在日常的生活中，數位簽章及公開金鑰加密是保護線上交易安全的二種常用機制。前者確保鑑別性與不可否認性，後者則保障機密性。
欲提供密碼方法同時具備機密性與鑑別性，鑑別加密方法是一較佳的選擇，與直接簽章再加密的方式相較，鑑別加密法可提升效率與降低通訊成本。此方法允許簽署者產生一鑑別加密訊息，使得僅特定驗證者有能力來解密此訊息並驗證其對應的簽章。可轉換鑑別加密方法不僅具備上述所提的特性，當發生事後的否認爭議時，更提供額外的簽章轉換機制使任意人信服簽署者的不誠實。
代理簽章方法允許一位被授權者，稱為代理簽署者，根據事先定義好的簽署策略，代表原始簽署者產生合法的代理簽章。在本論文中，作者提出三種具代理授權特性的可轉換鑑別加密方法，分別植基於RSA、CDHP、BDHP不同的密碼假設難題。所提之方法允許一位代理簽署者代表原始簽署者產生一合法的鑑別加密訊息，同時僅有一位特定接收者有能力解密並驗證其對應的代理簽章。由於轉換後的原始代理簽章會在訊息回復與驗證簽章的過程中被運算出來，因此簽章轉換的程序相當簡單，而且可由特定驗證者在不需額外計算或通訊成本的情況下獨立完成。我們也提出一個群體導向的變形方法，其允許一個由n位原始簽署者組成的群體授權他們的簽署能力給一位代理簽署者，來代表此原始簽署群體產生鑑別加密訊息。為了方便大訊息的加密，作者進一步提出藉由將一個大訊息切割為多個小訊息區塊的具訊息鏈結的變形方法。
與之前的文獻相比，所提的方法不僅有較低的計算成本，同時亦提供較佳的功能性。此外，在抵抗調整式選擇密文攻擊的機密性安全需求與抵抗調整式選擇訊息攻擊的不可偽造性安全需求，也在random oracle模型下證明。

In modern daily life, digital signatures and public key encryptions are two commonly applied mechanisms for protecting the security of on-line transactions. The former ensures authenticity and non-repudiation while the latter guarantees confidentiality.
To simultaneously provide cryptographic schemes with confidentiality and authenticity, an authenticated encryption (AE) scheme is a better alternative for promoting efficiency and reducing communication overheads as compared to the straightforward sign-then-encrypt method. Such schemes allow a signer to produce an authenticated ciphertext, such that only a designated recipient has the ability to decrypt the ciphertext and verify its corresponding signature. Convertible authenticated encryption (CAE) schemes not only inherit the characteristic mentioned above, but also provide additional signature conversion mechanism to convince anyone of signer’s dishonesty when a later dispute occurs.
Proxy signature schemes allow an authorized person called proxy signer to generate proxy signatures on behalf of an original signer according to the predefined signing policy. In this dissertation, the author proposes three CAE schemes with proxy delegation based on different cryptographic assumptions, i.e., RSA, CDHP, BDHP, respectively. The proposed schemes allow a proxy signer to generate a valid authenticated ciphertext on behalf of an original signer and only the intended recipient is capable of decrypting it and verifying the corresponding proxy signature. The signature conversion is rather simple and can be solely done by the designated recipient with neither extra computation costs nor communication overheads, since the converted proxy signature will be derived during the message recovery and signature verification phase. We also present a group-oriented variant which enables an original group consisting of n signers to delegate their signing power to a proxy signer such that the latter can generate an authenticated ciphertext on behalf of the former. For facilitating the encryption of a large message, the author further introduces the other variant with message linkages by dividing a large message into many small message blocks.
As compared with previous works, the proposed schemes not only have lower computation costs, but also provide better functionalities. Additionally, the security requirement of confidentiality against indistinguishability under adaptive chosen-ciphertext attacks (IND-CCA2) and that of unforgeability against existential forgery under adaptive chosen-message attacks (EF-CMA) are proved in the random oracle model.

