SlideShare a Scribd company logo

COLLECTIVE SIGNATURE PROTOCOLS FOR SIGNING GROUPS BASED ON PROBLEM OF FINDING ROOTS MODULO LARGE PRIME NUMBER

β€’
β€’
IJNSA Journal
IJNSA Journal

Generally, digital signature algorithms are based on a single difficult computational problem like prime factorization problem, discrete logarithm problem, elliptic curve problem. There are also many other algorithms which are based on the hybrid combination of prime factorization problem and discrete logarithm problem. Both are true for different types of digital signatures like single digital signature, group digital signature, collective digital signature etc. In this paper we propose collective signature protocols for signing groups based on difficulty of problem of finding roots modulo large prime number. The proposed collective signatures protocols have significant merits one of which is connected with possibility of their practical using on the base of the existing public key infrastructures.

Engineering
1 of 11
Download to read offline
International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 DOI: 10.5121/ijnsa.2021.13405 59 COLLECTIVE SIGNATURE PROTOCOLS FOR SIGNING GROUPS BASED ON PROBLEM OF FINDING ROOTS MODULO LARGE PRIME NUMBER Tuan Nguyen Kim1 , Duy Ho Ngoc2 and Nikolay A. Moldovyan3 1 Faculty of Information Technology, Duy Tan University, Da Nang 550000, Vietnam 2 Department of Information Technology, Ha Noi, Vietnam 3 St. Petersburg Institute for Informatics and Automation of Russian Academy of Sciences, St. Petersburg, Russia ABSTRACT Generally, digital signature algorithms are based on a single difficult computational problem like prime factorization problem, discrete logarithm problem, elliptic curve problem. There are also many other algorithms which are based on the hybrid combination of prime factorization problem and discrete logarithm problem. Both are true for different types of digital signatures like single digital signature, group digital signature, collective digital signature etc. In this paper we propose collective signature protocols for signing groups based on difficulty of problem of finding roots modulo large prime number. The proposed collective signatures protocols have significant merits one of which is connected with possibility of their practical using on the base of the existing public key infrastructures. KEYWORDS Collective digital signature, group digital signature, signing group, finding roots modulo. 1. INTRODUCTION Digital signature (DS) protocols are widely used in information technologies to process electronic legal messages and documents. The DS protocols are based on DS schemes that represent a mathematical technique applied in public-key cryptography to validate the authenticity of digital messages or documents. Such validation is connected with the fact that DS as some redundant information can be computed only with using the private key that is known only to one person, i.e. to the signer. Verification of the signature validity is performed with signer’s public key that is known publicly. To solve a variety of different practical tasks, different types of signatures are proposed: Individual signature [1,8]; Blind signature [2,3]; Collective signature [4,7]; Group signature [5,10]. The group signature refers to a signature formed on behalf of a group of signers (signing group) headed by a person called group manager or leader [11].The group digital signature (GDS) to an electronic message is generated by a group member. To verify the group signature, group public key needs to be used. Except the group manager, nobody can disclose which particular group member signed the document. The group signature has the following important properties: Only group members can sign a document; Group manager, who has both document and valid group signature can reveal the group members signed the document; And, non-group members could not reveal the original signers, who generate the group signature [14].
International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 60 The collective signature refers to a signature generated with participation of each of the individual signers included in some declared set of signers. Validity of collective signature to some electronic document M means that M is signed by each of them. To generate a collective digital signature (CDS) it is needed each of the mentioned individual signers use his private key. The procedure of the verification of CDS is performed using public keys of each signer. The CDS protocols can be practically used on the base of the public key infrastructure (PKI) existing on practice to support the widely used individual DS protocols. In addition, another merit of the CDS protocols relates to possibility to implement them using many official DS standards [12], for example the Russian standard GOST R 34.10–2012 [13]. Combining the main properties of CDS and GDS in the frame of some single DS protocol [15] is very actual in the following cases: when an electronic document is to be processed and signed by several different signing groups; when an electronic document is to be processed and signed by several different signing groups and by several different individual signers. In this paper we propose the collective signature protocol for both cases, namely: Collective digital signature protocol for signing groups and Protocol of collective digital signature for group and individual signers. Generally, digital signature algorithms are based on a single difficult computational problem like prime factorization problem, discrete logarithm problem, elliptic curve problem or are based on the hybrid combination of prime factorization problem and discrete logarithm problem. We based on difficulty of the problem of finding roots modulo large prime number [16] to design our proposed collective signature protocols. 2. COLLECTIVE DIGITAL SIGNATURE BASED ON PROBLEM OF FINDING ROOTS MODULO LARGE PRIME NUMBER 2.1. Digital Signature Protocol New hard computational problem described in [16] is used in the digital signature scheme (DSS) described below. It uses the prime modulus having the structure p = Nk2 + 1, where k is a large prime (|k| ο‚³ 160 bits) and N is such even number that the size of p satisfies the condition |p| ο‚³ 1024 bits. A random value x is selected as a private key. The public key y is computed using the formula y = xk mod p. The signature represents a pair of the numbers S and E. The size of S is equal to |p| ο‚³ 1024 bits and size of E is equal to || ο‚³ 160 bits, where  is some specified prime number. Suppose a message M is given. The signature generation procedure is performed as follows: 1. Select at random a value t < p ο€­ 1 and calculate: 𝑅 = π‘‘π‘˜ π‘šπ‘œπ‘‘ 𝑝 (1) 2. Using some specified hash function FH(M) calculate the hash value H corresponding to the message M and compute the first element of the signature 𝐸 = 𝑓(𝑅, 𝑀) = 𝑅𝐻 π‘šπ‘œπ‘‘ , (2)
International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 61 where  is a large prime that is a parameter of the signature generation algorithm. For example, it is acceptable to use a randomly selected prime  such that||= 160. The function FH(M) is also a part of the DSS. For example, one can use the hash function SHA-1 recommended by US National Institute of Standards and technology (NIST). 3. Calculate the second element of the signature: 𝑆 = π‘₯𝑓(𝑅,𝑀) 𝑑 π‘šπ‘œπ‘‘ 𝑝 (3) The signature verification procedure is performed as follows: 1. Using the signature (E, S) compute: 𝑅 = π‘†π‘˜ 𝑦𝐸 π‘šπ‘œπ‘‘ 𝑝 (4) 2. Calculate: 𝐸′ = 𝑓(𝑅; 𝑀) = 𝑅𝐻 π‘šπ‘œπ‘‘  (5) 3. Compare Eο‚’ with E. If Eο‚’= E, then the signature is valid. The signature length is equal to |𝐸| + |𝑆| = || + |𝑝|ο‚» |𝑝|. The random value t plays the role of one-time secret key. It is unacceptable to use the same value t for the formation of signatures to two different documents, since in this case the private key can be calculated. Indeed, let (R, S1) and (R, S2) are the signature to the messages M1 and M2, respectively. We have 𝑆1 = 𝑦𝑓(𝑅,𝑀1) . 𝑅 π‘šπ‘œπ‘‘ 𝑝 (3a) and 𝑆2 = 𝑦𝑓(𝑅,𝑀2) . 𝑅 π‘šπ‘œπ‘‘ 𝑝 (3b) Therefore 𝑆1 π‘˜ 𝑆2 π‘˜ = 𝑦𝑓(𝑅,𝑀1)βˆ’π‘“(𝑅,𝑀2) (6) therefore π‘₯ = ( 𝑆1 𝑆2 ) 1/(𝑓(𝑅,𝑀1)βˆ’π‘“(𝑅,𝑀2)) π‘šπ‘œπ‘‘ 𝑝 (7) 2.2. Collective Signature Protocol Using the previously described digital signature scheme one can propose the following collective signature protocol. Suppose the j-th user owns the public key yj depending on his private key xj< p as follows: 𝑦𝑗 = π‘₯𝑗 π‘˜ mod p, where j = 1,2,…, s.
International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 62 Suppose an electronic document M is given and m(m < s) users owning the public keys y1, y2, …, ym should sign it simultaneously. The following protocol produces the collective digital signature: 1. Each jth user selects at random a value𝑑α𝑗 < 𝑝and computes the public value: 𝑅𝛼𝑗 = 𝑑𝛼𝑗 π‘˜ π‘šπ‘œπ‘‘π‘ (8) where j = 1,2, …, m. 2. Some of the users (or one of them) calculate the common randomization value: 𝑅 = ∏ 𝑅𝛼𝑗 π‘šπ‘œπ‘‘π‘ π‘š 𝑗=1 (9) and then calculate the first part of the CDS: 𝐸 = 𝑓(𝑅, 𝑀) where f is a specified compression function. For example, we will use the following function: 𝐸 = 𝑅𝐻 π‘šπ‘œπ‘‘  (10) where  is a large prime having length ||= 160 bit and H is a hash value computed from the message M. 3. Using the values R and 𝑑α𝑗 each jth user computes its share in the CDS: 𝑆𝛼𝑗 = π‘₯𝛼𝑗 𝑓(𝑅,𝑀) 𝑑𝛼𝑗 π‘šπ‘œπ‘‘ 𝑝 (11) that is supposed to be available to all users of the group. 4. Calculate the second element of the CDS: 𝑆 = ∏ 𝑆𝛼𝑗 π‘šπ‘œπ‘‘ 𝑝 π‘š 𝑗=1 (12) Thus, the CDS is computed with 2m modulo exponentiations. The CDS length is fixed and equals to|𝑆| + |𝛿|. The CDS verification procedure is performed as follows. 1. Compute the collective public key y: 𝑦 = ∏ 𝑦𝛼𝑗 π‘šπ‘œπ‘‘ 𝑝 π‘š 𝑗=1 (13) 2. Using the CDS (E; S) compute value 𝑅′ 𝑅′ = π‘†π‘˜ 𝑦𝐸 π‘šπ‘œπ‘‘ 𝑝 (14) 3. Compute 𝐸′ = 𝑓(𝑅′, 𝑀) = 𝑅′𝐻 π‘šπ‘œπ‘‘  4. Compare values Eο‚’and E. If Eο‚’= E, then the signature is valid. Otherwise the signature is false.
International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 63 3. COLLECTIVE DIGITAL SIGNATURE FOR SIGNING GROUPS BASED ON PROBLEM OF FINDING ROOTS MODULO LARGE PRIME NUMBER The GDS protocol presupposes the formation of a digital signature to some electronic document on behalf of some collegial body (group of signers, i.e. signing group), which is headed by a group manager. Each representative of a group of signers generates his private key x and his public key 𝑦 = π‘₯π‘˜ π‘šπ‘œπ‘‘ 𝑝. The public key Y of the group manager is a public key of the group and is calculated as follows π‘Œ = π‘‹π‘˜ π‘šπ‘œπ‘‘ 𝑝, where X is manager’s private key. The value Y is also the public key of the group, i.e. the value Y is used to verify authenticity of the GDS. Let m group members (having public keys 𝑦𝑖 = π‘₯𝑖 π‘˜ π‘šπ‘œπ‘‘ 𝑝and corresponding private keys xi , i = 1, 2, …, m) wish to sign the document M. The group signature protocol is described as follows: ο‚· Signature generation: 1. The group manager computes hash value from document 𝐻 = 𝐹𝐻(𝑀), where 𝐹𝐻 is some specified hash function, calculates masking coefficients 𝑖 = 𝐹𝐻(𝐻 || 𝑦𝑖|| 𝐹𝐻(𝐻 ||𝑦𝑖|| 𝑋)) (15) and sends each value i to the corresponding i-th group member, for i=1, 2, .., m. Then the group manager computes the first element of the group signature: π‘ˆ = ∏ 𝑦𝑖 𝑖 π‘šπ‘œπ‘‘ 𝑝 π‘š 𝑖=1 (16) 2. Each i-th group member (i = 1, 2, …, m) generates a random number ti < p-1, computes the value: 3. 𝑅𝑖 = 𝑑𝑖 π‘˜ π‘šπ‘œπ‘‘ 𝑝 (17) and sends Ri to the group manager. 4. The group manager generates the random number T < p-1 and computes the values 5. 𝑅′ = π‘‡π‘˜ π‘šπ‘œπ‘‘ 𝑝, (18) 𝑅 = 𝑅′ ∏ 𝑅𝑖 π‘š 𝑖=1 π‘šπ‘œπ‘‘ 𝑝 = (𝑇. ∏ 𝑑𝑖 π‘š 𝑖=1 )π‘˜ , (19) and 𝐸 = 𝐹𝐻(𝑀||𝑅||π‘ˆ) π‘šπ‘œπ‘‘ , (20) where is a large prime having length ||= 160 bit,E is the second element of the group signature. Then he sends value E to all group members who have initiated the protocol. 6. Each i-th group member (i = 1, 2, …, m) computes his signature share 𝑆𝑖 = π‘₯𝑖 𝐸𝑖 .𝑑𝑖 π‘šπ‘œπ‘‘ 𝑝 (21)
