基于批量签名思想的可截取签名构造

doi:10.11959/j.issn.2096-109x.2018102

网络与信息安全学报 ›› 2018, Vol. 4 ›› Issue (12): 44-53.doi: 10.11959/j.issn.2096-109x.2018102

基于批量签名思想的可截取签名构造

唐紫鑫^1,²,黄欣沂^1,²()

¹ 福建师范大学数学与信息学院，福建福州 350007
² 福建省网络安全与密码技术重点实验室，福建福州 350007

修回日期:2018-11-20 出版日期:2018-12-01 发布日期:2018-12-30
作者简介:唐紫鑫（1993-），男，湖南株洲人，福建师范大学硕士生，主要研究方向为密码学和信息安全。|黄欣沂（1981-），男，江苏仪征人，福建师范大学教授、博士生导师，主要研究方向为密码学和信息安全。
基金资助:
国家自然科学基金资助项目(61822202);国家自然科学基金资助项目(61872089)

Construction of the content extraction signature scheme based on the thought of the batch scheme

Zixin TANG^1,²,Xinyi HUANG^1,²()

¹ School of Mathematics and Information,Fujian Normal University,Fuzhou 350007,China
² Fujian Provincial Key Laboratory of Network Security and Cryptology,Fuzhou 350007,China

Revised:2018-11-20 Online:2018-12-01 Published:2018-12-30
Supported by:
The National Natural Science Foundation of China(61822202);The National Natural Science Foundation of China(61872089)

摘要/Abstract

摘要：

根据批量签名的思想，将 Waters 数字签名方案批量化，进而构造可截取签名。所构造的方案是Steinfeld、Bull、Zheng ( ICISC 2001) 提出的RSAProd方案的改进，以较长的截取签名长度为代价节省整体的运算时间，并证明所构造方案在适应性选择消息攻击下具有不可伪造性和隐私性。

关键词: 可截取签名, Waters数字签名, 批量签名, RSAProd方案

Abstract:

The Waters scheme was transformed into the content extraction signature scheme at the bridge of the thought from the batch signature scheme.The proposed scheme is improved by the RSAProd scheme,presented by Steinfeld,Bull,Zheng (ICISC 2001).The operation time is saved in every stage at the slight sacrifice of the length of extraction signatures.The security was proved that the proposed scheme is existentially unforgeable under chosen message attacks while the privacy is maintained.

Key words: content extraction signature, Waters scheme, batch signature, RSAProd scheme

中图分类号:

TP393

唐紫鑫,黄欣沂. 基于批量签名思想的可截取签名构造[J]. 网络与信息安全学报, 2018, 4(12): 44-53.

Zixin TANG,Xinyi HUANG. Construction of the content extraction signature scheme based on the thought of the batch scheme[J]. Chinese Journal of Network and Information Security, 2018, 4(12): 44-53.

图/表 3

表1

符号说明"

符号	符号说明	符号	符号说明
n	原消息中子消息的数目	$T_{Ext}^{Waters}$	截取签名所用时间
m	截取消息中子消息的数目	$T_{{Prod}_{H}}$	计算散列值乘积的时间
$T_{S}^{RSA}$	执行一次RSA签名所需时间	$l_{S}^{RSA}$	RSA签名长度
$T_{S}^{W a t e r s}$	执行一次Waters签名所需时间	$l_{S}^{Waters}$	Waters签名长度
T_S	执行一次签名所需时间	l_tag	CES-tag长度
T_C	执行一承诺所需时间	l_n	消息的个数为n
T_H	计算一次散列函数所需时间	l_CEAS	CEAS编码长度
N	RSA中模数因子	l_m	子消息长度，假设每个子消息等长
$T_{Prod}^{RSA}$	一次求积模N 所需时间	l_i	子消息编码长度
$T_{V}^{RSA}$	执行一次RSAP方案验证算法时间	l_H	散列值长度l_H =l _tag+l_CEAS+l_m+l_n+l_i
$T_{V}^{Waters}$	执行一次Waters方案验证算法时间	l_C	承诺的长度
T_V	执行一次签名验证算法所需时间	f (m,n)	$min (m lb (\frac{n}{m}), n - m)$

表1

表2

2种方案算法复杂度纵向比较"

方案	签名时间	截取时间	验证时间	签名长度	截取长度
RSAP	$n (T_{H} (l_{H}) + T_{S}^{RSA})$	$T_{Prod}^{RSA}$	$m T_{H} (l_{H}) + T_{Prod}^{RSA} + T_{V}^{RSA}$	$l_{tag} + l_{CEAS} + n l_{S}^{RSA}$	$l_{tag} + l_{CEAS} + l_{S}^{RSA}$
WCES	$n (T_{H} (l_{H}) + T_{S}^{Waters})$	$T_{Ext}^{Waters}$	$m T_{H} (l_{H}) + T_{{Prod}_{H}} + T_{V}^{Waters}$	$l_{tag} + l_{CEAS} + n l_{S}^{Waters}$	$l_{tag} + l_{CEAS} + m l_{S}^{Waters}$

表2

表3

3种方案算法复杂度横向比较"

