D. "Standards for efficient cryptography, SEC 1: elliptic curve cryptography." Released Standard Version 1 (2009)
    [15] Kapoor, Vivek, Vivek Sonny Abraham, and Ramesh Singh. "Elliptic curve cryptography." Ubiquity 2008.May (2008): 7.
    [16] Kosters, Michiel, and Sze Ling Yeo. "Notes on summation polynomials." arXiv preprint arXiv:1503.08001 (2015).
    [17] Maletsky, Kerry. "RSA vs ECC comparison for embedded systems." White Paper, Atmel (2015): 5.
    [18] Campagna, M. "SEC 4: Elliptic curve Qu-Vanstone implicit certificate scheme (ECQV)." Certicom Res., Mississauga, ON, Canada, Tech. Rep (2013).
    [19] Schnorr, Claus-Peter. "Efficient identification and signatures for smart cards." Conference on the Theory and Application of Cryptology. Springer, New York, NY, 1989.
    [20] Schnorr, Claus-Peter. "Efficient signature generation by smart cards." Journal of cryptology 4.3 (1991): 161-174.
    [21] Pointcheval, David, and Jacques Stern. "Security proofs for signature schemes." International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg, 1996.
    [22] Pointcheval, David, and Jacques Stern. "Security arguments for digital signatures and blind signatures." Journal of cryptology 13.3 (2000): 361-396.
    [23] D. Pointcheval and J. Stern, “Security proofs for signature schemes”, Advances in Cryptology – Eurocrypt’96, 1996, pp. 387-398.
    [24] Seurin, Yannick. "On the exact security of schnorr-type signatures in the random oracle model." Annual International Conference on the Theory and Applications of Cryptographic Techniques. Springer, Berlin, Heidelberg, 2012.
    Description: 碩士
    國立政治大學
    資訊科學系
    105753005
    Source URI: http://thesis.lib.nccu.edu.tw/record/#G0105753005
    Data Type: thesis
    DOI: 10.6814/THE.NCCU.CS.021.2018.B02
    Appears in Collections:[資訊科學系] 學位論文

    Files in This Item:

    File SizeFormat
    300501.pdf696KbAdobe PDF2624View/Open


    All items in 政大典藏 are protected by copyright, with all rights reserved.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - Feedback