新的无证书广义指定验证者聚合签名方案

doi:10.11959/j.issn.1000-436x.2017220

通信学报 ›› 2017, Vol. 38 ›› Issue (11): 76-83.doi: 10.11959/j.issn.1000-436x.2017220

新的无证书广义指定验证者聚合签名方案

许芷岩^1,²,吴黎兵¹(),李莉³,何德彪^1,⁴

¹ 武汉大学计算机学院，湖北武汉 430072
² 湖北第二师范学院计算机学院，湖北武汉 430205
³ 武汉大学国际软件学院，湖北武汉 430072
⁴ 武汉大学软件工程国家重点实验室，湖北武汉 430072

修回日期:2017-04-10 出版日期:2017-11-01 发布日期:2017-12-13
作者简介:许芷岩（1982-），女，河南周口人，武汉大学博士生，主要研究方向为应用密码学、云存储安全与隐私保护等。|吴黎兵（1972-），男，湖北黄梅人，博士，武汉大学教授、博士生导师，主要研究方向为分布式计算、网络管理等。|李莉（1979-），女，安徽芜湖人，博士，武汉大学副教授、博士生导师，主要研究方向为数据安全、嵌入式安全等。|何德彪（1980-），男，山东阳谷人，博士，武汉大学教授、博士生导师，主要研究方向为应用密码学、安全协议、云计算安全等。
基金资助:
国家自然科学基金资助项目(61501333);国家自然科学基金资助项目(61572379);国家自然科学基金资助项目(61472287);湖北省自然科学基金资助项目(2015CFA068);武汉科技计划基金资助项目(2016060101010047)

New certificateless aggregate signature scheme with universal designated verifier

Zhi-yan XU^1,²,Li-bing WU¹(),Li LI³,De-biao HE^1,⁴

¹ School of Computer Science,Wuhan University,Wuhan 430072,China
² School of Computer Science,Hubei University of Education,Wuhan 430205,China
³ International School of Software,Wuhan University,Wuhan 430072,China
⁴ State Key Laboratory of Software Engineering,Wuhan University,Wuhan 430072,China

Revised:2017-04-10 Online:2017-11-01 Published:2017-12-13
Supported by:
The National Natural Science Foundation of China(61501333);The National Natural Science Foundation of China(61572379);The National Natural Science Foundation of China(61472287);The Natural Science Foundation of Hubei Province(2015CFA068);The Science and Technology Program of Wuhan(2016060101010047)

摘要/Abstract

摘要：

无证书广义指定验证者聚合签名机制不仅能够解决证书管理和密钥托管问题，而且能够实现批验证和保护签名者的隐私。在资源受限的无线移动网络中有广泛应用。首先，对一种指定验证者聚合签名方案进行安全性分析，通过给出2种具体攻击方法，指出该方案不满足签名不可伪造性。为了增强安全性，提出一种新的无证书广义指定验证者聚合签名方案，并在随机预言机模型下证明该方案是安全的。与原方案相比，新方案在解决安全缺陷的同时大大降低了计算开销。

关键词: 安全分析, 指定验证者, 无证书聚合签名, 抗伪造攻击

Abstract:

Certificateless aggregate signature(CLAS) schemes with universal designated verifier had been widely applied in resource-constrained wireless mobile networks,because they could not only solve the problems of the certificate management and private key escrow,but also realize batch validation and the signer’s privacy protection.A security analysis for a certificateless aggregate signature scheme with universal designated verifier was firstly provided,and two attack methods to demonstrate that their scheme was forgeable was presented.To enhance security,a new certificateless aggregate signature scheme with universal designated verifier was proposed,and then the security of the scheme in the random oracle model was proved.The performance of our proposed scheme was finally evaluated.Compared with the original scheme,the pvoposed scheme fixes the security flaws and the total computational cost is greatly reduced.

