| dc.contributor.advisor | 左瑞麟 | zh_TW |
| dc.contributor.advisor | Tso, Ray-lin | en_US |
| dc.contributor.author (Authors) | 羅揚 | zh_TW |
| dc.contributor.author (Authors) | Lo, Yang | en_US |
| dc.creator (作者) | 羅揚 | zh_TW |
| dc.creator (作者) | Lo, Yang | en_US |
| dc.date (日期) | 2024 | en_US |
| dc.date.accessioned | 1-Nov-2024 11:23:01 (UTC+8) | - |
| dc.date.available | 1-Nov-2024 11:23:01 (UTC+8) | - |
| dc.date.issued (上傳時間) | 1-Nov-2024 11:23:01 (UTC+8) | - |
| dc.identifier (Other Identifiers) | G0111753147 | en_US |
| dc.identifier.uri (URI) | https://nccur.lib.nccu.edu.tw/handle/140.119/154213 | - |
| dc.description (描述) | 碩士 | zh_TW |
| dc.description (描述) | 國立政治大學 | zh_TW |
| dc.description (描述) | 資訊科學系 | zh_TW |
| dc.description (描述) | 111753147 | zh_TW |
| dc.description.abstract (摘要) | 適配器簽章是一種新的密碼學基元,透過將秘密洩露值與簽章綁定,成為解決區塊鏈技術擴展性問題的有力方法。它通過難解關係的見證者,將預簽章形式轉化為完整的簽章。
在本文中,我們提出了一種新的適配器簽章方案,稱之為「雙層適配器簽章」。該方案的特點是涉及兩個難解關係對,即兩個不同的實例/見證對。知道第一個見證的用戶可以驗證預簽章並將其轉換為完整的 full-1 簽章;知道第二個見證的用戶也可以驗證預簽章並將其轉換為完整的 full-2 簽章。此外,所提出的方案將預簽章設計為盲指定簽章。簽章者使用他/她的私鑰生成預簽章,並將原始訊息遮蔽成我們稱之為「遮蔽訊息」的形式。知道第一個見證的用戶可以驗證預簽章,並將指定驗證者的預簽章轉換為公開可驗證的 full-1 簽章,該簽章可以通過遮蔽訊息進行驗證。然而,他/她仍無法獲取原始訊息的內容。相反,知道第二個見證的用戶不僅可以驗證預簽章,還能解除遮蔽訊息,將預簽章轉換為另一個公開可驗證的 full-2 簽章,該簽章可以使用原始訊息進行驗證。 | zh_TW |
| dc.description.abstract (摘要) | The adaptor signature is a new cryptographic primitive that has emerged as a promising approach to addressing scalability issues in blockchain technology by binding a secret leakage value to a signature. It facilitates the transformation of a pre-signature form into a complete signature by the witness of a hard relation.
In this paper, we propose a novel adaptor signature scheme, which we call the 'Two-tier Adaptor Signature'. Our scheme is characterized by involving two hard relations pairs, that is, two different instance/witness pairs. The user who knows the first witness can verify the pre-signature and convert it into full-1 signature; the user who knows the second witness also can verify the pre-signature and convert it into full-2 signature. Moreover, the proposed scheme designs the pre-signature as a blind designated signature. Signer uses his/her own secret key to generate the pre-signature and blind the original message into what we call here the 'Masking Message'. The user who knows the first witness can verify it and convert the designated verifier pre-signature into a publicly verifiable signature, the full-1 signature, which every user can verify with masking message. However he/she still can not obtain the information of original message. In contrast, the user who knows the second witness can not only verify the pre-signature but also unblind the masking message, converting the pre-signature into another publicly verifiable signature, the full-2 signature, which can be verified with the original message. | en_US |
| dc.description.tableofcontents | 1. Introduction 1
1.1 Motivation 3
1.2 Contributions 4
2. Related Work 5
3. Preliminaries 7
3.1 Notations 7
3.2 Mathematical Foundations 8
3.3 Hard Relation and Zero Knowledge Proof 8
3.4 Digital Signature 10
3.5 Adaptor Signature 10
3.6 Blindness 13
3.7 Designated Verifier 14
4. Two-tier Adaptor Signature 15
