基于双线性对的隐藏签名认证方案
doi: 10.3724/SP.J.1146.2006.00948
New Signature-Masked Authentication Schemes from the Bilinear Pairings
-
摘要: 隐藏签名认证方案是指,当用户从CA得到签名(证书)后,在向服务提供商申请服务时,为防止攻击者截获签名或串通服务提供商来陷害自己,用户向服务提供商证明他(或她)有签名而不把该签名给服务提供商。现有的隐藏签名认证方案都不能阻止CA冒充用户身份。该文引入两个证书权威机构CA,假设两个CA不勾结,提出了3个隐藏签名认证方案。这3个方案都能保护用户身份不被任何人(包括CA)冒充;在用户端具备较强计算能力时,后两个方案实现了用户和服务提供商的双向认证;并且在CA具有一定可信度时,第3个方案还能部分抵抗拒绝服务攻击(DoS)。Abstract: Signature-masked authentication scheme means: when a user obtains a signature (certificate) from CA, in order to get service from a service provider and to prevent any adversary from intercepting the signature or colluding with the service provider to frame him (or her), the user is intent on proving that he (or she) really owns the signature but not transmits it to the service provider directly. Considering previous schemes can not prevent CA from impersonating legitimate users, two different CAs are introduced in this paper, and under the assumption that these two CAs do not collude, three signature-masked authentication schemes are given which guarantee that anyone including CA can not impersonate the legitimate user to get service from the provider. The first scheme is a simple scheme of unilateral authentication. Moreover, under the assumption that the user has enough computation power, mutual authentication between the user and the provider is realized in the last two schemes. Furthermore considering the first two schemes above are vulnerable to denial of service (DoS) attack, under the assumption that CA is of certain reliability, the third scheme which can also partially realize the resistance to DoS attack is proposed.
-
Guillou L and Quisquater J. A practical zero-knowledgeprotocol fitted to security microprocessors minimizing bothtransmission and memory[J].Advances in Cryptology-Eurocrypt1988, Springer-Verlag.1988, LNCS 330:123-128[2]Zhang F G and Kim K. Signature-masked authenticationusing the bilinear pairings. Cryptology InformationSecurity Laboratory (CAIS), Information andCommunications University, technical report, 2002.[3]Boneh D, Lynn B, and Shacham H. Short signatures from theWeil pairing[J].Advance in Cryptology-Asciacrypt2001,Springer-Verlag.2001, LNCS 2248:514-532[4]Freeman D. Pairing-based identification schemes. HPLaboratories Palo AltoHPL-2005-154, 2005, August 24.[5]Chen X F, Zhang F G, and Kim K. A new ID-based groupsignature scheme from bilinear pairings. Cryptology ePrintArchive, Report 2003/116.[6]Chen X F, Zhang F G, and Konidala D M, et al.. NewID-based threshold signature scheme from bilinear pairings.In INDOCRYPT 2004, Springer-Verlag, 2004, LNCS 3348:371-383.[7]Boneh D and Franklin M. Identity-based encryption from theWeil pairing[J].Advances in Cryptology-Crypto2001,Springer-Verlag.2001, LNCS 2139:213-229 -
计量
- 文章访问数: 2844
- HTML全文浏览量: 71
- PDF下载量: 644
- 被引次数: 0
下载:
