基于身份的可穿刺签名方案

doi:10.11959/j.issn.1000-436x.2021223

通信学报 ›› 2021, Vol. 42 ›› Issue (12): 17-26.doi: 10.11959/j.issn.1000-436x.2021223

基于身份的可穿刺签名方案

杨冬梅, 陈越, 魏江宏, 胡学先

信息工程大学数据与目标工程学院，河南郑州 450001

修回日期:2021-11-03 出版日期:2022-12-25 发布日期:2021-12-01
作者简介:杨冬梅（1977- ），女，河南夏邑人，信息工程大学博士生，主要研究方向为应用密码学、大数据安全等
陈越（1965- ），男，河南开封人，博士，信息工程大学教授、博士生导师，主要研究方向为网络与信息安全、大数据安全
魏江宏（1987- ），男，甘肃通渭人，博士，信息工程大学讲师，主要研究方向为应用密码学、数据安全与隐私保护、机器学习安全等
胡学先（1982- ），男，湖北红安人，博士，信息工程大学副教授，主要研究方向为密码协议、大数据安全、隐私保护等
基金资助:
国家自然科学基金资助项目(62172433);国家自然科学基金资助项目(62172434)

Identity-based puncturable signature scheme

Dongmei YANG, Yue CHEN, Jianghong WEI, Xuexian HU

School of Data and Target Engineering， Information Engineering University， Zhengzhou 450001， China

Revised:2021-11-03 Online:2022-12-25 Published:2021-12-01
Supported by:
The National Natural Science Foundation of China(62172433);The National Natural Science Foundation of China(62172434)

摘要/Abstract

摘要：

针对已有前向安全的基于身份签名（IBS）方案在实际可用性和密钥更新效率方面存在的不足，基于可穿刺公钥加密方案的思想，提出了基于身份的可穿刺签名（IBPS）方案。具体而言，首先给出了IBPS的形式化定义和安全性定义，然后基于布隆过滤器构造了一个具体的IBPS方案。在计算性Diffie-Hellman假设下，所提方案在随机预言模型下满足存在不可伪造性。性能分析与仿真实验表明，所提方案比传统的前向安全IBS方案提供了更实用的细粒度前向安全性，且密钥更新过程更高效。

关键词: 私钥泄露, 基于身份的签名, 可穿刺签名, 布隆过滤器

Abstract:

To overcome the shortcomings of available forward-secure identity-based signature （IBS） scheme in terms of actual practicability and secret key update efficiency， the notion of identity-based puncturable signature （IBPS） scheme was proposed based on the idea of puncturable public-key encryption scheme.Specifically， the syntax and security notion of IBPS were given， and then a concrete IBPS scheme was constructed based on Bloom filter.Under the computational Diffie-Hellman assumption， the proposed scheme achieved the existential unforgeability in the random oracle model.The performance analysis and implementation results demonstrate that， compared with traditional forward-secure IBS schemes， the proposed scheme provides more practical fine-grained forward secrecy， and has higher efficiency of secret key update.

Key words: key exposure, identity-based signature, puncturable signature, Bloom filter

中图分类号:

TP309.2

杨冬梅, 陈越, 魏江宏, 胡学先. 基于身份的可穿刺签名方案[J]. 通信学报, 2021, 42(12): 17-26.

Dongmei YANG, Yue CHEN, Jianghong WEI, Xuexian HU. Identity-based puncturable signature scheme[J]. Journal on Communications, 2021, 42(12): 17-26.

图/表 5

表1

相关签名方案的计算/存储开销比较"

签名方案	计算开销				存储开销
签名方案	Extract	Sign	Punc/Update	Verify	pp	sk	σ
Paterson等^[3]方案	2e	2e	N/A	3p	$(γ + η + 5) G$	$2 G$	$3 G$
Yu等^[14]方案	$O (\log N) e$	2e	$O (\log N) e$	5p	$O (\log N) G$	$O (\log^{2} N) G$	$4 G + ℤ_{p}$
本文所提方案	$(2 l + 2) e$	2e	0	5p	$(γ + η + 5) G$	$(2 l + 2) G$	$4 G + ℤ_{p}$