Key words: cryptanalysis, universal designated verifier, certificateless aggregate signature, resist forgery attack

中图分类号:

TP309

许芷岩,吴黎兵,李莉,何德彪. 新的无证书广义指定验证者聚合签名方案[J]. 通信学报, 2017, 38(11): 76-83.

Zhi-yan XU,Li-bing WU,Li LI,De-biao HE. New certificateless aggregate signature scheme with universal designated verifier[J]. Journal on Communications, 2017, 38(11): 76-83.

图/表 2

参考文献 15

[1]	BONEH D , GENTRY C , LYNN B ,et al. Aggregate and verifiably encrypted signatures from bilinear maps[J]. Lecture Notes in Computer Science, 2003,2656(1): 416-432.
[2]	HORNG S J , TZENG S F , HUANG P H ,et al. An efficient certificateless aggregate signature with conditional privacy-preserving for vehicular sensor networks[J]. Information Sciences, 2015,317: 48-66.
[3]	XIONG H , WU Q , CHEN Z . An efficient provably secure certificateless aggregate signature applicable to mobile computation[J]. Control and Cybernetics, 2012,41(2): 373-391.
[4]	AL-RIYAMI S S , PATERSON K G . Certificateless public key cryptography[M]// Advances in Cryptology-ASIACRYPT 2003. Springer Berlin Heidelberg, 2003: 452-473.
[5]	GONG Z , LONG Y , HONG X ,et al. Two Certificateless aggregate signatures from bilinear maps[C]// Eighth Acis International Conference on Software Engineering,Artificial Intelligence,Networking,and Parallel/distributed Computing. IEEE Computer Society, 20073: 188-193.
[6]	ZHANG L , ZHANG F . A new certificateless aggregate signature scheme[J]. Computer Communications, 2009,32(6): 1079-1085.
[7]	XIONG H , GUAN Z , CHEN Z ,et al. An efficient certificateless aggregate signature with constant pairing computations[J]. Information Sciences, 2013,219(10): 225-235.
[8]	HE D , TIAN M , CHEN J . Insecurity of an efficient certificateless aggregate signature with constant pairing computations[J]. Information Sciences, 2014,(1)268: 458-462.
[9]	许艳, 黄刘生, 田苗苗 ,等. 一种可证安全的紧致无证书聚合签名方案[J]. 电子学报, 2016,44(8): 1845-1850.
	XU Y , HUANG L S , TIAN M M . A provably secure and compact certificateless aggregate signature scheme[J]. Acta Electronica Sinica, 2016,44(8): 1845-1850.
[10]	杜红珍, 黄梅娟, 温巧燕 . 高效的可证明安全的无证书聚合签名方案[J]. 电子学报, 2013,41(1): 72-76.
	DU H Z , HUANG M J , WEN Q Y . Efficient and probably secure certificateless aggregate signature scheme[J]. Acta Electronica Sinica,,, 2013,41(1): 72-76.
[11]	STEINFELD R , BULL L , WANG H ,et al. Universal designated verifer signatures[C]// Cryptology-Asiacrypt, 2003: 523-542.
[12]	MING Y , SHEN X , WANG Y M . Certificateless universal designated verifier signature schemes[J]. Journal of China Umiversities of Posts and Telecommunications, 2007,14(3): 85-90.
[13]	韩亚宁, 王彩芬 . 无证书广义指定多个验证者有序多重签名[J]. 计算机应用, 2009,29(6): 1643-1645.
	HAN Y N , WANG C F . Certificateless universal designated multi-verifiers sequential multi-signature scheme[J]. Journal of Computer Applications, 2009,29(6): 1643-1645.
[14]	张玉磊, 周冬瑞, 李臣意 ,等. 高效的无证书广义指定验证者聚合签名方案[J]. 通信学报, 2015,36(2): 48-55.
	ZHANG Y L , ZHOU D R , LI C Y ,et al. Certificateless-based efficient aggregate signature scheme with universal designated verifier[J]. Journal on Communications, 2015,36(2): 48-55.
[15]	HE D , ZEADALLY S , XU B ,et al. An efficient identity-based conditional privacy-preserving authentication scheme for vehicular ad hoc networks[J]. IEEE Transactions on Information Forensics and Security, 2015,10(12): 2681-2691.

