关键词: 可验证密钥共享, 向前安全, 动态安全, 门限签名

Abstract:

The formal definition of forward-secure proactive threshold signature scheme is presented, and a concrete scheme is described. The scheme has all the forward-secure properties. The whole lifetime of the signatures is divided into several time periods, the secret key is updated in each time period, and the update function is just one-way. Therefore, the adversary knows no secret keys for previous time periods even if she has got the current secret key. The public key is fixed during the whole lifetime. At the same time, the scheme has all the properties of proactive security. It can renew shares periodically, detect malicious actions, and recover bad shares. The scheme has the great significance: If an attacker can’t break into no fewer than threshold severs in one period, she can’t forge any signature for the current time period; even if she can break into threshold severs, she can’t forge any signature for previous time periods.

Key words: verifiable secret sharing, forward security, proactive security;threshold scheme