International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 64 and sends it to the group manager. 7. The group manager verifies the correctness of each share Si by checking equality 8. 𝑅𝑖 = 𝑆𝑖 π‘˜ 𝑦𝑖 βˆ’πΈο¬π‘– π‘šπ‘œπ‘‘ 𝑝 (22) If all signature shares Si satisfy the last verification equation, then he computes his share 𝑆′ = 𝑋𝐸 . 𝑇 π‘šπ‘œπ‘‘ 𝑝 (23) and the third element of the group signature 𝑆 = 𝑆′. ∏ 𝑆𝑖 π‘šπ‘œπ‘‘ 𝑝 π‘š 𝑖=1 (24) ο‚· Signature verification: The verification procedure includes the following steps: 1. The verifier computes the hash-function value from the document M: H = FH(M). Using the group public key Y and signature (U, E, S) he computes value: 𝑅* = 𝑆k (π‘Œπ‘ˆ)-E π‘šπ‘œπ‘‘ 𝑝 (25) 2. He computes value 3. 𝐸* = 𝐹H(𝑀 || 𝑅* || π‘ˆ) (26) 4. Compares the values E and E. If E* = E, then the verifier concludes that the group signature is valid. Otherwise, he rejects the signature. ο‚· Proof of correctness: Let us show that the proposed protocol generating the CDS (U, e, s) works correctly. Substituting the value: 𝑆 = 𝑆′. ∏ 𝑆𝑖 π‘š 𝑖=1 π‘šπ‘œπ‘‘ 𝑝, π‘Œ = π‘‹π‘˜ π‘šπ‘œπ‘‘ 𝑝 And π‘ˆ = ∏ 𝑦𝑖 𝑖 π‘šπ‘œπ‘‘ 𝑝 π‘š 𝑖=1 in the right part of the verification equation (25): 𝑅* = 𝑆k (π‘Œπ‘ˆ)-E π‘šπ‘œπ‘‘ 𝑝 we get: π‘…βˆ— = π‘†π‘˜ (π‘Œπ‘ˆ)βˆ’πΈ π‘šπ‘œπ‘‘ 𝑝 = (𝑋𝐸 . 𝑇 ∏ π‘₯𝑖 𝐸𝑖 .𝑑𝑖) π‘š 𝑖=1 π‘˜ (π‘‹π‘˜ . 𝑇 ∏ 𝑦𝑖 𝑖 ) π‘š 𝑖=1 βˆ’πΈ
International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 65 = π‘‹π‘˜πΈ . (𝑇 ∏π‘₯𝑖 𝐸𝑖 . 𝑑𝑖) π‘š 𝑖=1 π‘˜ π‘‹βˆ’π‘˜πΈ . (𝑇 ∏ 𝑦𝑖 π‘˜ο¬π‘– ) π‘š 𝑖=1 βˆ’πΈ = π‘‡π‘˜ . ∏ 𝑑𝑖 π‘˜ π‘š 𝑖=1 π‘šπ‘œπ‘‘ 𝑝 = 𝑅 It is easy to see that the value: 𝐷 = ∏ 𝑆𝑖 π‘š 𝑖=1 π‘šπ‘œπ‘‘ 𝑝 (27) can be considered as a "group pre-signature" approving of which is performed by the group manager with adding his signature share S’. The value is actually calculated analogously to the computation of the collective signature in the protocols [5,6]. The main difference between the described GDS protocol and collective DS protocols [5,6] is using the masking coefficients i at time of generating the collective public key U, which is used as the first element of the GDS. The value U conserves the information about all group members who participated in the process of generating the GDS. It is easy to see that only the group manager can open the GDS, using the value U, since only he can compute the masking values i. In the protocol developed in this paper it is also used the mechanism of the formation of the collective DS. Namely, this mechanism is used in the following two ways: i) to form a pre- signature and ii) to form a collective signature shared by several signing groups. Let g signing groups with public keysπ‘Œ 𝑗 = 𝑋𝑗 π‘˜ π‘šπ‘œπ‘‘ 𝑝, where j = 1,2, …, g; Xj is the secret key of the j-th group manager, have intention to sign the document M. Suppose also the j-th signing group includes mj active individual signers (persons appointed to act on behalf of the j-th signing group). The protocol of collective signature for group signers is described as follows. The signature generation procedure relating to the proposed collective DS protocol for signing groups: 1. Within the framework of the GDS protocol described above, the manager of each j-group of signers (j = 1, 2,.., g) generates masking parameters ji for the signers of his group and computes the value: π‘ˆπ‘— = ∏ 𝑦𝑗𝑖 𝑗𝑖 π‘šπ‘— 𝑖=1 π‘šπ‘œπ‘‘ 𝑝 (28) (where i = 1,2,…, mj) as the j-th share in the first element of the collective group signature and the randomizing parameter: 𝑅𝑗 = 𝑅′𝑗 ∏ 𝑅𝑗𝑖 π‘šπ‘— 𝑖=1 π‘šπ‘œπ‘‘ 𝑝 (29) Then he sends values Uj and Rj to all other managers. 2. Each j-th group manager (j = 1, 2, …, g) computes values π‘ˆ = ∏ π‘ˆπ‘— 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝, 𝑅 = ∏ 𝑅𝑗 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝, (30)
International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 66 And 𝐸 = 𝐹𝐻(𝑀||𝑅||π‘ˆ) π‘šπ‘œπ‘‘ , (31) where  is a large prime having length ||= 160 bit, E and U are the first and second elements of the group signature. 3. Each j-th group manager (j = 1, 2, …, g) computes signature share of his group 𝑆𝑗 = 𝑆′𝑗 ∏ 𝑆𝑗𝑖 π‘šπ‘— 𝑖=1 π‘šπ‘œπ‘‘ 𝑝, (32) where Sji is the signature share of the ith individual signer in the ith signing group, and sends it to other group managers. 4. Each j-th group manager can verify the correctness of each share Sj by checking equality 5. 𝑅𝑗 = 𝑆𝑗 π‘˜ (π‘Œ π‘—π‘ˆπ‘—)βˆ’πΈ π‘šπ‘œπ‘‘ 𝑝. (33) If all shares Sj satisfy the last verification equation, then the third element S of the collective signature is computed: 𝑆 = ∏ 𝑆𝑗 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝 (34) The tuple (U, E, S) generated by the above procedure presents the collective signature (to the document M) shared by g signing groups. ο‚· Signature Verification: The signature verification procedure relating to the proposed collective DS protocol for signing groups: 1. Compute the collective public key shared by all signing groups: π‘Œπ‘π‘œπ‘™ = ∏ π‘Œ 𝑗 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝 = (∏ 𝑋𝑗 𝑔 𝑗=1 )π‘˜ π‘šπ‘œπ‘‘ 𝑝 (35) 2. Compute the value: 𝑅* = 𝑆k (π‘ˆπ‘Œcol)-E π‘šπ‘œπ‘‘ 𝑝 (36) 3. Compute the value: 𝐸* = 𝐹H(𝑀 || 𝑅* || π‘ˆ) (37) 4. Compare the values E and E*. If E* = E, then one concludes that the group signature is valid. Otherwise, the signature is rejected. ο‚· Proof of correctness: Substituting the value: 𝑆 = ∏ 𝑆𝑗 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝,π‘ˆ = ∏ π‘ˆπ‘— 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝, π‘Œπ‘π‘œπ‘™ = βˆπ‘Œ 𝑗 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝
International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 67 in the right part of the verification equation (36): 𝑅* = 𝑆k (π‘ˆπ‘Œcol)-E π‘šπ‘œπ‘‘ 𝑝 we get: π‘…βˆ— = π‘†π‘˜ (π‘ˆπ‘Œπ‘π‘œπ‘™)βˆ’πΈ π‘šπ‘œπ‘‘ 𝑝 = (∏ 𝑆𝑗)π‘˜ 𝑔 𝑗=1 (∏ π‘ˆπ‘— 𝑔 𝑗=1 βˆπ‘Œ 𝑗 𝑔 𝑗=1 )βˆ’πΈ π‘šπ‘œπ‘‘ 𝑝 = ∏ 𝑆𝑗 π‘˜ (π‘ˆπ‘—π‘Œ 𝑗)βˆ’πΈ 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝 = ∏ 𝑅𝑗 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝 = 𝑅 The first element U of the collective signature contains information about all group members of each signing group who signed the document M. The identification procedure (the disclosure of the group signature) is carried out by analogy with the procedure for disclosing the group signature described in [9]. It should be noted that the procedure for identifying individual signers requires the participation of the group managers of each group that share the collective signature. At the same time, the computational complexity of this procedure is relatively high and rapidly increases with the growth of number of the signing groups that share collective signature. In the proposed collective DS scheme the signature verification procedure includes the steps of the verification procedure in the group signature scheme and an additional initial step for computing the collective public key (step 1). In the signature verification equation it is used the collective public key Ycol instead of the group public key. 4. PROTOCOL OF COLLECTIVE DIGITAL SIGNATURE FOR GROUP AND INDIVIDUAL SIGNERS Another important practical scenario relates to the processing document M by several individual signers and by several group signers. Construction of the collective signature protocol (in Section 2) for such case can be implemented in full correspondence with the collective signature protocol for group signers described in Section 3, if it is accepted an agreement that for individual signers the value Uj is equal to 1. It is evident that only all group managers act in the procedure of disclosing the collective group signature (identification of the individual signers acted in the frame of each group signer). 5. CONCLUSION In paper [16], Nicolay A. Moldovyan based on difficulty of finding the kth roots in the finite fields GF(p) such that p = Nk2 + 1, where k is sufficiently large prime having the size |k|> 160 bits and N is even number such that the size of p is |p|> 1024 bits, to propose a collective digital signature scheme. This is the basis for us design collective signature protocols for signing groups based on problem of finding roots modulo large prime numbers: Collective digital signature for signing groups and Collective digital signature for group and individual signers. Both are extensions of collective digital signatures that combine the advantages of group digital signatures
International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 68 and collective digital signatures. Their size does not depend on the number of members involved in the formation of the final signature. In each turn, we presented the signature generation process, the signature verification process, as well as demonstrate the correctness of this verification process. We also set all our hope on our future work to develop the collective signature schemes of the proposed types, in which the signature contains only two elements E and S. REFERENCES [1] National Institute of Standards and Technology,β€œDigital Signature Standard”,FIPS Publication 186- 3, (2009). [2] Chaum D.,β€œBlind Signatures for Untraceable Payments”, Advances in Cryptology: Proc. of CRYPTO’82, Plenum Press, p. 199–203, (1983). [3] Camenisch J.L., Piveteau J.-M. and Stadler M.A,β€œBlind Signatures Based on the Discrete Logarithm Problem”, In: Advances in Crypology – EUROCRYPT'94 Proc, Lecture Notes in Computer Science, Springer-Verlag, Berlin Heidelberg New York, Vol. 950, 428–432, (1995). [4] Minh N. H., Binh D. V., Giang N. T. and Moldovyan N. A. β€œBlind Signature Protocol Based on Difficulty of Simultaneous Solving Two Difficult Problems”, Applied Mathematical Sciences,No.6, 6903–6910, (2012). [5] Moldovyan N.A, β€œBlind Signature Protocols from Digital Signature Standards”, Int. Journal of Network Security,No. 13, 22–30, (2011). [6] Moldovyan N.A,β€œBlind Collective Signature Protocol”, Computer Science Journal of Moldova,No. 19, 80–91, (2011). [7] Moldovyan N.A. and Moldovyan A.A, β€œBlind Collective Signature Protocol Based on Discrete Logarithm Problem”, Int. Journal of Network Security, No.11, 106–113, (2010). [8] Pieprzyk J., HardjonoTh. and Seberry J.,β€œFundamentals of Computer Security”, Springer-verlag, Berlin, (2003). [9] Moldovyan A.A. and Moldovyan N.A,β€œGroup signature protocol based on masking public keys,Quasigroups and related systems, No. 22, 133–140, (2014). [10] Seetha R. and Saravanan R,β€œDigital Signature Schemes for group communication: A Survey”, International Journal of Applied Engineering Research, No.11, 4416–4422, (2016). [11] Enache A.-C,β€œAbout Group Digital Signatures”, Journal of Mobile, Embedded and Distributed Systems, No.IV, 193–202, (2012). [12] International Standard ISO/IEC 14888-3:2006(E), Information technology –Security techniques – Digital Signatures with appendix – Part 3: Discrete logarithm based mechanisms. [13] GOST R 34.10-2001 and Russian Federation Standard, Information Technology,β€œCryptographic data Security. Produce and check procedures of Electronic Digital Signature”, Government Committee of the Russia for Standards, (2012). [14] Rajasree R.S,β€œGeneration of Dynamic Group Digital Signature”, International Journal of Computer Applications, No.98, 1–5, (2014). [15] Moldovyan N.A., Nguyen Hieu Minh, Dao Tuan Hung and Tran Xuan Kien,β€œGroup Signature Protocol Based on Collective Signature Protocol and Masking Public Keys Mechanism”, International Journal of Emerging Technology and Advanced Engineering, No.6, 1–5, (2016). [16] Moldovyan N.A,β€œDigital Signature Scheme Based on a New Hard Problem”, Computer Science Journal of Moldova, No.16, 163–18, (2008).
International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 69 AUTHORS Tuan Nguyen Kim was born in 1969, received B.E., and M.E from Hue University of Sciences in 1994, and from Hanoi University of Technology in 1998. He has been a lecturer at Hue University since 1996. From 2011 to the present (2021) he is a lecturer at School of Computer Science, Duy Tan University, Da Nang, Vietnam. His main research interests include Computer Network Technology and Information Security. Duy Ho Ngoc was born in 1982. He received his Ph.D. in Cybersecurity in 2007 from LETI University, St. Petersburg, Russia Federation. He has authored more than 45 scientific articles in cybersecurity. Nikolay A. Moldovyan is an honored inventor of Russian Federation (2002), a laboratory head at St. Petersburg Institute for Informatics and Automation of Russian Academy of Sciences, and a Professor with the St. Petersburg State Electrotechnical University. His research interests include computer security and cryptography. He has authored or co-authored more than 60 inventions and 220 scientific articles, books, and reports. He received his Ph.D. from the Academy of Sciences of Moldova (1981).