摘要 iii
ABSTRACT v
Acknowledgements vii
Contents viii
List of Tables x
List of Figures xi
1　Introduction 1
　　1.1　Motivation 1
　　1.2　Related Works 1
　　1.3　Our Contributions 5
　　1.4　Organization of Dissertation 7
2　Preliminaries 8
　　2.1　Security Notions 9
　　2.2　Designated Verifier Signature Scheme 12
　　2.3　Convertible Authenticated Encryption (CAE) Scheme 17
　　2.4　Proxy Signcryption Scheme 20
3　Formal Model of the PCAE Scheme 26
　　3.1　Involved Parties 26
　　3.2　Algorithms 26
　　3.3　Security Models 27
4　Proposed PCAE-(I) Scheme 31
　　4.1　Construction 31
　　4.2　Correctness 33
　　4.3　Security Proofs 34
5　Proposed PCAE-(II) Scheme 44
　　5.1　Construction 44
　　5.2　Correctness 46
　　5.3　Security Proofs 47
　　5.4　Group-Oriented Variant 61
　　5.5　Variant with Message Linkages 65
6　Proposed PCAE-(III) Scheme 67
　　6.1　Construction 67
　　6.2　Correctness 69
　　6.3　Security Proofs 70
7　Conclusions and Future Research 82

[AUI99] S. Araki, S. Uehara and K. Imamura, “The limited verifier signature and its application,” IEICE Transactions on Fundamentals of Electronics, Communications and Computer Sciences, Vol. E82-A, No. 1, 1999, pp. 63-68.
[BD98] F. Bao and R. H. Deng, “A signcryption scheme with signature directly verifiable by public key,” Workshop on Public Key Cryptography, Springer-Verlag, 1998, pp. 55-59.
[BF01] D. Boneh and M. Franklin, “Identity-based encryption from the Weil pairing,” Advances in Cryptology □ CRYPTO 2001, Springer-Verlag, 2001, pp. 213-229.
[BJY97] M. Bellare, M. Jakobsson and M. Yung, “Round-optimal zero-knowledge arguments based on any one-way hash function,” Advances in Cryptology □ EUROCRYPT’97, Springer-Verlag, 1997, pp. 280-305.
[BKL+02] P. S. L. M. Barreto, H. Y. Kim, B. Lynn and M. Scott, “Efficient algorithms for pairing-based cryptosystems,” Advances in Cryptology □ CRYPTO 2002, Springer-Verlag, 2002, pp. 354-368.
[BLS01] D. Boneh, B. Lynn and H. Shacham, “Short signature from the Weil pairing,” Advances in Cryptology □ ASIACRYPT 2001, Springer-Verlag, 2001, pp. 514-532.
[BLS03] P. S. L. M. Barreto, B. Lynn, and M. Scott, “On the selection of pairing-friendly groups,” Selected Areas in Cryptography (SAC 2003), Springer-Verlag, 2003.
[Boy03] X. Boyen, “Multipurpose identity-based signcryption: A Swiss army knife for identity-based cryptography,” Advances in Cryptology □ CRYPTO’03, Springer-Verlag, 2003, pp. 383-399.
[BSZ02] J. Baek, R. Steinfeld and Y. Zheng, “Formal proofs for the security of signcryption,” Public Key Cryptography - PKC’02, Springer-Verlag, 2002, pp. 80-98.
[CA90] D. Chaum and H. van Antwerpen, “Undeniable signature,” Advances in Cryptology □ CRYPTO’90, Springer-Verlag, 1990, pp. 212-216.
[CC06] F. Cao and Z. Cao, “Cryptanalysis on a proxy multi-signature scheme,” Proceedings of the 1st International Multi-Symposiums on Computer and Computational Sciences, 2006 (IMSCCS’06), Vol. 2, IEEE Press, Piscataway, USA, 2006, pp. 117-120.
[Cha08] T. Y. Chang, “A convertible multi-authenticated encryption scheme for group communications,” Information Sciences, Vol. 178, No. 17, 2008, pp. 3426-3434.
[Cha90] D. Chaum, “Zero-knowledge undeniable signatures,” Advances in Cryptology □ EUROCRYPT’90, Springer-Verlag, 1990, pp. 458-464.
[Chi08] H. Y. Chien, “Selectively convertible authenticated encryption in the random oracle model,” The Computer Journal, Vol. 51, No. 4, 2008, pp. 419-434.
[DC06] S. Duan and Z. Cao, “Efficient and provably secure multi-receiver identity-based signcryption,” Information Security and Privacy, Springer-Verlag, 2006, pp. 195-206.