方案			A₁				A₂
方案	B₁	B₂	B₃	安全性	B₁	B₂	B₃	安全性
文献[7]方案	?	?	◎	H	?	?	?	L
文献[9]方案	?	?	?	L	?	?	?	L
文献[14]方案	?	?	◎	H	?	?	?	L
本文方案	?	?	◎	H	?	?	◎	H

步骤	文献[14]方案开销	本文方案开销
系统初始化	P_ecc-pm	P_ecc?pm
用户公钥生成	P_ecc-pm	P_ecc?pm+T_mtp
A_I 用户私钥生成	Pe_cc?pm+T_mtp	P_ecc?pm
单个签名生成	T_mts+T_mtp+2T_ecc?pa+T_ecc?pm+T_ecc?2pm	T_mts+T_mtp+T_ecc?pa+2T_ecc?pm
单个签名验证	T_mts+2T_mtp+T_ecc?pm+4T_bp	T_mts+T_mtp+T_ecc?pa+T_ecc?pm+3T_bp
聚合签名生成	nT_mts+nT_ecc?pm+2(n?1)T_ecc?pa	(n?1)T_ecc?pa
聚合签名验证	2nT_mtp+2(n?1)T_ecc?pa+4T_bp	nT_mts+(n+1)T_mtp+3T_bp+(3n?2)T_ecc?pa+nT_ecc?pm
指定签名生成	T_mtp+3T_ecc?pm+T_bp	T_mtp+(n?1)T_ecc?pa+3T_ecc?pm+T_bp
指定签名验证	(n+2)T_mtp+2(n?1)T_ecc?pa+3T_ecc?pm+3T_bp+T_ecc?exp	nT_mtp+(2n?1)T_ecc?pa+4T_bp+2T_ecc?pm+2T_mtp+T_ecc?exp

新的无证书广义指定验证者聚合签名方案

New certificateless aggregate signature scheme with universal designated verifier

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 2

参考文献 15

相关文章 9

Metrics

推荐阅读 0

[1]	康海燕, 龙墨澜. 基于吸收马尔可夫链攻击图的网络攻击分析方法研究[J]. 通信学报, 2023, 44(2): 122-135.
[2]	许芷岩,吴黎兵,李莉,何德彪. 无线漫游认证中可证安全的无证书聚合签名方案[J]. 通信学报, 2017, 38(7): 123-130.
[3]	杜红珍,温巧燕. 无证书强指定验证者多重签名[J]. 通信学报, 2016, 37(6): 20-28.
[4]	张玉磊,周冬瑞,李臣意,张永洁,王彩芬. 高效的无证书广义指定验证者聚合签名方案[J]. 通信学报, 2015, 36(2): 48-55.
[5]	邵志毅,杨波,吴振强,张明武. 针对服务器安全的指定验证者可搜索公钥加密[J]. 通信学报, 2014, 35(Z2): 106-111.
[6]	邵志毅，杨波，吴振强，张明武. 针对服务器安全的指定验证者可搜索公钥加密[J]. 通信学报, 2014, 35(Z2): 14-111.
[7]	韦军,廖晓峰,杨吉云. 对一个混沌密码模型的分析[J]. 通信学报, 2008, 29(9): 134-144.
[8]	唐朝霞,徐秋亮. 指定验证者的门限代理签名方案[J]. 通信学报, 2008, 29(3A): 84-88.
[9]	唐朝霞,徐秋亮,朱建栋. 基于身份的指定多个验证者的代理签名方案[J]. 通信学报, 2008, 29(11A): 41-45.