|
|
- 2015
两种无证书聚合签名方案的安全性分析及改进
|
Abstract:
摘要: 大部分的聚合签名方案存在安全性缺陷和计算效率偏低的问题。通过对两种无证书聚合签名方案进行安全性分析,发现两种方案分别无法抵抗Type I和TypeⅡ的伪造性攻击。针对此类问题,提出了一个改进方案。该方案在签名过程中改变了参数的组合方式,在聚合签名验证中加强了对主密钥和公钥的约束。在计算性Diffie-Hellman困难问题假设下,证明了方案在适应性选择消息攻击下具有不可伪造性。效率分析表明,方案在签名与验证过程中只需要4个双线性对运算,签名的长度是固定的,与同类安全的无证书聚合签名方案相比,改进的方案效率更高。
Abstract: The security flaws and low computational efficiency problem exist in most of the aggregate signature schemes. Based on the security analysis of two kinds of certificateless aggregate signature scheme, it is found that the two schemes can not resist forgery attack under Type I and Type II. Aiming at this sort of problems, we proposed an improved scheme that has changed the combination mode of parameters in the process of signature and has strengthened the constraints of master key and the public key in the process of aggregate signature verification. It was proved that the prosed scheme is existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model. The efficiency analysis shows that the scheme needs only 4 bilinear pairing operations in the signature process and the verification process, and the length of the signature is fixed. This improved scheme is more efficient comparing with the other certificateless aggregate signature schemes in similar secure level
| [1] | XIONG Hu, GUAN Zhi, CHEN Zhong, et al. An efficient certificateless aggregate signature with constant pairing computations[J]. Information Science, 2013, 219:225-235. |
| [2] | ZHANG Futai, SHEN Liming, WU Ge, et al. Notes on the security of certificateless aggregate signature schemes[J]. Information Science, 2014, 287:32-37. |
| [3] | 侯红霞, 张雪锋, 董晓丽, 等.改进的无证书聚合签名方案[J].山东大学学报:理学版, 2013, 48(9):29-34. HOU Hongxia, ZHANG Xuefeng, DONG Xiaoli, et al. Improved certificateless aggregate signature scheme[J]. Journal of Shandong University: Natural Science, 2013, 48(9):29-34. |
| [4] | 明洋, 赵祥模, 王育民,等.无证书聚合签名方案[J].电子科技大学学报, 2014, 43(2): 2188-2193. MING Yang, ZHAO Xiangmo, WANG Yumin, et al. Certificateless aggregate signature scheme[J]. Journal of University of Electronic Science and Technology of China, 2014, 43(2):2188-2193. |
| [5] | CHENG Lin, WEN Qiaoyan, JIN Zhengping, et al. Cryptanalysis and improvement of a certificateless aggregate signature scheme[J]. Information Science, 2015, 295:337-346. |
| [6] | GONG Zheng, LONG Yu, HONG Xuan, et al. Two certificateless aggregate signatures from bilinear maps[C]//Proceedings of the 8th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing. Washington: IEEE Computer Society, 2007: 188-193. |
| [7] | ZHANG Lei, QIN Bo, WU Qianhong, et al. Efficient many-to-one authentication with certificateless aggregate signatures[J]. Computer Networks, 2010, 54(14):2482-2491. |
| [8] | 杜红珍, 黄梅娟, 温巧燕, 等.高效的可证明安全的无证书聚合签名方案[J].电子学报, 2013, 41(1):73-76. DU Hongzhen, HUANG Meijuan, WEN Qiaoyan, et al. Efficient and provably-secure certificateless aggregate signature scheme[J]. Acta Electronica Sinica, 2013, 41(1):73-76. |
| [9] | 喻琇瑛, 何大可.一个新的无证书聚合签名[J].计算机应用研究, 2014, 31(8):2485-2487. YUE Xiuying, HE Dake. New certificateless aggregate signature scheme[J]. Application Research of Computers, 2014, 31(8):2485-2487. |
| [10] | AL-RIYAMI S, PATERSON K.Certificateless public key cryptography[C]//Proceedings of Asiacrypt 2003. Berlin: Springer-Verlag, 2003:452-473. |
| [11] | BONEH D, GENTRY C, LYNN B, et al. Aggregate and verifiably encrypted signatures from bilinear maps[C]//Proceedings of the 22nd International Conference on Theory and Applications of Cryptographic Techniques.Berlin: Springer-Verlag, 2003:416-432. |
| [12] | HE Debao, TIAN Miaomiao, CHEN Jianhua, et al. An efficient certificateless aggregate signature with constant pairing computations[EB/OL].[2012-02-03].http://eprint.Iacr.org/2012/445.pdf. |