表1

表2

图1

图2

图3

参考文献 28

[1]	SHAMIR A , . Identity-based cryptosystems and signature schemes[C]// Advances in Cryptology. Berlin:Springer, 1984: 47-53.
[2]	CHA J C , . An identity-based signature from gap Diffie-Hellman groups[C]// Public Key Cryptography — PKC 2003. Berlin:Springer, 2003: 18-30.
[3]	PATERSON K G , SCHULDT J C N . Efficient identity-based signatures secure in the standard model[C]// Information Security and Privacy. Berlin:Springer, 2006: 207-222.
[4]	杨小东, 杨苗苗, 高国娟 ,等. 强不可伪造的基于身份服务器辅助验证签名方案[J]. 通信学报, 2016,37(6): 49-55.
	YANG X D , YANG M M , GAO G J ,et al. ID-based server-aided verification signature scheme with strong unforgeability[J]. Journal on Communications, 2016,37(6): 49-55.
[5]	刘翔宇, 刘胜利, 谷大武 . 紧致安全的基于身份的签名方案[J]. 密码学报, 2021,8(1): 132-141.
	LIU X Y , LIU S L , GU D W . Tightly secure identity-based signature scheme[J]. Journal of Cryptologic Research, 2021,8(1): 132-141.
[6]	田苗苗, 陈静, 仲红 . 格上基于身份的增量签名方案[J]. 通信学报, 2021,42(1): 108-117.
	TIAN M M , CHEN J , ZHONG H . Identity-based incremental signature scheme from lattices[J]. Journal on Communications, 2021,42(1): 108-117.
[7]	侯红霞, 张明瑞, 赵艳琦 ,等. 素数阶群上基于非对称对的身份基环签名[J]. 通信学报, 2021,42(9): 155-164.
	HOU H X , ZHANG M R , ZHAO Y Q ,et al. ID-based ring signature on prime order group from asymmetric pairing[J]. Journal on Communications, 2021,42(9): 155-164.
[8]	ANDERSON R , . Two remarks on public key cryptology[C]// Invited Lecture at the 4th ACM Conference on Computer and Communications Security. New York:ACM Press, 1997: 1-5.
[9]	BELLARE M , MINER S K . A forward-secure digital signature scheme[C]// Advances in Cryptology — CRYPTO’ 99. Berlin:Springer, 1999: 431-448.
[10]	ITKIS G , REYZIN L . Forward-secure signatures with optimal signing and verifying[C]// Advances in Cryptology — CRYPTO 2001. Berlin:Springer, 2001: 332-354.
[11]	KOZLOV A , REYZIN L . Forward-secure signatures with fast key update[C]// Security in Communication Networks. Berlin:Springer, 2003: 241-256.
[12]	LIBERT B , QUISQUATER J J , YUNG M . Forward-secure signatures in untrusted update environments:efficient and generic constructions[C]// Proceedings of the 14th ACM Conference on Computer and Communications Security. New York:ACM Press, 2007: 266-275.
[13]	ABDALLA M , REYZIN L . A new forward-secure digital signature scheme[C]// Advances in Cryptology-ASIACRYPT 2000. Berlin:Springer, 2000: 116-129.
[14]	YU J , HAO R , KONG F Y ,et al. Forward-secure identity-based signature:security notions and construction[J]. Information Sciences, 2011,181(3): 648-660.
[15]	GREEN M D , MIERS I . Forward secure asynchronous messaging from puncturable encryption[C]// Proceedings of 2015 IEEE Symposium on Security and Privacy. Piscataway:IEEE Press, 2015: 305-320.
[16]	WATERS B , . Efficient identity-based encryption without random oracles[C]// Lecture Notes in Computer Science. Berlin:Springer, 2005: 114-127.
[17]	魏江宏, 刘文芬, 胡学先 . 前向安全的密文策略基于属性加密方案[J]. 通信学报, 2014,35(7): 38-45.
	WEI J H , LIU W F , HU X X . Forward-secure ciphertext-policy attribute-based encryption scheme[J]. Journal on Communications, 2014,35(7): 38-45.
[18]	WEI J H , LIU W F , HU X X . Forward-secure identity-based signature with efficient revocation[J]. International Journal of Computer Mathematics, 2017,94(7): 1390-1411.
[19]	OH H , KIM J , SHIN J S . Forward-secure ID based digital signature scheme with forward-secure private key generator[J]. Information Sciences, 2018,454/455: 96-109.
[20]	杨小东, 李雨潼, 王晋利 ,等. 标准模型下可撤销的基于身份的代理重签名方案[J]. 通信学报, 2019,40(5): 153-162.
	YANG X D , LI Y T , WANG J L ,et al. Revocable identity-based proxy re-signature scheme in the standard model[J]. Journal on Communications, 2019,40(5): 153-162.
[21]	CANETTI R , HALEVI S , KATZ J . A forward-secure public-key encryption scheme[J]. Journal of Cryptology, 2007,20(3): 265-294.
[22]	WEI J H , CHEN X F , WANG J F ,et al. Enabling (end-to-end) encrypted cloud emails with practical forward secrecy[J]. IEEE Transactions on Dependable and Secure Computing, 2021,PP(99): 1.
[23]	DERLER D , GELLERT K , JAGER T ,et al. Bloom filter encryption and applications to efficient forward-secret 0-RTT key exchange[J]. Journal of Cryptology, 2021,34(2): 13.
[24]	BELLARE M , STEPANOVS I , WATERS B . New negative results on differing-inputs obfuscation[C]// Advances in Cryptology – EUROCRYPT 2016. Berlin:Springer, 2016: 792-821.
[25]	HALEVI S , ISHAI Y , JAIN A ,et al. Non-interactive multiparty computation without correlated randomness[C]// Advances in Cryptology –ASIACRYPT 2017. Berlin:Springer, 2017: 181-211.
[26]	LI X Y , XU J , FAN X ,et al. Puncturable signatures and applications in proof-of-stake blockchain protocols[J]. IEEE Transactions on Information Forensics and Security, 2020,15: 3872-3885.
[27]	BLOOM B H . Space/time trade-offs in hash coding with allowable errors[J]. Communications of the ACM, 1970,13(7): 422-426.
[28]	AKINYELE J A , GARMAN C , MIERS I ,et al. Charm:a framework for rapidly prototyping cryptosystems[J]. Journal of Cryptographic Engineering, 2013,3(2): 111-128.