方案	签名时间	截取时间	验证时间	签名长度	截取长度
WCES	$n (T_{H} (l_{H}) + T_{S}^{Waters})$	$T_{Ext}^{Waters}$	$m T_{H} (l_{H}) + T_{{Prod}_{H}} + T_{V}^{Waters}$	$l_{tag} + l_{C E A S} + n l_{S}^{Waters}$	$l_{tag} + l_{CEAS} + m l_{S}^{Waters}$
IRSAP	$n (T_{H} (l_{H}) + T_{S}^{RSA}) + T_{batch}$	$T_{Prod}^{RSA}$	$m T_{H} (l_{H}) + T_{Prod}^{RSA} + T_{V}^{RSA} + T_{batch}$	$l_{tag} + l_{CEAS} + n l_{S}^{RSA} + l_{batch}$	$l_{tag} + l_{CEAS} + l_{S}^{RSA} + l_{batch}$
HT	$T_{s} (l_{H}) + 3 n T_{c} (l_{m})$	$T_{Ext}^{HT} + 3 n T_{c} (l_{m})$	$T_{V} (l_{H}) + (2 n + m) T_{C} (l_{m})$	$l_{S} + l_{r}$	$l_{S} + m l_{r} + f (m, n) l_{C}$

表3

参考文献 21

[1]	中兴通讯学院.对话多媒体通信[M]. 北京: 人民邮电出版社, 2010.
	ZTE UNIVERSITY.. Talk to multimedia communication[M]. Beijing: Posts and Telecom PressPress, 2010.
[2]	RIVEST R L , SHAMIR A , ADLEMAN L A . Method for obtaining digital signatures and public-key cryptosystems[J]. Communications of the ACM, 1978,21(2): 120-126.
[3]	GOLDWASSER S , MICALI S , RIVEST R L . A digital signature scheme secure against adaptive chosen-message attacks[J]. Siam Journal of Computing, 1988,17(2): 281-308.
[4]	ELGAMAL T , . A public key cryptosystem and a signature scheme based on discrete logarithms[C]// Workshop on the Theory and Application of Cryptographic Techniques (Eurocrypt 1984). 1984: 10-18.
[5]	ELGAMAL T . A public key cryptosystem and a signature scheme based on discrete logarithms[J]. IEEE Trans inf theory, 1984,31(4): 469-472.
[6]	STANDARDS N I O . Digital signature standard (DSS)[J].,2000,25. Federal Information Processing Standards Publication 186-2, 2000,25.
[7]	BELLARE M , ROGAWAY P . The exact security of digital signatures-how to sign with RSA and rabin[C]// International Conference on Theory and Application of Cryptographic Techniques. 1996: 399-416.
[8]	SCHNORR C P . Efficient signature generation by smart cards[J]. Journal of Cryptology, 1991,4(3): 161-174.
[9]	STEINFELD R , BULL L , ZHENG Y . Content extraction signatures[C]// The International Conference on Information Security and Cryptology ( ICISC 2001). 2001: 285-304.
[10]	BULL L , SQUIRE D M G , ZHENG Y . A hierarchical extraction policy for content extraction signatures[J]. International Journal on Digital Libraries, 2004,4(3): 208-222.
[11]	蓝才会, 王彩芬 . 基于身份的可截取签名方案[J]. 计算机应用, 2007,27(10): 2456-2458.
	LAN C H , WANG C F . ID-based content extraction signature[J]. Journal of Computer Applications, 2007
[12]	曹素珍, 王彩芬 . 基于离散对数问题的可截取签名方案[J]. 计算机工程, 2013,39(4): 132-136.
	CAO S Z , WANG C F . Content extraction signature scheme based on DLP[J]. Computer Engineering, 2013,39(4): 132-136.
[13]	李旭, 杜小妮, 王彩芬 ,等. 基于RSA的可截取签名改进方案[J]. 计算机工程与应用, 2014,50(24): 96-99.
	XU L I , XIAONI D U , WANG C ,et al. Improved scheme of content extraction signatures based on RSA[J]. Computer Engineering＆ Applications, 2014
[14]	WANG C , LI Y , HUANG S Y ,et al. A new forward secure content extraction signature scheme[C]// International Conference on Fuzzy Systems and Knowledge Discovery. 2016: 1698-1702.
[15]	王彩芬, 徐婷, 张玉磊 ,等. 基于可截取签名和属性加密的云存储访问控制方案[J]. 计算机工程与科学, 2015,37(2): 238-244.
	WANG C F , TING X U , ZHANG Y L ,et al. An access control scheme in cloud storage based on content extraction signature and attribute encryption[J]. Computer Engineering ＆ Science, 2015
[16]	王敏, 马金花, 刘江华 ,等. 两类可截取签名方案的改进[J]. 网络与信息安全学报, 2017,3(4): 69-77.
	WANG M , MA J H , LIU J H ,et al. The two improvements of the content extraction signature[J]. Chinese Journal of Network and Information Security, 2017,3(4): 69-77.
[17]	FIAT A . Batch RSA[J]. Journal of Cryptology, 1997,10(2): 75-88.
[18]	PAVLOVSKI C J , BOYD C . Efficient batch signature generation using tree structures[C]// International Workshop on Cryptographic Techniques and E-Commerce (CrypTEC 1999). 1999: 70-77.
[19]	CATALANO D , FIORE D . Vector commitments and their applications[M]// Public-Key Cryptography–PKC 2013. Springer Berlin Heidelberg, 2013: 55-72.
[20]	WATERS B . Efficient identity-based encryption without random oracles[J]. Eurocrypt, 2005,2004(2004): 114-127.
[21]	KATZ J . Digital signatures[M]. Springer US, 2010: 127-128.

基于批量签名思想的可截取签名构造

Construction of the content extraction signature scheme based on the thought of the batch scheme

在线阅读

pdf下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 3

参考文献 21

相关文章 1

Metrics

推荐阅读 0