Recommended

CONSTRUCTING THE 2-ELEMENT AGDS PROTOCOL BASED ON THE DISCRETE LOGARITHM PROBLEM
CONSTRUCTING THE 2-ELEMENT AGDS PROTOCOL BASED ON THE DISCRETE LOGARITHM PROBLEMCONSTRUCTING THE 2-ELEMENT AGDS PROTOCOL BASED ON THE DISCRETE LOGARITHM PROBLEM
CONSTRUCTING THE 2-ELEMENT AGDS PROTOCOL BASED ON THE DISCRETE LOGARITHM PROBLEMIJNSA Journal
Β 
Blind multi-signature scheme based on factoring and discrete logarithm problem
Blind multi-signature scheme based on factoring and discrete logarithm problemBlind multi-signature scheme based on factoring and discrete logarithm problem
Blind multi-signature scheme based on factoring and discrete logarithm problemTELKOMNIKA JOURNAL
Β 
Proposing an Encryption Algorithm based on DES
Proposing an Encryption Algorithm based on DESProposing an Encryption Algorithm based on DES
Proposing an Encryption Algorithm based on DESInternational Journal of Science and Research (IJSR)
Β 
N33066069
N33066069N33066069
N33066069IJERA Editor
Β 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER) International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER) ijceronline
Β 
Digital signature
Digital signatureDigital signature
Digital signatureCoders Hub
Β 
Digital Signature Certificate
Digital Signature CertificateDigital Signature Certificate
Digital Signature Certificatehome
Β 
DYNAMIC SESSION KEY EXCHANGE METHOD USING TWO S-BOXES
DYNAMIC SESSION KEY EXCHANGE METHOD USING TWO S-BOXESDYNAMIC SESSION KEY EXCHANGE METHOD USING TWO S-BOXES
DYNAMIC SESSION KEY EXCHANGE METHOD USING TWO S-BOXESIJCSEA Journal
Β 