[DCZ05] S. Duan, Z. Cao and Y. Zhou, “Secure delegation-by-warrant ID-based proxy signcryption scheme” Proceedings of Computational Intelligence and Security Conference (CIS 2005), Springer-Verlag, 2005, pp. 445-450.
[DH76] W. Diffie and M. Hellman, “New directions in cryptography,” IEEE Transactions on Information Theory, Vol. IT-22, No. 6, 1976, pp. 644-654.
[DK02] H. Delfs and H. Knebl, Introduction to Cryptography: Principles and Applications, 2nd Ed., Springer-Verlag, 2002.
[DYD03] J. Z. Dai, X. H. Yang and J. X. Dong, “Designated-receiver proxy signature scheme for electronic commerce,” Proceedings of IEEE International Conference on Systems, Man and Cybernetics, Vol. 1, 2003, pp. 384-389.
[EA08] H. Elkamchouchi and Y. Abouelseoud, “A new proxy identity-based signcryption scheme for partial delegation of signing rights,” Cryptology ePrint Archive, Report 2008/041, 2008. http://eprint.iacr.org/2008/041
[EAM06] D. H. Elkamshoushy, A. K. AbouAlsoud and M. Madkour, “New proxy signcryption scheme with DSA verifier,” Proceedings of the 23th National Radio Science Conference (NRSC 2006), 2006, pp. 1-8.
[ElG85] T. ElGamal, “A public key cryptosystem and a signature scheme based on discrete logarithms,” IEEE Transactions on Information Theory, Vol. IT-31, No. 4, 1985, pp. 469-472.
[Gir91] M. Girault, “Self-certified public keys,” Advances in Cryptology □ EUROCRYPT’91, Springer-Verlag, 1991, pp. 491-497.
[GS02] C. Gentry and A. Silverberg, “Hierarchical id-based cryptography,” Advances in Cryptology □ ASIACRYPT 2002, Springer-Verlag, 2002, pp. 548-566.
[HC01] S. J. Hwang and C. C. Chen, “A new multi-proxy multisignature scheme,” Proceedings of 2001 National Computer Symposium, 2001, pp. 19-26.
[HC03] H. F. Huang and C. C. Chang, “An efficient convertible authenticated encryption scheme and its variant,” Proceedings of the 5th International Conference on Information and Communications Security (ICICS2003), Springer-Verlag, 2003, pp. 382-392.
[Hen94] M. Hendry, Smart Card Security and Applications, Artech House, Inc., 1997.
[HLL00] M. S. Hwang, I. C. Lin. and J. L. Eric Lu, “A secure nonrepudiable threshold proxy signature scheme with known signers,” International Journal of Informatica, Vol. 11, No. 2, 2000, pp. 1-8.
[HLL+05] C. H. Huang, C. Y. Lee, C. H. Lin, C. C. Chang and K. L. Chen, “Authenticated encryption schemes with message linkage for threshold signatures,” Proceedings of the IEEE 19th International Conference on Advanced Information Networking and Applications, Vol. 2, 2005, pp. 261-264.
[HLS05] R. J. Hwang, C. H. Lai and F. F. Su, “An efficient signcryption scheme with forward secrecy based on elliptic curve,” Applied Mathematics and Computation, Vol. 167, No. 2, 2005, pp. 870-881.
[HMP94] P. Horster, M. Michel and H. Peterson, “Authenticated encryption schemes with low communication costs,” Electronics Letters, Vol. 30, No. 15, 1994, pp. 1212-1213.
[HS00] S. J. Hwang and C. H. Shi, “A simple multi-proxy signature scheme,” Proceedings of the 10th National Conference on Information Security, 2000, pp. 134-138.
[HSM+08] X. Huang, W. Susilo, Y. Mu and F. Zhang, “Short designated verifier signature scheme and its identity-based variant,” International Journal of Network Security, Vol. 6, No. 1, 2008, pp. 82-93.
[HW99] W. H. He and T. C. Wu, “Cryptanalysis and improvement of Petersen-Michels signcryption scheme,” IEE Proceedings - Computers and Digital Techniques, Vol. 146, No. 2, 1999, pp. 123-124.
[HWT+04] F. Hou, Z. Wang, Y. Tang and Z. Liu, “Protecting integrity and confidentiality for data communication,” Proceedings of the 9th International Symposium on Computers and Communications (ISCC), Vol. 1, No. 28, 2004, pp. 357-362.
