Translated Abstract
Due to its characteristics of anonymous authentication, traceability, etc, group digital signature is an important technology in Cryptography, and has a broad prospect of application in all aspects of society. However, existing group signature schemes are designed in central structures, in the sense that a global manager is used to perform all management tasks such as enrolling, tracing, key management, system maintenance. Obviously it might become a performance bottleneck because of heavy burden. In addition, to play more important role, a group signature scheme needs to acclimatize itself to Internet network environment and characteristics of organizations in real life, where users are organized in a hierarchical manner and each organization is a relatively independent security domain with the right of decision and management. Therefore, study on group signature which possesses distributed feature is of important theoretical and application value.Aiming at the requirements under the above background, this thesis first presents the concept of Tiered Group Signature, and gives its implementation scheme. More Specifically Speaking, the thesis introduces the characteristics of Tiered Group Signature, gives its formal definition, implementation detail, and proves its security based on widely accepted strong Diffie-Hellman assumption and subgroup decision assumption in the standard model. The scheme is implemented by the delegation certificate to confirm the identity of users in the group, the anonymous certificate is bond to the private key, and consists of the signature. Thus, the scheme insures identity authentication, reliability, integrity, non-repudiation of messages at the same time. Moreover, it has the anonymity and anonymity revocation characteristics of general group signature. Therefore, Tiered Group Signature is of great value in many fields such as electronic payment, electronic voting, and accessing control, etc.Because of the widespread use of Internet in recent years, electronic commerce such as online shopping has developed rapidly .As the important foundation of electronic commerce, the safety of electronic payment is one of the core factors restricting the development of electronic commerce. Internet has the characteristics such as opened, distributed and insecurity. Existing payment systems are difficulty to satisfy the needs of electronic commerce on Internet. Because the main problems are followings: 1) They are lacking in privacy protection of customers. 2) They do not well support multiple banks in distributed organization. 3) The security of systems is incomplete, and so on.Aiming at the above problems, the thesis designs a new electronic payment system putting the above Tired Group Signature into use. Privacy protection of the users and conforming to the characteristics of bank distributed network in real life or in Internet environment are the main concerns in the system. It also satisfies essential security demand of electronic payment systems. To be specific, the thesis designs an electronic payment system and illustrates its working mechanism, the major function modules of system have been realized in the VC development platform, and tests have been carried to them, They prove the correctness of the system. The system uses an approach of multi-level authorization from anonymous service provider to multiple banks to users of bank to achieve the authenticity authentication of user account in bank. Users of bank signature messages using the private key which is bound to anonymous certificate, and re-randomize the signature in each transaction, businesses can not link the records to consumers. So the system has the characteristic of privacy protection. It improves security in the meantime because it do not need for the bank account information which may be abused without permission.
Corresponding authors email