您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(理学版)》

山东大学学报(理学版) ›› 2015, Vol. 50 ›› Issue (11): 52-59.doi: 10.6040/j.issn.1671-9352.0.2014.442

• 论文 • 上一篇    下一篇

对一种无证书聚合签名方案的改进

农强, 黄振杰, 黄茹芬   

  1. 闽南师范大学计算机学院, 福建 漳州 363000
  • 收稿日期:2014-09-29 修回日期:2015-11-11 出版日期:2015-11-20 发布日期:2015-12-09
  • 作者简介:农强(1978-),男,硕士,副教授,主要研究方向为密码学与网络安全.E-mail:nong_qiang@163.com
  • 基金资助:
    国家自然科学基金资助项目(61170246);福建省自然科学基金资助项目(2012J01295);福建省中青年教师教育科研项目(JA15317)

Improvement of a certificateless aggregate signature scheme

NONG Qiang, HUANG Zhen-jie, HUANG Ru-fen   

  1. Department of Computer Science, Minnan Normal University, Zhangzhou 363000, Fujian, China
  • Received:2014-09-29 Revised:2015-11-11 Online:2015-11-20 Published:2015-12-09

摘要: 针对已有的基于计算Diffle-Hellman问题提出的无证书聚合签名方案构造了三种伪造攻击算法,攻击显示恶意但被动或者诚实但好奇的密钥生成中心均可伪造任意用户对任意消息的有效聚合签名,同时该方案也无法抵抗不诚实用户的合谋攻击。分析了原方案不安全的原因,通过在部分私钥生成阶段将用户公钥作为输入的参数,并在签名阶段将部分私钥与秘密值分别与不同的散列函数进行绑定,给出了高效的无需安全信道和双线性对的改进方案。改进方案的安全性可规约到更一般的离散对数困难问题。

关键词: 无证书聚合签名, 伪造攻击, 双线性对, 离散对数问题, 安全信道

Abstract: Three forgery attack algorithms on the existing certificateless aggregate signature scheme using the intractability of computational Diffie-Hellman problem were presented. It was found that the "malicious-but-passive" or the "honest-but-curious" key generation center could forge a valid aggregate signature on any message on behalf of any user. The scheme also can not resist collusion attack by dishonest users. The reasons of insecurity of the original scheme were analyzed. By means of adding the user's public key as an input parameter in the stage of partial private key generation, and binding the partial private key and secret value to different Hash functions respectively in the stage of signature generation, an improved scheme without secure channel and bilinear pairing was proposed. The security of the improved scheme can be reduced to the more general discrete logarithm problem.

Key words: certificateless aggregate signature, secure channel, discrete logarithm problem, bilinear pairing, forgery attack

中图分类号: 

  • TP309
[1] AL-RIYAMI S, PATERSON K. Certificateless public key cryptography[C]//Advances in Cryptology-Asiacrypt 2003.Berlin:Springer, 2003:452-473.
[2] BONEH D, GENTRY C, LYNN B, et al.Aggregate and verifiably encrypted signatures from bilinear maps[C]//Proceedings of Cryptology-Eurocrypt 2003. Berlin:Springer, 2003:416-432.
[3] GONG Zheng, LONG Yu, HONG Xuan, et al. Two certificateless aggregate signatures from bilinear maps[C]//Proceedings of IEEE SNPD 2007. Washington:IEEE Computer Society, 2007:188-193.
[4] ZHANG Lei, QIN Bo, WU Qianhong, et al. Efficient many-to-one authentication with certificateless aggregate signatures[J]. Computer Networks, 2010, 54(14):2482-2491.
[5] XIONG Hu, GUAN Zhi, CHEN Zhong, et al. An efficient certificateless aggregate signature with constant pairing computations[J]. Information Science, 2013, 219:225-235.
[6] ZHANG Futai, SHEN Limin, WU Ge. Notes on the security of certificateless aggregate signature schemes[EB/OL].[2014-04-24]. http://dx.doi.org/10.1016/j.ins.2014.07.019.
[7] 侯红霞, 张雪锋, 董晓丽. 改进的无证书聚合签名方案[J]. 山东大学学报:理学版, 2013, 48(9):29-34. HOU Hongxia, ZHANG Xuefeng, DONG Xiaoli. Improved certificateless aggregate signature scheme[J]. Journal of Shandong University:Natural Science, 2013, 48(9):29-34.
[8] CAO Xuefei, KOU Weidong, DU Xiaoni. A pairing-free identity-based authenticated key agreement protocol with minimal message exchanges[J]. Information Sciences, 2010, 180(15):2895-2903.
[9] RAFAEL C, RICARDO D.Two notes on the security of certificateless signatures[C]//Proceedings of ProvSec 2007. Berlin:Springer, 2007:85-102.
[10] KOBLITZ N, MENEZES A, VANSTONE S. The state of elliptic curve cryptography[J]. Designs, Codes and Cryptography, 2000, 19(2-3):173-193.
[11] ZHANG Yanchao, LIU Wei, LOU Wenjing, et al. Securing mobile Ad Hoc networks with certificateless public keys[J]. IEEE Transactions on Dependable and Secure Computing, 2006, 3(4):386-399.
[1] 胡江红,杜红珍,张建中. 两类无证书聚合签名方案的分析与改进[J]. 山东大学学报(理学版), 2016, 51(7): 107-114.
[2] 朱斌瑞,秦静,韩斐. 基于生物特征的可搜索加密[J]. 山东大学学报(理学版), 2016, 51(5): 78-86.
[3] 樊爱宛, 夏栋梁, 杨照峰. 两种无证书聚合签名方案的安全性分析及改进[J]. 山东大学学报(理学版), 2015, 50(09): 42-48.
[4] 侯红霞1,2,张雪锋2,董晓丽2. 改进的无证书聚合签名方案[J]. J4, 2013, 48(09): 29-34.
[5] 张方国. 椭圆曲线在密码中的应用:过去,现在,将来…[J]. J4, 2013, 48(05): 1-13.
[6] 吴磊1 ,孔凡玉2 . 一种高效的基于身份代理环签名方案[J]. J4, 2009, 44(1): 40-43 .
[7] 刘晓东,蒋亚丽,李大兴 . 两种基于生物特征信息的身份签名方案[J]. J4, 2007, 42(12): 24-28 .
[8] 李国文,李如鹏,王 进,李大兴 . Wang门限签名方案的分析和改进[J]. J4, 2007, 42(1): 55-58 .
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!