[HWW01] C. L. Hsu, T. S. Wu and T. C. Wu, “New nonrepudiable threshold proxy signature scheme with known signers,” The Journal of Systems and Software, Vol. 58, No. 2, 2001, pp. 119-124.
[Jac91] J. Jacob, “A uniform presentation of confidentiality properties,” IEEE Transactions on Software Engineering, Vol. 17, No. 11, 1991, pp. 1186-1194.
[JS03] A. Juels and M. Szydlo, “A two-server, sealed-bid auction protocol,” Financial Cryptography, Vol. 2357, 2003, pp. 72-86.
[JSI96] M. Jakobsson, K. Sako and R. Impagliazzo, “Designated verifier proofs and their applications,” Advances in Cryptology – EUROCRYPT’96, Springer-Verlag, 1996, pp. 143-154.
[KBD09] B. Kang, C. Boyd and E. Dawson, “A novel identity-based strong designated verifier signature scheme,” The Journal of Systems and Software, Vol. 82, No. 2, 2009, pp. 270-273.
[Kob87] N. Koblitz, “Elliptic curve cryptosystems,” Mathematics of Computation, Vol. 48, No. 177, 1987, pp. 203-209.
[KPW97] S. Kim, S. Park and D. Won, “Proxy signatures, revisited,” Proceedings of International Conference on Information and Communications Security (ICICS’97), Springer-Verlag, 1997, pp. 223-232.
[KSS06] K. Kumar, G. Shailaja and A. Saxena, “Identity based strong designated verifier signature scheme,” Cryptology ePrint Archive, Report 2006/134, 2006. http://eprint.iacr.org/2006/134
[LC04] X. Li and K. Chen, “Identity based proxy-signcryption scheme from pairings,” Proceedings of the 2004 IEEE International Conference on Services Computing, IEEE Computer Society, 2004, pp. 494-497.
[LC07] J. S. Lee and J. H. Chang, “Strong designated verifier signature scheme with message recovery,” Proceedings of the 9th International Conference on Advanced Communication Technology, Vol. 1, 2007, pp. 801-803.
[LC09] J. S. Lee and J. H. Chang, “Comment on Saeednia et al.’s strong designated verifier signature scheme,” Computer Standards & Interfaces, Vol. 31, No. 1, 2009, pp. 258-260.
[LHL+01] Y. Li, B. Huang, W. Liu, H. Gou and C. Wu, “An electronic market architecture for virtual enterprises,” Proceedings of 2001 IEEE International Conference on Systems, Man, and Cybernetics, Vol. 3, IEEE Press, Piscataway, USA, 2001, pp. 2028-2033.
[LHT09] C. C. Lee, M. S. Hwang and S. F. Tzeng, A new convertible authenticated encryption scheme based on the ElGamal cryptosystem, International Journal of Foundations of Computer Science, Vol. 20, No. 2, 2009, pp. 351-359.
[LHW07] R. Lu, D. He and C. Wang, “On the security of an identity-based threshold proxy signature scheme with known signers,” Proceedings of the 3rd International Conference on Natural Computation 2007 (ICNC’2007), Vol. 3, IEEE Press, Piscataway, USA, 2007, pp. 210-214.
[LHW98] N. Y. Lee, T. Hwang and C. H. Wang, “On Zhang’s nonrepudiable proxy signature schemes,” Proceedings of the 3rd Australasian Conference on Information Security and Privacy (ACISP’98), Springer, Berlin, 1998, pp. 415-422.
[LW08] H. Y. Lin and T. S. Wu, “Bilinear pairings based convertible authenticated encryption scheme with provable recipient,” Proceedings of 2008 International Computer Symposium (ICS 2008), Taipei, Taiwan, November 2008.
[LW09] H. Y. Lin and T. S. Wu, “Pairings based designated verifier signature scheme for three-party communication environment,” Proceedings of 2009 International Conference on Computer Engineering and Technology (ICCET 2009), IEEE Computer Society, Singapore, January 2009, pp. 330-333.
[LWH02] C. Y. Lin, T. C. Wu and J. J. Hwang, “Multi-proxy signature schemes for partial delegation with cheater identification,” Proceedings of the 2nd International Workshop for Asia Public Key Infrastructure (IWAP 2002), IOS Press, Amsterdam, Netherlands, Technical Session E: Mobility & Certification, 2002.