Recommended

CONSTRUCTING THE 2-ELEMENT AGDS PROTOCOL BASED ON THE DISCRETE LOGARITHM PROBLEM
CONSTRUCTING THE 2-ELEMENT AGDS PROTOCOL BASED ON THE DISCRETE LOGARITHM PROBLEMCONSTRUCTING THE 2-ELEMENT AGDS PROTOCOL BASED ON THE DISCRETE LOGARITHM PROBLEM
CONSTRUCTING THE 2-ELEMENT AGDS PROTOCOL BASED ON THE DISCRETE LOGARITHM PROBLEMIJNSA Journal
Β 
Blind multi-signature scheme based on factoring and discrete logarithm problem
Blind multi-signature scheme based on factoring and discrete logarithm problemBlind multi-signature scheme based on factoring and discrete logarithm problem
Blind multi-signature scheme based on factoring and discrete logarithm problemTELKOMNIKA JOURNAL
Β 
Proposing an Encryption Algorithm based on DES
Proposing an Encryption Algorithm based on DESProposing an Encryption Algorithm based on DES
Proposing an Encryption Algorithm based on DESInternational Journal of Science and Research (IJSR)
Β 
N33066069
N33066069N33066069
N33066069IJERA Editor
Β 
International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER) International Journal of Computational Engineering Research(IJCER)
International Journal of Computational Engineering Research(IJCER) ijceronline
Β 
Digital signature
Digital signatureDigital signature
Digital signatureCoders Hub
Β 
Digital Signature Certificate
Digital Signature CertificateDigital Signature Certificate
Digital Signature Certificatehome
Β 
DYNAMIC SESSION KEY EXCHANGE METHOD USING TWO S-BOXES
DYNAMIC SESSION KEY EXCHANGE METHOD USING TWO S-BOXESDYNAMIC SESSION KEY EXCHANGE METHOD USING TWO S-BOXES
DYNAMIC SESSION KEY EXCHANGE METHOD USING TWO S-BOXESIJCSEA Journal
Β 
H42054550
H42054550H42054550
H42054550IJERA Editor
Β 
3d
3d3d
3dDivyaprathapraju Divyaprathapraju
Β 
Reports on Fairness aware and privacy preserving friend matching protocol in ...
Reports on Fairness aware and privacy preserving friend matching protocol in ...Reports on Fairness aware and privacy preserving friend matching protocol in ...
Reports on Fairness aware and privacy preserving friend matching protocol in ...Shailesh kumar
Β 
3dpassword
3dpassword3dpassword
3dpasswordDivyaprathapraju Divyaprathapraju
Β 
An efficient distributed group key management using hierarchical approach wit...
An efficient distributed group key management using hierarchical approach wit...An efficient distributed group key management using hierarchical approach wit...
An efficient distributed group key management using hierarchical approach wit...Alexander Decker
Β 
security framework
security frameworksecurity framework
security frameworkJihad Labban
Β 
PROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLES
PROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLESPROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLES
PROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLESIJNSA Journal
Β 
How encryption works
How encryption worksHow encryption works
How encryption worksRaxTonProduction
Β 
Compressed Image Authentication using CDMA Watermarking and EMRC6 Encryption
Compressed Image Authentication using CDMA Watermarking and EMRC6 EncryptionCompressed Image Authentication using CDMA Watermarking and EMRC6 Encryption
Compressed Image Authentication using CDMA Watermarking and EMRC6 EncryptionAl musanna College of Technology.,Sultanate of Oman
Β 
IRJET- A Work Paper on Email Server using 3DES
IRJET- A Work Paper on Email Server using 3DESIRJET- A Work Paper on Email Server using 3DES
IRJET- A Work Paper on Email Server using 3DESIRJET Journal
Β 
Security analysis of fbdk block cipher for digital images
Security analysis of fbdk block cipher for digital imagesSecurity analysis of fbdk block cipher for digital images
Security analysis of fbdk block cipher for digital imageseSAT Journals
Β 
A Universal Bit Level Block Encoding Technique Using Session Based Symmetric ...
A Universal Bit Level Block Encoding Technique Using Session Based Symmetric ...A Universal Bit Level Block Encoding Technique Using Session Based Symmetric ...
A Universal Bit Level Block Encoding Technique Using Session Based Symmetric ...ijait
Β 
Dft based individual extraction of steganographic compression of images
Dft based individual extraction of steganographic compression of imagesDft based individual extraction of steganographic compression of images
Dft based individual extraction of steganographic compression of imageseSAT Publishing House
Β 
Dft based individual extraction of steganographic compression of images
Dft based individual extraction of steganographic compression of imagesDft based individual extraction of steganographic compression of images
Dft based individual extraction of steganographic compression of imageseSAT Journals
Β 
A new ids scheme against blackhole attack to enhance security in wireless net...
A new ids scheme against blackhole attack to enhance security in wireless net...A new ids scheme against blackhole attack to enhance security in wireless net...
A new ids scheme against blackhole attack to enhance security in wireless net...eSAT Journals
Β 
New Approach for Keys Distribution Through Publish/Subscribe Protocols
New Approach for Keys Distribution Through Publish/Subscribe ProtocolsNew Approach for Keys Distribution Through Publish/Subscribe Protocols
New Approach for Keys Distribution Through Publish/Subscribe ProtocolsIJCSIS Research Publications
Β 
A Novel Key Distribution Scheme f or a Visual Crypto System
A Novel Key Distribution Scheme f or a Visual Crypto SystemA Novel Key Distribution Scheme f or a Visual Crypto System
A Novel Key Distribution Scheme f or a Visual Crypto SystemIRJET Journal
Β 
Ijnsa050213
Ijnsa050213Ijnsa050213
Ijnsa050213IJNSA Journal
Β 
Constructing New Collective Signature Schemes Base on Two Hard Problems Facto...
Constructing New Collective Signature Schemes Base on Two Hard Problems Facto...Constructing New Collective Signature Schemes Base on Two Hard Problems Facto...
Constructing New Collective Signature Schemes Base on Two Hard Problems Facto...IJCNCJournal
Β 
CONSTRUCTING NEW COLLECTIVE SIGNATURE SCHEMES BASE ON TWO HARD PROBLEMS FACTO...
CONSTRUCTING NEW COLLECTIVE SIGNATURE SCHEMES BASE ON TWO HARD PROBLEMS FACTO...CONSTRUCTING NEW COLLECTIVE SIGNATURE SCHEMES BASE ON TWO HARD PROBLEMS FACTO...
CONSTRUCTING NEW COLLECTIVE SIGNATURE SCHEMES BASE ON TWO HARD PROBLEMS FACTO...IJCNCJournal
Β 
Identity-based threshold group signature scheme based on multiple hard number...
Identity-based threshold group signature scheme based on multiple hard number...Identity-based threshold group signature scheme based on multiple hard number...
Identity-based threshold group signature scheme based on multiple hard number...IJECEIAES
Β 
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECCAN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECCijcisjournal
Β 

More Related Content

What's hot

Reports on Fairness aware and privacy preserving friend matching protocol in ...
Reports on Fairness aware and privacy preserving friend matching protocol in ...Reports on Fairness aware and privacy preserving friend matching protocol in ...
Reports on Fairness aware and privacy preserving friend matching protocol in ...Shailesh kumar
Β 
An efficient distributed group key management using hierarchical approach wit...
An efficient distributed group key management using hierarchical approach wit...An efficient distributed group key management using hierarchical approach wit...
An efficient distributed group key management using hierarchical approach wit...Alexander Decker
Β 
security framework
security frameworksecurity framework
security frameworkJihad Labban
Β 
PROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLES
PROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLESPROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLES
PROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLESIJNSA Journal
Β 
How encryption works
How encryption worksHow encryption works
How encryption worksRaxTonProduction
Β 
IRJET- A Work Paper on Email Server using 3DES
IRJET- A Work Paper on Email Server using 3DESIRJET- A Work Paper on Email Server using 3DES
IRJET- A Work Paper on Email Server using 3DESIRJET Journal
Β 
Security analysis of fbdk block cipher for digital images
Security analysis of fbdk block cipher for digital imagesSecurity analysis of fbdk block cipher for digital images
Security analysis of fbdk block cipher for digital imageseSAT Journals
Β 
A Universal Bit Level Block Encoding Technique Using Session Based Symmetric ...
A Universal Bit Level Block Encoding Technique Using Session Based Symmetric ...A Universal Bit Level Block Encoding Technique Using Session Based Symmetric ...
A Universal Bit Level Block Encoding Technique Using Session Based Symmetric ...ijait
Β 
Dft based individual extraction of steganographic compression of images
Dft based individual extraction of steganographic compression of imagesDft based individual extraction of steganographic compression of images
Dft based individual extraction of steganographic compression of imageseSAT Publishing House
Β 
Dft based individual extraction of steganographic compression of images
Dft based individual extraction of steganographic compression of imagesDft based individual extraction of steganographic compression of images
Dft based individual extraction of steganographic compression of imageseSAT Journals
Β 
A new ids scheme against blackhole attack to enhance security in wireless net...
A new ids scheme against blackhole attack to enhance security in wireless net...A new ids scheme against blackhole attack to enhance security in wireless net...
A new ids scheme against blackhole attack to enhance security in wireless net...eSAT Journals
Β 
New Approach for Keys Distribution Through Publish/Subscribe Protocols
New Approach for Keys Distribution Through Publish/Subscribe ProtocolsNew Approach for Keys Distribution Through Publish/Subscribe Protocols
New Approach for Keys Distribution Through Publish/Subscribe ProtocolsIJCSIS Research Publications
Β 
A Novel Key Distribution Scheme f or a Visual Crypto System
A Novel Key Distribution Scheme f or a Visual Crypto SystemA Novel Key Distribution Scheme f or a Visual Crypto System
A Novel Key Distribution Scheme f or a Visual Crypto SystemIRJET Journal
Β 

What's hot (18)

H42054550
H42054550H42054550
H42054550
Β 
3d
3d3d
3d
Β 
Reports on Fairness aware and privacy preserving friend matching protocol in ...
Reports on Fairness aware and privacy preserving friend matching protocol in ...Reports on Fairness aware and privacy preserving friend matching protocol in ...
Reports on Fairness aware and privacy preserving friend matching protocol in ...
Β 
3dpassword
3dpassword3dpassword
3dpassword
Β 
An efficient distributed group key management using hierarchical approach wit...
An efficient distributed group key management using hierarchical approach wit...An efficient distributed group key management using hierarchical approach wit...
An efficient distributed group key management using hierarchical approach wit...
Β 
security framework
security frameworksecurity framework
security framework
Β 
PROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLES
PROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLESPROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLES
PROVABLE SECURE IDENTITY BASED SIGNCRYPTION SCHEMES WITHOUT RANDOM ORACLES
Β 
How encryption works
How encryption worksHow encryption works
How encryption works
Β 
Compressed Image Authentication using CDMA Watermarking and EMRC6 Encryption
Compressed Image Authentication using CDMA Watermarking and EMRC6 EncryptionCompressed Image Authentication using CDMA Watermarking and EMRC6 Encryption
Compressed Image Authentication using CDMA Watermarking and EMRC6 Encryption
Β 
IRJET- A Work Paper on Email Server using 3DES
IRJET- A Work Paper on Email Server using 3DESIRJET- A Work Paper on Email Server using 3DES
IRJET- A Work Paper on Email Server using 3DES
Β 
Security analysis of fbdk block cipher for digital images
Security analysis of fbdk block cipher for digital imagesSecurity analysis of fbdk block cipher for digital images
Security analysis of fbdk block cipher for digital images
Β 
A Universal Bit Level Block Encoding Technique Using Session Based Symmetric ...
A Universal Bit Level Block Encoding Technique Using Session Based Symmetric ...A Universal Bit Level Block Encoding Technique Using Session Based Symmetric ...
A Universal Bit Level Block Encoding Technique Using Session Based Symmetric ...
Β 
Dft based individual extraction of steganographic compression of images
Dft based individual extraction of steganographic compression of imagesDft based individual extraction of steganographic compression of images
Dft based individual extraction of steganographic compression of images
Β 
Dft based individual extraction of steganographic compression of images
Dft based individual extraction of steganographic compression of imagesDft based individual extraction of steganographic compression of images
Dft based individual extraction of steganographic compression of images
Β 
A new ids scheme against blackhole attack to enhance security in wireless net...
A new ids scheme against blackhole attack to enhance security in wireless net...A new ids scheme against blackhole attack to enhance security in wireless net...
A new ids scheme against blackhole attack to enhance security in wireless net...
Β 
New Approach for Keys Distribution Through Publish/Subscribe Protocols
New Approach for Keys Distribution Through Publish/Subscribe ProtocolsNew Approach for Keys Distribution Through Publish/Subscribe Protocols
New Approach for Keys Distribution Through Publish/Subscribe Protocols
Β 
A Novel Key Distribution Scheme f or a Visual Crypto System
A Novel Key Distribution Scheme f or a Visual Crypto SystemA Novel Key Distribution Scheme f or a Visual Crypto System
A Novel Key Distribution Scheme f or a Visual Crypto System
Β 
Ijnsa050213
Ijnsa050213Ijnsa050213
Ijnsa050213
Β 

