+

WO2006069994A2 - Procede et dispositif d'authentification de communications - Google Patents

Procede et dispositif d'authentification de communications Download PDF

Info

Publication number
WO2006069994A2
WO2006069994A2 PCT/EP2005/057176 EP2005057176W WO2006069994A2 WO 2006069994 A2 WO2006069994 A2 WO 2006069994A2 EP 2005057176 W EP2005057176 W EP 2005057176W WO 2006069994 A2 WO2006069994 A2 WO 2006069994A2
Authority
WO
WIPO (PCT)
Prior art keywords
chr
authentication
values
chameleon
data
Prior art date
Application number
PCT/EP2005/057176
Other languages
English (en)
Other versions
WO2006069994A3 (fr
Inventor
Roberto Di Pietro
Antonio Durante
Luigi Mancini
Original Assignee
Universita' Degli Studi Di Roma 'la Sapienza'
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Universita' Degli Studi Di Roma 'la Sapienza' filed Critical Universita' Degli Studi Di Roma 'la Sapienza'
Publication of WO2006069994A2 publication Critical patent/WO2006069994A2/fr
Publication of WO2006069994A3 publication Critical patent/WO2006069994A3/fr

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions

Definitions

  • This invention refers to the field of communications safety and, more precisely, to a process and device for the authentication of communications.
  • the authentication of communications can be defined as a process able to certify the origin of the data.
  • An authenticator party A possesses IT tools and a secret item of information (typically a secret value, known as a key) that fulfil an authentication technique. A is therefore able to create a binding connection between its own identity and the data that it wishes to authenticate.
  • a secret item of information typically a secret value, known as a key
  • a hash function consists of a special mathematical transformation that, when applied to a document to be signed, maps a so-called “footprint” or “stamp”: this is a "summary” composed of a greatly reduced (and constant) number of bits, which unambiguously represents the original document. It is necessary that the hash function employed benefits from certain important properties. Briefly put, we can say that a good hash function must be "non-invertible” and "collision-free". The first property means that given a stamp (namely, the hash of a document), it must not be possible to extract the document from which it derives, while the second means that it must not be possible to find two different documents that produce the same stamp.
  • SHA-1 hash function
  • FIPS PUB 180-1 edited by the National Institute of Standard -NIST- USA
  • RSA functions are used in the known manner in combination with standard asymmetric cryptography techniques, such as the RSA functions for example, described in the article by R. Rivest, A. Shamir and L. Adleman, entitled “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems", Communications of the ACM, 21 (2), pp. 120-126, February 1978.
  • the RSA functions implement non-transferable electronic signatures, used precisely for authentication.
  • the object of this invention is that of indicating a process and device for the authentication of communications, based on the use of chameleon functions, able to overcome the aforesaid drawbacks.
  • a process and device for the authentication of communications is the object of this invention, as better described in the claims, which form an integral part of this description.
  • Figures 1 and 2 illustrate the steps of the process forming the subject of this invention.
  • the Authentication Technique forming the subject of the invention allows a chameleon hash function to be used without the aid of other authentication methods for electronically signing data.
  • a party that wishes to use the chameleon hash functions for authenticating data generates two values, CKR and HKR, in accordance with a given generation algorithm, in itself known.
  • the HKR value is known as the public key and anyone who knows it is able to efficiently calculate the chameleonic hash function, indicated as CHR(m, r).
  • the possessor of CKR (the secret key, known as the "trapdoor") can easily find collisions for a given output value of the chameleon function.
  • the CHR function Given a message mO and a pseudo-random value rO (otherwise known as a seed), the CHR function generates a hash value CHR(mO, rO) that satisfies the following properties:
  • the Authentication Technique forming the subject of the invention provides for the following steps.
  • Y), and considering the collision property of the secret key, the sender A is able to generate a pseudo-random value s1 such that CHR(H (d I Y), s1 ) ⁇ (phase M3, Fig. 1 ).
  • Sender A sends the three values to an addressee B: ⁇ ⁇ > d, s1 >, where Y is known as the "authentication token", d is the data to be authenticated and s1 is the pseudo-random value, (phase M4, Fig. 1 ).
  • Addressee B receives the three values ⁇ Y, d, s1 > (phase D1 , Fig. 2) and calculates:
  • An example of a device that embodies the authentication method forming the subject of the invention thus contemplates a part resident with the sender and a part with the addressee.
  • the part resident with the addressee receives the values ⁇ Y, d, s1 > and performs the calculations described in point 4 above, as in phases D1-D5 in Fig.
  • the device can be implemented via computers of known type resident with the sender and the addressee, opportunely programmed using known programming languages, such as C, C++ or C# for example.
  • the process can be implemented to advantage through programs resident in said computers that include means of coding for implementing one or more steps of the process, when these programs are run on said computers. It is therefore intended that the scope of protection extends to said programs for computers and also to the media that can be read by computer and contain a recorded message, said computer-readable media including program code for implementing one or more steps of the process when said program is run on a computer.
  • the length of the additional information to allow authentication consists in the values Y and s1 (the data d would in fact be sent in any case). These values are smaller with respect to the values required for RSA type authentication algorithms.
  • the authentication of data with RSA implies the generation of a packet with the length of the encoding key, which is typically 2048 bits.
  • s1 can be equal to 1024 bits and v is typically 128 bits long.
  • the security of the proposed scheme resides in the difficulty for an attacker to calculate a collision for a particular value generated via a chameleon function in the absence of the secret key CKR.
  • the chameleonic functions can base their difficulty in calculating a collision, in the absence of the private key, on factorization techniques, such as RSA mentioned above, for example, or on the problem of calculating the discrete logarithm, as reported in the article by T.
  • EIGamal "A Public Key Cryptosystem and a Signature Scheme Based on Discrete Logarithms"; IEEE TRANSACTIONS ON INFORMATION THEORY, VOL.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer And Data Communications (AREA)
  • Communication Control (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention porte sur un procédé d'authentification de communications qui permet d'utiliser des fonctions de hachage caméléoniques sans le secours d'autres mécanismes d'authentification en vue de signer électroniquement des données.
PCT/EP2005/057176 2004-12-27 2005-12-27 Procede et dispositif d'authentification de communications WO2006069994A2 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
ITRM20040642 ITRM20040642A1 (it) 2004-12-27 2004-12-27 Procedimento e dispositivo per l'autenticazione delle comunicazioni.
ITRM2004A000642 2004-12-27

