首页 | 本学科首页   官方微博 | 高级检索  
相似文献
 共查询到19条相似文献,搜索用时 93 毫秒
1.
在Paterson基于身份的签名方案基础上,提出一个在标准模型下可证安全的基于身份的门限代理签名方案。新方案具有在自适应选择消息攻击下存在不可伪造性,其安全性在标准模型下可归约为CDH问题假定,与基于公钥密码体制的门限代理签名方案相比,新方案的安全性更高。同时,相对随机预言模型下基于身份的门限签名方案,新方案更具有实际意义。  相似文献   

2.
有效的无证书签名方案   总被引:1,自引:0,他引:1  
洪东招  谢琪 《计算机应用》2010,30(7):1809-1811
为解决基于身份的密码体制的密钥托管问题以及传统公钥密码体制的公钥认证问题,通过修改Barreto等人提出的高效的基于身份的签名方案中的私钥和公钥的产生算法,提出了一个无证书签名方案。该方案在随机预言模型下是可证明安全的,而且也是高效的方案,只需要一个对运算。  相似文献   

3.
基于证书公钥密码体制是新近提出的一类新型公钥密码体制,它克服了传统公钥密码体制的证书管理问题和基于身份的密码体制固有的密钥托管问题。聚合签名是一种可将不同签名者对不同消息的签名聚合成一个单一签名的数字签名技术。利用双线性对和ComputationalDiffie—Hellman困难性问题提出了一个基于证书的聚合签名方案,并在随机预言机模型下证明其安全性。  相似文献   

4.
基于证书的公钥密码体制有效克服了基于身份的公钥密码体制和传统公钥密码体制中存在缺陷,成为一种颇受关注的公钥体制.以SK-IBE方案和ElGamal公钥加密方案作为构件,提出了一个高效的基于线对和基于证书的加密方案,并在随机预言模型下给出了安全性证明.在p-BDHI假设下,该方案被证明是IND-CBE-CCA安全的.在效率方面,该方案仅在解密时计算一个线对,因此方案的总体性能是高效的,经对比分析,优于现有的其它CBE方案.  相似文献   

5.
现有的聚合签名方案大多数是在传统公钥密码体制或者基于身份的密码体制提出的,都存在证书的管理问题和密钥托管问题。最近Gong等人提出聚合签名是在无证书密码体制下的。然而,他们的方案是在随机预言模型下可证安全的。在无证书公钥密码体制的基础上提出了一个无需随机预言模型下的聚合签名方案。新方案不但具有不需要数字证书同时也不存在密钥托管问题的特点,并且还满足无证书聚合签名安全需求。此外与现存的无证书聚合签名方案相比,新方案在性能上具有明显的改进。  相似文献   

6.
标准模型下的代理签名:构造模型与证明安全性   总被引:1,自引:1,他引:0  
谷科  贾维嘉  王四春  石良武 《软件学报》2012,23(9):2416-2429
目前已经提出的代理签名方案缺乏在完整的代理签名安全模型下证明方案的安全性.在Boldyreva等人提出的代理签名安全模型的基础上,对代理签名的可证安全模型进行详细的形式化定义,提出一种完整的代理签名可证安全模型.同时,为了展示该安全模型的有效性和可扩展性,对Paterson等人提出的标准模型下基于身份的签名方案进行扩展,提出在标准模型下基于身份的代理签名方案,并在可证安全模型下,证明新方案具有在自适应选择消息攻击下存在基于身份的代理签名不可伪造性,其安全性在标准模型下可归约于CDH问题假定.新方案与标准模型下基于公钥密码体制的代理签名方案相比,不仅增加了用户身份的概念,还具有更完备的安全性.  相似文献   

7.
基于身份的密码学一直是密码界的热点研究方向,因为它节约了证书管理的庞大开销.目前,基于身份的密码方案大量涌现,但是其中绝大部分方案都是基于双线性配对实现的,其安全性依赖于配对困难问题.无需配对的基于身份的密码方案仍然是密码学中值得关注的一个课题.目前,有少量无需配对的身份签名方案被提出,但是其中一些方案未给出安全性证明,另一些则是随机预言模型下的可证安全方案,还没有在标准模型下可证安全的非配对的身份签名方案被提出.基于Hohenberger和Waters 签名提出了一个身份签名方案,该方案在标准模型下被证明是弱安全的,并且其安全性可以归约到强RSA问题.同时,在引入卡梅隆Hash函数后,该方案可被转换成标准安全的身份签名方案.  相似文献   

8.
叶胜男  陈建华 《计算机科学》2021,48(10):272-277
无证书公钥密码体制结合了基于身份的密码体制和传统PKI公钥密码体制的优势,克服了基于身份的公钥密码体制的密钥托管问题及PKI系统的证书管理问题,具有明显的优势.对Hassouna等提出的一个强安全无证书签名方案进行安全分析.结果表明,该方案不能验证消息的完整性,存在消息篡改攻击,且方案未使用根据系统主密钥生成的私钥进行签名,所以不是无证书签名方案.在此基础上,提出了一个改进的无证书签名方案,在随机预言机模型下,基于椭圆曲线Diffie-Hellman问题假设,证明了该方案可以抵抗第一类强敌手和第二类敌手的攻击,满足存在性不可伪造的安全性.  相似文献   