Similar to COLLECTIVE SIGNATURE PROTOCOLS FOR SIGNING GROUPS BASED ON PROBLEM OF FINDING ROOTS MODULO LARGE PRIME NUMBER

Constructing New Collective Signature Schemes Base on Two Hard Problems Facto...
Constructing New Collective Signature Schemes Base on Two Hard Problems Facto...Constructing New Collective Signature Schemes Base on Two Hard Problems Facto...
Constructing New Collective Signature Schemes Base on Two Hard Problems Facto...IJCNCJournal
Β 
CONSTRUCTING NEW COLLECTIVE SIGNATURE SCHEMES BASE ON TWO HARD PROBLEMS FACTO...
CONSTRUCTING NEW COLLECTIVE SIGNATURE SCHEMES BASE ON TWO HARD PROBLEMS FACTO...CONSTRUCTING NEW COLLECTIVE SIGNATURE SCHEMES BASE ON TWO HARD PROBLEMS FACTO...
CONSTRUCTING NEW COLLECTIVE SIGNATURE SCHEMES BASE ON TWO HARD PROBLEMS FACTO...IJCNCJournal
Β 
Identity-based threshold group signature scheme based on multiple hard number...
Identity-based threshold group signature scheme based on multiple hard number...Identity-based threshold group signature scheme based on multiple hard number...
Identity-based threshold group signature scheme based on multiple hard number...IJECEIAES
Β 
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECCAN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECCijcisjournal
Β 
New Blind Muti-signature Schemes based on ECDLP
New Blind Muti-signature Schemes based on ECDLP New Blind Muti-signature Schemes based on ECDLP
New Blind Muti-signature Schemes based on ECDLP IJECEIAES
Β 
Low Power Elliptic Curve Digital Signature Design for Constrained Devices
Low Power Elliptic Curve Digital Signature Design for Constrained DevicesLow Power Elliptic Curve Digital Signature Design for Constrained Devices
Low Power Elliptic Curve Digital Signature Design for Constrained DevicesCSCJournals
Β 
Journal of Electronic & Information Systems | Vol.4, Iss.1 April 2022
Journal of Electronic & Information Systems | Vol.4, Iss.1 April 2022Journal of Electronic & Information Systems | Vol.4, Iss.1 April 2022
Journal of Electronic & Information Systems | Vol.4, Iss.1 April 2022Bilingual Publishing Group
Β 
Authentication system for e-certificate by using RSA’s digital signature
Authentication system for e-certificate by using RSA’s digital signatureAuthentication system for e-certificate by using RSA’s digital signature
Authentication system for e-certificate by using RSA’s digital signatureTELKOMNIKA JOURNAL
Β 
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol ijujournal
Β 
LSTM deep learning method for network intrusion detection system
LSTM deep learning method for network intrusion detection system LSTM deep learning method for network intrusion detection system
LSTM deep learning method for network intrusion detection system IJECEIAES
Β 
An Efficient Secured And Inspection of Malicious Node Using Double Encryption...
An Efficient Secured And Inspection of Malicious Node Using Double Encryption...An Efficient Secured And Inspection of Malicious Node Using Double Encryption...
An Efficient Secured And Inspection of Malicious Node Using Double Encryption...IRJET Journal
Β 
Elgamal signature for content distribution with network coding
Elgamal signature for content distribution with network codingElgamal signature for content distribution with network coding
Elgamal signature for content distribution with network codingijwmn
Β 
Generation of Anonymous Signature and Message using Identity Based Group Blin...
Generation of Anonymous Signature and Message using Identity Based Group Blin...Generation of Anonymous Signature and Message using Identity Based Group Blin...
Generation of Anonymous Signature and Message using Identity Based Group Blin...IDES Editor
Β 
A dynamic data encryption method based on addressing the data importance on ...
A dynamic data encryption method based on addressing the data importance on ...A dynamic data encryption method based on addressing the data importance on ...
A dynamic data encryption method based on addressing the data importance on ...IJECEIAES
Β 
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear Pairings
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear PairingsID-Based Directed Multi-Proxy Signature Scheme from Bilinear Pairings
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear PairingsCSCJournals
Β 
IRJET- Implementation of DNA Cryptography in Cloud Computing and using Socket...
IRJET- Implementation of DNA Cryptography in Cloud Computing and using Socket...IRJET- Implementation of DNA Cryptography in Cloud Computing and using Socket...
IRJET- Implementation of DNA Cryptography in Cloud Computing and using Socket...IRJET Journal
Β 
VECTOR QUANTIZATION FOR PRIVACY PRESERVING CLUSTERING IN DATA MINING
VECTOR QUANTIZATION FOR PRIVACY PRESERVING CLUSTERING IN DATA MININGVECTOR QUANTIZATION FOR PRIVACY PRESERVING CLUSTERING IN DATA MINING
VECTOR QUANTIZATION FOR PRIVACY PRESERVING CLUSTERING IN DATA MININGacijjournal
Β 
Steganographic Technique Using Instant Messaging Conversation Dynamics
Steganographic Technique Using Instant Messaging Conversation DynamicsSteganographic Technique Using Instant Messaging Conversation Dynamics
Steganographic Technique Using Instant Messaging Conversation DynamicsQUESTJOURNAL
Β 
A comprehensive study of distributed Denial-of-Service attack with the detect...
A comprehensive study of distributed Denial-of-Service attack with the detect...A comprehensive study of distributed Denial-of-Service attack with the detect...
A comprehensive study of distributed Denial-of-Service attack with the detect...IJECEIAES
Β 
Data Partitioning In Cloud Storage Using DESD Crypto Technique
Data Partitioning In Cloud Storage Using DESD Crypto TechniqueData Partitioning In Cloud Storage Using DESD Crypto Technique
Data Partitioning In Cloud Storage Using DESD Crypto TechniqueIJCSIS Research Publications
Β 

Similar to COLLECTIVE SIGNATURE PROTOCOLS FOR SIGNING GROUPS BASED ON PROBLEM OF FINDING ROOTS MODULO LARGE PRIME NUMBER (20)

Constructing New Collective Signature Schemes Base on Two Hard Problems Facto...
Constructing New Collective Signature Schemes Base on Two Hard Problems Facto...Constructing New Collective Signature Schemes Base on Two Hard Problems Facto...
Constructing New Collective Signature Schemes Base on Two Hard Problems Facto...
Β 
CONSTRUCTING NEW COLLECTIVE SIGNATURE SCHEMES BASE ON TWO HARD PROBLEMS FACTO...
CONSTRUCTING NEW COLLECTIVE SIGNATURE SCHEMES BASE ON TWO HARD PROBLEMS FACTO...CONSTRUCTING NEW COLLECTIVE SIGNATURE SCHEMES BASE ON TWO HARD PROBLEMS FACTO...
CONSTRUCTING NEW COLLECTIVE SIGNATURE SCHEMES BASE ON TWO HARD PROBLEMS FACTO...
Β 
Identity-based threshold group signature scheme based on multiple hard number...
Identity-based threshold group signature scheme based on multiple hard number...Identity-based threshold group signature scheme based on multiple hard number...
Identity-based threshold group signature scheme based on multiple hard number...
Β 
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECCAN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
AN EFFICIENT AND SECURE DIGITAL MULTI-SIGNATURE PROTOCOL BASED ON ECC
Β 
New Blind Muti-signature Schemes based on ECDLP
New Blind Muti-signature Schemes based on ECDLP New Blind Muti-signature Schemes based on ECDLP
New Blind Muti-signature Schemes based on ECDLP
Β 
Low Power Elliptic Curve Digital Signature Design for Constrained Devices
Low Power Elliptic Curve Digital Signature Design for Constrained DevicesLow Power Elliptic Curve Digital Signature Design for Constrained Devices
Low Power Elliptic Curve Digital Signature Design for Constrained Devices
Β 
Journal of Electronic & Information Systems | Vol.4, Iss.1 April 2022
Journal of Electronic & Information Systems | Vol.4, Iss.1 April 2022Journal of Electronic & Information Systems | Vol.4, Iss.1 April 2022
Journal of Electronic & Information Systems | Vol.4, Iss.1 April 2022
Β 
Authentication system for e-certificate by using RSA’s digital signature
Authentication system for e-certificate by using RSA’s digital signatureAuthentication system for e-certificate by using RSA’s digital signature
Authentication system for e-certificate by using RSA’s digital signature
Β 
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
Security Flows and Improvement of a Recent Ultra Light-Weight RFID Protocol
Β 
LSTM deep learning method for network intrusion detection system
LSTM deep learning method for network intrusion detection system LSTM deep learning method for network intrusion detection system
LSTM deep learning method for network intrusion detection system
Β 
An Efficient Secured And Inspection of Malicious Node Using Double Encryption...
An Efficient Secured And Inspection of Malicious Node Using Double Encryption...An Efficient Secured And Inspection of Malicious Node Using Double Encryption...
An Efficient Secured And Inspection of Malicious Node Using Double Encryption...
Β 
Elgamal signature for content distribution with network coding
Elgamal signature for content distribution with network codingElgamal signature for content distribution with network coding
Elgamal signature for content distribution with network coding
Β 
Generation of Anonymous Signature and Message using Identity Based Group Blin...
Generation of Anonymous Signature and Message using Identity Based Group Blin...Generation of Anonymous Signature and Message using Identity Based Group Blin...
Generation of Anonymous Signature and Message using Identity Based Group Blin...
Β 
A dynamic data encryption method based on addressing the data importance on ...
A dynamic data encryption method based on addressing the data importance on ...A dynamic data encryption method based on addressing the data importance on ...
A dynamic data encryption method based on addressing the data importance on ...
Β 
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear Pairings
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear PairingsID-Based Directed Multi-Proxy Signature Scheme from Bilinear Pairings
ID-Based Directed Multi-Proxy Signature Scheme from Bilinear Pairings
Β 
IRJET- Implementation of DNA Cryptography in Cloud Computing and using Socket...
IRJET- Implementation of DNA Cryptography in Cloud Computing and using Socket...IRJET- Implementation of DNA Cryptography in Cloud Computing and using Socket...
IRJET- Implementation of DNA Cryptography in Cloud Computing and using Socket...
Β 
VECTOR QUANTIZATION FOR PRIVACY PRESERVING CLUSTERING IN DATA MINING
VECTOR QUANTIZATION FOR PRIVACY PRESERVING CLUSTERING IN DATA MININGVECTOR QUANTIZATION FOR PRIVACY PRESERVING CLUSTERING IN DATA MINING
VECTOR QUANTIZATION FOR PRIVACY PRESERVING CLUSTERING IN DATA MINING
Β 
Steganographic Technique Using Instant Messaging Conversation Dynamics
Steganographic Technique Using Instant Messaging Conversation DynamicsSteganographic Technique Using Instant Messaging Conversation Dynamics
Steganographic Technique Using Instant Messaging Conversation Dynamics
Β 
A comprehensive study of distributed Denial-of-Service attack with the detect...
A comprehensive study of distributed Denial-of-Service attack with the detect...A comprehensive study of distributed Denial-of-Service attack with the detect...
A comprehensive study of distributed Denial-of-Service attack with the detect...
Β 
Data Partitioning In Cloud Storage Using DESD Crypto Technique
Data Partitioning In Cloud Storage Using DESD Crypto TechniqueData Partitioning In Cloud Storage Using DESD Crypto Technique
Data Partitioning In Cloud Storage Using DESD Crypto Technique
Β 

