无证书聚合签名方案的安全性分析和改进

张玉磊; 李臣意; 王彩芬; 张永洁

doi:10.11999/JEIT141635

无证书聚合签名方案的安全性分析和改进

doi: 10.11999/JEIT141635

1.
(西北师范大学计算机科学与工程学院兰州 730070) ②(甘肃卫生职业学院兰州 730000)

基金项目:

国家自然科学基金(61163038, 61262056, 61262057)，甘肃省高等学校科研项目(2013A-014)和西北师范大学青年教师科研能力提升计划项目(NWNU-LKQN-12-32)

计量
- 文章访问数: 1627
- HTML全文浏览量: 195
- PDF下载量: 443
- 被引次数: 0
出版历程
- 收稿日期: 2014-12-25
- 修回日期: 2015-03-23
- 刊出日期: 2015-08-19

Security Analysis and Improvements of Certificateless Aggregate Signature Schemes

1.
(College of Computer Science and Engineering, Northwest Normal University, Lanzhou 730070, China)
2.
(Gansu Health Vocational College, Lanzhou 730000, China)

摘要

摘要: 该文分析了He等人(2014)提出的无证书签名方案和Ming等人(2014)提出的无证书聚合签名方案的安全性，指出Ming方案存在密钥生成中心(KGC)被动攻击，He方案存在KGC被动攻击和KGC主动攻击。该文描述了KGC对两个方案的攻击过程，分析了两个方案存在KGC攻击的原因，最后对Ming方案提出了两类改进。改进方案不仅克服了原方案的安全性问题，同时也保持了原方案聚合签名长度固定的优势。
- 密码学 /
- 聚合签名 /
- 无证书签名 /
- 密钥生成中心攻击 /
- 选择消息攻击 /
- 计算Diffie-Hellman 困难问题
Abstract: The security of certificateless signature scheme which was proposed by He et al. (2014) is analyzed, and the security of the certificateless aggregate signature scheme which was proposed by Ming et al. (2014) is analyzed too. It is pointed out that the Key Generation Center (KGC) can realize the passive attacks in the Mings scheme. It is also pointed out that KGC can realize the passive attack and initiative attack respectively in the Nimgs scheme. The processes of concrete forgery attacks which perfored by KGC are shown, and the possible reasons are analyzed. Finally, two improved Mings schemes are proposed. The improved schemes not only overcome the security problem of original scheme but also have an advantage that the length of aggregated signature is fixed.
- Cryptography /
- Aggregate signature /
- Certificateless signature /
- Key Generation Center (KGC) attack /
- Chosen message attack /
- Computational Diffie-Hellman Hard problem (CDH)

HTML全文

参考文献(19)

Alriyami S S and Paterson K G. Certificateless public key cryptography[C]. Proceedings of the Cryptology-Asiacrypt, Taipei, China, 2003: 452-474.

Liu Jing-wei, Zhang Zong-hua, and Chen Xiao-feng. Certificateless remote anonymous authentication schemes for wireless body area networks[J]. IEEE Transactions on Parallel Distributed Systems, 2014, 25(2): 332-342.

光焱, 顾纯祥, 祝跃飞, 等. 一种基于LWE问题的无证书全同态加密体制[J]. 电子与信息学报, 2013, 35(4): 988-993.

Guang Yan, Gu Chun-xiang, Zhu Yue-fei, et al.. Certificateless fully homomorphic encryption based on LWE problem[J]. Journal of Electronics Information Technology, 2013, 35(4): 988-993.

Zhang Lei, Wu Qian-hong, Josep Domingo-Ferrerc, et al.. Signatures in hierarchical certificateless cryptography: efficient constructions and provable security[J]. Information Sciences, 2014, 272: 223-237.

Boneh D, Gentry C, Lynn B, et al.. Aggregate and verifiably encrypted signatures from bilinear maps[C]. Proceedings of the Cryptology-Eurocrypt, Warsaw, Poland, 2003: 416-432.

Xiong Hu, Guan Zhi, Chen Zhong, et al.. An efficient certificateless aggregate signature with const pairing computations[J]. Information Sciences, 2013, 219: 225-235.

He De-biao, Tian Miao-miao, and Chen Jian-hua. Insecurity of an ef?cient certi?cateless aggregate signature with constant pairing computations [J]. Information Sciences, 2014, 268: 458-462.

明洋, 赵祥模, 王育民. 无证书聚合签名方案[J]. 电子科技大学学报, 2014, 43(2): 188-193.

Ming Yang, Zhao Xiang-mo, and Wang Yu-ming. Certificateless aggregate signature scheme[J]. Journal of University of Electronic Science and Technology of China, 2014, 43(2): 188-193.

Gong Zheng, Long Yu, Hong Xuan, et al.. Two certificateless aggregate signatures from bilinear maps [C]. Proceedings of Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing, Qingdao, China, 2007: 188-193.

Zhang Lei and Zhang Fu-tai. A new certificateless aggregation signature shceme[J]. Computer Communications, 2009, 32(6): 1079-1085.

Au Man-ho, Mu Yi, Chen Jing,et al.. Malicious KGC attack in certificateless cryptography[C]. Proceedings of the ASIACCS2007, New York, USA, 2007: 302-311.

张福泰, 孙银霞, 张磊, 等. 无证书公钥密码体制研究[J]. 软件学报, 2011, 22(6): 1316-1332.

Zhang Fu-tai, Sun Yin-xia, Zhang Lei, et al.. Research on certificateless public key cryptography [J]. Journal of Software, 2011, 22(6): 1316-1332.

喻琇瑛, 何大可. 一种新的无证书聚合签名[J]. 计算机应用研究, 2014, 31(8): 2485-2487.

Yu Xiu-ying and He Da-ke. New certificateless aggregate signature scheme [J]. Application Research of Computers, 2014, 31(8): 2485-2487.

侯红霞,张雪锋,董晓丽. 改进的无证书聚合签名方案[J].山东大学学报(理学版), 2013, 48(9): 29-34.

Hou Hong-xia, Zhang Xue-feng, and Dong Xiao-li. Improved certificateless aggregate signature scheme[J]. Journal of Shandong University (Natural Science), 2013, 48(9): 29-34.

施引文献

资源附件(0)

访问统计