签名方案	标准模型	细粒度前向安全性	安全性假设
Paterson等^[3]方案	?	×	CDH
Yu等^[14]方案	?	×	q-DHE
本文所提方案	×	?	CDH

基于身份的可穿刺签名方案

Identity-based puncturable signature scheme

在线阅读

PDF下载

可视化

摘要/Abstract

引用本文

使用本文

图/表 5

参考文献 28

相关文章 7

Metrics

推荐阅读 0

[1]	王婧, 吴黎兵, 罗敏, 何德彪. 安全高效的两方协同ECDSA签名方案[J]. 通信学报, 2021, 42(2): 12-25.
[2]	杨春丽,闫建华,郑世慧,王励成,杨榆. 对一个格基身份签名方案的分析和改进[J]. 通信学报, 2015, 36(5): 104-111.
[3]	万盛,何媛媛,李凤华,牛犇,李晖,王新宇. 基于布隆过滤器的轻量级隐私信息匹配方案[J]. 通信学报, 2015, 36(12): 151-162.
[4]	黄琼,熊文柱,阳小龙,徐杰,隆克平. 分层次的无状态单分组IP溯源技术[J]. 通信学报, 2011, 32(3): 150-157.
[5]	冯涛,彭伟,马建峰. 安全的无可信PKG的部分盲签名方案[J]. 通信学报, 2010, 31(1): 128-134.
[6]	周亮,李大鹏,杨义先. 基于身份的无需可信任PKG的签名方案[J]. 通信学报, 2008, 29(6): 8-12.
[7]	刘景伟,孙蓉,马文平. 高效的基于ID的无证书签名方案[J]. 通信学报, 2008, 29(2): 87-94.