Recently uploaded

Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxupamatechverse
Β 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingrknatarajan
Β 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
Β 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
Β 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxpurnimasatapathy1234
Β 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Christo Ananth
Β 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
Β 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
Β 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations120cr0395
Β 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls in Nagpur High Profile
Β 
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...ranjana rawat
Β 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls in Nagpur High Profile
Β 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escortsranjana rawat
Β 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
Β 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
Β 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Dr.Costas Sachpazis
Β 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
Β 
Model Call Girl in Narela Delhi reach out to us at πŸ”8264348440πŸ”
Model Call Girl in Narela Delhi reach out to us at πŸ”8264348440πŸ”Model Call Girl in Narela Delhi reach out to us at πŸ”8264348440πŸ”
Model Call Girl in Narela Delhi reach out to us at πŸ”8264348440πŸ”soniya singh
Β 

Recently uploaded (20)

Introduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptxIntroduction and different types of Ethernet.pptx
Introduction and different types of Ethernet.pptx
Β 
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and workingUNIT-V FMM.HYDRAULIC TURBINE - Construction and working
UNIT-V FMM.HYDRAULIC TURBINE - Construction and working
Β 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
Β 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
Β 
Microscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptxMicroscopic Analysis of Ceramic Materials.pptx
Microscopic Analysis of Ceramic Materials.pptx
Β 
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Call for Papers - African Journal of Biological Sciences, E-ISSN: 2663-2187, ...
Β 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
Β 
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service NashikCollege Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
College Call Girls Nashik Nehal 7001305949 Independent Escort Service Nashik
Β 
Roadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and RoutesRoadmap to Membership of RICS - Pathways and Routes
Roadmap to Membership of RICS - Pathways and Routes
Β 
Extrusion Processes and Their Limitations
Extrusion Processes and Their LimitationsExtrusion Processes and Their Limitations
Extrusion Processes and Their Limitations
Β 
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur EscortsCall Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Call Girls Service Nagpur Tanvi Call 7001035870 Meet With Nagpur Escorts
Β 
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
(TARA) Talegaon Dabhade Call Girls Just Call 7001035870 [ Cash on Delivery ] ...
Β 
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service NashikCall Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Call Girls Service Nashik Vaishnavi 7001305949 Independent Escort Service Nashik
Β 
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
(MEERA) Dapodi Call Girls Just Call 7001035870 [ Cash on Delivery ] Pune Escorts
Β 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Β 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
Β 
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Structural Analysis and Design of Foundations: A Comprehensive Handbook for S...
Β 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
Β 
Model Call Girl in Narela Delhi reach out to us at πŸ”8264348440πŸ”
Model Call Girl in Narela Delhi reach out to us at πŸ”8264348440πŸ”Model Call Girl in Narela Delhi reach out to us at πŸ”8264348440πŸ”
Model Call Girl in Narela Delhi reach out to us at πŸ”8264348440πŸ”
Β 
β˜… CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
β˜… CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCRβ˜… CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
β˜… CALL US 9953330565 ( HOT Young Call Girls In Badarpur delhi NCR
Β 