9.
基于身份的数字签名是一种重要的密码学工具,不仅在基于身份密码体制中实现了签名功能,而且简化了传统数字签名中公钥证书的生成、管理和吊销等问题.Paterson和Schuldt首次构造了标准模型下可证明安全的基于身份的数字签名方案,但是该方案效率不高且通信代价昂贵.李继国和姜平进提出了一个新型的改进方案———标准模型下可证安全的基于身份的高效签名方案,新方案的特点是:标准模型下可证明安全、计算效率更高、通信代价更小.然而,文中发现,该方案并不满足不可伪造性,原因在于用户密钥提取是广义伪造的.进一步指出了原方案安全性证明中的缺陷:敌手的view与安全性模拟中成功的事件不独立.  相似文献   

10.
标准模型下基于身份的群代理签名方案   总被引:1,自引:0,他引:1  
目前已提出的群代理签名方案存在两个问题,首先缺乏在完整的群代理签名安全模型下证明方案的安全性;其次在标准模型下的群代理签名方案没有涉及到用户身份这一概念,具有一定的使用局限性.针对上述两个问题,在Boldyreva等人提出的代理签名安全模型的基础上提出一个完整的群代理签名可证安全模型,同时为了展示该安全模型的有效性,给出一个群代理签名方案的可证安全实例.该实例通过对Paterson等人提出的标准模型下基于身份的签名方案进行扩展,提出在标准模型下基于身份的群代理签名方案,并在可证安全模型下证明新方案具有在自适应选择消息攻击下存在基于身份的群代理签名不可伪造性,其安全性在标准模型下可归约于CDH问题假定.与目前已有的标准模型下基于公钥密码体制的群代理签名方案相比,该群代理签名方案增加了用户身份的概念,同时具有更完备的可证安全性.  相似文献   

11.
标准模型下的无证书签密方案   总被引:1,自引:0,他引:1  
向新银 《计算机应用》2010,30(8):2151-2153
目前大多数基于身份的数字签名方案的安全性是基于随机预言模型进行证明的,但是许多方案都存在安全性问题。提出一种安全、高效的基于身份的无证书签密方案,并且在标准模型下证明该方案是安全的,方案的安全性可规约为q-ABDHE困难问题。与现有的标准模型下安全的基于身份的无证书签密方案相比,方案的通信代价更小,执行效率更高。  相似文献   

12.
All regular cryptographic schemes rely on the security of the secret key. However, with the explosive use of some relatively insecure mobile devices, the key exposure problem has become more aggravated. In this paper, we propose an efficient forward secure identity-based signature (FSIBS) scheme from lattice assumption, with its security based on the small integer solution problem (SIS) in the random oracle model. Our scheme can guarantee the unforgeability of the past signatures even if the current signing secret key is revealed. Moreover, the signature size and the secret key size of our scheme are unchanged and much shorter. To the best of our knowledge, our construction is the first FSIBS scheme based on lattice which can resist quantum attack. Furthermore, we extend our FSIBS scheme to a forward secure identity-based signature scheme in the standard model.  相似文献   

13.
基于身份的签名(IBS)方案大多需要复杂的双线性对运算,因此签名算法效率很低,不适用于无线自组织网络的密钥管理、安全路由等通信安全协议。针对该问题,提出一个无需双线性对的IBS方案。在随机预言模型下证明该方案满足不可伪造性,可抵抗选择消息攻击。理论分析表明,与同类方案相比,该方案的计算量和传输代价更小,效率更高。  相似文献   

14.
《国际计算机数学杂志》2012,89(11):2244-2258
A provably secure certificateless digital signature scheme using elliptic curve cryptography is presented in this paper. Since the certificateless public key cryptosystem removes the complex certificate management procedure and the private key escrow problem of traditional public key cryptography (PKC) and identity-based cryptosystem (IBC), respectively, and as a result, the proposed scheme is more efficient than IBC- and PKC-based signatures. Besides, the bilinear pairing and map-to-point hash function are time-consuming operations, and thus the signatures without these two operations are more attractive in real applications and the present work has been carried out in this direction. Based on the elliptic curve discrete logarithm assumption, it is shown that the proposed scheme is unforgeable under the adaptive chosen message and identity attacks in the random oracle model against variety of adversaries. Finally, our signature scheme is compared with a number of competitive schemes and the satisfactory performance has been achieved.  相似文献   

15.
针对近期提出的基于身份强指定验证者签名方案的安全漏洞,通过采用在随机Oracle模式安全的知识的零知识证明方法,构建一个安全的基于身份的强指定验证者签名方案.同时与以往体制相比,实现效率有明显提高.  相似文献   

16.
Improvement of identity-based proxy multi-signature scheme   总被引:2,自引:0,他引:2  
A proxy signature scheme allows a proxy signer to sign messages on behalf of an original signer, a company or an organization. A proxy multi-signature scheme is an extension of the basic proxy signature scheme, and permits two or more original signers to delegate their signing powers to the same proxy signer. Recently, Wang and Cao proposed an identity-based proxy multi-signature scheme. This scheme is very simple and efficient since it is an extension of the identity-based aggregate signature scheme due to Gentry and Ramzan. Though the identity-based aggregate signature scheme of Gentry and Ramzan is secure in the random oracle model, in this paper, we find that the identity-based proxy multi-signature scheme of Wang and Cao is not secure unless each proxy secret key can only be used to generate at most one proxy signature. Finally, we propose an improvement to overcome this weakness, which is more simple and efficient than the identity-based proxy multi-signature scheme of Wang and Cao. We show that the improvement is existentially unforgettable in the random oracle model under the computational Diffie-Hellman assumption.  相似文献   

17.
Design of DL-based certificateless digital signatures   总被引:1,自引:0,他引:1  
Public-key cryptosystems without requiring digital certificates are very attractive in wireless communications due to limitations imposed by communication bandwidth and computational resource of the mobile wireless communication devices. To eliminate public-key digital certificate, Shamir introduced the concept of the identity-based (ID-based) cryptosystem. The main advantage of the ID-based cryptosystem is that instead of using a random integer as each user’s public key as in the traditional public-key systems, the user’s real identity, such as user’s name or email address, becomes the user’s public key. However, all identity-based signature (IBS) schemes have the inherent key escrow problem, that is private key generator (PKG) knows the private key of each user. As a result, the PKG is able to sign any message on the users’ behalf. This nature violates the “non-repudiation” requirement of digital signatures. To solve the key escrow problem of the IBS while still taking advantage of the benefits of the IBS, certificateless digital signature (CDS) was introduced. In this paper, we propose a generalized approach to construct CDS schemes. In our proposed CDS scheme, the user’s private key is known only to the user himself, therefore, it can eliminate the key escrow problem from the PKG. The proposed construction can be applied to all Discrete Logarithm (DL)-based signature schemes to convert a digital signature scheme into a CDS scheme. The proposed CDS scheme is secure against adaptive chosen-message attack in the random oracle model. In addition, it is also efficient in signature generation and verification.  相似文献   

18.
一个标准模型下基于身份的高效代理签名方案   总被引:1,自引:0,他引:1  
目前对于基于身份的代理签名方案来说,方案的安全性大多是在随机预言模型下证明的,但随机预言机的实现方式可能会导致方案的不安全。相对而言,设计标准模型下的代理签名方案更有实际意义。提出了一种安全、高效的基于身份的代理签名方案,利用双线性对技术对方案的正确性进行了严格证明,并在标准模型下基于CDH困难假设给出了方案安全性的详细证明。与现有的标准模型下安全的基于身份的代理签名方案相比,该方案具有更高的效率。  相似文献   

19.
Identity-based non-interactive key exchange (IB-NIKE) is a powerful but a bit overlooked primitive in identity-based cryptography. While identity-based encryption and signature have been extensively investigated over the past three decades, IB-NIKE has remained largely unstudied. So far, there are only few IB-NIKE schemes in the literature. Among them, Sakai–Ohgishi–Kasahara (SOK) scheme is the first efficient and secure two-party IB-NIKE scheme, which has great influence on follow-up works. However, the SOK scheme required its identity mapping function to be modeled as a random oracle to prove security. Moreover, its existing security proof heavily relies on the ability of programming the random oracle. It is unknown whether such reliance is inherent. In this work, we intensively revisit the SOK IB-NIKE scheme and present a series of possible and impossible results in the random oracle model and the standard model. In the random oracle model, we first improve previous security analysis for the SOK IB-NIKE scheme by giving a tighter reduction. We then use meta-reduction technique to show that the SOK scheme is unlikely proven to be secure based on the computational bilinear Diffie–Hellman assumption without programming the random oracle. In the standard model, we show how to instantiate the random oracle in the SOK scheme with a concrete hash function from admissible hash functions (AHFs) and indistinguishability obfuscation. The resulting scheme is adaptively secure based on the decisional bilinear Diffie–Hellman inversion assumption. To the best of our knowledge, this is the first adaptively secure IB-NIKE scheme in the standard model that does not explicitly require multilinear maps. Previous schemes in the standard model either have merely selective security or require programmable hash functions from multilinear maps. At the technical heart of our scheme, we generalize the definition of AHFs and propose a generic construction which enables AHFs with previously unachieved parameters. This might be of independent interest. In addition, we present some new results about IB-NIKE. Firstly, we propose a generic construction of multiparty IB-NIKE from extractable witness PRFs and existentially unforgeable signatures. Secondly, we investigate the relation between semi-adaptive security and adaptive security of IB-NIKE. Somewhat surprisingly, we show that these two notions are polynomially equivalent.  相似文献   

设为首页 | 免责声明 | 关于勤云 | 加入收藏

Copyright©北京勤云科技发展有限公司  京ICP备09084417号