前向安全性

在标准模型下，给出了CL-AK协议的安全性证明，该协议满足完善前向安全性。

It is provably secure in the standard model . CL-AK protocol provides perfect forward secrecy .

该协议提供身份认证、密钥确认、完美前向安全性，并能够防止中间人攻击。

The protocol can provide identity authentication , key validation , perfect forward secrecy , and foil man-in-the-middle attacks .

一种具有用户匿名性和前向安全性的WTLS握手协议的安全性分析及其改进

Cryptanalysis and improvement of a WTLS handshake protocol with user anonymity and forward secrecy

目的为解决目前WTLS协议中缺乏前向安全性、无法抵抗中间人攻击的问题。

Aim In order to solve the trouble of the lack of forward secrecy and intermediator attack in current WTLS protocol .

其次，基于CPK设计了一个有效的两轮群密钥协商协议（GKA），并在CDH假设下给出了协议的前向安全性证明。

Next , based on CPK , we propose an efficient two-round group key exchange protocol ( GKA ) and present its proof of forward secrecy under the CDH assumption .

另一方面，利用双线对设计一个可以抵抗口令泄露攻击的两方PAKE协议，并在随机谕示模型下给出前向安全性证明。

Then we provide another provable secure two-party PAKE protocol using bilinear pairings in the random oracle model , which can be resistant to PCI attack .

支持前向安全性的数字签名技术是针对这一问题提出的解决方案。

Forward-secure signature is proposed to solve this kind of problem .

一种具有前向安全性的数字签名方案

A Digital Signature Scheme Based on the Forward-security

然而签密方案不能像传统方法那样同时提供前向安全性和可公开验证性。

But signcryption schemes cannot provide forward secrecy and public verifiability as the traditional method does .

新协议满足完善前向安全性和主密钥前向安全性。

It is also shown that the new protocol achieves perfect forward secrecy and KGC-forward secrecy . 4 .

并且该系统使得原始签名者和代理签名者的秘密钥都具有前向安全性。

The scheme made the secret key of the original signer and the proxy signer have forward secure .

新方案保持了不可否认数字签名方案的一般特点，并具有前向安全性。

The new scheme not only keeps the general feature of undeniable signature scheme , but also has the feature of forward secure .

改进协议实现了通信节点之间的双向认证，不但满足前向安全性、密钥认证性，还能有效抵抗被动攻击和中间人伪造攻击。

It provides not only the capability of forward secrecy and key authentication , but also the capability against passive attack and man-in-middle attack .

理论分析证明了新方案的安全性：即不可伪造性、可公开验证性、语义安全性和前向安全性。

It is demonstrated that the scheme presented by Huang and Chang cannot resist the known-plaintext attack , and cannot provide semantic security and forward security .

该协议满足密钥独立性，并且同时满足完善前向安全性、主密钥前向安全性，以及抗主动和被动攻击等安全性。

So the new protocol achieves key independence , and it provides perfect forward secrecy , KGC-forward secrecy and resistance to passive and active attacks as well .

除了对传统意义上的数字签名技术进行研究以外，研究者们还衍生出了盲签名、门限签名、代理签名、前向安全性的签名等等签名方案。

Besides following the traditional research of digital signature , researchers have derived Blind Signature , Threshold Signature , Proxy Signature , Forward-Secure Signature , and so on .

该方案弥补了代理签名体制在密钥安全性上的不足，秘密钥的前向安全性有效控制了密钥安全风险。

It make up the lack of the proxy signature scheme in the safety of the secret key , Forward security of the secret key be good for controlling the safety risk .

与现有两种方案相比，新方案具有黑盒子追踪、密文长度是常量、增加用户或撤消用户以及前向安全性和后向安全性等优点。

Compared with the existing two traitor tracing schemes , this scheme has many advantages such as black-box traitor tracing , ciphertexts of constant size , adding or revoking users , forward security and backward security .

论文将这种思想应用于椭圆曲线数字签名算法，利用双线性映射在椭圆曲线上构造了一个具有前向安全性的数字签名方案，并对其安全性做了分析。

With the application of the idea to the elliptic curves , a forward-secure signature scheme is constructed from bilinear pairings in this paper . And the security of the new signature scheme is also analysed .

新方案无可信中心，在保留了原有签名方案优点的基础上，还实现了前向安全性。（3）设计了一个基于双线性对的门限代理签名方案。

The new scheme without a trust party not only retains the advantages of original signature scheme , but also has a forward-security . ( 3 ) The author designs the threshold proxy signature form bilinear pairing .

分析结果表明，该方案可以抵抗窃取验证项攻击、字典攻击和Denning-Sacco攻击等，并且具有前向安全性等性质。

The analysis of this new protocol shows that the protocol is secure against stolen-verifier attack , dictionary attack , and the Denning - Sacco attack , and provides the property of the perfect forward secrecy . 2 .

同时，新协议可抵抗已知密钥攻击和离线猜测攻击在内的多种攻击，满足前向安全性，与同类协议相比具有更好的计算效率。

Meanwhile , the new protocol can prevent various attacks , including known-key attack and off-line guessing attack , and achieves forward secrecy . To compare with related protocols , the new protocol has better computation efficiency . 2 .

同时，设计了标准模型下可证安全的认证密钥协商协议，该协议具有良好的前向安全性和密钥无托管性，通过用户间的显式认证，提高了协议成功运行的效率。

At the same time , this paper presents an identity-based authenticated key exchange protocol in the standard model . The protocol is good forward security and session key non-hosting . Through the explicit authentication , it improves the efficiency of the implementation of the protocol .

对新方案的密钥更新协议、签名协议、签名的有效性验证协议、前向安全性验证协议用了零知识证明的思想，具有更高的安全性和效率。

The idea of zero-knowledge proof is used in key updating protocol - , the signature protocol - , validity verification protocol of signature and the verification protocol of forward security . It can guarantee that the new scheme is more secure and efficient than previous schemes .

在密钥分发过程中，采用可验证的门限秘密共享机制，服务器节点可以验证得到的私钥分量是否正确，提高了网络的安全性。（3）系统具有前向安全性。

In the process of key distribution , using the verifiable threshold secret sharing mechanism , server nodes can verify whether the part of private key is correct or not , which improves the safety of the network . ( 3 ) The system has forward security .

方案可方便增删托管代理成员，确保前向和后向安全性。

An agency can be easily added or deleted in this scheme ; meanwhile the forward and backward security can be ensured .

针对普适环境中节点随时加入和退出群组的特点，设计了组密钥更新协议，保证了组密钥的前向和后向安全性。

Considered nodes joining and leaving the group , group key renewing protocol is proposed , which can guarantee the forward security and backward security of group key .

前向安全的群签名方案是把前向安全性引入到了群签名方案中，提高了群签名方案的安全性，使其更能适合某些特定的应用。

The forward secure Group Signature Schemes introduce forward secure to the Group Signature , improved the security of the Group Signature s , make its can be suitable for some specific application .

分别基于单向散列链及随机数思想提出了两个强前向安全代理盲签名的方案，两个新方案中的签名系统均满足强前向安全性。

They are based on the one-way hash chain and the thoughts of the random number , and the two systems also have strong forward security property .