COLLECTIVE SIGNATURE PROTOCOLS FOR SIGNING GROUPS BASED ON PROBLEM OF FINDING ROOTS MODULO LARGE PRIME NUMBER

  • 1. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 DOI: 10.5121/ijnsa.2021.13405 59 COLLECTIVE SIGNATURE PROTOCOLS FOR SIGNING GROUPS BASED ON PROBLEM OF FINDING ROOTS MODULO LARGE PRIME NUMBER Tuan Nguyen Kim1 , Duy Ho Ngoc2 and Nikolay A. Moldovyan3 1 Faculty of Information Technology, Duy Tan University, Da Nang 550000, Vietnam 2 Department of Information Technology, Ha Noi, Vietnam 3 St. Petersburg Institute for Informatics and Automation of Russian Academy of Sciences, St. Petersburg, Russia ABSTRACT Generally, digital signature algorithms are based on a single difficult computational problem like prime factorization problem, discrete logarithm problem, elliptic curve problem. There are also many other algorithms which are based on the hybrid combination of prime factorization problem and discrete logarithm problem. Both are true for different types of digital signatures like single digital signature, group digital signature, collective digital signature etc. In this paper we propose collective signature protocols for signing groups based on difficulty of problem of finding roots modulo large prime number. The proposed collective signatures protocols have significant merits one of which is connected with possibility of their practical using on the base of the existing public key infrastructures. KEYWORDS Collective digital signature, group digital signature, signing group, finding roots modulo. 1. INTRODUCTION Digital signature (DS) protocols are widely used in information technologies to process electronic legal messages and documents. The DS protocols are based on DS schemes that represent a mathematical technique applied in public-key cryptography to validate the authenticity of digital messages or documents. Such validation is connected with the fact that DS as some redundant information can be computed only with using the private key that is known only to one person, i.e. to the signer. Verification of the signature validity is performed with signer’s public key that is known publicly. To solve a variety of different practical tasks, different types of signatures are proposed: Individual signature [1,8]; Blind signature [2,3]; Collective signature [4,7]; Group signature [5,10]. The group signature refers to a signature formed on behalf of a group of signers (signing group) headed by a person called group manager or leader [11].The group digital signature (GDS) to an electronic message is generated by a group member. To verify the group signature, group public key needs to be used. Except the group manager, nobody can disclose which particular group member signed the document. The group signature has the following important properties: Only group members can sign a document; Group manager, who has both document and valid group signature can reveal the group members signed the document; And, non-group members could not reveal the original signers, who generate the group signature [14].
  • 2. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 60 The collective signature refers to a signature generated with participation of each of the individual signers included in some declared set of signers. Validity of collective signature to some electronic document M means that M is signed by each of them. To generate a collective digital signature (CDS) it is needed each of the mentioned individual signers use his private key. The procedure of the verification of CDS is performed using public keys of each signer. The CDS protocols can be practically used on the base of the public key infrastructure (PKI) existing on practice to support the widely used individual DS protocols. In addition, another merit of the CDS protocols relates to possibility to implement them using many official DS standards [12], for example the Russian standard GOST R 34.10–2012 [13]. Combining the main properties of CDS and GDS in the frame of some single DS protocol [15] is very actual in the following cases: when an electronic document is to be processed and signed by several different signing groups; when an electronic document is to be processed and signed by several different signing groups and by several different individual signers. In this paper we propose the collective signature protocol for both cases, namely: Collective digital signature protocol for signing groups and Protocol of collective digital signature for group and individual signers. Generally, digital signature algorithms are based on a single difficult computational problem like prime factorization problem, discrete logarithm problem, elliptic curve problem or are based on the hybrid combination of prime factorization problem and discrete logarithm problem. We based on difficulty of the problem of finding roots modulo large prime number [16] to design our proposed collective signature protocols. 2. COLLECTIVE DIGITAL SIGNATURE BASED ON PROBLEM OF FINDING ROOTS MODULO LARGE PRIME NUMBER 2.1. Digital Signature Protocol New hard computational problem described in [16] is used in the digital signature scheme (DSS) described below. It uses the prime modulus having the structure p = Nk2 + 1, where k is a large prime (|k| ο‚³ 160 bits) and N is such even number that the size of p satisfies the condition |p| ο‚³ 1024 bits. A random value x is selected as a private key. The public key y is computed using the formula y = xk mod p. The signature represents a pair of the numbers S and E. The size of S is equal to |p| ο‚³ 1024 bits and size of E is equal to || ο‚³ 160 bits, where  is some specified prime number. Suppose a message M is given. The signature generation procedure is performed as follows: 1. Select at random a value t < p ο€­ 1 and calculate: 𝑅 = π‘‘π‘˜ π‘šπ‘œπ‘‘ 𝑝 (1) 2. Using some specified hash function FH(M) calculate the hash value H corresponding to the message M and compute the first element of the signature 𝐸 = 𝑓(𝑅, 𝑀) = 𝑅𝐻 π‘šπ‘œπ‘‘ , (2)
  • 3. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 61 where  is a large prime that is a parameter of the signature generation algorithm. For example, it is acceptable to use a randomly selected prime  such that||= 160. The function FH(M) is also a part of the DSS. For example, one can use the hash function SHA-1 recommended by US National Institute of Standards and technology (NIST). 3. Calculate the second element of the signature: 𝑆 = π‘₯𝑓(𝑅,𝑀) 𝑑 π‘šπ‘œπ‘‘ 𝑝 (3) The signature verification procedure is performed as follows: 1. Using the signature (E, S) compute: 𝑅 = π‘†π‘˜ 𝑦𝐸 π‘šπ‘œπ‘‘ 𝑝 (4) 2. Calculate: 𝐸′ = 𝑓(𝑅; 𝑀) = 𝑅𝐻 π‘šπ‘œπ‘‘  (5) 3. Compare Eο‚’ with E. If Eο‚’= E, then the signature is valid. The signature length is equal to |𝐸| + |𝑆| = || + |𝑝|ο‚» |𝑝|. The random value t plays the role of one-time secret key. It is unacceptable to use the same value t for the formation of signatures to two different documents, since in this case the private key can be calculated. Indeed, let (R, S1) and (R, S2) are the signature to the messages M1 and M2, respectively. We have 𝑆1 = 𝑦𝑓(𝑅,𝑀1) . 𝑅 π‘šπ‘œπ‘‘ 𝑝 (3a) and 𝑆2 = 𝑦𝑓(𝑅,𝑀2) . 𝑅 π‘šπ‘œπ‘‘ 𝑝 (3b) Therefore 𝑆1 π‘˜ 𝑆2 π‘˜ = 𝑦𝑓(𝑅,𝑀1)βˆ’π‘“(𝑅,𝑀2) (6) therefore π‘₯ = ( 𝑆1 𝑆2 ) 1/(𝑓(𝑅,𝑀1)βˆ’π‘“(𝑅,𝑀2)) π‘šπ‘œπ‘‘ 𝑝 (7) 2.2. Collective Signature Protocol Using the previously described digital signature scheme one can propose the following collective signature protocol. Suppose the j-th user owns the public key yj depending on his private key xj< p as follows: 𝑦𝑗 = π‘₯𝑗 π‘˜ mod p, where j = 1,2,…, s.
  • 4. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 62 Suppose an electronic document M is given and m(m < s) users owning the public keys y1, y2, …, ym should sign it simultaneously. The following protocol produces the collective digital signature: 1. Each jth user selects at random a value𝑑α𝑗 < 𝑝and computes the public value: 𝑅𝛼𝑗 = 𝑑𝛼𝑗 π‘˜ π‘šπ‘œπ‘‘π‘ (8) where j = 1,2, …, m. 2. Some of the users (or one of them) calculate the common randomization value: 𝑅 = ∏ 𝑅𝛼𝑗 π‘šπ‘œπ‘‘π‘ π‘š 𝑗=1 (9) and then calculate the first part of the CDS: 𝐸 = 𝑓(𝑅, 𝑀) where f is a specified compression function. For example, we will use the following function: 𝐸 = 𝑅𝐻 π‘šπ‘œπ‘‘  (10) where  is a large prime having length ||= 160 bit and H is a hash value computed from the message M. 3. Using the values R and 𝑑α𝑗 each jth user computes its share in the CDS: 𝑆𝛼𝑗 = π‘₯𝛼𝑗 𝑓(𝑅,𝑀) 𝑑𝛼𝑗 π‘šπ‘œπ‘‘ 𝑝 (11) that is supposed to be available to all users of the group. 4. Calculate the second element of the CDS: 𝑆 = ∏ 𝑆𝛼𝑗 π‘šπ‘œπ‘‘ 𝑝 π‘š 𝑗=1 (12) Thus, the CDS is computed with 2m modulo exponentiations. The CDS length is fixed and equals to|𝑆| + |𝛿|. The CDS verification procedure is performed as follows. 1. Compute the collective public key y: 𝑦 = ∏ 𝑦𝛼𝑗 π‘šπ‘œπ‘‘ 𝑝 π‘š 𝑗=1 (13) 2. Using the CDS (E; S) compute value 𝑅′ 𝑅′ = π‘†π‘˜ 𝑦𝐸 π‘šπ‘œπ‘‘ 𝑝 (14) 3. Compute 𝐸′ = 𝑓(𝑅′, 𝑀) = 𝑅′𝐻 π‘šπ‘œπ‘‘  4. Compare values Eο‚’and E. If Eο‚’= E, then the signature is valid. Otherwise the signature is false.
  • 5. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 63 3. COLLECTIVE DIGITAL SIGNATURE FOR SIGNING GROUPS BASED ON PROBLEM OF FINDING ROOTS MODULO LARGE PRIME NUMBER The GDS protocol presupposes the formation of a digital signature to some electronic document on behalf of some collegial body (group of signers, i.e. signing group), which is headed by a group manager. Each representative of a group of signers generates his private key x and his public key 𝑦 = π‘₯π‘˜ π‘šπ‘œπ‘‘ 𝑝. The public key Y of the group manager is a public key of the group and is calculated as follows π‘Œ = π‘‹π‘˜ π‘šπ‘œπ‘‘ 𝑝, where X is manager’s private key. The value Y is also the public key of the group, i.e. the value Y is used to verify authenticity of the GDS. Let m group members (having public keys 𝑦𝑖 = π‘₯𝑖 π‘˜ π‘šπ‘œπ‘‘ 𝑝and corresponding private keys xi , i = 1, 2, …, m) wish to sign the document M. The group signature protocol is described as follows: ο‚· Signature generation: 1. The group manager computes hash value from document 𝐻 = 𝐹𝐻(𝑀), where 𝐹𝐻 is some specified hash function, calculates masking coefficients 𝑖 = 𝐹𝐻(𝐻 || 𝑦𝑖|| 𝐹𝐻(𝐻 ||𝑦𝑖|| 𝑋)) (15) and sends each value i to the corresponding i-th group member, for i=1, 2, .., m. Then the group manager computes the first element of the group signature: π‘ˆ = ∏ 𝑦𝑖 𝑖 π‘šπ‘œπ‘‘ 𝑝 π‘š 𝑖=1 (16) 2. Each i-th group member (i = 1, 2, …, m) generates a random number ti < p-1, computes the value: 3. 𝑅𝑖 = 𝑑𝑖 π‘˜ π‘šπ‘œπ‘‘ 𝑝 (17) and sends Ri to the group manager. 4. The group manager generates the random number T < p-1 and computes the values 5. 𝑅′ = π‘‡π‘˜ π‘šπ‘œπ‘‘ 𝑝, (18) 𝑅 = 𝑅′ ∏ 𝑅𝑖 π‘š 𝑖=1 π‘šπ‘œπ‘‘ 𝑝 = (𝑇. ∏ 𝑑𝑖 π‘š 𝑖=1 )π‘˜ , (19) and 𝐸 = 𝐹𝐻(𝑀||𝑅||π‘ˆ) π‘šπ‘œπ‘‘ , (20) where is a large prime having length ||= 160 bit,E is the second element of the group signature. Then he sends value E to all group members who have initiated the protocol. 6. Each i-th group member (i = 1, 2, …, m) computes his signature share 𝑆𝑖 = π‘₯𝑖 𝐸𝑖 .𝑑𝑖 π‘šπ‘œπ‘‘ 𝑝 (21)
  • 6. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 64 and sends it to the group manager. 7. The group manager verifies the correctness of each share Si by checking equality 8. 𝑅𝑖 = 𝑆𝑖 π‘˜ 𝑦𝑖 βˆ’πΈο¬π‘– π‘šπ‘œπ‘‘ 𝑝 (22) If all signature shares Si satisfy the last verification equation, then he computes his share 𝑆′ = 𝑋𝐸 . 𝑇 π‘šπ‘œπ‘‘ 𝑝 (23) and the third element of the group signature 𝑆 = 𝑆′. ∏ 𝑆𝑖 π‘šπ‘œπ‘‘ 𝑝 π‘š 𝑖=1 (24) ο‚· Signature verification: The verification procedure includes the following steps: 1. The verifier computes the hash-function value from the document M: H = FH(M). Using the group public key Y and signature (U, E, S) he computes value: 𝑅* = 𝑆k (π‘Œπ‘ˆ)-E π‘šπ‘œπ‘‘ 𝑝 (25) 2. He computes value 3. 𝐸* = 𝐹H(𝑀 || 𝑅* || π‘ˆ) (26) 4. Compares the values E and E. If E* = E, then the verifier concludes that the group signature is valid. Otherwise, he rejects the signature. ο‚· Proof of correctness: Let us show that the proposed protocol generating the CDS (U, e, s) works correctly. Substituting the value: 𝑆 = 𝑆′. ∏ 𝑆𝑖 π‘š 𝑖=1 π‘šπ‘œπ‘‘ 𝑝, π‘Œ = π‘‹π‘˜ π‘šπ‘œπ‘‘ 𝑝 And π‘ˆ = ∏ 𝑦𝑖 𝑖 π‘šπ‘œπ‘‘ 𝑝 π‘š 𝑖=1 in the right part of the verification equation (25): 𝑅* = 𝑆k (π‘Œπ‘ˆ)-E π‘šπ‘œπ‘‘ 𝑝 we get: π‘…βˆ— = π‘†π‘˜ (π‘Œπ‘ˆ)βˆ’πΈ π‘šπ‘œπ‘‘ 𝑝 = (𝑋𝐸 . 𝑇 ∏ π‘₯𝑖 𝐸𝑖 .𝑑𝑖) π‘š 𝑖=1 π‘˜ (π‘‹π‘˜ . 𝑇 ∏ 𝑦𝑖 𝑖 ) π‘š 𝑖=1 βˆ’πΈ
