您的位置:山东大学 -> 科技期刊社 -> 《山东大学学报(理学版)》

山东大学学报(理学版) ›› 2015, Vol. 50 ›› Issue (09): 42-48.doi: 10.6040/j.issn.1671-9352.0.2014.539

• 论文 • 上一篇    下一篇

两种无证书聚合签名方案的安全性分析及改进

樊爱宛, 夏栋梁, 杨照峰   

  1. 平顶山学院软件学院, 河南 平顶山 467002
  • 收稿日期:2014-12-01 修回日期:2015-05-18 出版日期:2015-09-20 发布日期:2015-09-26
  • 作者简介:樊爱宛(1978-),男,副教授,研究方向为信息安全.E-mail:faw_1978@163.com
  • 基金资助:
    河南省高校青年骨干教师“资助计划”项目(2013GGJS-209);河南省科技攻关计划基金资助项目(142102210224);河南省高等学校重点科研项目(15A520091)

Security analysis and improvement of two certificateless aggregate signature schemes

FAN Ai-wan, XIA Dong-liang, YANG Zhao-feng   

  1. School of Software, Pingdingshan University, Pingdingshan 467002, Henan, China
  • Received:2014-12-01 Revised:2015-05-18 Online:2015-09-20 Published:2015-09-26

摘要: 大部分的聚合签名方案存在安全性缺陷和计算效率偏低的问题。通过对两种无证书聚合签名方案进行安全性分析,发现两种方案分别无法抵抗Type I和TypeⅡ的伪造性攻击。针对此类问题,提出了一个改进方案。该方案在签名过程中改变了参数的组合方式,在聚合签名验证中加强了对主密钥和公钥的约束。在计算性Diffie-Hellman困难问题假设下,证明了方案在适应性选择消息攻击下具有不可伪造性。效率分析表明,方案在签名与验证过程中只需要4个双线性对运算,签名的长度是固定的,与同类安全的无证书聚合签名方案相比,改进的方案效率更高。

关键词: 聚合签名, 随机预言模型, 双线性对, 无证书密码体制

Abstract: The security flaws and low computational efficiency problem exist in most of the aggregate signature schemes. Based on the security analysis of two kinds of certificateless aggregate signature scheme, it is found that the two schemes can not resist forgery attack under Type I and Type II. Aiming at this sort of problems, we proposed an improved scheme that has changed the combination mode of parameters in the process of signature and has strengthened the constraints of master key and the public key in the process of aggregate signature verification. It was proved that the prosed scheme is existentially unforgeable against adaptive chosen message attacks under the computational Diffie-Hellman assumption in the random oracle model. The efficiency analysis shows that the scheme needs only 4 bilinear pairing operations in the signature process and the verification process, and the length of the signature is fixed. This improved scheme is more efficient comparing with the other certificateless aggregate signature schemes in similar secure level.

Key words: certificateless cryptography, bilinear pairing, random oracle model, aggregate signature

中图分类号: 

  • TP309
[1] BONEH D, GENTRY C, LYNN B, et al. Aggregate and verifiably encrypted signatures from bilinear maps[C]//Proceedings of the 22nd International Conference on Theory and Applications of Cryptographic Techniques.Berlin: Springer-Verlag, 2003:416-432.
[2] AL-RIYAMI S, PATERSON K.Certificateless public key cryptography[C]//Proceedings of Asiacrypt 2003. Berlin: Springer-Verlag, 2003:452-473.
[3] GONG Zheng, LONG Yu, HONG Xuan, et al. Two certificateless aggregate signatures from bilinear maps[C]//Proceedings of the 8th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing. Washington: IEEE Computer Society, 2007: 188-193.
[4] ZHANG Lei, QIN Bo, WU Qianhong, et al. Efficient many-to-one authentication with certificateless aggregate signatures[J]. Computer Networks, 2010, 54(14):2482-2491.
[5] HE Debao, TIAN Miaomiao, CHEN Jianhua, et al. An efficient certificateless aggregate signature with constant pairing computations[EB/OL].[2012-02-03].http://eprint.Iacr.org/2012/445.pdf.
[6] XIONG Hu, GUAN Zhi, CHEN Zhong, et al. An efficient certificateless aggregate signature with constant pairing computations[J]. Information Science, 2013, 219:225-235.
[7] ZHANG Futai, SHEN Liming, WU Ge, et al. Notes on the security of certificateless aggregate signature schemes[J]. Information Science, 2014, 287:32-37.
[8] CHENG Lin, WEN Qiaoyan, JIN Zhengping, et al. Cryptanalysis and improvement of a certificateless aggregate signature scheme[J]. Information Science, 2015, 295:337-346.
[9] 喻琇瑛, 何大可.一个新的无证书聚合签名[J].计算机应用研究, 2014, 31(8):2485-2487. YUE Xiuying, HE Dake. New certificateless aggregate signature scheme[J]. Application Research of Computers, 2014, 31(8):2485-2487.
[10] 侯红霞, 张雪锋, 董晓丽, 等.改进的无证书聚合签名方案[J].山东大学学报:理学版, 2013, 48(9):29-34. HOU Hongxia, ZHANG Xuefeng, DONG Xiaoli, et al. Improved certificateless aggregate signature scheme[J]. Journal of Shandong University: Natural Science, 2013, 48(9):29-34.
[11] 杜红珍, 黄梅娟, 温巧燕, 等.高效的可证明安全的无证书聚合签名方案[J].电子学报, 2013, 41(1):73-76. DU Hongzhen, HUANG Meijuan, WEN Qiaoyan, et al. Efficient and provably-secure certificateless aggregate signature scheme[J]. Acta Electronica Sinica, 2013, 41(1):73-76.
[12] 明洋, 赵祥模, 王育民,等.无证书聚合签名方案[J].电子科技大学学报, 2014, 43(2): 2188-2193. MING Yang, ZHAO Xiangmo, WANG Yumin, et al. Certificateless aggregate signature scheme[J]. Journal of University of Electronic Science and Technology of China, 2014, 43(2):2188-2193.
[1] 胡江红,杜红珍,张建中. 两类无证书聚合签名方案的分析与改进[J]. 山东大学学报(理学版), 2016, 51(7): 107-114.
[2] 朱斌瑞,秦静,韩斐. 基于生物特征的可搜索加密[J]. 山东大学学报(理学版), 2016, 51(5): 78-86.
[3] 农强, 黄振杰, 黄茹芬. 对一种无证书聚合签名方案的改进[J]. 山东大学学报(理学版), 2015, 50(11): 52-59.
[4] 侯红霞1,2,张雪锋2,董晓丽2. 改进的无证书聚合签名方案[J]. J4, 2013, 48(09): 29-34.
[5] 张方国. 椭圆曲线在密码中的应用:过去,现在,将来…[J]. J4, 2013, 48(05): 1-13.
[6] 侯红霞,何业锋. 强指定验证者的无证书变色龙数字签名方案[J]. J4, 2012, 47(9): 15-18.
[7] 阎召祥. ZS加密方案的选密安全性证明[J]. J4, 2010, 45(11): 115-121.
[8] 吴磊1 ,孔凡玉2 . 一种高效的基于身份代理环签名方案[J]. J4, 2009, 44(1): 40-43 .
[9] 刘晓东,蒋亚丽,李大兴 . 两种基于生物特征信息的身份签名方案[J]. J4, 2007, 42(12): 24-28 .
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!