4.1 Two-tier Adaptor Signature Scheme 15
4.2 Instantiation 16
4.3 Security Proof 18
5. Performance and Experiments 41
5.1 Communication Costs 41
5.2 Computation Costs 41
6. Application 43
7. Conclusion 46
Reference 47 | zh_TW |
| dc.format.extent | 719973 bytes | - |
| dc.format.mimetype | application/pdf | - |
| dc.source.uri (資料來源) | http://thesis.lib.nccu.edu.tw/record/#G0111753147 | en_US |
| dc.subject (關鍵詞) | 適配性簽章 | zh_TW |
| dc.subject (關鍵詞) | 盲化 | zh_TW |
| dc.subject (關鍵詞) | 指定驗證者簽章 | zh_TW |
| dc.subject (關鍵詞) | 完整簽章 1 | zh_TW |
| dc.subject (關鍵詞) | 完整簽章 2 | zh_TW |
| dc.subject (關鍵詞) | 雙層適配性簽章 | zh_TW |
| dc.subject (關鍵詞) | Adaptor Signature | en_US |
| dc.subject (關鍵詞) | Blindness | en_US |
| dc.subject (關鍵詞) | Designated Verifier Signature | en_US |
| dc.subject (關鍵詞) | Full-1 Signature | en_US |
| dc.subject (關鍵詞) | Full-2 Signature | en_US |
| dc.subject (關鍵詞) | Two-tier Adaptor Signature | en_US |
| dc.title (題名) | 雙層式適配性簽章 | zh_TW |
| dc.title (題名) | Two-tier Adaptor Signature | en_US |
| dc.type (資料類型) | thesis | en_US |
| dc.relation.reference (參考文獻) | [1] Lukas Aumayr, Oguzhan Ersoy, and Andreas Erwig et al. Generalized channels from limited blockchain scripts and adaptor signatures. Cryptology ePrint Archive, (2021/542), 2021.
[2] Zijian Bao, Debiao He, and Cong Peng et al. An identity-based adaptor signature scheme and its applications in the blockchain system. IEEE Open Journal of the Computer Society, 4:231-242, 2023.
[3] David Chaum. Blind signatures for untraceable payments. In Advances in Cryptology - CRYPTO '82, pages 199-203. Springer, 1983.
[4] Marc Fischlin. Communication-efficient non-interactive proofs of knowledge with online extractors. In Advances in Cryptology - EUROCRYPT 2005. Springer, 2005.
[5] Jonathan Katz. Digital signatures: Background and definitions. Journal of Cryptology, 23(2):89-90, 2010.
[6] Yehuda Lindell. Fast secure two-party ECDSA signing. Cryptology ePrint Archive, (2017/552), 2017.
[7] Gregory Maxwell, Andrew Poelstra, and Yannick Seurin et al. Simple Schnorr multi-signatures with applications to bitcoin. Cryptology ePrint Archive, (2018/068), 2018.
[8] Pedro Moreno-Sanchez and Aniket Kate. Scriptless scripts with ECDSA. Ledger, 3:1-27, 2018. Online at https://doi.org/10.5195/ledger.2018.153.
[9] Satoshi Nakamoto. Bitcoin: A peer-to-peer electronic cash system, 2008. Available at: https://bitcoin.org/bitcoin.pdf.
[10] Andrew Poelstra, Yannick Seurin, and Pieter Wuille. Scriptless scripts: How bitcoin can support smart contracts without smart contracts. Cryptology ePrint Archive, (2017/1090), 2017.
[11] Joseph Poon and Thaddeus Dryja. The bitcoin lightning network: Scalable off-chain instant payments. Technical report, Lightning Labs, 2016. Online at https://lightning.network/lightning-network-paper.pdf.
[12] Xianrui Qin, Shimin Pan, and Arash Mirzaei et al. Blindhub: Bitcoin-compatible privacy-preserving payment channel hubs supporting variable amounts. IACR Cryptol. ePrint Arch., 2023. Report 2023/456.
[13] Shahrokh Saeednia, Steve Kremer, and Olivier Markowitch. An efficient strong designated verifier signature scheme. In Information Security and Cryptology - ICISC 2003. Springer, 2004. | zh_TW |