  • 7. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 65 = π‘‹π‘˜πΈ . (𝑇 ∏π‘₯𝑖 𝐸𝑖 . 𝑑𝑖) π‘š 𝑖=1 π‘˜ π‘‹βˆ’π‘˜πΈ . (𝑇 ∏ 𝑦𝑖 π‘˜ο¬π‘– ) π‘š 𝑖=1 βˆ’πΈ = π‘‡π‘˜ . ∏ 𝑑𝑖 π‘˜ π‘š 𝑖=1 π‘šπ‘œπ‘‘ 𝑝 = 𝑅 It is easy to see that the value: 𝐷 = ∏ 𝑆𝑖 π‘š 𝑖=1 π‘šπ‘œπ‘‘ 𝑝 (27) can be considered as a "group pre-signature" approving of which is performed by the group manager with adding his signature share S’. The value is actually calculated analogously to the computation of the collective signature in the protocols [5,6]. The main difference between the described GDS protocol and collective DS protocols [5,6] is using the masking coefficients i at time of generating the collective public key U, which is used as the first element of the GDS. The value U conserves the information about all group members who participated in the process of generating the GDS. It is easy to see that only the group manager can open the GDS, using the value U, since only he can compute the masking values i. In the protocol developed in this paper it is also used the mechanism of the formation of the collective DS. Namely, this mechanism is used in the following two ways: i) to form a pre- signature and ii) to form a collective signature shared by several signing groups. Let g signing groups with public keysπ‘Œ 𝑗 = 𝑋𝑗 π‘˜ π‘šπ‘œπ‘‘ 𝑝, where j = 1,2, …, g; Xj is the secret key of the j-th group manager, have intention to sign the document M. Suppose also the j-th signing group includes mj active individual signers (persons appointed to act on behalf of the j-th signing group). The protocol of collective signature for group signers is described as follows. The signature generation procedure relating to the proposed collective DS protocol for signing groups: 1. Within the framework of the GDS protocol described above, the manager of each j-group of signers (j = 1, 2,.., g) generates masking parameters ji for the signers of his group and computes the value: π‘ˆπ‘— = ∏ 𝑦𝑗𝑖 𝑗𝑖 π‘šπ‘— 𝑖=1 π‘šπ‘œπ‘‘ 𝑝 (28) (where i = 1,2,…, mj) as the j-th share in the first element of the collective group signature and the randomizing parameter: 𝑅𝑗 = 𝑅′𝑗 ∏ 𝑅𝑗𝑖 π‘šπ‘— 𝑖=1 π‘šπ‘œπ‘‘ 𝑝 (29) Then he sends values Uj and Rj to all other managers. 2. Each j-th group manager (j = 1, 2, …, g) computes values π‘ˆ = ∏ π‘ˆπ‘— 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝, 𝑅 = ∏ 𝑅𝑗 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝, (30)
  • 8. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 66 And 𝐸 = 𝐹𝐻(𝑀||𝑅||π‘ˆ) π‘šπ‘œπ‘‘ , (31) where  is a large prime having length ||= 160 bit, E and U are the first and second elements of the group signature. 3. Each j-th group manager (j = 1, 2, …, g) computes signature share of his group 𝑆𝑗 = 𝑆′𝑗 ∏ 𝑆𝑗𝑖 π‘šπ‘— 𝑖=1 π‘šπ‘œπ‘‘ 𝑝, (32) where Sji is the signature share of the ith individual signer in the ith signing group, and sends it to other group managers. 4. Each j-th group manager can verify the correctness of each share Sj by checking equality 5. 𝑅𝑗 = 𝑆𝑗 π‘˜ (π‘Œ π‘—π‘ˆπ‘—)βˆ’πΈ π‘šπ‘œπ‘‘ 𝑝. (33) If all shares Sj satisfy the last verification equation, then the third element S of the collective signature is computed: 𝑆 = ∏ 𝑆𝑗 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝 (34) The tuple (U, E, S) generated by the above procedure presents the collective signature (to the document M) shared by g signing groups. ο‚· Signature Verification: The signature verification procedure relating to the proposed collective DS protocol for signing groups: 1. Compute the collective public key shared by all signing groups: π‘Œπ‘π‘œπ‘™ = ∏ π‘Œ 𝑗 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝 = (∏ 𝑋𝑗 𝑔 𝑗=1 )π‘˜ π‘šπ‘œπ‘‘ 𝑝 (35) 2. Compute the value: 𝑅* = 𝑆k (π‘ˆπ‘Œcol)-E π‘šπ‘œπ‘‘ 𝑝 (36) 3. Compute the value: 𝐸* = 𝐹H(𝑀 || 𝑅* || π‘ˆ) (37) 4. Compare the values E and E*. If E* = E, then one concludes that the group signature is valid. Otherwise, the signature is rejected. ο‚· Proof of correctness: Substituting the value: 𝑆 = ∏ 𝑆𝑗 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝,π‘ˆ = ∏ π‘ˆπ‘— 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝, π‘Œπ‘π‘œπ‘™ = βˆπ‘Œ 𝑗 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝
  • 9. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 67 in the right part of the verification equation (36): 𝑅* = 𝑆k (π‘ˆπ‘Œcol)-E π‘šπ‘œπ‘‘ 𝑝 we get: π‘…βˆ— = π‘†π‘˜ (π‘ˆπ‘Œπ‘π‘œπ‘™)βˆ’πΈ π‘šπ‘œπ‘‘ 𝑝 = (∏ 𝑆𝑗)π‘˜ 𝑔 𝑗=1 (∏ π‘ˆπ‘— 𝑔 𝑗=1 βˆπ‘Œ 𝑗 𝑔 𝑗=1 )βˆ’πΈ π‘šπ‘œπ‘‘ 𝑝 = ∏ 𝑆𝑗 π‘˜ (π‘ˆπ‘—π‘Œ 𝑗)βˆ’πΈ 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝 = ∏ 𝑅𝑗 𝑔 𝑗=1 π‘šπ‘œπ‘‘ 𝑝 = 𝑅 The first element U of the collective signature contains information about all group members of each signing group who signed the document M. The identification procedure (the disclosure of the group signature) is carried out by analogy with the procedure for disclosing the group signature described in [9]. It should be noted that the procedure for identifying individual signers requires the participation of the group managers of each group that share the collective signature. At the same time, the computational complexity of this procedure is relatively high and rapidly increases with the growth of number of the signing groups that share collective signature. In the proposed collective DS scheme the signature verification procedure includes the steps of the verification procedure in the group signature scheme and an additional initial step for computing the collective public key (step 1). In the signature verification equation it is used the collective public key Ycol instead of the group public key. 4. PROTOCOL OF COLLECTIVE DIGITAL SIGNATURE FOR GROUP AND INDIVIDUAL SIGNERS Another important practical scenario relates to the processing document M by several individual signers and by several group signers. Construction of the collective signature protocol (in Section 2) for such case can be implemented in full correspondence with the collective signature protocol for group signers described in Section 3, if it is accepted an agreement that for individual signers the value Uj is equal to 1. It is evident that only all group managers act in the procedure of disclosing the collective group signature (identification of the individual signers acted in the frame of each group signer). 5. CONCLUSION In paper [16], Nicolay A. Moldovyan based on difficulty of finding the kth roots in the finite fields GF(p) such that p = Nk2 + 1, where k is sufficiently large prime having the size |k|> 160 bits and N is even number such that the size of p is |p|> 1024 bits, to propose a collective digital signature scheme. This is the basis for us design collective signature protocols for signing groups based on problem of finding roots modulo large prime numbers: Collective digital signature for signing groups and Collective digital signature for group and individual signers. Both are extensions of collective digital signatures that combine the advantages of group digital signatures
  • 10. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 68 and collective digital signatures. Their size does not depend on the number of members involved in the formation of the final signature. In each turn, we presented the signature generation process, the signature verification process, as well as demonstrate the correctness of this verification process. We also set all our hope on our future work to develop the collective signature schemes of the proposed types, in which the signature contains only two elements E and S. REFERENCES [1] National Institute of Standards and Technology,β€œDigital Signature Standard”,FIPS Publication 186- 3, (2009). [2] Chaum D.,β€œBlind Signatures for Untraceable Payments”, Advances in Cryptology: Proc. of CRYPTO’82, Plenum Press, p. 199–203, (1983). [3] Camenisch J.L., Piveteau J.-M. and Stadler M.A,β€œBlind Signatures Based on the Discrete Logarithm Problem”, In: Advances in Crypology – EUROCRYPT'94 Proc, Lecture Notes in Computer Science, Springer-Verlag, Berlin Heidelberg New York, Vol. 950, 428–432, (1995). [4] Minh N. H., Binh D. V., Giang N. T. and Moldovyan N. A. β€œBlind Signature Protocol Based on Difficulty of Simultaneous Solving Two Difficult Problems”, Applied Mathematical Sciences,No.6, 6903–6910, (2012). [5] Moldovyan N.A, β€œBlind Signature Protocols from Digital Signature Standards”, Int. Journal of Network Security,No. 13, 22–30, (2011). [6] Moldovyan N.A,β€œBlind Collective Signature Protocol”, Computer Science Journal of Moldova,No. 19, 80–91, (2011). [7] Moldovyan N.A. and Moldovyan A.A, β€œBlind Collective Signature Protocol Based on Discrete Logarithm Problem”, Int. Journal of Network Security, No.11, 106–113, (2010). [8] Pieprzyk J., HardjonoTh. and Seberry J.,β€œFundamentals of Computer Security”, Springer-verlag, Berlin, (2003). [9] Moldovyan A.A. and Moldovyan N.A,β€œGroup signature protocol based on masking public keys,Quasigroups and related systems, No. 22, 133–140, (2014). [10] Seetha R. and Saravanan R,β€œDigital Signature Schemes for group communication: A Survey”, International Journal of Applied Engineering Research, No.11, 4416–4422, (2016). [11] Enache A.-C,β€œAbout Group Digital Signatures”, Journal of Mobile, Embedded and Distributed Systems, No.IV, 193–202, (2012). [12] International Standard ISO/IEC 14888-3:2006(E), Information technology –Security techniques – Digital Signatures with appendix – Part 3: Discrete logarithm based mechanisms. [13] GOST R 34.10-2001 and Russian Federation Standard, Information Technology,β€œCryptographic data Security. Produce and check procedures of Electronic Digital Signature”, Government Committee of the Russia for Standards, (2012). [14] Rajasree R.S,β€œGeneration of Dynamic Group Digital Signature”, International Journal of Computer Applications, No.98, 1–5, (2014). [15] Moldovyan N.A., Nguyen Hieu Minh, Dao Tuan Hung and Tran Xuan Kien,β€œGroup Signature Protocol Based on Collective Signature Protocol and Masking Public Keys Mechanism”, International Journal of Emerging Technology and Advanced Engineering, No.6, 1–5, (2016). [16] Moldovyan N.A,β€œDigital Signature Scheme Based on a New Hard Problem”, Computer Science Journal of Moldova, No.16, 163–18, (2008).
  • 11. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.4, July 2021 69 AUTHORS Tuan Nguyen Kim was born in 1969, received B.E., and M.E from Hue University of Sciences in 1994, and from Hanoi University of Technology in 1998. He has been a lecturer at Hue University since 1996. From 2011 to the present (2021) he is a lecturer at School of Computer Science, Duy Tan University, Da Nang, Vietnam. His main research interests include Computer Network Technology and Information Security. Duy Ho Ngoc was born in 1982. He received his Ph.D. in Cybersecurity in 2007 from LETI University, St. Petersburg, Russia Federation. He has authored more than 45 scientific articles in cybersecurity. Nikolay A. Moldovyan is an honored inventor of Russian Federation (2002), a laboratory head at St. Petersburg Institute for Informatics and Automation of Russian Academy of Sciences, and a Professor with the St. Petersburg State Electrotechnical University. His research interests include computer security and cryptography. He has authored or co-authored more than 60 inventions and 220 scientific articles, books, and reports. He received his Ph.D. from the Academy of Sciences of Moldova (1981).