[LWH+07] H. Y. Lin, T. S. Wu, T. Y. Huang and T. C. Lin, “Group-oriented convertible authenticated encryption scheme with (t, n) shared verification,” Proceedings of TANET 2007, Taipei, Taiwan, October 2007, pp. 502-506.
[LWH+08] H. Y. Lin and T. S. Wu, T. Y. Huang and Y. S. Yeh, “Self-certified proxy convertible authenticated encryption scheme,” Proceedings of the 8th International Conference on Intelligent System Design and Applications (ISDA 2008), IEEE Press, Kaohsiung, Taiwan, November 2008.
[LWH10] H. Y. Lin and T. S. Wu, S. K. Huang and Y. S. Yeh, “Efficient proxy signcryption scheme with provable CCA and CMA security,” Computers and Mathematics with Applications, Vol. 60, No. 7, 2010, pp. 1850-1858.
[LWK05] J. Lv, X. Wang and K. Kim, “Practical convertible authenticated encryption schemes using self-certified public keys,” Applied Mathematics and Computation, Vol. 169, No. 2, 2005, pp. 1285-1297.
[LWY10] H. Y. Lin, T. S. Wu and Y. S. Yeh, “A DL based short strong designated verifier signature scheme with low computation,” Journal of Information Science and Engineering, 2010. (to appear)
[LY08] H. Y. Lin and Y. S. Yeh, “A novel (t, n) threshold convertible authenticated encryption scheme,” Applied Mathematical Sciences, Vol. 2, No. 5, 2008, pp. 249-254.
[Men93] A. Menezes, Elliptic Curve Public Key Cryptosystems, Kluwer Academic Publishers, 1993.
[Mil85] V. Miller, “Use of elliptic curves in cryptography,” Advances in Cryptology □ CRYPTO’85, Springer-Verlag, 1985, pp. 417-426.
[MOV97] A. Menezes, P. Oorschot and S. Vanstone, Handbook of applied cryptography, CRC Press, Inc, 1997.
[MUO96a] M. Mambo, K. Usuda and E. Okamoto, “Proxy signature for delegating signature operation,” Proceedings of the 3rd ACM Conference on Computer and Communications Security, ACM press, 1996, pp. 48-57.
[MUO96b] M. Mambo, K. Usuda and E. Okamoto, “Proxy signatures: delegation of the power to sign messages,” IEICE Transactions on Fundamentals of Electronic Communications and Computer Science, Vol. E79-A, No. 9, 1996, pp. 1338-1354.
[MWX02] B. Meng, S. Wang and Q. Xiong, “A fair non-repudiation protocol,” Proceedings of the 7th International Conference on Computer Supported Cooperative Work in Design (CSCW’02), Brazil, 2002, pp. 68-73.
[Neu93] B. C. Neuman, “Proxy-based authentication and accounting for distributed systems,” Proceedings of the 13th International Conference on Distributed Computing Systems, 1993, pp. 283-291.
[NR93] K. Nyberg and R. A. Rueppel, “A new signature scheme based on the DSA given message recovery,” Proceedings of the 1st ACM Conference on Computer and Communications Security, 1993, pp. 58-61.
[PM98] H. Petersen and M. Michels, “Cryptanalysis and improvement of signcryption schemes,” IEE Proceedings - Computers and Digital Techniques, Vol. 145, No. 2, 1998, pp. 149-151.
[PS00] D. Pointcheval and J. Stern, “Security arguments for digital signatures and blind signatures,” Journal of Cryptology, Vol. 13, 2000, pp. 361-369.
[RN01] I. Ray and N. Narasimhamurthi, “An anonymous electronic voting protocol for voting over the Internet,” Proceedings of the 3rd International Workshop on Advanced Issues of E-Commerce and Web-Based Information Systems (WECWIS’01), California, 2001, pp. 188-190.
[RRK+04] S. Ravi, A. Raghunathan, P. Kocher and S. Hattangady, “Security in embedded systems: Design challenges,” ACM Transactions on Embedded Computing Systems (TECS), Vol. 3, No. 3, 2004, pp. 461-491.
[RSA78] R. Rivest, A. Shamir and L. Adleman, “A method for obtaining digital signatures and public-key cryptosystems,” Communications of the ACM, Vol. 21, No. 2, 1978, pp. 120-126.
