Degree Name

Doctor of Philosophy


School of Computing and Information Technology


Cryptography with restricted conditions refers to cryptographic primitives with special requirements or conditions. For example, a proxy signature scheme only allows a proxy signer with valid delegation to issue signatures on behalf of the original signer, while for k-time anonymous authentication, a service provider can be ensured that a user can only have anonymous access to the services for up to k-times. Due to the different requirements in various types of security systems, more and more cryptographic primitives with new features are emerging. In this thesis, we study several cryptographic primitives with restricted conditions and their applications, including proxy signature and its variant in the attribute-based setting, oblivious transfer, k-time anonymous authentication and their applications in the e-coupon systems.

To address the problem that a proxy signer might abuse the delegated signing right from the original signer, in this thesis, we present a k-time proxy signature scheme that only permits a designated proxy signer to generate a pre-determined number of proxy signatures. In the subsequent work, we implement proxy signature in attribute-based setting, that is, an original signer with a set of attributes can delegate his signing right to a proxy signer with a normal public and private key pair. One interesting feature of the proposed scheme is that by verifying a proxy signature, the public can be convinced the signature is generated by the proxy signer with valid deletion from the original signer whose attributes satisfy a pre-claimed predicate. Then we identify one attack that has been neglected in many existing delegation-by-warrant proxy signature schemes. We present the details of this attack and propose a general solution that can efficiently thwart the attack.

In this thesis, we also construct several e-coupon systems with new properties. In the first e-coupon system, the user identity privacy would be revealed if a dishonest user requests more than pre-determined number of services specified in the coupon. Different from other e-cash and k-time anonymous authentication schemes, we achieve traceability without involvement of a trusted third party. Besides, for the first time, we formalize the concept of privacy of purchase, that is, the choices of the users when redeeming a coupon with the server is hidden. Moreover, we propose a new oblivious transfer (OT) scheme with retrievable receiver's privacy and design another e-coupon system based on our new OT scheme. If a user remains honest, the user anonymity and privacy of purchase are both well protected. Otherwise, the identity and purchase privacy of the user can be revealed by the service provider.