Publications (2)

Publication Number Publication Date
WO2006069994A2 true WO2006069994A2 (fr) 2006-07-06
WO2006069994A3 WO2006069994A3 (fr) 2006-08-24

Family

ID=36481225

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2005/057176 WO2006069994A2 (fr) 2004-12-27 2005-12-27 Procede et dispositif d'authentification de communications

Country Status (2)

Country Link
IT (1) ITRM20040642A1 (fr)
WO (1) WO2006069994A2 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008149029A3 (fr) * 2007-05-23 2009-04-16 France Telecom Delegation de signature numerique
CN114710298A (zh) * 2022-06-02 2022-07-05 深圳天谷信息科技有限公司 基于变色龙哈希的文档批量签署方法、装置、设备及介质

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6108783A (en) * 1998-02-11 2000-08-22 International Business Machines Corporation Chameleon hashing and signatures

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008149029A3 (fr) * 2007-05-23 2009-04-16 France Telecom Delegation de signature numerique
CN114710298A (zh) * 2022-06-02 2022-07-05 深圳天谷信息科技有限公司 基于变色龙哈希的文档批量签署方法、装置、设备及介质

Also Published As

Publication number Publication date
ITRM20040642A1 (it) 2005-03-27
WO2006069994A3 (fr) 2006-08-24

Similar Documents

Publication Publication Date Title
EP2707990B1 (fr) Procédé pour la création d'une signature numérique multiple
Park et al. Constructing fair-exchange protocols for E-commerce via distributed computation of RSA signatures
CA2228185C (fr) Protocole de verification
US20120096274A1 (en) Authenticated encryption for digital signatures with message recovery
US9882890B2 (en) Reissue of cryptographic credentials
WO2012049629A1 (fr) Cryptage authentifié pour signatures numériques à récupération de message
KR0144086B1 (ko) 인증교환과 전자서명 방법
JP2004208263A (ja) バイリニアペアリングを用いた個人識別情報に基づくブラインド署名装置及び方法
WO2012156254A1 (fr) Procédé pour exécuter une signature numérique de groupe
Hwang et al. An untraceable blind signature scheme
Mansour Analysis of RSA digital signature Key generation using strong prime
Kumar et al. An efficient implementation of digital signature algorithm with SRNN public key cryptography
Stallings Digital signature algorithms
CN113055161B (zh) 一种基于sm2和sm9数字签名算法的移动终端认证方法与系统
Chande et al. An improvement of a elliptic curve digital signature algorithm
JP4307589B2 (ja) 認証プロトコル
Andreevich et al. On Using Mersenne Primes in Designing Cryptoschemes
WO2006069994A2 (fr) Procede et dispositif d'authentification de communications
Wu et al. Self-certified multi-proxy signature schemes with message recovery
Jain Digital signature algorithm
Pathan et al. Bilinear-pairing-based remote user authentication schemes using smart cards
US20110113253A1 (en) Enhanced digital signatures algorithm method and system utilizing a secret generator
JP2004222331A (ja) ユーザが電子商取引/情報サービス提供者の正当性をチェックできるようにする方法
Chande et al. An elliptic curve based multi-signature scheme for wireless network
Lee et al. The security of two ID-based multisignature protocols for sequential and broadcasting architectures

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 05850499

Country of ref document: EP

Kind code of ref document: A2

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载