[Sch91] C. P. Schnorr, “Efficient signature generation by smart cards,” Journal of Cryptology, Vol. 4, No. 3, 1991, pp. 161-174.
[Sch98] S. Schneider, “Formal analysis of a non-repudiation protocol,” Proceedings of 11th IEEE Computer Security Foundations Workshop, IEEE Press, Piscataway, USA, 1998, p. 54-65.
[Sch99] B. Schoenmakers, “A simple publicly verifiable secret sharing scheme and its application to electronic voting,” Advances in Cryptology □ CRYPTO’99, Springer-Verlag, 1999, pp. 148-164.
[Sha84] A. Shamir, “Identity-based cryptosystems and signature schemes,” Advances in Cryptology □ CRYPTO’84, Springer-Verlag, 1984, pp. 47-53.
[SKM03] S. Saeednia, S. Kremer and O. Markowitch, “An efficient strong designated verifier signature scheme,” Proceedings of the 6th International Conference on Information Security and Cryptology (ICISC 2003), Berlin, 2003, pp. 40-54.
[Sma02] N. P. Smart, “Identity-based authenticated key agreement protocols based on Weil Pairings,” Electronics Letters, Vol. 13, No. 38, 2002, pp. 630-632.
[SLH99] H. M. Sun, N. Y. Lee and T. Hwang, “Threshold proxy signatures,” IEE Proceedings of Computers & Digital Techniques, Vol. 146, No, 5, 1999, pp. 259-263.
[SP02] K. M. Shelfer and J. D. Procaccino, “Smart card evolution,” Communications of the ACM, Vol. 45, No. 7, 2002, pp. 83-88.
[Sta05] W. Stallings, Cryptography and Network Security: Principles and Practice, 4th. Ed., Pearson, 2005.
[Sta06] M. Stamp, Information Security: Principles and Practice, Wiley, 2006.
[SZM04] W. Susilo, F. Zhang and Y. Mu, “Identity-based strong designated verifier signature schemes,” Information Security and Privacy, Vol. 3108, Springer-Verlag, 2004, pp. 167-170.
[Tsa09] J. L. Tsai, “Convertible multi-authenticated encryption scheme with one-way hash function,” Computer Communications, Vol. 32, No. 5, 2009, pp. 783-786.
[TYH04] S. F. Tzeng, C. Y. Yang and M. S. Hwang, “A nonrepudiable threshold multi-proxy multisignature scheme with shared verification,” Future Generation Computer Systems, Vol. 20, No. 5, 2004, pp. 887-893.
[Var91] V. Varadharajan, P. Allen and S. Black, “An analysis of the proxy problem in distributed system,” Proceedings of 1991 IEEE Computer Society Symposium on Research in Security and Privacy, 1991, pp. 255-277.
[VM97] VISA and MasterCard Inc., Secure Electronic Transaction (SET) Specification, Version 1.0, 1997.
[Wan03] G. Wang, “An Attack on not-interactive designated verifier proofs for undeniable signatures,” Cryptology ePrint Archive, Report 2003/243, 2003. http://eprint.iacr.org/2003/243
[WC05] Q. Wang and Z. Cao, “Efficient ID-based proxy signature and proxy signcryption from bilinear pairings,” Computational Intelligence and Security, Vol. 3802, Springer-Verlag, 2005, pp. 167-172.
[WL05] M. Wang and Z. Liu, “Identity based threshold proxy signcryption scheme,” Proceedings of the 15th International Conference on Computer and Information Technology (CIT 2005), 2005, pp. 695-699.
[WCL08] C. C. Wu, C. C. Chang and I. C. Lin, “New sealed-bid electronic auction with fairness, security and efficiency,” Journal of Computer Science and Technology, Vol. 23, No. 2, 2008, pp. 253-264.
[WCL+07] L. Wang, Z. Cao, X. Li and H. Qian, “Simulatability and security of certificateless threshold signatures,” Information Sciences, Vol. 177, No. 6, 2007, pp. 1382-1394.
[WH02] T. S. Wu and C. L. Hsu, “Convertible authenticated encryption scheme,” The Journal of Systems and Software, Vol. 62, No. 3, 2002, pp. 205-209.
[WHL05] T. S. Wu, C. L. Hsu and H. Y. Lin, “Efficient convertible authenticated encryption schemes for smart card applications in network environments,” Proceedings of the 9th World Multi-Conference on Systemics, Cybernetics and Informatics (WMSCI2005), Orlando, Florida, U.S.A., July 2005.
[WHL08] T. S. Wu, C. L. Hsu and H. Y. Lin, “Self-certified multi-proxy signature schemes with message recovery,” Journal of Zhejiang University-SCIENCE A, Vol. 10, No. 2, 2009, pp. 290-300.
[WHT+08] T. S. Wu, C. L. Hsu, K. Y. Tsai, H. Y. Lin and T. C. Wu, “Convertible multi-authenticated encryption scheme,” Information Sciences, Vol. 178, No. 1, 2008, pp. 256-263.
[WL05] M. Wang and Z. Liu, “Identity based threshold proxy signcryption scheme,” Proceedings of the 15th International Conference on Computer and Information Technology (CIT 2005), 2005, pp. 695-699.
[WL08a] T. S. Wu and H. Y. Lin, “A group-oriented proxy CMAE scheme with computational secrecy,” International Journal of Innovative Computing, Information and Control, Vol. 4, No. 11, 2008, pp. 3037-3047.
[WL08b] T. S. Wu and H. Y. Lin, “ECC based convertible authenticated encryption scheme using self-certified public key systems,” International Journal of Algebra, Vol. 2, No. 3, 2008, pp. 109-117.
[WL09] T. S. Wu and H. Y. Lin, “Secure convertible authenticated encryption scheme based on RSA,” Informatica, Vol. 33, No. 4, 2009, pp. 481-486.
[WLC06] T. S. Wu, H. Y. Lin and W. Y. Chang, “Improved threshold authenticated encryption scheme based on the factorization problem,” Proceedings of 2006 International Conference of Digital Technology and Innovation Management, Taipei, Taiwan, April 2006, pp. 1699-1709.
[WLH+07] T. S. Wu, H. Y. Lin, C. C. Hu and M. L. Lee, “ECC based self-certified convertible authenticated encryption scheme with computational secrecy,” Proceedings of 2007 National Computer Symposium (NCS 2007), Taichung, Taiwan, December 2007, pp. 789-795.
[XC04a] Q. Xue and Z. Cao, “A nonrepudiable multi-proxy multisignature scheme,” Proceedings of the 1st Joint Workshop on Mobile Future & Symposium on Trends in Communications (SympoTIC ’04), IEEE Press, Piscataway, USA, 2004, pp. 102-105.
[XC04b] Q. Xue and Z. Cao, “Improvement of multi-proxy signature scheme,” Proceedings of the 4th International Conference on Computer and Information Technology (CIT’04), IEEE Press, Piscataway, USA, 2004, pp. 450-455.
[Yan05] F. Y. Yang, “A secure scheme for authenticated encryption,” Cryptology ePrint Archive, Report 2005/456, 2005. http://eprint.iacr.org/2005/456
[YL10] F. Y. Yang and C. M. Liao, “A provably secure and efficient strong designated verifier signature scheme,” International Journal of Network Security, Vol. 10, No. 3, 2010, pp. 223-227.
[YX00] L. B. Yi and G. Xiao, “Proxy multisignature scheme: a new type of proxy signature scheme,” Electronics Letters, Vol. 36, No. 60, 2000, pp. 527-528.
[ZD04] Z. Zhang and Q. Dong, “A new publicly verifiable proxy signcryption scheme,” The International Series in Engineering and Computer Science □ Progress on Cryptography, Vol. 769, Springer-Verlag, 2004, pp. 53-57.
[Zhe97] Y. Zheng, “Digital signcryption or how to achieve cost(signature & encryption) << cost(signature) + cost(encryption),” Advances in Cryptology □ CRYPTO’97, Springer-Verlag, 1997, pp. 165-179.
[ZK02] F. Zhang, and K. Kim, “ID-based blind signature and ring signature from pairings,” Advances in Cryptology □ ASIACRYPT 2002, Springer-Verlag, 2002, pp. 533-547.
[ZK03] F. Zhang and K. Kim, “A universal forgery on Araki et al.’s convertible limited verifier signature scheme,” IEICE Transactions on Fundamentals, Vol. E86-A, No. 2, 2003, pp. 515-516.
[ZM08] J. Zhang and J. Mao, “A novel ID-based designated verifier signature scheme,” Information Sciences, Vol. 178, No. 3, 2008, pp. 766-773.